Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 09/10/2014
Scan Time: 21:28:14
Logfile: log.txt
Administrator: Yes
Version: 2.00.2.1012
Malware Database: v2014.10.09.09
Rootkit Database: v2014.10.08.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
OS: Windows 8.1
CPU: x64
File System: NTFS
User: cedric
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 416630
Time Elapsed: 12 min, 56 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Warn
PUM: Enabled
Processes: 1
Trojan.BtcMiner.TS, C:\ProgramData\Microsoft\Windows\Time\Time-svc.exe, 2796, Delete-on-Reboot, [04a960b22d4fcd6940a2e5edd034fe02]
Modules: 0
(No malicious items detected)
Registry Keys: 8
PUP.Optional.DiscountDragon.A, HKU\S-1-5-21-586451997-871039208-3205480819-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{EA34C851-D481-49F5-A356-3A8B0A8F3B7E}, No Action By User, [03aaf41ec0bc3bfb5d0adef734cede22],
PUP.Optional.Bench.A, HKLM\SOFTWARE\WOW6432NODE\BENCH\Updater, No Action By User, [694490823646ef47e71b33fb6c9710f0],
PUP.Optional.BubbleDock.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\kbjlipmgfoamgjaogmbihaffnpkpjajp, No Action By User, [6e3f5ab8007c73c38edcdf45a26107f9],
PUP.Optional.Tuto4PC.A, HKU\S-1-5-21-586451997-871039208-3205480819-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\TutoTag, No Action By User, [bcf1b45e017bb68012a9a9d945bf11ef],
PUP.Optional.InstallCore.A, HKU\S-1-5-21-586451997-871039208-3205480819-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE\1I1T1Q1S, No Action By User, [6c4158ba0b7179bdc06b1f2a996aa55b],
PUP.Optional.InstallCore.A, HKU\S-1-5-21-586451997-871039208-3205480819-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE, No Action By User, [e6c7ee24403ce452b3c9431c15ef38c8],
PUP.Optional.BubbleDock.A, HKU\S-1-5-21-586451997-871039208-3205480819-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\NOSIBAY\Bubble Dock Tag, No Action By User, [e7c6cc46e399af872baa0a40e71c04fc],
Trojan.BtcMiner.TS, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Time, Quarantined, [04a960b22d4fcd6940a2e5edd034fe02],
Registry Values: 1
PUP.Optional.InstallCore.A, HKU\S-1-5-21-586451997-871039208-3205480819-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE|tb, 1V2X1Q1R1M1F, No Action By User, [e6c7ee24403ce452b3c9431c15ef38c8]
Registry Data: 0
(No malicious items detected)
Folders: 0
(No malicious items detected)
Files: 23
PUP.Optional.BenchUpdater.A, C:\Windows\System32\Tasks\bench-sys, No Action By User, [cde05ab8502c7abc5c208f970bf8f30d],
PUP.Optional.Bubbledock.A, C:\Users\cedric\AppData\Roaming\Bubble Dock.boostrap.log, No Action By User, [d0ddd2403a4273c399fb5fe9cf346799],
PUP.Optional.BenchUpdater.A, C:\Windows\Tasks\bench-sys.job, No Action By User, [f7b681915d1fb383a6287ecca95a05fb],
PUP.Optional.BenchUpdater.A, C:\Windows\Tasks\bench-Updater removing.job, No Action By User, [4f5ebe5482fa3bfb6866d97133d0a060],
Trojan.BtcMiner.TS, C:\ProgramData\Microsoft\Windows\Time\Time-svc.exe, Delete-on-Reboot, [04a960b22d4fcd6940a2e5edd034fe02],
Trojan.BtcMiner.TS, C:\ProgramData\Microsoft\Windows\Time\WindowsTime.exe, Quarantined, [a904868ca7d5d561ddc00a65719337c9],
Trojan.BtcMiner.TS, C:\ProgramData\Microsoft\Windows\Time\TimeServer.exe, Quarantined, [9c11f022df9db77fdfbf2b44ac5832ce],
Trojan.BtcMiner.TS, C:\ProgramData\Microsoft\Windows\Time\c5ba51c8822b2ebb730d18f8bab93d8a.elf, Quarantined, [09a4f61cec90e056f2adb9b6a95beb15],
Trojan.BtcMiner.TS, C:\ProgramData\Microsoft\Windows\Time\d4ce4f36e508153bf25ab6a8dcde7f0d.elf, Quarantined, [f6b78b87dca068ce811e06698d77fd03],
Trojan.BtcMiner.TS, C:\ProgramData\Microsoft\Windows\Time\numpy.core.multiarray.pyd, Quarantined, [7d3021f17efe66d0c3dd422d3aca6f91],
Trojan.BtcMiner.TS, C:\ProgramData\Microsoft\Windows\Time\numpy.core.scalarmath.pyd, Quarantined, [74394bc7abd1f1454e52b3bc12f2f808],
Trojan.BtcMiner.TS, C:\ProgramData\Microsoft\Windows\Time\numpy.core.umath.pyd, Quarantined, [03aa3dd59be12214257b036c6e962ed2],
Trojan.BtcMiner.TS, C:\ProgramData\Microsoft\Windows\Time\numpy.core._dotblas.pyd, Quarantined, [139a54bec3b967cf7a268de233d124dc],
Trojan.BtcMiner.TS, C:\ProgramData\Microsoft\Windows\Time\numpy.fft.fftpack_lite.pyd, Quarantined, [614c16fcadcfd660247c5d1207fd49b7],
Trojan.BtcMiner.TS, C:\ProgramData\Microsoft\Windows\Time\numpy.lib._compiled_base.pyd, Quarantined, [3f6e29e96a125cdafaa64926828237c9],
Trojan.BtcMiner.TS, C:\ProgramData\Microsoft\Windows\Time\numpy.linalg.lapack_lite.pyd, Quarantined, [7934848e6c101521e8b8303f2fd57b85],
Trojan.BtcMiner.TS, C:\ProgramData\Microsoft\Windows\Time\numpy.random.mtrand.pyd, Quarantined, [525b7999daa287af752b17588b79a25e],
Trojan.BtcMiner.TS, C:\ProgramData\Microsoft\Windows\Time\pyopencl._cl.pyd, Quarantined, [931ab75bfd7fb97dd7c92b44cd3756aa],
Trojan.BtcMiner.TS, C:\ProgramData\Microsoft\Windows\Time\select.pyd, Quarantined, [84293ad87a024cea178938378a7a728e],
Trojan.BtcMiner.TS, C:\ProgramData\Microsoft\Windows\Time\_ctypes.pyd, Quarantined, [16973bd74735ea4cd2ce4827f70dba46],
Trojan.BtcMiner.TS, C:\ProgramData\Microsoft\Windows\Time\_hashlib.pyd, Quarantined, [04a9c151bdbfbc7a5f4191deb84c0ff1],
Trojan.BtcMiner.TS, C:\ProgramData\Microsoft\Windows\Time\_socket.pyd, Quarantined, [a5082ae8b0cc0f27f7a9056a719356aa],
Trojan.BtcMiner.TS, C:\ProgramData\Microsoft\Windows\Time\library.zip, Quarantined, [5b527e9489f3bc7a6f32254a8b79fd03],
Physical Sectors: 0
(No malicious items detected)
(end)