Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 01/04/2014
Scan Time: 19:18:22
Logfile: mwb.txt
Administrator: Yes

Version: 2.00.0.1000
Malware Database: v2014.04.01.06
Rootkit Database: v2014.03.27.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Chameleon: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: KEKEDJ

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 235690
Time Elapsed: 13 min, 53 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Shuriken: Enabled
PUP: Enabled
PUM: Enabled

Processes: 1
Trojan.Sefnit, C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe, 1380, Delete-on-Reboot, [649c6a966b95d8282638d91922df15eb]

Modules: 0
(No malicious items detected)

Registry Keys: 3
Trojan.Sefnit, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\AdobeFlashPlayerUpdateSvc, Quarantined, [649c6a966b95d8282638d91922df15eb], 
Trojan.Sefnit, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\FLASHPLAYERUPDATESERVICE.EXE, Quarantined, [649c6a966b95d8282638d91922df15eb], 
Trojan.Sefnit, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\FLASHPLAYERUPDATESERVICE.EXE, Quarantined, [649c6a966b95d8282638d91922df15eb], 

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 11
Trojan.Sefnit, C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe, Delete-on-Reboot, [649c6a966b95d8282638d91922df15eb], 
PUP.Optional.Somoto.A, C:\Users\KEKEDJ\AppData\Roaming\ZHP\Quarantine\nsfedbb.tmp.VIR, Quarantined, [a65a7a8687796b95567063ac9968926e], 
Trojan.Sefnit, C:\Windows\SysWOW64\FlashPlayerUpdateService.exe, Quarantined, [ae526997936d16eab1ad43af6d94b34d], 
PUP.Optional.OpenCandy, C:\Users\KEKEDJ\Desktop\installation\daemon-tools-lite_daemon_tools_lite_4.45.4_francais_10729.exe, Quarantined, [e0208080c23e99674f8a4be73fc55aa6], 
RiskWare.Tool.CK, C:\Users\KEKEDJ\Desktop\installation\office keygen.zip, Quarantined, [47b957a900000bf5938c1784fb060cf4], 
HackTool.Wpakill, C:\Users\KEKEDJ\Desktop\installation\activateur\RemoveWAT.exe, Quarantined, [42be4eb27d8325db07d6a999e818d729], 
Trojan.Miner, C:\Windows\SysWOW64\dfrg\runner.exe, Quarantined, [e61a55ab827eac54aa0debafed16b14f], 
Trojan.Miner, C:\Windows\SysWOW64\dfrg\libcrypto.dll, Quarantined, [f0102ad6a45c37c93f795b3f7c87ea16], 
Trojan.Miner, C:\Windows\SysWOW64\dfrg\libcurl-4.dll, Quarantined, [1ae6877923dd9967bff98f0b808309f7], 
Trojan.Miner, C:\Windows\SysWOW64\dfrg\libssl.dll, Quarantined, [ce32af5105fba45cd1e73e5c659e7090], 
Trojan.Miner, C:\Windows\SysWOW64\dfrg\task_registrar.exe, Quarantined, [ea1618e8916f8a76c2f7f2a840c3a15f], 

Physical Sectors: 0
(No malicious items detected)


(end)