Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 4/3/2015
Scan Time: 9:12:31 PM
Logfile: Malwarebytes Log.txt
Administrator: Yes

Version: 2.00.4.1028
Malware Database: v2015.04.04.02
Rootkit Database: v2015.03.31.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 8.1
CPU: x64
File System: NTFS
User: Brendan

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 396559
Time Elapsed: 32 min, 58 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 1
PUP.Optional.AdobeExtendedPlugin.C, C:\ProgramData\{84436a25-a071-c6b6-8443-36a25a07a896}\civilization 4 game.exe, 3844, , [246e7fe9d3b7ca6c8fa2201c30d2fe02]

Modules: 0
(No malicious items detected)

Registry Keys: 13
PUP.Optional.DynConIE.A, HKLM\SOFTWARE\CLASSES\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}, , [8e04c6a2a3e7bc7a85762215ff0413ed], 
PUP.Optional.DynConIE.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}, , [8e04c6a2a3e7bc7a85762215ff0413ed], 
PUP.Optional.QuickRef.A, HKLM\SOFTWARE\WOW6432NODE\QuickRef_1.10.0.9, , [a6ec1256e0aa70c6b67979497c872ad6], 
PUP.Optional.LocalTemperature.A, HKLM\SOFTWARE\WOW6432NODE\LOCALTEMP, , [157d61074941ca6c26db7942ca39a957], 
PUP.Optional.VoPackage.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\VOPackage, , [c1d1ee7acebc4fe7bef99daf51b47789], 
PUP.Optional.MultiPlug, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{4820778D-AB0D-6D18-C316-52A6A0E1D507}, , [3d55a5c3deac6ec8752f10c8b74c1de3], 
PUP.Optional.Salus.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\mwiynzm4ndy1yjz, , [a9e988e07f0bb97d73196460d82b4db3], 
PUP.Optional.QuickRef.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\qrnfd_1_10_0_9, , [365c48204e3c87afc46e6062927133cd], 
PUP.Optional.Nosibay.A, HKU\S-1-5-21-708214694-1593697130-2342718439-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Nosibay, , [048e87e14f3ba69024fcfbd06d9611ef], 
PUP.Optional.StormWatchApp.A, HKU\S-1-5-21-708214694-1593697130-2342718439-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\StormWatchApp, , [ddb5d395d7b364d28eaa973a09fa39c7], 
PUP.Optional.MultiIE.A, HKU\S-1-5-21-708214694-1593697130-2342718439-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\DynConIE, , [2e642a3e127863d3c6dfd367669f936d], 
PUP.Optional.WindApp.A, HKU\S-1-5-21-708214694-1593697130-2342718439-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\STORE\WindApp Tag, , [137f95d335555fd7f3521ca1a75c58a8], 
PUP.Optional.SelectionTool.A, HKU\S-1-5-21-708214694-1593697130-2342718439-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\WTOOLS\Selection Tools Tag, , [fa98d2966624a98d4fc803c0bf442ed2], 

Registry Values: 3
PUP.Optional.LocalTemperature.A, HKLM\SOFTWARE\WOW6432NODE\LOCALTEMP|GUID, CE3A2868-5A71-468D-AE9F-1354CF642F2F, , [157d61074941ca6c26db7942ca39a957]
PUP.Optional.WindApp.A, HKU\S-1-5-21-708214694-1593697130-2342718439-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|WindApp, "C:\Users\Brendan\AppData\Roaming\Store\WindApp\WindApp.exe" /winstartup, , [6a28d4946129b185868d2c97ea1935cb]
PUP.Optional.SelectionTools.A, HKU\S-1-5-21-708214694-1593697130-2342718439-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Selection Tools, "C:\Users\Brendan\AppData\Roaming\WTools\Selection Tools\Selection Tools.exe" /winstartup, , [9bf7b5b34f3bf2443980c7ff46bdbc44]

Registry Data: 0
(No malicious items detected)

Folders: 2
PUP.Optional.Nosibay.A, C:\Users\Brendan\AppData\Roaming\Nosibay, , [cdc52e3a305a2115072c6145cd36a15f], 
PUP.Optional.PastaLeads.A, C:\Program Files\Common Files\PastaLeads, , [f0a2f474aae01b1b87060ea24eb506fa], 

Files: 19
PUP.Optional.AdobeExtendedPlugin.C, C:\ProgramData\{84436a25-a071-c6b6-8443-36a25a07a896}\civilization 4 game.exe, , [246e7fe9d3b7ca6c8fa2201c30d2fe02], 
PUP.Optional.AdobeExtendedPlugin.C, C:\ProgramData\{3a0c3e94-ebf8-9e2d-3a0c-c3e94ebffa53}\civilization 4 game.exe, , [f69c94d40783e254f43d102c56ac08f8], 
PUP.Optional.Winsock.Hijack, C:\Windows\SysWOW64\BDL.dll, , [4949ce9ad6b41125dd36f9400bf77789], 
PUP.Optional.Winsock.Hijack, C:\Windows\SysWOW64\VCL.dll, , [a6ec2840bcce1b1bbccdda61ac56e818], 
PUP.Optional.OutBrowse, C:\Users\Brendan\Downloads\3DS_Emulator.exe, , [c7cbbeaa17734ceaeb388bb01ce621df], 
PUP.Optional.AdobeExtendedPlugin.C, C:\Users\Brendan\Downloads\Sid Meies Civilization IV Full Download For PC.exe, , [d8bae583bdcd2d09c869b686f70b2ed2], 
PUP.Optional.VCL.A, C:\Windows\System32\VCLOff.ini, , [ace6293ff5952f07a28612a4857ee41c], 
PUP.Optional.VCL.A, C:\Windows\SysWOW64\VCLOff.ini, , [81115711602ad1656dbb8135966db34d], 
PUP.Optional.BasementDuster.A, C:\Windows\System32\BasementDusterOff.ini, , [7e140068543685b13e238f28c63d6a96], 
PUP.Optional.BasementDuster.A, C:\Windows\SysWOW64\BasementDusterOff.ini, , [8a0889df3753d1657ee30ea9659e3bc5], 
PUP.Optional.Trovi.A, C:\Users\Brendan\AppData\Roaming\Mozilla\Firefox\Profiles\mc4mmp7v.default\searchplugins\trovi.xml, , [246e4622127871c55bac32871be8649c], 
PUP.Optional.SelectionTools.A, C:\Users\Brendan\AppData\Roaming\Selection Tools.installation.log, , [454df276d9b184b2f76e388a956ef40c], 
PUP.Optional.Bubbledock.A, C:\Users\Brendan\AppData\Roaming\Bubble Dock.boostrap.log, , [0b8770f83b4f1c1a3197a622ec17e41c], 
PUP.Optional.Bubbledock.A, C:\Users\Brendan\AppData\Roaming\Bubble Dock.installation.log, , [cec4bcac0a80d2644682e2e607fcf10f], 
PUP.Optional.WindApp.A, C:\Users\Brendan\AppData\Roaming\WindApp.boostrap.log, , [0092e4840a8091a526a33890ec178779], 
PUP.Optional.WindApp.A, C:\Users\Brendan\AppData\Roaming\WindApp.installation.log, , [157dc1a74743b482c306ad1b09faae52], 
PUP.Optional.MindSpark.A, C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_eliteunzip.dl.tb.ask.com_0.localstorage, , [6f23f672474381b56d2c44b259aabc44], 
PUP.Optional.MindSpark.A, C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_eliteunzip.dl.tb.ask.com_0.localstorage-journal, , [a5ed2f39c0ca3df9fa9f32c4f90a966a], 
PUP.Optional.Trovi.A, C:\Users\Brendan\AppData\Roaming\Mozilla\Firefox\Profiles\mc4mmp7v.default\prefs.js, Good: (), Bad: (user_pref("browser.startup.homepage", "http://www.trovi.com/?gd=&ctid=CT3333531&octid=EB_ORIGINAL_CTID&ISID=M15D18B3C-B481-47C6-8CAF-1827BC06D7D7&SearchSource=55&CUI=&UM=8&UP=SP72707F87-9D5F-4DE3-958B-41D6F16D8D40&D=031715&SSPV=");), ,[ade55d0b1b6ff145602ed3635aac30d0]

Physical Sectors: 0
(No malicious items detected)


(end)