Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 2015-01-14
Scan Time: 16:23:02
Logfile: 
Administrator: Yes

Version: 2.00.4.1028
Malware Database: v2015.01.14.06
Rootkit Database: v2015.01.07.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: KSIEGOWY

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 361420
Time Elapsed: 13 min, 2 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 51
PUP.Optional.BabylonToolBar.A, HKLM\SOFTWARE\CLASSES\APPID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}, , [05499e595f2af4422e0ab56eb1524db3], 
PUP.Optional.BabylonToolBar.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{35C1605E-438B-4D64-AAB1-8885F097A9B1}, , [05499e595f2af4422e0ab56eb1524db3], 
PUP.Optional.BabylonToolBar.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{35C1605E-438B-4D64-AAB1-8885F097A9B1}, , [05499e595f2af4422e0ab56eb1524db3], 
PUP.Optional.BabylonToolBar.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}, , [05499e595f2af4422e0ab56eb1524db3], 
PUP.Optional.BabylonToolBar.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{291BCCC1-6890-484a-89D3-318C928DAC1B}, , [d5798e697b0e92a4a1960122c241b64a], 
PUP.Optional.BabylonToolBar.A, HKLM\SOFTWARE\CLASSES\esrv.BabylonESrvc.1, , [d5798e697b0e92a4a1960122c241b64a], 
PUP.Optional.BabylonToolBar.A, HKLM\SOFTWARE\CLASSES\esrv.BabylonESrvc, , [d5798e697b0e92a4a1960122c241b64a], 
PUP.Optional.BabylonToolBar.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\esrv.BabylonESrvc, , [d5798e697b0e92a4a1960122c241b64a], 
PUP.Optional.BabylonToolBar.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\esrv.BabylonESrvc.1, , [d5798e697b0e92a4a1960122c241b64a], 
PUP.Optional.BabylonToolBar.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575}, , [db7397609aefc67078c3f92a19ead030], 
PUP.Optional.BabylonToolBar.A, HKLM\SOFTWARE\CLASSES\b, , [db7397609aefc67078c3f92a19ead030], 
PUP.Optional.BabylonToolBar.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\b, , [db7397609aefc67078c3f92a19ead030], 
PUP.Optional.BabylonToolBar.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{6E8BF012-2C85-4834-B10A-1B31AF173D70}, , [6ce2886f8cfd6fc742f78f9459aa24dc], 
PUP.Optional.BabylonToolBar.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}, , [6ce2886f8cfd6fc742f78f9459aa24dc], 
PUP.Optional.BabylonToolBar.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}, , [6ce2886f8cfd6fc742f78f9459aa24dc], 
PUP.Optional.BabylonToolBar.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{706D4A4B-184A-4434-B331-296B07493D2D}, , [6ce2886f8cfd6fc742f78f9459aa24dc], 
PUP.Optional.BabylonToolBar.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{8BE10F21-185F-4CA0-B789-9921674C3993}, , [6ce2886f8cfd6fc742f78f9459aa24dc], 
PUP.Optional.BabylonToolBar.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{94C0B25D-3359-4B10-B227-F96A77DB773F}, , [6ce2886f8cfd6fc742f78f9459aa24dc], 
PUP.Optional.BabylonToolBar.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}, , [6ce2886f8cfd6fc742f78f9459aa24dc], 
PUP.Optional.BabylonToolBar.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{B173667F-8395-4317-8DD6-45AD1FE00047}, , [6ce2886f8cfd6fc742f78f9459aa24dc], 
PUP.Optional.BabylonToolBar.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{B32672B3-F656-46E0-B584-FE61C0BB6037}, , [6ce2886f8cfd6fc742f78f9459aa24dc], 
PUP.Optional.BabylonToolBar.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{BFE569F7-646C-4512-969B-9BE3E580D393}, , [6ce2886f8cfd6fc742f78f9459aa24dc], 
PUP.Optional.BabylonToolBar.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}, , [6ce2886f8cfd6fc742f78f9459aa24dc], 
PUP.Optional.BabylonToolBar.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{C2996524-2187-441F-A398-CD6CB6B3D020}, , [6ce2886f8cfd6fc742f78f9459aa24dc], 
PUP.Optional.BabylonToolBar.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{E047E227-5342-4D94-80F7-CFB154BF55BD}, , [6ce2886f8cfd6fc742f78f9459aa24dc], 
PUP.Optional.BabylonToolBar.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}, , [6ce2886f8cfd6fc742f78f9459aa24dc], 
PUP.Optional.BabylonToolBar.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}, , [6ce2886f8cfd6fc742f78f9459aa24dc], 
PUP.Optional.BabylonToolBar.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}, , [6ce2886f8cfd6fc742f78f9459aa24dc], 
PUP.Optional.BabylonToolBar.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}, , [6ce2886f8cfd6fc742f78f9459aa24dc], 
PUP.Optional.BabylonToolBar.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{706D4A4B-184A-4434-B331-296B07493D2D}, , [6ce2886f8cfd6fc742f78f9459aa24dc], 
PUP.Optional.BabylonToolBar.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{8BE10F21-185F-4CA0-B789-9921674C3993}, , [6ce2886f8cfd6fc742f78f9459aa24dc], 
PUP.Optional.BabylonToolBar.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{94C0B25D-3359-4B10-B227-F96A77DB773F}, , [6ce2886f8cfd6fc742f78f9459aa24dc], 
PUP.Optional.BabylonToolBar.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}, , [6ce2886f8cfd6fc742f78f9459aa24dc], 
PUP.Optional.BabylonToolBar.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{B173667F-8395-4317-8DD6-45AD1FE00047}, , [6ce2886f8cfd6fc742f78f9459aa24dc], 
PUP.Optional.BabylonToolBar.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{B32672B3-F656-46E0-B584-FE61C0BB6037}, , [6ce2886f8cfd6fc742f78f9459aa24dc], 
PUP.Optional.BabylonToolBar.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{BFE569F7-646C-4512-969B-9BE3E580D393}, , [6ce2886f8cfd6fc742f78f9459aa24dc], 
PUP.Optional.BabylonToolBar.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}, , [6ce2886f8cfd6fc742f78f9459aa24dc], 
PUP.Optional.BabylonToolBar.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{C2996524-2187-441F-A398-CD6CB6B3D020}, , [6ce2886f8cfd6fc742f78f9459aa24dc], 
PUP.Optional.BabylonToolBar.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{E047E227-5342-4D94-80F7-CFB154BF55BD}, , [6ce2886f8cfd6fc742f78f9459aa24dc], 
PUP.Optional.BabylonToolBar.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}, , [6ce2886f8cfd6fc742f78f9459aa24dc], 
PUP.Optional.BabylonToolBar.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}, , [6ce2886f8cfd6fc742f78f9459aa24dc], 
PUP.Optional.BabylonToolBar.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{6E8BF012-2C85-4834-B10A-1B31AF173D70}, , [6ce2886f8cfd6fc742f78f9459aa24dc], 
PUP.Optional.Babylon.A, HKU\S-1-5-21-3668452077-1106565234-3799211801-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}, , [a5a915e2d2b776c0ab39eafe709249b7], 
PUP.Optional.SearchQu, HKU\S-1-5-21-3668452077-1106565234-3799211801-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{99079A25-328F-4BD4-BE04-00955ACAA0A7}, , [1935eb0c1d6c9d996e45f1fecc36e719], 
PUP.Optional.SearchQu, HKU\S-1-5-21-3668452077-1106565234-3799211801-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{99079A25-328F-4BD4-BE04-00955ACAA0A7}, , [1935eb0c1d6c9d996e45f1fecc36e719], 
PUP.Optional.DataMangr.A, HKLM\SOFTWARE\DataMngr, , [74dabd3af79251e568aa73231be804fc], 
PUP.Optional.SweetIM.A, HKLM\SOFTWARE\WOW6432NODE\SweetIM, , [ec6248af72173303015487e9d82bde22], 
PUP.Optional.DataMngr.A, HKU\S-1-5-21-3668452077-1106565234-3799211801-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Datamngr, , [222c74834c3dc076a5bd6e5a07fd1ce4], 
PUP.Optional.Softonic.A, HKU\S-1-5-21-3668452077-1106565234-3799211801-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Softonic, , [1b33c037395077bf00ecfd74b053a25e], 
PUP.Optional.SweetIM.A, HKU\S-1-5-21-3668452077-1106565234-3799211801-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SweetIM, , [92bcb344246544f21242b8b8d62dc33d], 
PUP.Optional.InstallCore.A, HKU\S-1-5-21-3668452077-1106565234-3799211801-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE, , [f35b16e1652489ad95f0cff914f04fb1], 

Registry Values: 1
PUP.Optional.InstallCore.A, HKU\S-1-5-21-3668452077-1106565234-3799211801-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE|tb, 0F1I1K1C1M1S1OtFtA0O, , [f35b16e1652489ad95f0cff914f04fb1]

Registry Data: 0
(No malicious items detected)

Folders: 2
PUP.Optional.Datamngr.A, C:\Users\KSIEGOWY\AppData\LocalLow\DataMngr, , [94ba9463d2b7db5b78043efe2cd79967], 
PUP.Optional.SearchQu.A, C:\Users\KSIEGOWY\AppData\LocalLow\searchquband, , [eb632fc84f3aa690b22f301707fcf60a], 

Files: 2
Trojan.FakeMS.ED, C:\Users\KSIEGOWY\AppData\Roaming\BtvStack.dll, , [51fdb2455d2caa8c498ab5533bc705fb], 
PUP.Optional.Datamngr.A, C:\Users\KSIEGOWY\AppData\LocalLow\DataMngr\{7CA1F051-A4FB-4143-B263-02B41E571EED}, , [94ba9463d2b7db5b78043efe2cd79967], 

Physical Sectors: 0
(No malicious items detected)


(end)