Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 20-04-2014 01 Ran by hp at 2014-04-20 19:28:59 Run:1 Running from C:\Users\hp\Downloads Boot Mode: Normal ============================================== Content of fixlist: ***************** HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [avast5] => "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui HKLM-x32\...\Run: [vProt] => "C:\Program Files (x86)\AVG Secure Search\vprot.exe" R2 vToolbarUpdater14.2.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe [968880 2013-02-18] () R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [39768 2013-02-18] (AVG Technologies) Task: {0426A478-17DE-4BB5-8538-C68845C6D134} - System32\Tasks\EPUpdater => C:\Users\hp\AppData\Roaming\BabSolution\Shared\BabMaint.exe [2013-09-01] () <==== ATTENTION Task: {16361207-DA25-4500-B870-D93ED91A8C0C} - System32\Tasks\{F37CDAB3-95FA-47C8-B10E-20E484805711} => Firefox.exe http://ui.skype.com/ui/0/6.5.0.158/pl/abandoninstall?page=tsProgressBar Task: {496A8365-6DE9-4E3D-9702-E8A230B032BA} - System32\Tasks\{3A6E802E-FD94-4D04-9D97-8322F1F61E3E} => Firefox.exe http://ui.skype.com/ui/0/5.9.0.123/pl/abandoninstall?page=tsMain Task: {5D67A4E0-18B8-4034-AD8D-B5E0BCBAFE4C} - System32\Tasks\{A4ECFA3E-8D25-40FD-B237-E847857414D1} => C:\Program Files (x86)\Deluxe Ski Jump 3\DSJ3.exe Task: {801DCC1A-A509-4061-8A02-C0BBB692F1FF} - System32\Tasks\{920BA046-5989-4DCA-B56E-CD39FF2B2602} => C:\Program Files (x86)\Deluxe Ski Jump 3\DSJ3.exe Task: {81534CE9-F781-46EC-B35F-CCB07E1DEFE6} - System32\Tasks\{1A6D158E-8945-47AB-88C0-D87F8D37DB54} => Firefox.exe http://ui.skype.com/ui/0/5.9.0.123/pl/abandoninstall?page=tsMain Task: {ED95A825-798D-43FD-97BC-29B30821E09F} - System32\Tasks\{0B318207-54F9-4147-BB5B-306F93CC0215} => C:\Program Files (x86)\Deluxe Ski Jump 3\DSJ3.exe HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = http://www.searchgol.com/?babsrc=HP_ss&mntrId=EC6178E400D81602&affID=125032&tsp=5035 URLSearchHook: HKCU - (No Name) - {687578b9-7132-4a7a-80e4-30ee31099e03} - No File StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = BHO: AVG Safe Search - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll No File BHO-x32: AVG Safe Search - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll No File BHO-x32: searchgol Helper Object - {8F547BDD-FCD4-48F8-A06F-573D6F404A3C} - C:\Program Files (x86)\searchgol\searchgol\1.8.16.19\bh\searchgol.dll (Montera Technologeis LTD) Toolbar: HKLM-x32 - searchgol Toolbar - {00078E95-3A4A-4137-8DE7-2824908D1C17} - C:\Program Files (x86)\searchgol\searchgol\1.8.16.19\searchgolTlbr.dll (Montera Technologeis LTD) Toolbar: HKCU - No Name - {687578B9-7132-4A7A-80E4-30EE31099E03} - No File Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll No File Handler-x32: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll No File CHR HKLM-x32\...\Chrome\Extension: [aipfmkinhleccnodemkoofnnofpbbpac] - C:\Users\hp\AppData\Roaming\BabSolution\CR\searchgol.crx [2013-10-14] CHR HKLM-x32\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\ProgramData\AVG Secure Search\ChromeExt\14.2.0.1\avg.crx [2014-03-03] CHR HKLM-x32\...\Chrome\Extension: [pacgpkgadgmibnhpdidcnfafllnmeomc] - C:\Users\hp\AppData\Local\Temp\ccex.crx [2014-03-03] FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt\ C:\Program Files (x86)\Mozilla Firefox\extensions C:\Program Files (x86)\mozilla firefox\plugins C:\Program Files (x86)\Common Files\AVG Secure Search C:\ProgramData\AVG Secure Search C:\Users\hp\AppData\Roaming\BabSolution C:\Windows\system32\drivers\avgtpx64.sys Reboot: ***************** HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => Value deleted successfully. HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\avast5 => Value deleted successfully. HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\vProt => Value deleted successfully. vToolbarUpdater14.2.0 => Service stopped successfully. vToolbarUpdater14.2.0 => Service deleted successfully. avgtp => Service stopped successfully. avgtp => Service deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0426A478-17DE-4BB5-8538-C68845C6D134} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0426A478-17DE-4BB5-8538-C68845C6D134} => Key deleted successfully. C:\Windows\System32\Tasks\EPUpdater => Moved successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\EPUpdater => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{16361207-DA25-4500-B870-D93ED91A8C0C} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{16361207-DA25-4500-B870-D93ED91A8C0C} => Key deleted successfully. C:\Windows\System32\Tasks\{F37CDAB3-95FA-47C8-B10E-20E484805711} => Moved successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{F37CDAB3-95FA-47C8-B10E-20E484805711} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{496A8365-6DE9-4E3D-9702-E8A230B032BA} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{496A8365-6DE9-4E3D-9702-E8A230B032BA} => Key deleted successfully. C:\Windows\System32\Tasks\{3A6E802E-FD94-4D04-9D97-8322F1F61E3E} => Moved successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{3A6E802E-FD94-4D04-9D97-8322F1F61E3E} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5D67A4E0-18B8-4034-AD8D-B5E0BCBAFE4C} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5D67A4E0-18B8-4034-AD8D-B5E0BCBAFE4C} => Key deleted successfully. C:\Windows\System32\Tasks\{A4ECFA3E-8D25-40FD-B237-E847857414D1} => Moved successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{A4ECFA3E-8D25-40FD-B237-E847857414D1} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{801DCC1A-A509-4061-8A02-C0BBB692F1FF} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{801DCC1A-A509-4061-8A02-C0BBB692F1FF} => Key deleted successfully. C:\Windows\System32\Tasks\{920BA046-5989-4DCA-B56E-CD39FF2B2602} => Moved successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{920BA046-5989-4DCA-B56E-CD39FF2B2602} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{81534CE9-F781-46EC-B35F-CCB07E1DEFE6} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{81534CE9-F781-46EC-B35F-CCB07E1DEFE6} => Key deleted successfully. C:\Windows\System32\Tasks\{1A6D158E-8945-47AB-88C0-D87F8D37DB54} => Moved successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{1A6D158E-8945-47AB-88C0-D87F8D37DB54} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{ED95A825-798D-43FD-97BC-29B30821E09F} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ED95A825-798D-43FD-97BC-29B30821E09F} => Key deleted successfully. C:\Windows\System32\Tasks\{0B318207-54F9-4147-BB5B-306F93CC0215} => Moved successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{0B318207-54F9-4147-BB5B-306F93CC0215} => Key deleted successfully. HKCU\Software\Microsoft\Internet Explorer\Main\\bProtector Start Page => Value deleted successfully. HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{687578b9-7132-4a7a-80e4-30ee31099e03} => Value deleted successfully. HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\\Default => Value was restored successfully. HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully. HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully. HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully. HKCR\Wow6432Node\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4b71-B0A3-3D82E62A6909} => Key deleted successfully. HKCR\CLSID\{483830EE-A4CD-4b71-B0A3-3D82E62A6909} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} => Key deleted successfully. HKCR\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} => Key deleted successfully. HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} => Key deleted successfully. HKCR\Wow6432Node\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} => Key deleted successfully. HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8F547BDD-FCD4-48F8-A06F-573D6F404A3C} => Key deleted successfully. HKCR\Wow6432Node\CLSID\{8F547BDD-FCD4-48F8-A06F-573D6F404A3C} => Key deleted successfully. HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{00078E95-3A4A-4137-8DE7-2824908D1C17} => Value deleted successfully. HKCR\Wow6432Node\CLSID\{00078E95-3A4A-4137-8DE7-2824908D1C17} => Key deleted successfully. HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{687578B9-7132-4A7A-80E4-30EE31099E03} => Value deleted successfully. HKCR\CLSID\{687578B9-7132-4A7A-80E4-30EE31099E03} => Key deleted successfully. HKCR\PROTOCOLS\Handler\linkscanner => Key deleted successfully. HKCR\CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} => Key deleted successfully. HKCR\Wow6432Node\PROTOCOLS\Handler\linkscanner => Key deleted successfully. HKCR\Wow6432Node\CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} => Key deleted successfully. HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\aipfmkinhleccnodemkoofnnofpbbpac => Key deleted successfully. C:\Users\hp\AppData\Roaming\BabSolution\CR\searchgol.crx => Moved successfully. HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof => Key deleted successfully. "C:\ProgramData\AVG Secure Search\ChromeExt\14.2.0.1\avg.crx" => File/Directory not found. HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc => Key deleted successfully. "C:\Users\hp\AppData\Local\Temp\ccex.crx" => File/Directory not found. HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\otis@digitalpersona.com => Value deleted successfully. C:\Program Files (x86)\Mozilla Firefox\extensions => Moved successfully. C:\Program Files (x86)\Mozilla Firefox\plugins => Moved successfully. C:\Program Files (x86)\Common Files\AVG Secure Search => Moved successfully. "C:\ProgramData\AVG Secure Search" => File/Directory not found. C:\Users\hp\AppData\Roaming\BabSolution => Moved successfully. C:\Windows\system32\drivers\avgtpx64.sys => Moved successfully. The system needed a reboot. ==== End of Fixlog ====