Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 13-03-2014 01 Ran by oem at 2014-04-06 17:36:33 Run:1 Running from C:\Users\oem\Downloads\Nowy folder Boot Mode: Normal ============================================== Content of fixlist: ***************** HKU\S-1-5-21-348518381-1321380691-2008726651-1000\...\Run: [Hoolapp Android] - "C:\Users\oem\AppData\Roaming\HOOLAP~2\Hoolapp.exe" /Minimized SearchScopes: HKLM - DefaultScope value is missing. CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION Task: {23B36A34-CB63-4F7D-B28E-2C7CB96E0F76} - System32\Tasks\Hoolapp For Android => C:\Users\oem\AppData\Roaming\HOOLAP~2\UPDATE~1\UPDATE~1.EXE <==== ATTENTION Task: {7D0AD5D0-3894-4863-BDFC-6927F480AAB5} - System32\Tasks\e-pity2012_kwiecien => C:\Program Files\e-file\e-pity2012\signxml.exe Task: {7D3FB116-371F-45AF-A5BF-D97EE6A2C99C} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files\IObit\Game Booster 3\AutoUpdate.exe Task: {95C34EC4-BCB3-4D3D-ABE5-5CDDE97A0EC9} - System32\Tasks\{AFA086F2-103D-400C-8506-F919BF522A7B} => C:\Program Files\EA GAMES\The Sims 2\Sims2.exe Task: {AAFDB0BF-6D31-4490-9B9D-C7B6B598B743} - System32\Tasks\Hoolapp Init => C:\Users\oem\AppData\Roaming\HOOLAP~2\Hoolapp.exe <==== ATTENTION Task: {B2A36907-30C4-42A7-9402-F842AC2856C9} - System32\Tasks\{66ECAC69-9F24-4167-AF55-29A7B6DE877F} => c:\program files\opera\opera.exe Task: {BAB0BBDE-F695-48E6-9D76-8E2FA1CE9D67} - System32\Tasks\e-pity2012_styczen => C:\Program Files\e-file\e-pity2012\signxml.exe Task: {CA779F3E-44C0-44ED-A1B8-F6AF014936B8} - System32\Tasks\{23C6E5FD-521A-4249-B8BC-45022A896765} => C:\Program Files\EA GAMES\The Sims 2\Sims2.exe Task: {D3D2AFF5-E808-41B0-B646-9E4B44B98B59} - System32\Tasks\{DF19921A-CC39-49B8-ADDC-D981DD0D8CD7} => C:\Program Files\EA GAMES\The Sims 2\Sims2.exe S3 EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys [X] S4 NVHDA; system32\drivers\nvhda32v.sys [X] S4 nvlddmkm; system32\DRIVERS\nvlddmkm.sys [X] S3 WinRing0_1_2_0; \??\C:\Program Files\IObit\Game Booster 3\Driver\WinRing0.sys [X] AlternateDataStreams: C:\Windows:40E81AA6A3C03BD4 C:\Program Files\Mozilla Firefox C:\ProgramData\InstallMate C:\Users\oem\AppData\Roaming\Hoolapp Packages C:\Users\oem\AppData\Roaming\HoolappForAndroid C:\Users\oem\AppData\Roaming\Mozilla C:\Users\oem\Downloads\Malwarebytes-AntiMalware(13117).exe Reg: reg delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Search" /f Reg: reg delete "HKCU\Software\Microsoft\Internet Explorer\Search" /f Reg: reg delete "HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes" /f Reg: reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes" /f Reg: reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes" /f ***************** HKU\S-1-5-21-348518381-1321380691-2008726651-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Hoolapp Android => Value deleted successfully. HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully. HKCU\SOFTWARE\Policies\Google => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{23B36A34-CB63-4F7D-B28E-2C7CB96E0F76} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{23B36A34-CB63-4F7D-B28E-2C7CB96E0F76} => Key deleted successfully. C:\Windows\System32\Tasks\Hoolapp For Android => Moved successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Hoolapp For Android => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7D0AD5D0-3894-4863-BDFC-6927F480AAB5} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7D0AD5D0-3894-4863-BDFC-6927F480AAB5} => Key deleted successfully. C:\Windows\System32\Tasks\e-pity2012_kwiecien => Moved successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\e-pity2012_kwiecien => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7D3FB116-371F-45AF-A5BF-D97EE6A2C99C} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7D3FB116-371F-45AF-A5BF-D97EE6A2C99C} => Key deleted successfully. C:\Windows\System32\Tasks\Game_Booster_AutoUpdate => Moved successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Game_Booster_AutoUpdate => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{95C34EC4-BCB3-4D3D-ABE5-5CDDE97A0EC9} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{95C34EC4-BCB3-4D3D-ABE5-5CDDE97A0EC9} => Key deleted successfully. C:\Windows\System32\Tasks\{AFA086F2-103D-400C-8506-F919BF522A7B} => Moved successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{AFA086F2-103D-400C-8506-F919BF522A7B} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{AAFDB0BF-6D31-4490-9B9D-C7B6B598B743} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AAFDB0BF-6D31-4490-9B9D-C7B6B598B743} => Key deleted successfully. C:\Windows\System32\Tasks\Hoolapp Init => Moved successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Hoolapp Init => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B2A36907-30C4-42A7-9402-F842AC2856C9} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B2A36907-30C4-42A7-9402-F842AC2856C9} => Key deleted successfully. C:\Windows\System32\Tasks\{66ECAC69-9F24-4167-AF55-29A7B6DE877F} => Moved successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{66ECAC69-9F24-4167-AF55-29A7B6DE877F} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BAB0BBDE-F695-48E6-9D76-8E2FA1CE9D67} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BAB0BBDE-F695-48E6-9D76-8E2FA1CE9D67} => Key deleted successfully. C:\Windows\System32\Tasks\e-pity2012_styczen => Moved successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\e-pity2012_styczen => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CA779F3E-44C0-44ED-A1B8-F6AF014936B8} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CA779F3E-44C0-44ED-A1B8-F6AF014936B8} => Key deleted successfully. C:\Windows\System32\Tasks\{23C6E5FD-521A-4249-B8BC-45022A896765} => Moved successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{23C6E5FD-521A-4249-B8BC-45022A896765} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D3D2AFF5-E808-41B0-B646-9E4B44B98B59} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D3D2AFF5-E808-41B0-B646-9E4B44B98B59} => Key deleted successfully. C:\Windows\System32\Tasks\{DF19921A-CC39-49B8-ADDC-D981DD0D8CD7} => Moved successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{DF19921A-CC39-49B8-ADDC-D981DD0D8CD7} => Key deleted successfully. EagleXNt => Service deleted successfully. NVHDA => Service deleted successfully. nvlddmkm => Service deleted successfully. WinRing0_1_2_0 => Service deleted successfully. C:\Windows => ":40E81AA6A3C03BD4" ADS removed successfully. C:\Program Files\Mozilla Firefox => Moved successfully. C:\ProgramData\InstallMate => Moved successfully. "C:\Users\oem\AppData\Roaming\Hoolapp Packages" => File/Directory not found. C:\Users\oem\AppData\Roaming\HoolappForAndroid => Moved successfully. C:\Users\oem\AppData\Roaming\Mozilla => Moved successfully. C:\Users\oem\Downloads\Malwarebytes-AntiMalware(13117).exe => Moved successfully. ========= reg delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Search" /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete "HKCU\Software\Microsoft\Internet Explorer\Search" /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete "HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes" /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes" /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes" /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ==== End of Fixlog ====