Fix result of Farbar Recovery Scan Tool (x64) Version:06-05-2016 01 Ran by ANNANE-PCB (2016-05-05 20:13:39) Run:1 Running from C:\Users\ANNANE-PCB\Desktop Loaded Profiles: ANNANE-PCB (Available Profiles: ANNANE-PCB) Boot Mode: Normal ============================================== fixlist content: ***************** start CreateRestorePoint: CloseProcesses: RemoveProxy: HKLM\...\Run: [hola] => C:\Program Files\Hola\app\hola.exe [2032256 2015-09-19] (Hola Networks Ltd.) CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION SearchScopes: HKU\S-1-5-21-1558545629-2837103762-1236657052-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = FF Plugin HKU\S-1-5-21-1558545629-2837103762-1236657052-1001: @hola.org/FlashPlayer -> C:\Users\ANNANE-PCB\AppData\Local\Hola\firefox_hola\app\flash\NPSWF32_18_0_0_232.dll [2015-09-19] () FF Plugin HKU\S-1-5-21-1558545629-2837103762-1236657052-1001: @hola.org/vlc -> C:\Users\ANNANE-PCB\AppData\Local\Hola\firefox_hola\app\vlc\npvlc.dll [2015-09-19] (Hola) CHR Extension: (Unlimited Free VPN - Hola) - C:\Users\ANNANE-PCB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2016-05-04] S4 hola_svc; C:\Program Files\Hola\app\hola_svc.exe [8105600 2015-09-19] (Hola Networks Ltd.) S4 hola_updater; C:\Program Files\Hola\app\hola_updater.exe [8105600 2015-09-19] (Hola Networks Ltd.) S3 esgiguard; \??\C:\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys [X] 2016-05-04 13:31 - 2015-09-19 15:23 - 00001076 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hola.lnk Hola? 1.9.624 - Better Internet (HKLM\...\Hola) (Version: 1.9.624 - Hola Networks Ltd.) Task: {BF7B04A1-80C0-46C3-959A-66BCD154D3DC} - System32\Tasks\Browser Updater Task(Core) => C:\Program Files (x86)\QQBrowser\Update\615B4C1B214DECEEAD90BFFC5DE50EC2\Update\BrowserUpdate.exe [2016-04-08] (Tencent) <==== ATTENTION Task: {F20AA29A-E685-491F-A3C8-8B459AFD2E78} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2015-08-19] () IE trusted site: HKU\S-1-5-21-1558545629-2837103762-1236657052-1001\...\hola.org -> hxxp://hola.org MSCONFIG\Services: hola_svc => 2 MSCONFIG\Services: hola_updater => 2 HKLM\...\StartupApproved\Run: => "hola" CMD: netsh winsock reset all CMD: ipconfig /flushdns hosts: EmptyTemp: Reboot: end ***************** Error: (0) Failed to create a restore point. Processes closed successfully. ========= RemoveProxy: ========= HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully HKU\S-1-5-21-1558545629-2837103762-1236657052-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully HKU\S-1-5-21-1558545629-2837103762-1236657052-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully ========= End of RemoveProxy: ========= HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\hola => value removed successfully "HKLM\SOFTWARE\Policies\Google" => key removed successfully HKU\S-1-5-21-1558545629-2837103762-1236657052-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully "HKU\S-1-5-21-1558545629-2837103762-1236657052-1001\Software\MozillaPlugins\@hola.org/FlashPlayer" => key removed successfully C:\Users\ANNANE-PCB\AppData\Local\Hola\firefox_hola\app\flash\NPSWF32_18_0_0_232.dll => moved successfully "HKU\S-1-5-21-1558545629-2837103762-1236657052-1001\Software\MozillaPlugins\@hola.org/vlc" => key removed successfully C:\Users\ANNANE-PCB\AppData\Local\Hola\firefox_hola\app\vlc\npvlc.dll => moved successfully C:\Users\ANNANE-PCB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio => moved successfully hola_svc => service removed successfully hola_updater => service removed successfully esgiguard => service removed successfully C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hola.lnk => moved successfully Hola? 1.9.624 - Better Internet (HKLM\...\Hola) (Version: 1.9.624 - Hola Networks Ltd.) => Error: No automatic fix found for this entry. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BF7B04A1-80C0-46C3-959A-66BCD154D3DC}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BF7B04A1-80C0-46C3-959A-66BCD154D3DC}" => key removed successfully C:\WINDOWS\System32\Tasks\Browser Updater Task(Core) => moved successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Browser Updater Task(Core)" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{F20AA29A-E685-491F-A3C8-8B459AFD2E78}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F20AA29A-E685-491F-A3C8-8B459AFD2E78}" => key removed successfully C:\WINDOWS\System32\Tasks\AutoKMS => moved successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMS" => key removed successfully "HKU\S-1-5-21-1558545629-2837103762-1236657052-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\hola.org" => key removed successfully MSCONFIG\Services: hola_svc => 2 => Error: No automatic fix found for this entry. MSCONFIG\Services: hola_updater => 2 => Error: No automatic fix found for this entry. HKLM\...\StartupApproved\Run: => "hola" => Error: No automatic fix found for this entry. ========= netsh winsock reset all ========= Sucessfully reset the Winsock Catalog. You must restart the computer in order to complete the reset. ========= End of CMD: ========= ========= ipconfig /flushdns ========= Windows IP Configuration Successfully flushed the DNS Resolver Cache. ========= End of CMD: ========= C:\Windows\System32\Drivers\etc\hosts => moved successfully Hosts restored successfully. EmptyTemp: => 640.5 MB temporary data Removed. The system needed a reboot. ==== End of Fixlog 20:14:25 ====