Fix result of Farbar Recovery Scan Tool (x86) Version: 20-08-2017
Ran by user (05-09-2017 20:35:37) Run:1
Running from C:\Users\user\Desktop
Loaded Profiles: user (Available Profiles: user)
Boot Mode: Normal
==============================================
fixlist content:
*****************
CloseProcesses:
CreateRestorePoint:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
GroupPolicy: Restriction - Chrome <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {25219045-DDED-4F16-AEA7-86746D8CB50F} - System32\Tasks\{7A4D1262-9828-7AF2-F379-576B80005643} => C:\Users\user\AppData\Roaming\{E028D~1\SYNCVE~1.EXE <==== ATTENTION
Task: {38AB0084-B21B-478A-962A-E3911E3F0E6C} - System32\Tasks\{AAA94F4C-E1B4-4FDF-A4B4-0749DF8D48F3} => C:\Windows\system32\pcalua.exe -a E:\dxtbmpx.exe -d E:\
Task: {94EBF84D-E808-45AF-AAD4-07585BA0C52B} - System32\Tasks\6ib8X8ehS5 => C:\Program Files\iXIT4OlrUs\updengine.exe <==== ATTENTION
Task: {B2485313-92A5-4769-8903-5D195EFA63F2} - System32\Tasks\{421907EC-CEBA-4733-9FC7-4702A71A1624} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\Corel\CorelDRAW Graphics Suite X4\Setup\Setup.exe" -d "C:\Program Files\Corel\CorelDRAW Graphics Suite X4\Setup"
Task: {CC62A445-40A3-481D-9A44-E7F0C45D1D7B} - System32\Tasks\{C937A853-7DB1-4BAB-903F-826306BCC626} => C:\Windows\system32\pcalua.exe -a "C:\Users\Public\Pictures\Sample Pictures\BUAT REFRESHING\BONUS IEU MAH\hamsterballgold.exe" -d "C:\Users\Public\Pictures\Sample Pictures\BUAT REFRESHING\BONUS IEU MAH"
Task: C:\Windows\Tasks\{7A4D1262-9828-7AF2-F379-576B80005643}.job => C:\Users\user\AppData\Roaming\{E028D~1\SYNCVE~1.EXE <==== ATTENTION
WMI_ActiveScriptEventConsumer_ASEC: <==== ATTENTION
C:\Program Files\iXIT4OlrUs
C:\ProgramData\ntuser.pol
C:\ProgramData\10C77F344F.sys
C:\ProgramData\KGyGaAvL.sys
C:\Users\user\AppData\Roaming\{E028D~1
C:\Users\user\AppData\Roaming\dea986aa0a41453380053473a9e3b4b9
C:\Users\user\AppData\Roaming\79e080882b88491cb58be9c135d70c32
EmptyTemp:
*****************
Processes closed successfully.
Restore point was successfully created.
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => key removed successfully.
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
HKLM\SOFTWARE\Policies\Google => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{25219045-DDED-4F16-AEA7-86746D8CB50F} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{25219045-DDED-4F16-AEA7-86746D8CB50F} => key removed successfully.
C:\Windows\System32\Tasks\{7A4D1262-9828-7AF2-F379-576B80005643} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{7A4D1262-9828-7AF2-F379-576B80005643} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{38AB0084-B21B-478A-962A-E3911E3F0E6C} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{38AB0084-B21B-478A-962A-E3911E3F0E6C} => key removed successfully.
C:\Windows\System32\Tasks\{AAA94F4C-E1B4-4FDF-A4B4-0749DF8D48F3} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{AAA94F4C-E1B4-4FDF-A4B4-0749DF8D48F3} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{94EBF84D-E808-45AF-AAD4-07585BA0C52B} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{94EBF84D-E808-45AF-AAD4-07585BA0C52B} => key removed successfully.
C:\Windows\System32\Tasks\6ib8X8ehS5 => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\6ib8X8ehS5 => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B2485313-92A5-4769-8903-5D195EFA63F2} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B2485313-92A5-4769-8903-5D195EFA63F2} => key removed successfully.
C:\Windows\System32\Tasks\{421907EC-CEBA-4733-9FC7-4702A71A1624} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{421907EC-CEBA-4733-9FC7-4702A71A1624} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CC62A445-40A3-481D-9A44-E7F0C45D1D7B} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CC62A445-40A3-481D-9A44-E7F0C45D1D7B} => key removed successfully.
C:\Windows\System32\Tasks\{C937A853-7DB1-4BAB-903F-826306BCC626} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C937A853-7DB1-4BAB-903F-826306BCC626} => key removed successfully.
C:\Windows\Tasks\{7A4D1262-9828-7AF2-F379-576B80005643}.job => moved successfully
WMI_ActiveScriptEventConsumer_ASEC: <==== ATTENTION => removed successfully.
"C:\Program Files\iXIT4OlrUs" => not found.
C:\ProgramData\ntuser.pol => moved successfully
C:\ProgramData\10C77F344F.sys => moved successfully
C:\ProgramData\KGyGaAvL.sys => moved successfully
C:\Users\user\AppData\Roaming\{E028D~1 => moved successfully
C:\Users\user\AppData\Roaming\dea986aa0a41453380053473a9e3b4b9 => moved successfully
C:\Users\user\AppData\Roaming\79e080882b88491cb58be9c135d70c32 => moved successfully
=========== EmptyTemp: ==========
BITS transfer queue => 8388608 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 6426037 B
Java, Flash, Steam htmlcache => 554 B
Windows/system/drivers => 1583457 B
Edge => 0 B
Chrome => 0 B
Firefox => 14912988 B
Opera => 71387256 B
Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 50110 B
Public => 0 B
ProgramData => 0 B
systemprofile => 83247 B
LocalService => 132244 B
NetworkService => 692 B
user => 11485920 B
RecycleBin => 0 B
EmptyTemp: => 109.1 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 20:36:33 ====