Fix result of Farbar Recovery Scan Tool (x64) Version: 07-06-2019
Ran by Martin (08-06-2019 11:51:34) Run:1
Running from C:\Users\Martin\Desktop
Loaded Profiles: Martin (Available Profiles: Martin)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
File: C:\Program Files\IDT\WDM\STacSV64.exe
HKU\S-1-5-21-480301115-1732695192-1998050490-1000\...\Run: [Power2GoExpress8] => NA
HKU\S-1-5-21-480301115-1732695192-1998050490-1000\...\MountPoints2: {26e05a4a-b7f7-11e4-a6e9-806e6f6e6963} - "D:\Wolfenstein II Setup.exe"
Task: {00670AF6-AA12-465B-9693-95D677B43B84} - System32\Tasks\ESTsoft RunAsStdUser 18724425Task => C:\FILES\Nov� slo�ka\ALZip\ALZip.exe
Task: {AC133C1E-ECBD-49CD-90E9-9C56CF088E2B} - System32\Tasks\{AA318096-423C-42D0-9CAB-7AC11837ABA7} => C:\Windows\system32\pcalua.exe -a C:\WINDOWS\st6unst.exe -c -n "C:\Program Files (x86)\Microsoft Games\ST6UNST.LOG"
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://
www.msn.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\4.3.8.566\AVG Web TuneUp.dll => No File
Toolbar: HKU\S-1-5-21-480301115-1732695192-1998050490-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.3.8\\npsitesafety.dll [No File]
2019-06-06 07:15 - 2019-06-06 07:15 - 000000000 ____D C:\Users\Martin\Desktop\FRST-OlderVersion
2015-08-03 19:04 - 2019-06-04 21:12 - 000000000 _____ () C:\Users\Martin\AppData\Roaming\FileIn.cns
2015-08-03 19:04 - 2019-06-04 21:12 - 000000000 _____ () C:\Users\Martin\AppData\Roaming\FileOut.cns
2016-10-14 20:46 - 2016-10-14 20:46 - 000000000 ___SH () C:\Users\Martin\AppData\Local\LumaEmu
CustomCLSID: HKU\S-1-5-21-480301115-1732695192-1998050490-1000_Classes\CLSID\{073CB204-6B29-46FC-AB98-451F1D068741}\InprocServer32 -> C:\Program Files\Autodesk\3ds Max 2016\Inventor Server\Bin\TestServer.dll => No File
CustomCLSID: HKU\S-1-5-21-480301115-1732695192-1998050490-1000_Classes\CLSID\{8C23B656-4E6E-4B45-9920-9617168D39A3}\InprocServer32 -> C:\Program Files\Autodesk\3ds Max 2016\Inventor Server\Bin\TestServer.dll => No File
CustomCLSID: HKU\S-1-5-21-480301115-1732695192-1998050490-1000_Classes\CLSID\{E5B0515D-48D2-4F04-906D-0192ED65A2DD}\InprocServer32 -> C:\Program Files\Autodesk\3ds Max 2016\Inventor Server\Bin\TestServer.dll => No File
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
Hosts:
EmptyTemp:
End
*****************
Processes closed successfully.
Restore point was successfully created.
========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========
Count : 27
Average :
Sum : 11885190
Maximum :
Minimum :
Property : Length
========= End of Powershell: =========
========================= File: C:\Program Files\IDT\WDM\STacSV64.exe ========================
C:\Program Files\IDT\WDM\STacSV64.exe
File not signed
MD5: D67F951F6BA708812420195B8D0AB8B6
Creation and modification date: 2015-02-19 17:14 - 2013-11-13 02:56
Size: 000339456
Attributes: ----N
Company Name: IDT, Inc.
Internal Name: IDT PCA
Original Name: stacsv64.exe
Product: IDT PC Audio
Description: IDT PC Audio
File Version: 1.0.6491.0
Product Version: 1.0.6491.0
Copyright: Copyright © 2004 - 2009 IDT, Inc.
VirusTotal:
https://www.virustotal.com/file/6583db2 ... 558458505/
====== End of File: ======
"HKU\S-1-5-21-480301115-1732695192-1998050490-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Power2GoExpress8" => removed successfully
HKU\S-1-5-21-480301115-1732695192-1998050490-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{26e05a4a-b7f7-11e4-a6e9-806e6f6e6963} => removed successfully
HKLM\Software\Classes\CLSID\{26e05a4a-b7f7-11e4-a6e9-806e6f6e6963} => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{00670AF6-AA12-465B-9693-95D677B43B84}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{00670AF6-AA12-465B-9693-95D677B43B84}" => removed successfully
C:\Windows\System32\Tasks\ESTsoft RunAsStdUser 18724425Task => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ESTsoft RunAsStdUser 18724425Task" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AC133C1E-ECBD-49CD-90E9-9C56CF088E2B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AC133C1E-ECBD-49CD-90E9-9C56CF088E2B}" => removed successfully
C:\Windows\System32\Tasks\{AA318096-423C-42D0-9CAB-7AC11837ABA7} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{AA318096-423C-42D0-9CAB-7AC11837ABA7}" => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} => removed successfully
"HKU\S-1-5-21-480301115-1732695192-1998050490-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F}" => removed successfully
HKLM\Software\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => not found
HKLM\Software\Wow6432Node\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin => removed successfully
C:\Users\Martin\Desktop\FRST-OlderVersion => moved successfully
C:\Users\Martin\AppData\Roaming\FileIn.cns => moved successfully
C:\Users\Martin\AppData\Roaming\FileOut.cns => moved successfully
C:\Users\Martin\AppData\Local\LumaEmu => moved successfully
HKU\S-1-5-21-480301115-1732695192-1998050490-1000_Classes\CLSID\{073CB204-6B29-46FC-AB98-451F1D068741} => removed successfully
HKU\S-1-5-21-480301115-1732695192-1998050490-1000_Classes\CLSID\{8C23B656-4E6E-4B45-9920-9617168D39A3} => removed successfully
HKU\S-1-5-21-480301115-1732695192-1998050490-1000_Classes\CLSID\{E5B0515D-48D2-4F04-906D-0192ED65A2DD} => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avg => removed successfully
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => not found
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\00avg => removed successfully
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
=========== EmptyTemp: ==========
BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 59493851 B
Java, Flash, Steam htmlcache => 317669477 B
Windows/system/drivers => 4358896206 B
Edge => 0 B
Chrome => 379690916 B
Firefox => 33275528 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 66228 B
systemprofile32 => 66356 B
LocalService => 0 B
NetworkService => 9230 B
Martin => 20915368104 B
RecycleBin => 151415 B
EmptyTemp: => 24.3 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 11:56:00 ====