FreeFixer v1.13 log
http://www.freefixer.com/
Operating system: Windows 7 Service Pack 1
Log dated 2016-10-24 23:39


AppInit_DLLs
============
32-bit, C:\PROGRA~2\KeyCryptSDK\KeyCrypt32(4).dll, signer: Zemana Ltd. [valid]
64-bit, C:\PROGRA~2\KeyCryptSDK\KeyCrypt64(4).dll, signer: Zemana Ltd. [valid]

TCP/IP settings
===============
HKLM\..\Interfaces\{D1430F22-71B9-470D-8DB9-D51523E4BD41}, NameServer = 208.67.222.222,208.67.220.220,93.174.25.97

Browser Helper Objects
======================
32-bit, {2A646672-9C3A-4C28-9A7A-1FB0F63F28B6}, IE 4.x-6.x BHO for Internet Download Accelerator, C:\PROGRA~2\IDA\idaiehlp.dll, signer: Download Master [valid]

Internet Explorer extensions
============================
HKLM\..Wow6432Node..\Extensions\{9819CC0E-9669-4D01-9CD7-2C66DA43AC6C} - Internet Download Accelerator

Registry Startups (2 whitelisted)
=================================
HKLM\..\Run,  = "D:\PROGRAMY\Bongiovi DPS\Bongiovi DPS.exe", signer: Bongiovi Acoustics, LLC [valid]
HKLM\..Wow6432Node..\Run, KeyScrambler = C:\Program Files (x86)\KeyScrambler\keyscrambler.exe /a, signer: QFX Software Corporation [valid]
HKCU\..\Run, Nexus = C:\Program Files (x86)\Winstep\Nexus.exe autostart, signer: [unsigned]
HKCU\..\Run, Adguard = C:\Program Files (x86)\Adguard\Adguard.exe /nosplash, signer: Performix LLC [valid]

Scheduled tasks (50 whitelisted)
================================
Anvirlauncher, "C:\Program Files (x86)\AnVir Task Manager\anvirlauncher.exe" , signer: AnVir Software [valid]
AVG EUpdate Task, avgsetupx.exe /eu (file is missing)
Driver Booster Scheduler, C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe /scheduler, signer: IObit Information Technology [valid]
Driver Booster SkipUAC (Leszek), C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe /skipuac, signer: IObit Information Technology [valid]
DriverDR Scheduled Scan, C:\Program Files\DriverDR.com\DriverDR\DriverDR.exe --scan, signer: Easeware Technology Limited [valid]
RegOrganizerQuickLaunch, D:\PROGRAMY\Reg Organizer\RegOrganizer.exe -RegistryEditor -ForceForeground -NoSplash, signer: Konstantin Evgenievich Polyakov IP [valid]
Scan and Repair, rundll32.exe TaskSchedulerHelper.dll,RunTask "BoostSpeed.exe" "-UseTray -Schedule" (file is missing)

Processes (39 whitelisted)
==========================
C:\Program Files (x86)\Adguard\AdguardSvc.exe, signer: Performix LLC [valid]
C:\Program Files (x86)\AnVir Task Manager\anvirlauncher.exe, signer: AnVir Software [valid]
D:\PROGRAMY\Bongiovi DPS\Bongiovi DPS.exe, signer: Bongiovi Acoustics, LLC [valid]
C:\Program Files (x86)\Winstep\Nexus.exe, signer: [unsigned]
C:\Program Files (x86)\Adguard\Adguard.exe, signer: Performix LLC [valid]
C:\Program Files (x86)\KeyScrambler\KeyScrambler.exe, signer: QFX Software Corporation [valid]
C:\Program Files (x86)\KeyScrambler\x64\KeyScrambler.exe, signer: QFX Software Corporation [valid]
C:\Program Files\FreeFixer\freefixer.exe, signer: [unsigned]

Application modules (99 whitelisted)
====================================
C:\PROGRA~2\KeyCryptSDK\KeyCrypt64(4).dll, signer: Zemana Ltd. [valid]

Services (45 whitelisted)
=========================
Adguard Service, Adguard Service, c:\program files (x86)\adguard\adguardsvc.exe, signer: Performix LLC [valid]

Svchost.exe Modules (225 whitelisted)
=====================================
C:\PROGRA~2\KeyCryptSDK\KeyCrypt64(4).dll, signer: Zemana Ltd. [valid]

Explorer.exe Modules (190 whitelisted)
======================================
C:\PROGRA~2\KeyCryptSDK\KeyCrypt64(4).dll, signer: Zemana Ltd. [valid]
C:\Windows\assembly\NativeImages_v4.0.30319_64\mscorlib\0b312f3f14daccc8bdc79fdcd75a45e2\mscorlib.ni.dll, signer: [unsigned]
C:\Windows\assembly\NativeImages_v4.0.30319_64\System\9a2715c05cb7bc5d06a7cc5801c474ca\System.ni.dll, signer: [unsigned]
C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Core\82c05157a6f4f6a2690055ba9d050986\System.Core.ni.dll, signer: [unsigned]
C:\Windows\assembly\NativeImages_v4.0.30319_64\Accessibility\eeb59efbca6c65884b491c4efa92dc88\Accessibility.ni.dll, signer: [unsigned]

Winlogon.exe Modules (32 whitelisted)
=====================================
C:\PROGRA~2\KeyCryptSDK\KeyCrypt64(4).dll, signer: Zemana Ltd. [valid]

Drivers (64 whitelisted)
========================
adgnetworktdidrv, adgnetworktdidrv, C:\Windows\system32\drivers\adgnetworktdidrv.sys, signer: Performix LLC [valid]
dvdfabio, dvdfabio, c:\windows\system32\drivers\dvdfabio.sys, signer: Fengtao Software Inc. [valid]
HWiNFO32, HWiNFO32/64 Kernel Driver, c:\windows\syswow64\drivers\hwinfo64a.sys, signer: Martin Malik - REALiX [valid]
ZAM, ZAM Helper Driver, c:\windows\system32\drivers\zam64.sys (file is missing)
ZAM_Guard, ZAM Guard Driver, c:\windows\system32\drivers\zamguard64.sys (file is missing)

Firefox Extensions
==================
FT DeepDark, c:\users\leszek\appdata\roaming\mozilla\firefox\profiles\15eunx8e.default\extensions\{77d2ed30-4cd2-11e0-b8af-0800200c9a66}\install.rdf, signer: [unsigned]
adguard-adblocker, c:\users\leszek\appdata\roaming\mozilla\firefox\profiles\15eunx8e.default\extensions\adguardadblocker@adguard.com.xpi, signer: [unsigned]
VTzilla, c:\users\leszek\appdata\roaming\mozilla\firefox\profiles\15eunx8e.default\extensions\info@virustotal.com.xpi, signer: [unsigned]
FlashGot, c:\users\leszek\appdata\roaming\mozilla\firefox\profiles\15eunx8e.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi, signer: [unsigned]
, c:\program files\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi, signer: [unsigned]
Failed to locate install.rdf in 'c:\program files\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi'
Internet Download Accelerator Plugin, c:\program files (x86)\ida\distribution\bundles\idapluginff@westbyte.com\install.rdf, signer: [unsigned]
Internet Download Accelerator Media Monitor, c:\program files (x86)\ida\distribution\bundles\idamm@westbyte.com\install.rdf, signer: [unsigned]
Internet Download Accelerator Toolbar, c:\program files (x86)\ida\distribution\bundles\idabarff@westbyte.com\install.rdf, signer: [unsigned]
IDA Remote Download, c:\program files (x86)\ida\distribution\bundles\idaremote@westbyte.com\install.rdf, signer: [unsigned]

Recently created/modified files
===============================
33 minutes, c:\Windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Vsa\a788229a0bd07adb717a7606ac220498\Microsoft.Vsa.ni.dll, signer: [unsigned]
33 minutes, c:\Windows\assembly\NativeImages_v2.0.50727_64\Microsoft.JScript\b04ae022e36cedef265d2de74afcfebf\Microsoft.JScript.ni.dll, signer: [unsigned]
33 minutes, c:\Windows\assembly\NativeImages_v2.0.50727_64\System.Management\423a86328b4997e022986fc2450b9971\System.Management.ni.dll, signer: [unsigned]
33 minutes, c:\Windows\assembly\NativeImages_v2.0.50727_64\Utils\571c67912283cb50d3159d3adc520054\Utils.ni.dll, signer: [unsigned]
33 minutes, c:\Windows\assembly\NativeImages_v2.0.50727_64\Startup Delayer\39a0042d79ed93d954646ed39d4784a4\Startup Delayer.ni.exe, signer: [unsigned]
33 minutes, c:\Windows\assembly\NativeImages_v2.0.50727_64\Startup Delayer Loc#\71532f5d58f0ef9a40565f9cb82753fa\Startup Delayer Localizer.ni.exe, signer: [unsigned]
33 minutes, c:\Windows\assembly\NativeImages_v2.0.50727_64\CarlDotNetx64\6ed6f6c1f85a928fd2d284c6510c1be6\CarlDotNetx64.ni.dll, signer: [unsigned]
33 minutes, c:\Windows\assembly\NativeImages_v2.0.50727_64\AuditPolicyGPManage#\067043f048af81f24f63e378a754772e\AuditPolicyGPManagedStubs.Interop.ni.dll, signer: [unsigned]
1 hour, c:\Windows\assembly\NativeImages_v2.0.50727_64\System.AddIn.Contra#\0e2dc7666c588beebf5d2ae9b3b7e7a4\System.AddIn.Contract.ni.dll, signer: [unsigned]
1 hour, c:\Windows\assembly\NativeImages_v2.0.50727_64\System.AddIn\aad53a25d9951109ee988a676eda48f8\System.AddIn.ni.dll, signer: [unsigned]
1 hour, c:\Windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Transacti#\684d57cb2a056eb85c30dac4f18fd14c\Microsoft.Transactions.Bridge.ni.dll, signer: [unsigned]
1 hour, c:\Windows\assembly\NativeImages_v2.0.50727_64\System.IdentityMode#\721fc4dee9918d5e0a0cc105635db104\System.IdentityModel.Selectors.ni.dll, signer: [unsigned]
1 hour, c:\Windows\assembly\NativeImages_v2.0.50727_64\System.Messaging\76f22f55971333168dc378ecf95e480e\System.Messaging.ni.dll, signer: [unsigned]
1 hour, c:\Windows\assembly\NativeImages_v2.0.50727_64\System.IdentityModel\338648b916699ea4abb45c9f5f1d723c\System.IdentityModel.ni.dll, signer: [unsigned]
1 hour, c:\Windows\assembly\NativeImages_v2.0.50727_64\System.ServiceModel\f1e1b133c0dba3458fabc31540312bc6\System.ServiceModel.ni.dll, signer: [unsigned]
1 hour, c:\Windows\assembly\NativeImages_v2.0.50727_64\SMSvcHost\2ec11bbfd8a60a2b74169cec72625a32\SMSvcHost.ni.exe, signer: [unsigned]
1 hour, c:\Windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\f714b35a0b05d95a5bc3f8339ca5940b\System.AddIn.Contract.ni.dll, signer: [unsigned]
1 hour, c:\Windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\312f5acbe99b347670c4bd387a0c94da\System.AddIn.ni.dll, signer: [unsigned]
1 hour, c:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\9311ff946e6cb0fa6596ae957cf74f6b\Microsoft.Transactions.Bridge.ni.dll, signer: [unsigned]
1 hour, c:\Windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\6aee42c0fda2c6ffc93cdda7957f07e2\System.IdentityModel.Selectors.ni.dll, signer: [unsigned]
1 hour, c:\Windows\assembly\NativeImages_v2.0.50727_32\System.Messaging\fa3333ff528ed300e0495e1b89119017\System.Messaging.ni.dll, signer: [unsigned]
1 hour, c:\Windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\1bb2bfe18616d650bd652b0fb7455e84\System.IdentityModel.ni.dll, signer: [unsigned]
1 hour, c:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\9330d4d18babd39389b00184a5b915f8\System.ServiceModel.ni.dll, signer: [unsigned]
1 hour, c:\Windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\5f8711706013a8ec92368c23247aa3d4\SMSvcHost.ni.exe, signer: [unsigned]
1 hour, c:\Windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\c3630a40720f329c1124a19b60d46830\System.Workflow.Runtime.ni.dll, signer: [unsigned]
1 hour, c:\Windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\c03fd09ac7f4d34db706cc1438040892\System.Workflow.ComponentModel.ni.dll, signer: [unsigned]
1 hour, c:\Windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\7425780f7d20d66e6bf0d48f257010ec\System.Workflow.Activities.ni.dll, signer: [unsigned]
1 hour, c:\Windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\1d70f0cb319b4d459a7d837f5fa508b9\SMDiagnostics.ni.dll, signer: [unsigned]
1 hour, c:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\5cbdc13bae7068a248da6dfb5cd96f69\System.Runtime.Serialization.ni.dll, signer: [unsigned]
1 hour, c:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\f0ff869354778427c9cd1565ec367e53\System.Xml.Linq.ni.dll, signer: [unsigned]

Csrss.exe virtual memory files (218 whitelisted)
================================================
C:\Program Files (x86)\KeyScrambler\KeyScrambler.exe, signer: QFX Software Corporation [valid]
C:\Program Files (x86)\KeyScrambler\x64\KeyScrambler.exe, signer: QFX Software Corporation [valid]
C:\Program Files (x86)\Adguard\SQLite.Interop.dll, signer: [unsigned]
C:\Program Files (x86)\Adguard\AdguardSvc.exe, signer: Performix LLC [valid]
C:\Program Files (x86)\Adguard\AdguardNetApi.DLL, signer: Performix LLC [valid]
C:\Program Files (x86)\Adguard\Adguard.Tools.exe, signer: Performix LLC [valid]
C:\Program Files (x86)\Adguard\AdguardNetLib.DLL, signer: Performix LLC [valid]
C:\Program Files\FreeFixer\freefixer.exe, signer: [unsigned]
C:\Program Files\r2 Studios\Startup Delayer\Startup Delayer.exe, signer: [unsigned]
C:\Program Files\r2 Studios\Startup Delayer\CarlDotNetx64.dll, signer: [unsigned]
C:\Users\Leszek\AppData\Roaming\Mozilla\Firefox\Profiles\15eunx8e.default\FlashGot.exe, signer: InformAction [valid]
C:\Program Files (x86)\AVG\Av\winspamcatcher.dll, signer: Gozoom.com Inc. [valid]
D:\EXE\FRST64.exe, signer: [unsigned]
C:\Program Files (x86)\Winstep\Nexus.exe, signer: [unsigned]
C:\Program Files\Slimjet\slimjet.exe, signer: FlashPeak Inc [valid]
C:\Program Files (x86)\IDA\ida.exe, signer: Download Master [valid]
C:\Program Files\WinRAR\WinRAR.exe, signer: [unsigned]
C:\Program Files (x86)\Adguard\Adguard.exe, signer: Performix LLC [valid]
C:\Program Files (x86)\KeyScrambler\KeyScramblerIE.DLL, signer: QFX Software Corporation [valid]
C:\Program Files (x86)\KeyScrambler\x64\KeyScramblerIE.DLL, signer: QFX Software Corporation [valid]
C:\Program Files (x86)\AnVir Task Manager\anvirlauncher.exe, signer: AnVir Software [valid]
C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe, signer: IObit Information Technology [valid]
C:\Program Files (x86)\IObit\Driver Booster\webres.dll, signer: IObit Information Technology [valid]
C:\Program Files (x86)\IObit\Driver Booster\Autoupdate.exe, signer: IObit Information Technology [valid]
C:\Program Files (x86)\Winstep\wodTelnetDLX.dll, signer: Secure Plus d.o.o. [valid]
C:\Program Files (x86)\AVG\UiDll\2171\libcef.dll, signer: [unsigned]
C:\Program Files\FreeFixer\Uninstall.exe, signer: [unsigned]
C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll, signer: IObit Information Technology [valid]
C:\Program Files (x86)\IObit\IObit Uninstaller\Uninstaler_SkipUac.exe, signer: IObit Information Technology [valid]
C:\Program Files\r2 Studios\Startup Delayer\Startup Delayer Localizer.exe, signer: [unsigned]
C:\Program Files (x86)\Firetrust\MailWasher\MailWasherPro.exe, signer: Firetrust Ltd [valid]
C:\Program Files\r2 Studios\Startup Delayer\Startup Launcher.exe, signer: [unsigned]
C:\Program Files\WinRAR\rarext.dll, signer: [unsigned]
C:\Windows\System32\IObitSmartDefragExtension.dll, signer: IObit Information Technology [valid]
D:\PROGRAMY\Repair_Windows.exe, signer: Tweaking LLC [valid]
D:\PROGRAMY\Sunrise Seven\Sunrise Seven.exe, signer: Sunrise Software [invalid]
D:\PROGRAMY\Bongiovi DPS\Bongiovi DPS.exe, signer: Bongiovi Acoustics, LLC [valid]
D:\PROGRAMY\Loaris Trojan Remover\ltr.exe, signer: [unsigned]
D:\Program Files (x86)\Copernic Agent\CopernicAgent.exe, signer: Copernic Inc. [valid]
D:\PROGRAMY\BurnAware Free\unins000.exe, signer: [unsigned]
D:\PROGRAMY\BurnAware Free\BurnAware.exe, signer: Burnaware [valid]
D:\GRY\STALKER\GTX Box Team\stalker shadow of chernobyl\bin\XR_3DA.exe, signer: [unsigned]
D:\EXE\TVHD KOKOSIK1207.CBA.PL\TVHD KOKOSIK1207.CBA.PL\SimpleTV\tv.exe, signer: [unsigned]
D:\PROGRAMY\Vit Registry Fix\Vit Registry Fix.exe, signer: Vitalii Mikhalko [valid]
D:\PROGRAMY\Dr. Folder\DrFolder.exe, signer: SuiNing Yilong Software Store [valid]
D:\PROGRAMY\Bongiovi DPS\DPSDriverLib.dll, signer: Bongiovi Acoustics, LLC [valid]

Errors
======
Problems opening folder 'c:\Windows\CSC\v2.0.6' to enumerate files. FindFirstFile failed. System error message: Odmowa dostępu. Error code: 5.
Problems opening folder 'c:\Windows\System32\LogFiles\WMI\RtBackup' to enumerate files. FindFirstFile failed. System error message: Odmowa dostępu. Error code: 5.
Problems opening folder 'd:\$RECYCLE.BIN\.secure.' to enumerate files. FindFirstFile failed. System error message: System nie może odnaleźć określonej ścieżki. Error code: 3.

End of FreeFixer log