Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 09-05-2014 01
Ran by Dominiak at 2014-05-10 09:23:43 Run:1
Running from C:\Users\Dominiak\Downloads
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoFolderOptions] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoControlPanel] 0
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
BHO-x32: Better Surf Plus - {1824FF90-C98E-48A6-838F-E3B6572B0C77} - C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ie\BetterSrf.dll No File
BHO-x32: Webexp Enhanced - {ce7d2d19-a5cd-4083-9d5b-d28c79245f8c} - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha252\ie\WebexpEnhancedV1alpha252.dll No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKCU - No Name - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - No File
FF HKLM-x32\...\Firefox\Extensions: [ext@bettersurfplus.com] - C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@WebexpEnhancedV1alpha252.net] - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha252\ff
CHR HKCU\...\Chrome\Extension: [dknkjnkhedbanphkkpbpcgoblmkbfhlf] - C:\Users\Dominiak\AppData\Local\CRE\dknkjnkhedbanphkkpbpcgoblmkbfhlf.crx [2012-09-09]
CHR HKLM-x32\...\Chrome\Extension: [dknkjnkhedbanphkkpbpcgoblmkbfhlf] - C:\Users\Dominiak\AppData\Local\CRE\dknkjnkhedbanphkkpbpcgoblmkbfhlf.crx [2012-09-09]
CHR HKLM-x32\...\Chrome\Extension: [mmifolfpllfdhilecpdpmemhelmanajl] - C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ch\BetterSurfPlus.crx [2012-09-09]
CHR HKLM-x32\...\Chrome\Extension: [opaegfncbhfcaojabhmkchkdibkkpbdh] - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha252\ch\WebexpEnhancedV1alpha252.crx [2012-09-09]
Task: {C9DFEFCB-C7A4-4EA5-979C-15B44BB37B5B} - \AmiUpdXp No Task File <==== ATTENTION
R0 00566086; C:\Windows\System32\DRIVERS\00566086.sys [460888 2012-08-08] (Kaspersky Lab ZAO)
U3 BcmSqlStartupSvc;
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
U2 CLKMSVC10_3A60B698;
U2 CLKMSVC10_C3B3B687;
U2 DriverService;
S4 dtsoftbus01; system32\DRIVERS\dtsoftbus01.sys [X]
U2 IAStorDataMgrSvc;
U2 iATAgentService;
U2 idealife Update Service;
U3 IGRS;
U2 IviRegMgr;
U2 nvUpdatusService;
U2 Oasis2Service;
U2 PCCarerService;
U2 ReadyComm.DirectRouter;
U2 RichVideo;
U2 RtLedService;
U2 SeaPort;
U2 SoftwareService;
U3 SQLWriter;
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDex
C:\Users\wangzhisong
C:\Users\Dominiak\AppData\Local\CRE
C:\Users\Dominiak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lollipop.lnk
C:\Windows\System32\DRIVERS\00566086.sys
Reg: reg delete "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Webexp Enhanced" /f
Reg: reg add "HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes" /v DefaultScope /t REG_SZ /d {0633EE93-D776-472f-A0FF-E1416B8B2E3A} /f
Reg: reg delete "HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes" /f
Reg: reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes" /f
Reg: reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes" /f
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoFolderOptions => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoControlPanel => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoFolderOptions => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoControlPanel => Value deleted successfully.
HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\\Default => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1824FF90-C98E-48A6-838F-E3B6572B0C77} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{1824FF90-C98E-48A6-838F-E3B6572B0C77} => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ce7d2d19-a5cd-4083-9d5b-d28c79245f8c} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{ce7d2d19-a5cd-4083-9d5b-d28c79245f8c} => Key deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Value deleted successfully.
HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{88C7F2AA-F93F-432C-8F0E-B7D85967A527} => Value deleted successfully.
HKCR\CLSID\{88C7F2AA-F93F-432C-8F0E-B7D85967A527} => Key not found.
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\ext@bettersurfplus.com => Value deleted successfully.
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\ext@WebexpEnhancedV1alpha252.net => Value deleted successfully.
HKCU\SOFTWARE\Google\Chrome\Extensions\dknkjnkhedbanphkkpbpcgoblmkbfhlf => Key deleted successfully.
C:\Users\Dominiak\AppData\Local\CRE\dknkjnkhedbanphkkpbpcgoblmkbfhlf.crx => Moved successfully.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dknkjnkhedbanphkkpbpcgoblmkbfhlf => Key deleted successfully.
"C:\Users\Dominiak\AppData\Local\CRE\dknkjnkhedbanphkkpbpcgoblmkbfhlf.crx" => File/Directory not found.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\mmifolfpllfdhilecpdpmemhelmanajl => Key deleted successfully.
"C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ch\BetterSurfPlus.crx" => File/Directory not found.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\opaegfncbhfcaojabhmkchkdibkkpbdh => Key deleted successfully.
"C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha252\ch\WebexpEnhancedV1alpha252.crx" => File/Directory not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C9DFEFCB-C7A4-4EA5-979C-15B44BB37B5B} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C9DFEFCB-C7A4-4EA5-979C-15B44BB37B5B} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AmiUpdXp => Key deleted successfully.
00566086 => Unable to stop service
00566086 => Service deleted successfully.
BcmSqlStartupSvc => Service deleted successfully.
catchme => Service deleted successfully.
CLKMSVC10_3A60B698 => Service deleted successfully.
CLKMSVC10_C3B3B687 => Service deleted successfully.
DriverService => Service deleted successfully.
dtsoftbus01 => Service not found.
IAStorDataMgrSvc => Service deleted successfully.
iATAgentService => Service deleted successfully.
idealife Update Service => Service deleted successfully.
IGRS => Service deleted successfully.
IviRegMgr => Service deleted successfully.
nvUpdatusService => Service deleted successfully.
Oasis2Service => Service deleted successfully.
PCCarerService => Service deleted successfully.
ReadyComm.DirectRouter => Service deleted successfully.
RichVideo => Service deleted successfully.
RtLedService => Service deleted successfully.
SeaPort => Service deleted successfully.
SoftwareService => Service deleted successfully.
SQLWriter => Service deleted successfully.
HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => Key deleted successfully.
HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => Key deleted successfully.
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => Key deleted successfully.
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => Key deleted successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDex => Moved successfully.
C:\Users\wangzhisong => Moved successfully.
C:\Users\Dominiak\AppData\Local\CRE => Moved successfully.
C:\Users\Dominiak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lollipop.lnk => Moved successfully.
C:\Windows\System32\DRIVERS\00566086.sys => Moved successfully.

========= reg delete "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Webexp Enhanced" /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========


========= reg add "HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes" /v DefaultScope /t REG_SZ /d {0633EE93-D776-472f-A0FF-E1416B8B2E3A} /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========


========= reg delete "HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes" /f =========

Bť¤D: System nie znalaz w rejestrze okrelonego klucza albo wartoci.


========= End of Reg: =========


========= reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes" /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========


========= reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes" /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========



The system needed a reboot. 

==== End of Fixlog ====