Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 05-02-2015
Ran by BMFOTO at 2015-02-07 08:44:59 Run:1
Running from C:\Users\BMFOTO\Downloads
Loaded Profiles: UpdatusUser & BMFOTO (Available profiles: UpdatusUser & BMFOTO)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
CloseProcesses:
CreateRestorePoint:
S3 mdareDriver_52; \??\C:\Program Files (x86)\Fortinet\FortiClient\mdare64_52.sys [X]
Task: {7713E786-21E7-4406-89C1-FBBB21DAC773} - System32\Tasks\{F8B1F6DD-732A-4F1D-A7C1-2E8E6BC5425C} => pcalua.exe -a C:\windows\TEMP\avast_ash\IrfanView\iview436_setup.exe -d "C:\Program Files\AVAST Software\Avast"
Task: {8331B718-6901-46D9-BEA6-A02876511D42} - System32\Tasks\{A54057CC-70BF-4624-A4CE-C2F5806B2662} => pcalua.exe -a D:\Pobrane\iview433_setup.exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {85501DC6-FD96-4FC1-AA3B-B8C2EC790DA5} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1236169856-3573213423-1841828282-1001UA => C:\Users\BMFOTO\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {90714E9E-1E8D-4E07-A7C7-9E361BA9E069} - System32\Tasks\{31E861AA-E7CD-4AE7-A034-0970F59AA1C6} => pcalua.exe -a "C:\Program Files (x86)\Mozilla Thunderbird\uninstall\helper.exe" -d "C:\Program Files (x86)\Mozilla Thunderbird" -c /UpdateShortcutAppUserModelIds
Task: {DEA472E9-D129-4D52-919E-3D559FCCA2A4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {FD6C54A2-56D2-494C-864B-54EFD4B82B1E} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1236169856-3573213423-1841828282-1001Core => C:\Users\BMFOTO\AppData\Local\Facebook\Update\FacebookUpdate.exe
FF HKLM-x32\...\Firefox\Extensions: [{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension
C:\ProgramData\{*}.log
C:\Users\BMFOTO\AppData\Local\{35EBD8BB-CDF5-4122-B6DE-EC4755A3AE3F}
C:\windows\system32\Drivers\mdare64_54.sys
C:\windows\system32\Drivers\TrueSight.sys
RemoveDirectory: C:\FRST\Quarantine
RemoveDirectory: C:\Kaspersky Rescue Disk 10.0
RemoveDirectory: C:\Program Files (x86)\Fortinet
RemoveDirectory: C:\ProgramData\HitmanPro
RemoveDirectory: C:\ProgramData\RogueKiller
RemoveDirectory: C:\Users\BMFOTO\Doctor Web
RemoveDirectory: C:\Users\BMFOTO\Downloads\FRST-OlderVersion
EmptyTemp:
*****************

Processes closed successfully.
Restore point was successfully created.
mdareDriver_52 => Service deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7713E786-21E7-4406-89C1-FBBB21DAC773}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7713E786-21E7-4406-89C1-FBBB21DAC773}" => Key deleted successfully.
C:\Windows\System32\Tasks\{F8B1F6DD-732A-4F1D-A7C1-2E8E6BC5425C} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{F8B1F6DD-732A-4F1D-A7C1-2E8E6BC5425C}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8331B718-6901-46D9-BEA6-A02876511D42}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8331B718-6901-46D9-BEA6-A02876511D42}" => Key deleted successfully.
C:\Windows\System32\Tasks\{A54057CC-70BF-4624-A4CE-C2F5806B2662} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{A54057CC-70BF-4624-A4CE-C2F5806B2662}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{85501DC6-FD96-4FC1-AA3B-B8C2EC790DA5}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{85501DC6-FD96-4FC1-AA3B-B8C2EC790DA5}" => Key deleted successfully.
C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1236169856-3573213423-1841828282-1001UA => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\FacebookUpdateTaskUserS-1-5-21-1236169856-3573213423-1841828282-1001UA" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{90714E9E-1E8D-4E07-A7C7-9E361BA9E069}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{90714E9E-1E8D-4E07-A7C7-9E361BA9E069}" => Key deleted successfully.
C:\Windows\System32\Tasks\{31E861AA-E7CD-4AE7-A034-0970F59AA1C6} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{31E861AA-E7CD-4AE7-A034-0970F59AA1C6}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DEA472E9-D129-4D52-919E-3D559FCCA2A4}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DEA472E9-D129-4D52-919E-3D559FCCA2A4}" => Key deleted successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FD6C54A2-56D2-494C-864B-54EFD4B82B1E}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FD6C54A2-56D2-494C-864B-54EFD4B82B1E}" => Key deleted successfully.
C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1236169856-3573213423-1841828282-1001Core => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\FacebookUpdateTaskUserS-1-5-21-1236169856-3573213423-1841828282-1001Core" => Key deleted successfully.
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e} => value deleted successfully.
C:\ProgramData\{*}.log => Moved successfully.
C:\Users\BMFOTO\AppData\Local\{35EBD8BB-CDF5-4122-B6DE-EC4755A3AE3F} => Moved successfully.
C:\windows\system32\Drivers\mdare64_54.sys => Moved successfully.
C:\windows\system32\Drivers\TrueSight.sys => Moved successfully.
"C:\FRST\Quarantine" => Removed successfully.
"C:\Kaspersky Rescue Disk 10.0" => Removed successfully.
"C:\Program Files (x86)\Fortinet" => Removed successfully.
"C:\ProgramData\HitmanPro" => Removed successfully.
"C:\ProgramData\RogueKiller" => Removed successfully.
"C:\Users\BMFOTO\Doctor Web" => Removed successfully.
"C:\Users\BMFOTO\Downloads\FRST-OlderVersion" => Removed successfully.
EmptyTemp: => Removed 1 GB temporary data.


The system needed a reboot. 

==== End of Fixlog 08:47:48 ====