Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 11-12-2014 01
Ran by Destroy666 at 2014-12-11 18:46:49 Run:1
Running from C:\Users\Destroy666\Desktop\Bezpieczeństwo
Loaded Profile: Destroy666 (Available profiles: Destroy666 & Classic .NET AppPool & DefaultAppPool)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
CloseProcesses:
Startup: C:\Users\Destroy666\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\WinSTAT.exe (Microsoft® Corporation)
Task: {0D475987-7281-4FA8-B98F-6845CCCAC08A} - System32\Tasks\WinSTAT => C:\ProgramData\WinSTAT\WinSTAT.exe [2014-08-20] (Microsoft® Corporation) <==== ATTENTION
HKU\S-1-5-21-3771943680-3238516612-2783291097-1000\...\Run: [Windows(R) Statistics Service] => C:\ProgramData\WinSTAT\WinSTAT.exe [1460224 2014-08-20] (Microsoft® Corporation)
HKU\S-1-5-21-3771943680-3238516612-2783291097-1000\...\Run: [AdobeBridge] => [X]
HKLM-x32\...\Run: [] => [X]
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
CHR HKU\S-1-5-21-3771943680-3238516612-2783291097-1000\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - No Path
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
C:\Program Files (x86)\Mozilla Firefox\plugins
C:\ProgramData\WinSTAT
CMD: sc config "PLAY ONLINE. RunOuc" start= disabled
Reg: reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\mountpoints2 /f
EmptyTemp:
*****************

Processes closed successfully.
C:\Users\Destroy666\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\WinSTAT.exe => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0D475987-7281-4FA8-B98F-6845CCCAC08A}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0D475987-7281-4FA8-B98F-6845CCCAC08A}" => Key deleted successfully.
C:\Windows\System32\Tasks\WinSTAT => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WinSTAT" => Key deleted successfully.
HKU\S-1-5-21-3771943680-3238516612-2783291097-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Windows(R) Statistics Service => value deleted successfully.
HKU\S-1-5-21-3771943680-3238516612-2783291097-1000\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Local Page => Value was restored successfully.
"HKU\S-1-5-21-3771943680-3238516612-2783291097-1000\SOFTWARE\Google\Chrome\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh" => Key deleted successfully.
xhunter1 => Service deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\plugins => Moved successfully.
C:\ProgramData\WinSTAT => Moved successfully.

=========  sc config "PLAY ONLINE. RunOuc" start= disabled =========

[SC] ChangeServiceConfig SUKCES

========= End of CMD: =========


========= reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\mountpoints2 /f =========

Operacja ukoäczona pomylnie.

========= End of Reg: =========

EmptyTemp: => Removed 727.8 MB temporary data.


The system needed a reboot. 

==== End of Fixlog ====