Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 10-09-2014
Ran by Magda-Rafał at 2014-09-15 14:19:18 Run:1
Running from C:\Users\Magda-Rafał\Desktop\FRST
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
CloseProcesses:
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://start.qone8.com/?type=sc&ts=1398521466&from=smt&uid=HitachiXHTS547575A9E384_J2190020E2AVWCE2AVWCX
ShortcutWithArgument: C:\Users\Magda-Rafał\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://start.qone8.com/?type=sc&ts=1398521466&from=smt&uid=HitachiXHTS547575A9E384_J2190020E2AVWCE2AVWCX
ShortcutWithArgument: C:\Users\Magda-Rafał\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://start.qone8.com/?type=sc&ts=1398521466&from=smt&uid=HitachiXHTS547575A9E384_J2190020E2AVWCE2AVWCX
ShortcutWithArgument: C:\Users\Magda-Rafał\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://start.qone8.com/?type=sc&ts=1398521466&from=smt&uid=HitachiXHTS547575A9E384_J2190020E2AVWCE2AVWCX
ShortcutWithArgument: C:\Users\Magda-Rafał\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://start.qone8.com/?type=sc&ts=1398521466&from=smt&uid=HitachiXHTS547575A9E384_J2190020E2AVWCE2AVWCX
ShortcutWithArgument: C:\Users\Magda-Rafał\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://start.qone8.com/?type=sc&ts=1398521466&from=smt&uid=HitachiXHTS547575A9E384_J2190020E2AVWCE2AVWCX
HKLM-x32\...\Run: [] => [X]
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
S3 BTATH_LWFLT; \SystemRoot\system32\DRIVERS\btath_lwflt.sys [X]
S3 MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [X]
C:\ProgramData\AVAST Software
C:\ProgramData\WPM
C:\Users\Magda-Rafał\AppData\Roaming\sp_data.sys
EmptyTemp:
*****************

Processes closed successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk => Shortcut argument was removed successfully.
C:\Users\Magda-Rafał\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk => Shortcut argument was removed successfully.
C:\Users\Magda-Rafał\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk => Shortcut argument was removed successfully.
C:\Users\Magda-Rafał\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk => Shortcut argument was removed successfully.
C:\Users\Magda-Rafał\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk => Shortcut argument was removed successfully.
C:\Users\Magda-Rafał\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk => Shortcut argument was removed successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => Key deleted successfully.
"HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}" => Key not found.
HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\\Default => Value was restored successfully.
HKLM\Software\Wow6432Node\Mozilla\Thunderbird\Extensions\\msktbird@mcafee.com => value deleted successfully.
BTATH_LWFLT => Service deleted successfully.
MBAMSwissArmy => Service deleted successfully.
C:\ProgramData\AVAST Software => Moved successfully.
C:\ProgramData\WPM => Moved successfully.
C:\Users\Magda-Rafał\AppData\Roaming\sp_data.sys => Moved successfully.
EmptyTemp: => Removed 342.5 MB temporary data.


The system needed a reboot. 

==== End of Fixlog ====