Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 29-04-2014
Ran by Piotr (administrator) on PIOTR-KOMPUTER on 01-05-2014 12:50:40
Running from C:\Users\Piotr\Desktop
Microsoft Windows 7 Ultimate  (X86) OS Language: Polish
Internet Explorer Version 8
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Atheros Commnucations) C:\Program Files\Bluetooth Suite\adminservice.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Windows\PLFSetI.exe
(Atheros Communications) C:\Program Files\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files\Bluetooth Suite\AthBtTray.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Farbar) C:\Users\Piotr\Desktop\FRST32.exe
(Microsoft Corporation) C:\Windows\system32\wbem\WMIADAP.EXE


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [PLFSetI] => C:\Windows\PLFSetI.exe [206208 2010-06-09] ()
HKLM\...\Run: [AtherosBtStack] => C:\Program Files\Bluetooth Suite\BtvStack.exe [474272 2010-07-29] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files\Bluetooth Suite\AthBtTray.exe [298144 2010-07-29] (Atheros Commnucations)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-04-13] (Intel Corporation)

==================== Internet (Whitelisted) ====================

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

FireFox:
========

========================== Services (Whitelisted) =================


==================== Drivers (Whitelisted) ====================

R3 BTATH_BUS; C:\Windows\System32\DRIVERS\btath_bus.sys [24736 2010-07-29] (Atheros)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-01 12:50 - 2014-05-01 12:50 - 00002592 _____ () C:\Users\Piotr\Desktop\FRST.txt
2014-05-01 12:50 - 2014-04-30 09:33 - 01049600 _____ (Farbar) C:\Users\Piotr\Desktop\FRST32.exe
2014-05-01 12:02 - 2014-05-01 12:50 - 00000000 ____D () C:\FRST

==================== One Month Modified Files and Folders =======

2014-05-01 12:50 - 2014-05-01 12:50 - 00002592 _____ () C:\Users\Piotr\Desktop\FRST.txt
2014-05-01 12:50 - 2014-05-01 12:02 - 00000000 ____D () C:\FRST
2014-05-01 12:50 - 2014-02-04 11:54 - 01523412 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-01 12:50 - 2009-07-14 10:07 - 00687828 _____ () C:\Windows\system32\perfh015.dat
2014-05-01 12:50 - 2009-07-14 10:07 - 00131382 _____ () C:\Windows\system32\perfc015.dat
2014-05-01 12:49 - 2014-02-06 10:54 - 00000035 _____ () C:\Users\Public\Documents\AtherosServiceConfig.ini
2014-05-01 12:49 - 2009-07-14 06:39 - 00021043 _____ () C:\Windows\setupact.log
2014-05-01 12:48 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-30 09:33 - 2014-05-01 12:50 - 01049600 _____ (Farbar) C:\Users\Piotr\Desktop\FRST32.exe
2014-04-25 17:42 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\LogFiles
2014-04-25 16:13 - 2014-02-04 11:43 - 00107078 _____ () C:\Windows\WindowsUpdate.log
2014-04-25 16:08 - 2009-07-14 06:34 - 00016944 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-25 16:08 - 2009-07-14 06:34 - 00016944 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-25 16:02 - 2014-03-30 14:18 - 00000930 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

Some content of TEMP:
====================
C:\Users\Piotr\AppData\Local\Temp\ose00000.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-02-04 11:40

==================== End Of Log ============================