[RafalP]

Hi, sorry for taking your time but I am in a dead end. Don't know what else I can do. This is the story of my issue:

1. 3-4weeks ago my computer was formatted and new Windows 8 was installed.
2. Everything was working very good with solid 60fps in games.
3. On Friday I downloaded some freewere which instaled also "TunerPC" (forgot to uncheck it during installation).
4. System was infected with Qone8, Wpm18.8.0.304. I used Avast, then Malwerebytes, CCleaner, Microsoft Safty Scanner. From what those programs show everything was deleted but performance dropped to 5-40fps and internet connection slowed downed. It looks like some other processes are working in background (task manager don't show any new processes).
5. Contacted Microsoft Support without any help other then "Format your pc once again".
6. I've used Dr. Web cureit and uninstalled Avast.


Edited: Deleted the Otl log due to undertaken Format before help occure and it is not valid since the helping began.

Should I make new Otl log which would be more accurate?

Edited by RafalP, 18 June 2014 - 04:23 PM.

[Advertisements]

My name's Naathim and I'm a GeekU Minion! Now that we are mates and will be working together to clean your machine out of any junkware, feel free to call me Naat

Witaj na GeeksToGo, pozdrowienia z Krakowa
 


Before we start please note the following:

Analysis and research take some time, also sometimes real life gets in the way, please be patient.
Limit your internet access to posting here, some infections just wait to steal typed-in passwords.
Don't run any scripts or tools on your own, unsupervised usage may cause more harm than good.
Paste the logs in your posts, attachments make my work harder and more complicated.
Stay with me to the end, the absence of symtoms doesn't mean that your machine is fully operational.
Note that we may live in totally different time zones, what may cause some delays between answers.


I can't foresee everything, so if anything unexpected happens, please stop and inform me!
There are no silly questions. Never be afraid to ask if in doubt!

Let's start the fight!
 
Please post your logs directly in your replies, do not use attachments or sites like wklej.org (I know that Polish people just love them)


GMER scanner for the lurking rootkits


Please download GMER and save it to your desktop.

• it will come as a randomly named file (like a6ge38b4.exe) - that's absolutely normal.
• Disconnect from the Internet and close all running programs
• Temporarily disable any real-time active protection
• It is very important you do not use your computer while GMER is running
• Right-click on the randomly named GMER icon and choose Run as Administrator
• GMER will open to the Rootkit/Malware tab and perform an automatic quick scan

If you receive a warning about rootkit activity and are asked to fully scan your system click NO!

Please check in the Quick scan box
Please uncheck the following:

• IAT/EAT
• Show All

• Click Scan
• If you see a rootkit warning window click OK
• When the scan is finished, Save the results to your desktop as gmer.log
• Click Copy then paste the results in your reply
• Exit GMER and be sure to re-enable your Antivirus, Firewall and any other security programs you had disabled

• If you encounter any problems, try running GMER in Safe Mode
• If GMER crashes or keeps resulting in a Blue Screen of Death, uncheck Devices on the right side before scanning

Pozdrowienia,
Naat

[Naathim]

My name's Naathim and I'm a GeekU Minion! Now that we are mates and will be working together to clean your machine out of any junkware, feel free to call me Naat

Witaj na GeeksToGo, pozdrowienia z Krakowa
 


Before we start please note the following:

Analysis and research take some time, also sometimes real life gets in the way, please be patient.
Limit your internet access to posting here, some infections just wait to steal typed-in passwords.
Don't run any scripts or tools on your own, unsupervised usage may cause more harm than good.
Paste the logs in your posts, attachments make my work harder and more complicated.
Stay with me to the end, the absence of symtoms doesn't mean that your machine is fully operational.
Note that we may live in totally different time zones, what may cause some delays between answers.


I can't foresee everything, so if anything unexpected happens, please stop and inform me!
There are no silly questions. Never be afraid to ask if in doubt!

Let's start the fight!
 
Please post your logs directly in your replies, do not use attachments or sites like wklej.org (I know that Polish people just love them)


GMER scanner for the lurking rootkits


Please download GMER and save it to your desktop.

• it will come as a randomly named file (like a6ge38b4.exe) - that's absolutely normal.
• Disconnect from the Internet and close all running programs
• Temporarily disable any real-time active protection
• It is very important you do not use your computer while GMER is running
• Right-click on the randomly named GMER icon and choose Run as Administrator
• GMER will open to the Rootkit/Malware tab and perform an automatic quick scan

If you receive a warning about rootkit activity and are asked to fully scan your system click NO!

Please check in the Quick scan box
Please uncheck the following:

• IAT/EAT
• Show All

• Click Scan
• If you see a rootkit warning window click OK
• When the scan is finished, Save the results to your desktop as gmer.log
• Click Copy then paste the results in your reply
• Exit GMER and be sure to re-enable your Antivirus, Firewall and any other security programs you had disabled

• If you encounter any problems, try running GMER in Safe Mode
• If GMER crashes or keeps resulting in a Blue Screen of Death, uncheck Devices on the right side before scanning

Pozdrowienia,
Naat

[RafalP]

Hi/Cześć Naat !
Thank you for so short waiting period!
First of all I think it is better that we stick with English so other people which can have same problems can benefit from this thread.
Need to be honest about one thing too. I've just wiped clean my partition with system (as Microsoft support told me to) and now it is worst then before.
Here are the logs from Gmer:

GMER 2.1.19357 - http://www.gmer.net
Rootkit scan 2014-06-18 18:49:09
Windows 6.2.9200  x64 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP3T0L0-4 SAMSUNG_HD502HJ rev.1AJ10001 465,76GB
Running: itm69qtb.exe; Driver: C:\Users\RAFA~1\AppData\Local\Temp\fxldipoc.sys


---- User code sections - GMER 2.1 ----

.text    C:\WINDOWS\system32\atiesrxx.exe[828] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506                                                   00007ff94ec6169a 4 bytes [C6, 4E, F9, 7F]
.text    C:\WINDOWS\system32\atiesrxx.exe[828] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514                                                   00007ff94ec616a2 4 bytes [C6, 4E, F9, 7F]
.text    C:\WINDOWS\system32\atiesrxx.exe[828] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118                                                      00007ff94ec6181a 4 bytes [C6, 4E, F9, 7F]
.text    C:\WINDOWS\system32\atiesrxx.exe[828] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142                                                      00007ff94ec61832 4 bytes [C6, 4E, F9, 7F]
.text    C:\WINDOWS\system32\atieclxx.exe[336] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506                                                   00007ff94ec6169a 4 bytes [C6, 4E, F9, 7F]
.text    C:\WINDOWS\system32\atieclxx.exe[336] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514                                                   00007ff94ec616a2 4 bytes [C6, 4E, F9, 7F]
.text    C:\WINDOWS\system32\atieclxx.exe[336] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118                                                      00007ff94ec6181a 4 bytes [C6, 4E, F9, 7F]
.text    C:\WINDOWS\system32\atieclxx.exe[336] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142                                                      00007ff94ec61832 4 bytes [C6, 4E, F9, 7F]

---- Threads - GMER 2.1 ----

Thread   C:\WINDOWS\system32\csrss.exe [508:3772]                                                                                                       fffff96000943b90

---- Services - GMER 2.1 ----

Service  C:\Program Files (x86)\Windows Defender\MsMpEng.exe (*** hidden *** )                                                                          [AUTO] WinDefend                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       <-- ROOTKIT !!!

---- Registry - GMER 2.1 ----

Reg      HKLM\SYSTEM\CurrentControlSet\Control\CMF\SqmData@SystemStartTime                                                                              0xBF 0x0F 0x45 0xA4 ...
Reg      HKLM\SYSTEM\CurrentControlSet\Control\CMF\SqmData@SystemLastStartTime                                                                          0xE9 0x28 0xBA 0xB8 ...
Reg      HKLM\SYSTEM\CurrentControlSet\Control\CMF\SqmData@CMFStartTime                                                                                 0x54 0x54 0x7A 0x3A ...
Reg      HKLM\SYSTEM\CurrentControlSet\Control\CMF\SqmData@CMFLastStartTime                                                                             0x3A 0x0B 0xD0 0xAF ...
Reg      HKLM\SYSTEM\CurrentControlSet\Control\CMF\SqmData@CMFStopTime                                                                                  0x50 0x41 0x68 0x75 ...
Reg      HKLM\SYSTEM\CurrentControlSet\Control\CMF\SqmData\BootLanguages@pl-PL                                                                          4
Reg      HKLM\SYSTEM\CurrentControlSet\Control\GraphicsDrivers\Configuration\DELF011H735H98C1ARL_21_07D9_DB^392768AE262128BE700C0FF102CB7551@Timestamp  0x6B 0x04 0x0C 0x41 ...
Reg      HKLM\SYSTEM\CurrentControlSet\Control\Lsa@LsaPid                                                                                               600
Reg      HKLM\SYSTEM\CurrentControlSet\Control\MUI\StringCacheSettings@StringCacheGeneration                                                            101
Reg      HKLM\SYSTEM\CurrentControlSet\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\{A75F1B87-9CF8-4758-879B-AF3FD2066374}\Connection@Name    isatap.icpnet.pl
Reg      HKLM\SYSTEM\CurrentControlSet\Control\Session Manager@PendingFileRenameOperations                                                              \??\C:\WINDOWS\system32\SET89D.tmp??\??\C:\WINDOWS\system32\SETA69.tmp??\??\C:\WINDOWS\system32\SET12CA.tmp??\??\C:\WINDOWS\system32\SET4ED2.tmp??\??\C:\WINDOWS\system32\SET5474.tmp??\??\C:\WINDOWS\system32\SET54D6.tmp??\??\C:\WINDOWS\TEMP\IE14F07.tmp\SQMAPI.DLL??\??\C:\WINDOWS\TEMP\IE14F07.tmp??\??\C:\Users\RAFA~1\AppData\Local\Temp\Origin\installerdll16819625.dll??\??\C:\Users\RAFA~1\AppData\Local\Temp\Origin\installerdll16868312.dll??\??\C:\Users\RAFA~1\AppData\Local\Temp\Origin\nsrA5AB.tmp\System.dll??\??\C:\Users\RAFA~1\AppData\Local\Temp\Origin\nsrA5AB.tmp\??\??\C:\Users\RAFA~1\AppData\Local\Temp\Origin\Setup.exe??
Reg      HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Environment@Path                                                                         %SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static
Reg      HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Executive@UuidSequenceNumber                                                             4521577
Reg      HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Kernel\RNG@RNGAuxiliarySeed                                                              921970173
Reg      HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management\PrefetchParameters@BootId                                              7
Reg      HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management\PrefetchParameters@BaseTime                                            414827920
Reg      HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@POSTTime                                                                           0
Reg      HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server@InstanceID                                                                               ced4bd94-0ac5-41df-9cd3-d54ed8d
Reg      HKLM\SYSTEM\CurrentControlSet\Control\WMI\Autologger\AITEventLog@FileCounter                                                                   1
Reg      HKLM\SYSTEM\CurrentControlSet\Control\WMI\Autologger\SQMLogger@FileCounter                                                                     7
Reg      HKLM\SYSTEM\CurrentControlSet\Control\WMI\Autologger\WdiContextLog@FileCounter                                                                 1
Reg      HKLM\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\Probe\{b5efadff-17e6-43d4-a402-57adf7034775}@LastProbeTime                          1403098236
Reg      HKLM\SYSTEM\CurrentControlSet\Services\iphlpsvc\Parameters\6To4\{59EFFAE3-2FEF-483F-9765-BBD3D05D6F42}@InterfaceName                           6TO4 Adapter
Reg      HKLM\SYSTEM\CurrentControlSet\Services\iphlpsvc\Parameters\6To4\{59EFFAE3-2FEF-483F-9765-BBD3D05D6F42}@ReusableType                            0
Reg      HKLM\SYSTEM\CurrentControlSet\Services\iphlpsvc\Parameters\6To4\{59EFFAE3-2FEF-483F-9765-BBD3D05D6F42}@DefunctTimestamp                        0x5A 0x7F 0xA1 0x53 ...
Reg      HKLM\SYSTEM\CurrentControlSet\Services\iphlpsvc\Parameters\Isatap\{A75F1B87-9CF8-4758-879B-AF3FD2066374}@ReusableType                          0
Reg      HKLM\SYSTEM\CurrentControlSet\Services\iphlpsvc\Parameters\Isatap\{A75F1B87-9CF8-4758-879B-AF3FD2066374}@DefunctTimestamp                      0xB9 0xB3 0xA1 0x53 ...
Reg      HKLM\SYSTEM\CurrentControlSet\Services\iphlpsvc\Teredo\PreviousState\00-13-5f-07-64-d9@TeredoAddress                                           2001:0:5ef5:79fd:813:2a90:c1ea:ff68
Reg      HKLM\SYSTEM\CurrentControlSet\Services\iphlpsvc\Teredo\PreviousState\00-13-5f-07-64-d9@ClientLocalPort                                         54639
Reg      HKLM\SYSTEM\CurrentControlSet\Services\iphlpsvc\Teredo\PreviousState\00-13-5f-07-64-d9@AddressCreationTimestamp                                0x73 0x45 0xB2 0x09 ...
Reg      HKLM\SYSTEM\CurrentControlSet\Services\NcbService\NCB\KapiNlmCache\2@Timestamp                                                                 0x84 0x9B 0xF5 0x04 ...
Reg      HKLM\SYSTEM\CurrentControlSet\Services\rdyboost\Parameters@LastBootPlanUserTime                                                                ??r?, ?cze ?18 ?14, 05:56:42???????????????????????????????????
Reg      HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch@Epoch                                                                                807
Reg      HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch2@Epoch                                                                               14
Reg      HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules@Microsoft-Windows-HomeGroup-ProvSvc-TCP3587-In     v2.22|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Private|LPort=3587|RA4=LocalSubnet|RA6=LocalSubnet|App=%systemroot%\system32\svchost.exe|Svc=p2psvc|Name=@%systemroot%\system32\provsvc.dll,-200|Desc=@%systemroot%\system32\provsvc.dll,-201|EmbedCtxt=@%systemroot%\system32\provsvc.dll,-202|
Reg      HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules@Microsoft-Windows-HomeGroup-ProvSvc-TCP3587-Out    v2.22|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|Profile=Private|RPort=3587|RA4=LocalSubnet|RA6=LocalSubnet|App=%systemroot%\system32\svchost.exe|Svc=p2psvc|Name=@%systemroot%\system32\provsvc.dll,-203|Desc=@%systemroot%\system32\provsvc.dll,-204|EmbedCtxt=@%systemroot%\system32\provsvc.dll,-202|
Reg      HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules@Microsoft-Windows-HomeGroup-ProvSvc-UDP3540-In     v2.22|Action=Allow|Active=FALSE|Dir=In|Protocol=17|Profile=Private|LPort=3540|RA4=LocalSubnet|RA6=LocalSubnet|App=%systemroot%\system32\svchost.exe|Svc=pnrpsvc|Name=@%systemroot%\system32\provsvc.dll,-205|Desc=@%systemroot%\system32\provsvc.dll,-206|EmbedCtxt=@%systemroot%\system32\provsvc.dll,-202|
Reg      HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules@Microsoft-Windows-HomeGroup-ProvSvc-UDP3540-Out    v2.22|Action=Allow|Active=FALSE|Dir=Out|Protocol=17|Profile=Private|RPort=3540|RA4=LocalSubnet|RA6=LocalSubnet|App=%systemroot%\system32\svchost.exe|Svc=pnrpsvc|Name=@%systemroot%\system32\provsvc.dll,-207|Desc=@%systemroot%\system32\provsvc.dll,-208|EmbedCtxt=@%systemroot%\system32\provsvc.dll,-202|
Reg      HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules@{D1150E9E-F104-4376-9C13-1CE908115A0E}             v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=58|ICMP6=128:*|App=System|[email protected],-502|[email protected],-28547|[email protected],-25000|
Reg      HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules@{1DA33CA5-CCDC-4E5A-B900-605DD2C7AF16}             v2.22|Action=Allow|Active=TRUE|Dir=Out|Protocol=58|ICMP6=128:*|[email protected],-503|[email protected],-28547|[email protected],-25000|
Reg      HKLM\SYSTEM\CurrentControlSet\Services\srvnet\Parameters@MajorSequence                                                                         6
Reg      HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{DD4BA153-43B0-49FE-9AB0-B0F917250535}@LeaseObtainedTime                    1403108038
Reg      HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{DD4BA153-43B0-49FE-9AB0-B0F917250535}@T1                                   1403109838
Reg      HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{DD4BA153-43B0-49FE-9AB0-B0F917250535}@T2                                   1403111188
Reg      HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{DD4BA153-43B0-49FE-9AB0-B0F917250535}@LeaseTerminatesTime                  1403111638
Reg      HKLM\SYSTEM\CurrentControlSet\Services\WdBoot@Group                                                                                            Early-Launch
Reg      HKLM\SYSTEM\CurrentControlSet\Services\WdBoot@ImagePath                                                                                        system32\drivers\WdBoot.sys
Reg      HKLM\SYSTEM\CurrentControlSet\Services\WdBoot@Start                                                                                            0
Reg      HKLM\SYSTEM\CurrentControlSet\Services\WdBoot                                                                                                  
Reg      HKLM\SYSTEM\CurrentControlSet\Services\WdFilter@ImagePath                                                                                      system32\drivers\WdFilter.sys
Reg      HKLM\SYSTEM\CurrentControlSet\Services\WdFilter@Start                                                                                          0
Reg      HKLM\SYSTEM\CurrentControlSet\Services\WdFilter                                                                                                
Reg      HKLM\SYSTEM\CurrentControlSet\Services\WinDefend@Start                                                                                         2
Reg      HKLM\SYSTEM\CurrentControlSet\Services\WinDefend                                                                                               
Reg      HKLM\SYSTEM\CurrentControlSet\Services\Winmgmt\Parameters@ServiceDllUnloadOnStop                                                               0
Reg      HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\60\0@Rw                                                                                             0x64 0x62 0x03 0x00 ...
Reg      HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\60\0@RwMask                                                                                         0x64 0x62 0x03 0x00 ...
Reg      HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shutdown@CleanShutdown                                                                 1
Reg      HKCU\Software\Microsoft\Windows\CurrentVersion\Group Policy\GroupMembership@Count                                                              13
Reg      HKCU\Software\Microsoft\Windows\CurrentVersion\Live\Roaming\PolicyData@WindowsRequestBucketCounter                                             1897
Reg      HKCU\Software\Microsoft\Windows\CurrentVersion\Live\Roaming\PolicyData@LastWindowsRequestBucketDrainTime                                       0x34 0x3C 0x6B 0xA9 ...
Reg      HKCU\Software\Microsoft\Windows\CurrentVersion\Live\Roaming\PolicyData@LastWindowsLargeRequestBucketDrainTime                                  0x34 0x3C 0x6B 0xA9 ...
Reg      HKCU\Software\Microsoft\Windows\CurrentVersion\Live\Roaming\PolicyData@OtherBandwidthBucketCounter                                             13159
Reg      HKCU\Software\Microsoft\Windows\CurrentVersion\Live\Roaming\PolicyData@OtherRequestBucketCounter                                               11396
Reg      HKCU\Software\Microsoft\Windows\CurrentVersion\Live\Roaming\PolicyData@LastOtherRequestBucketDrainTime                                         0x34 0x3C 0x6B 0xA9 ...
Reg      HKCU\Software\Microsoft\Windows\CurrentVersion\Live\Roaming\PolicyData@GlobalBandwidthBucketCounter                                            22347
Reg      HKCU\Software\Microsoft\Windows\CurrentVersion\Live\Roaming\PolicyData@GlobalRequestBucketCounter                                              13696
Reg      HKCU\Software\Microsoft\Windows\CurrentVersion\Live\Roaming\PolicyData@LastGlobalRequestBucketDrainTime                                        0x34 0x3C 0x6B 0xA9 ...
Reg      HKCU\Software\Microsoft\Windows\CurrentVersion\Live\Roaming\PolicyData@RoamingSyncToken                                                        LM%3d63538704989813%3bID%3d84775E550C6FCE39!106%3bLR%3d63538704997270%3bEP%3d4%3bSO%3d0
Reg      HKCU\Software\Microsoft\Windows\CurrentVersion\Live\Roaming\PolicyData@LastUploadTime                                                          0xE6 0x88 0x98 0xA9 ...
Reg      HKCU\Software\Microsoft\Windows\CurrentVersion\Live\Roaming\RegistrarData@LastRenewCollectionsInterest                                         0xBA 0x76 0x3C 0xB0 ...
Reg      HKCU\Software\Microsoft\Windows\CurrentVersion\Live\Roaming\RegistrarData@LastDownloadCollectionInterest                                       0x88 0xC8 0xA0 0x7D ...
Reg      HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData@PendingOperations                                                          92
Reg      HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windows\appsync@Created                                          1
Reg      HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windows\appsync@AttemptedOperations                              1
Reg      HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windows\secondarytiles@Created                                   1
Reg      HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windows\secondarytiles@AttemptedOperations                       1
Reg      HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windows\startlayout@Created                                      1
Reg      HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windows\startlayout@AttemptedOperations                          5
Reg      HKCU\Software\Microsoft\Windows\CurrentVersion\Store@PersistedUpdateCount                                                                      0
Reg      HKCU\Software\Microsoft\Windows\CurrentVersion\ThemeManager@DllName                                                                            %SystemRoot%\resources\Themes\Aero\Aero.msstyles
Reg      HKCU\Software\Microsoft\Windows\DWM@ColorizationColor                                                                                          -1353932546
Reg      HKCU\Software\Microsoft\Windows\DWM@ColorizationAfterglow                                                                                      -1353932546

---- EOF - GMER 2.1 ----


Done point by point as You told me to. From know till end of the procces I will obey your tips.
Regards,
Rafal

[Naathim]

I've just wiped clean my partition with system (as Microsoft support told me to) and now it is worst then before.

Can you be more specific? You have formatted/reinstalled the Windows partition?
Or you are talking about the hidden recovery one?

[RafalP]

Got 3 Partitions. C where is system installed D for system restricted and E for enything. During the instalation procces only C wasy avalibe to clean and reinstall the system.
I have formatted partition C where system was installed and other programs.

Edit: D (system restriced) and E wasn't affected by this proccess

Edited by RafalP, 18 June 2014 - 11:27 AM.

[Naathim]

Did ypu perform a clean Windows 8 installation, or was it an upgrade from Vista/7?

[RafalP]

Clean Windows 8 step by step from Microsoft guide. Then upgraded to 8.1

(need to clarify that hardwere is in good shape, new paste on proccessor, dust cleaned, no overclocking)

[Naathim]

There is also update 1 (similar to Service Pack 1) released... Did you install it already?

 

 

 

Please download MiniToolBox by Farbar and save it to your desktop.

Close any open browsers!

Run MiniToolBox by double-clicking the icon
(Users of Windows Vista and above please right-click and choose Run as Administrator).

You will be presented with this window:

Checkmark the following checkboxes:

• Flush DNS
• Report IE Proxy Settings
• Reset IE Proxy Settings
• Report FF Proxy Settings
• Reset FF Proxy Settings
• List content of Hosts
• List IP configuration
• List Winsock Entries
• List last 10 Event Viewer log
• List Installed Programs
• List Devices
• List Users, Partitions and Memory size.
• List Minidump Files

Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

 

Pozdrówka,

Naat

[RafalP]

List devices all or just problems?

edit: Update installed

Edited by RafalP, 18 June 2014 - 02:24 PM.

[RafalP]

Log with "List devices checked" with "Only Problems"

MiniToolBox by Farbar  Version: 13-06-2014
Ran by Rafał (administrator) on 18-06-2014 at 22:25:48
Running from "C:\Users\Rafał\Desktop"
Microsoft Windows 8.1 Pro  (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Kontroler Realtek PCIe GBE Family Controller = Ethernet 2 (Connected)
Kontroler Realtek PCIe GBE Family Controller = Ethernet (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
set interface interface="Ethernet 2-WFP Native MAC Layer LightWeight Filter-0000" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet 2" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="ethernet_3" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : happy
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : icpnet.pl

Ethernet adapter Ethernet 2:

   Connection-specific DNS Suffix  . : icpnet.pl
   Description . . . . . . . . . . . : Kontroler Realtek PCIe GBE Family Controller #2
   Physical Address. . . . . . . . . : 40-61-86-34-89-A0
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::893e:79f7:c8b2:e488%4(Preferred)
   IPv4 Address. . . . . . . . . . . : 62.21.0.151(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.224.0
   Lease Obtained. . . . . . . . . . : 18 czerwca 2014 18:17:52
   Lease Expires . . . . . . . . . . : 18 czerwca 2014 23:19:20
   Default Gateway . . . . . . . . . : 62.21.0.1
   DHCP Server . . . . . . . . . . . : 62.21.99.103
   DHCPv6 IAID . . . . . . . . . . . : 322986374
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1B-33-01-5F-40-61-86-34-89-A1
   DNS Servers . . . . . . . . . . . : 62.21.99.94
                                       62.21.99.95
   NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Ethernet:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Kontroler Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : 40-61-86-34-89-A1
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.icpnet.pl:

   Connection-specific DNS Suffix  . : icpnet.pl
   Description . . . . . . . . . . . : Karta Microsoft ISATAP
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::200:5efe:62.21.0.151%5(Preferred)
   Default Gateway . . . . . . . . . :
   DHCPv6 IAID . . . . . . . . . . . : 385875968
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1B-33-01-5F-40-61-86-34-89-A1
   DNS Servers . . . . . . . . . . . : 62.21.99.94
                                       62.21.99.95
   NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter Poczenie lokalne* 3:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fb:2c21:d23:c1ea:ff68(Preferred)
   Link-local IPv6 Address . . . . . : fe80::2c21:d23:c1ea:ff68%7(Preferred)
   Default Gateway . . . . . . . . . :
   DHCPv6 IAID . . . . . . . . . . . : 117440512
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1B-33-01-5F-40-61-86-34-89-A1
   NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter 6TO4 Adapter:

   Connection-specific DNS Suffix  . : icpnet.pl
   Description . . . . . . . . . . . : Karta Microsoft 6to4
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2002:3e15:97::3e15:97(Preferred)
   Default Gateway . . . . . . . . . :
   DHCPv6 IAID . . . . . . . . . . . : 100663296
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1B-33-01-5F-40-61-86-34-89-A1
   DNS Servers . . . . . . . . . . . : 62.21.99.94
                                       62.21.99.95
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server:  c99-94.icpnet.pl
Address:  62.21.99.94

Name:    google.com
Addresses:  2a00:1450:4008:c01::71
      46.238.98.168
      46.238.98.178
      46.238.98.153
      46.238.98.177
      46.238.98.163
      46.238.98.148
      46.238.98.158
      46.238.98.162
      46.238.98.187
      46.238.98.173
      46.238.98.182
      46.238.98.183
      46.238.98.157
      46.238.98.152
      46.238.98.167
      46.238.98.172


Pinging google.com [46.238.98.173] with 32 bytes of data:
Reply from 46.238.98.173: bytes=32 time=6ms TTL=61
Reply from 46.238.98.173: bytes=32 time=6ms TTL=61

Ping statistics for 46.238.98.173:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 6ms, Maximum = 6ms, Average = 6ms
Server:  c99-94.icpnet.pl
Address:  62.21.99.94

Name:    yahoo.com
Addresses:  98.138.253.109
      206.190.36.45
      98.139.183.24


Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=158ms TTL=50
Reply from 98.138.253.109: bytes=32 time=163ms TTL=50

Ping statistics for 98.138.253.109:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 158ms, Maximum = 163ms, Average = 160ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
  4...40 61 86 34 89 a0 ......Kontroler Realtek PCIe GBE Family Controller #2
  2...40 61 86 34 89 a1 ......Kontroler Realtek PCIe GBE Family Controller
  1...........................Software Loopback Interface 1
  5...00 00 00 00 00 00 00 e0 Karta Microsoft ISATAP
  7...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
  6...00 00 00 00 00 00 00 e0 Karta Microsoft 6to4
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0        62.21.0.1      62.21.0.151     10
        62.21.0.0    255.255.224.0         On-link       62.21.0.151    266
      62.21.0.151  255.255.255.255         On-link       62.21.0.151    266
     62.21.31.255  255.255.255.255         On-link       62.21.0.151    266
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link       62.21.0.151    266
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link       62.21.0.151    266
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
  7    306 2001::/32                On-link
  7    306 2001:0:5ef5:79fb:2c21:d23:c1ea:ff68/128
                                    On-link
  6   1010 2002::/16                On-link
  6    266 2002:3e15:97::3e15:97/128
                                    On-link
  4    266 fe80::/64                On-link
  7    306 fe80::/64                On-link
  5    266 fe80::200:5efe:62.21.0.151/128
                                    On-link
  7    306 fe80::2c21:d23:c1ea:ff68/128
                                    On-link
  4    266 fe80::893e:79f7:c8b2:e488/128
                                    On-link
  1    306 ff00::/8                 On-link
  4    266 ff00::/8                 On-link
  7    306 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\WINDOWS\SysWOW64\napinsp.dll [53760] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\SysWOW64\pnrpnsp.dll [68096] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\SysWOW64\pnrpnsp.dll [68096] (Microsoft Corporation)
Catalog5 04 C:\WINDOWS\SysWOW64\NLAapi.dll [64000] (Microsoft Corporation)
Catalog5 05 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog5 06 C:\WINDOWS\SysWOW64\winrnr.dll [21504] (Microsoft Corporation)
Catalog9 01 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\napinsp.dll [67584] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [87040] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [87040] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [84480] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [30208] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (06/18/2014 05:54:34 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Przetwarzanie wywołania OnIdentity() w obiekcie System Writer przez Usługi kryptograficzne nie powiodło się.


Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokół LLDP (Link-Layer Discovery Protocol) firmy Microsoft.

System Error:
Odmowa dostępu.
.


System errors:
=============
Error: (06/18/2014 08:31:32 PM) (Source: Service Control Manager) (User: )
Description: Usługa Bufor wydruku niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 5000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie.

Error: (06/18/2014 08:31:18 PM) (Source: Service Control Manager) (User: )
Description: Usługa Adobe Acrobat Update Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1.

Error: (06/18/2014 05:51:30 PM) (Source: Service Control Manager) (User: )
Description: Nie można uruchomić usługi Steam Client Service z powodu następującego błędu:
%%1053

Error: (06/18/2014 05:51:30 PM) (Source: Service Control Manager) (User: )
Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Steam Client Service.

Error: (06/18/2014 01:32:57 PM) (Source: Service Control Manager) (User: )
Description: Usługa BranchCache zakończyła działanie; wystąpił następujący specyficzny dla niej błąd:
%%1260

Error: (06/18/2014 01:32:52 PM) (Source: NETLOGON) (User: )
Description: Ten komputer jest skonfigurowany jako członek grupy roboczej,
a nie domeny. W tej konfiguracji usługa Netlogon nie musi być
uruchamiana.

Error: (06/18/2014 01:32:30 PM) (Source: Service Control Manager) (User: )
Description: Usługa Przeglądarka komputera zależy od usługi Stacja robocza, której nie można uruchomić z powodu następującego błędu:
%%1058

Error: (06/18/2014 01:32:30 PM) (Source: Service Control Manager) (User: )
Description: Usługa Przeglądarka komputera zależy od usługi Stacja robocza, której nie można uruchomić z powodu następującego błędu:
%%1058

Error: (06/18/2014 01:32:30 PM) (Source: Service Control Manager) (User: )
Description: Usługa Przeglądarka komputera zależy od usługi Stacja robocza, której nie można uruchomić z powodu następującego błędu:
%%1058

Error: (06/18/2014 01:32:30 PM) (Source: Service Control Manager) (User: )
Description: Usługa Przeglądarka komputera zależy od usługi Stacja robocza, której nie można uruchomić z powodu następującego błędu:
%%1058


Microsoft Office Sessions:
=========================
Error: (06/18/2014 05:54:34 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokół LLDP (Link-Layer Discovery Protocol) firmy Microsoft.

System Error:
Odmowa dostępu.



=========================== Installed Programs ============================
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Reader XI - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AB0000000001}) (Version: 11.0.00 - Adobe Systems Incorporated)
AMD Accelerated Video Transcoding (Version: 13.30.100.40417 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{6119B3A6-3603-9695-0398-CDF2AF0A13F8}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
CBR Reader (HKLM-x32\...\{EDAAC216-AC73-4152-9654-E12FE5A69F5D}_is1) (Version:  - cbrreader.com)
CCC Help Chinese Standard (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
ffdshow v1.3.4530 [2014-02-09] (HKLM-x32\...\ffdshow_is1) (Version: 1.3.4530.0 - )
Fraps (HKLM-x32\...\Fraps) (Version:  - )
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Mozilla Firefox 30.0 (x86 pl) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 pl)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.4.7.2799 - Electronic Arts, Inc.)
Raptr (HKLM-x32\...\Raptr) (Version:  - )
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)

========================= Devices: ================================


========================= Memory info: ===================================

Percentage of memory in use: 10%
Total physical RAM: 12279.12 MB
Available physical RAM: 10950.94 MB
Total Pagefile: 14711.12 MB
Available Pagefile: 13277.38 MB
Total Virtual: 4095.88 MB
Available Virtual: 3974.02 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:465.76 GB) (Free:433.15 GB) NTFS
2 Drive d: (Zastrzeżone przez system) (Fixed) (Total:0.34 GB) (Free:0.29 GB) NTFS
3 Drive e: () (Fixed) (Total:931.17 GB) (Free:800.61 GB) NTFS

========================= Users: ========================================

Konta uľytkownik˘w dla \\HAPPY

Administrator            Go†                     Rafa                    
Polecenie zostao wykonane pomylnie.

========================= Minidump Files ==================================

No minidump file found

========================= Restore Points ==================================

18-06-2014 15:54:34 Installed 7-Zip 9.20 (x64 edition)

**** End of log ****
 

[Naathim]

Check Only Problems.

[RafalP]

This is with "Only problems" log. Thank you in advance for helping me out. Will you be absent tomorow due to long weekend?

[Naathim]

No, maybe visiting less often, but at least once - twice per day surely. Analyzing your report, should post later on tonight

[Naathim]

Download the attached reset.zip file to your desktop.
 reset.zip   146bytes   132 downloads
Unzip it (right-click > extract).
Right-click on the reset.bat file and select Run as Administrator.
A black window will blink.

Wait a moment and reboot your machine after that (it's very important).

Next please re-run MiniToolBox and post me its new report.

[RafalP]

Done as You said Naat, with two minor (I think) problem. It did not blink,or it was so fast I couldn't notice and the other one was that I had to turn off SmartScreen and Windows Defender (I am running Windows 8.1). PC was restarted. Log is as followed:

MiniToolBox by Farbar  Version: 13-06-2014
Ran by Rafał (administrator) on 18-06-2014 at 23:25:53
Running from "C:\Users\Rafał\Desktop"
Microsoft Windows 8.1 Pro  (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Kontroler Realtek PCIe GBE Family Controller = Ethernet 2 (Connected)
Kontroler Realtek PCIe GBE Family Controller = Ethernet (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
set interface interface="Ethernet 2-WFP Native MAC Layer LightWeight Filter-0000" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet 2" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="ethernet_3" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : happy
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : icpnet.pl

Ethernet adapter Ethernet 2:

   Connection-specific DNS Suffix  . : icpnet.pl
   Description . . . . . . . . . . . : Kontroler Realtek PCIe GBE Family Controller #2
   Physical Address. . . . . . . . . : 40-61-86-34-89-A0
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::893e:79f7:c8b2:e488%4(Preferred)
   IPv4 Address. . . . . . . . . . . : 62.21.0.151(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.224.0
   Lease Obtained. . . . . . . . . . : 18 czerwca 2014 23:24:39
   Lease Expires . . . . . . . . . . : 19 czerwca 2014 00:24:38
   Default Gateway . . . . . . . . . : 62.21.0.1
   DHCP Server . . . . . . . . . . . : 62.21.99.103
   DHCPv6 IAID . . . . . . . . . . . : 322986374
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1B-33-01-5F-40-61-86-34-89-A1
   DNS Servers . . . . . . . . . . . : 62.21.99.94
                                       62.21.99.95
   NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Ethernet:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Kontroler Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : 40-61-86-34-89-A1
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.icpnet.pl:

   Connection-specific DNS Suffix  . : icpnet.pl
   Description . . . . . . . . . . . : Karta Microsoft ISATAP
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::200:5efe:62.21.0.151%5(Preferred)
   Default Gateway . . . . . . . . . :
   DHCPv6 IAID . . . . . . . . . . . : 385875968
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1B-33-01-5F-40-61-86-34-89-A1
   DNS Servers . . . . . . . . . . . : 62.21.99.94
                                       62.21.99.95
   NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter Poczenie lokalne* 3:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fd:1812:30b5:c1ea:ff68(Preferred)
   Link-local IPv6 Address . . . . . : fe80::1812:30b5:c1ea:ff68%7(Preferred)
   Default Gateway . . . . . . . . . :
   DHCPv6 IAID . . . . . . . . . . . : 117440512
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1B-33-01-5F-40-61-86-34-89-A1
   NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter 6TO4 Adapter:

   Connection-specific DNS Suffix  . : icpnet.pl
   Description . . . . . . . . . . . : Karta Microsoft 6to4
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2002:3e15:97::3e15:97(Preferred)
   Default Gateway . . . . . . . . . :
   DHCPv6 IAID . . . . . . . . . . . : 100663296
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1B-33-01-5F-40-61-86-34-89-A1
   DNS Servers . . . . . . . . . . . : 62.21.99.94
                                       62.21.99.95
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server:  c99-94.icpnet.pl
Address:  62.21.99.94

Name:    google.com
Addresses:  2a00:1450:4008:c01::8a
      46.238.98.167
      46.238.98.152
      46.238.98.148
      46.238.98.183
      46.238.98.187
      46.238.98.172
      46.238.98.177
      46.238.98.168
      46.238.98.182
      46.238.98.153
      46.238.98.162
      46.238.98.163
      46.238.98.158
      46.238.98.173
      46.238.98.178
      46.238.98.157


Pinging google.com [46.238.98.163] with 32 bytes of data:
Reply from 46.238.98.163: bytes=32 time=19ms TTL=61
Reply from 46.238.98.163: bytes=32 time=7ms TTL=61

Ping statistics for 46.238.98.163:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 7ms, Maximum = 19ms, Average = 13ms
Server:  c99-94.icpnet.pl
Address:  62.21.99.94

Name:    yahoo.com
Addresses:  98.139.183.24
      206.190.36.45
      98.138.253.109


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=123ms TTL=52
Reply from 98.139.183.24: bytes=32 time=126ms TTL=52

Ping statistics for 98.139.183.24:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 123ms, Maximum = 126ms, Average = 124ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
  4...40 61 86 34 89 a0 ......Kontroler Realtek PCIe GBE Family Controller #2
  2...40 61 86 34 89 a1 ......Kontroler Realtek PCIe GBE Family Controller
  1...........................Software Loopback Interface 1
  5...00 00 00 00 00 00 00 e0 Karta Microsoft ISATAP
  7...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
  6...00 00 00 00 00 00 00 e0 Karta Microsoft 6to4
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0        62.21.0.1      62.21.0.151     10
        62.21.0.0    255.255.224.0         On-link       62.21.0.151    266
      62.21.0.151  255.255.255.255         On-link       62.21.0.151    266
     62.21.31.255  255.255.255.255         On-link       62.21.0.151    266
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link       62.21.0.151    266
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link       62.21.0.151    266
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
  7    306 2001::/32                On-link
  7    306 2001:0:5ef5:79fd:1812:30b5:c1ea:ff68/128
                                    On-link
  6   1010 2002::/16                On-link
  6    266 2002:3e15:97::3e15:97/128
                                    On-link
  4    266 fe80::/64                On-link
  7    306 fe80::/64                On-link
  5    266 fe80::200:5efe:62.21.0.151/128
                                    On-link
  7    306 fe80::1812:30b5:c1ea:ff68/128
                                    On-link
  4    266 fe80::893e:79f7:c8b2:e488/128
                                    On-link
  1    306 ff00::/8                 On-link
  4    266 ff00::/8                 On-link
  7    306 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\WINDOWS\SysWOW64\napinsp.dll [53760] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\SysWOW64\pnrpnsp.dll [68096] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\SysWOW64\pnrpnsp.dll [68096] (Microsoft Corporation)
Catalog5 04 C:\WINDOWS\SysWOW64\NLAapi.dll [64000] (Microsoft Corporation)
Catalog5 05 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog5 06 C:\WINDOWS\SysWOW64\winrnr.dll [21504] (Microsoft Corporation)
Catalog9 01 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\napinsp.dll [67584] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [87040] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [87040] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [84480] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [30208] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (06/18/2014 05:54:34 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Przetwarzanie wywołania OnIdentity() w obiekcie System Writer przez Usługi kryptograficzne nie powiodło się.


Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokół LLDP (Link-Layer Discovery Protocol) firmy Microsoft.

System Error:
Odmowa dostępu.
.


System errors:
=============
Error: (06/18/2014 08:31:32 PM) (Source: Service Control Manager) (User: )
Description: Usługa Bufor wydruku niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 5000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie.

Error: (06/18/2014 08:31:18 PM) (Source: Service Control Manager) (User: )
Description: Usługa Adobe Acrobat Update Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1.

Error: (06/18/2014 05:51:30 PM) (Source: Service Control Manager) (User: )
Description: Nie można uruchomić usługi Steam Client Service z powodu następującego błędu:
%%1053

Error: (06/18/2014 05:51:30 PM) (Source: Service Control Manager) (User: )
Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Steam Client Service.

Error: (06/18/2014 01:32:57 PM) (Source: Service Control Manager) (User: )
Description: Usługa BranchCache zakończyła działanie; wystąpił następujący specyficzny dla niej błąd:
%%1260

Error: (06/18/2014 01:32:52 PM) (Source: NETLOGON) (User: )
Description: Ten komputer jest skonfigurowany jako członek grupy roboczej,
a nie domeny. W tej konfiguracji usługa Netlogon nie musi być
uruchamiana.

Error: (06/18/2014 01:32:30 PM) (Source: Service Control Manager) (User: )
Description: Usługa Przeglądarka komputera zależy od usługi Stacja robocza, której nie można uruchomić z powodu następującego błędu:
%%1058

Error: (06/18/2014 01:32:30 PM) (Source: Service Control Manager) (User: )
Description: Usługa Przeglądarka komputera zależy od usługi Stacja robocza, której nie można uruchomić z powodu następującego błędu:
%%1058

Error: (06/18/2014 01:32:30 PM) (Source: Service Control Manager) (User: )
Description: Usługa Przeglądarka komputera zależy od usługi Stacja robocza, której nie można uruchomić z powodu następującego błędu:
%%1058

Error: (06/18/2014 01:32:30 PM) (Source: Service Control Manager) (User: )
Description: Usługa Przeglądarka komputera zależy od usługi Stacja robocza, której nie można uruchomić z powodu następującego błędu:
%%1058


Microsoft Office Sessions:
=========================
Error: (06/18/2014 05:54:34 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokół LLDP (Link-Layer Discovery Protocol) firmy Microsoft.

System Error:
Odmowa dostępu.



=========================== Installed Programs ============================
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Reader XI - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AB0000000001}) (Version: 11.0.00 - Adobe Systems Incorporated)
AMD Accelerated Video Transcoding (Version: 13.30.100.40417 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{6119B3A6-3603-9695-0398-CDF2AF0A13F8}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
CBR Reader (HKLM-x32\...\{EDAAC216-AC73-4152-9654-E12FE5A69F5D}_is1) (Version:  - cbrreader.com)
CCC Help Chinese Standard (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
ffdshow v1.3.4530 [2014-02-09] (HKLM-x32\...\ffdshow_is1) (Version: 1.3.4530.0 - )
Fraps (HKLM-x32\...\Fraps) (Version:  - )
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Mozilla Firefox 30.0 (x86 pl) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 pl)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.4.7.2799 - Electronic Arts, Inc.)
Raptr (HKLM-x32\...\Raptr) (Version:  - )
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)

========================= Devices: ================================


========================= Memory info: ===================================

Percentage of memory in use: 7%
Total physical RAM: 12279.12 MB
Available physical RAM: 11366.63 MB
Total Pagefile: 14711.12 MB
Available Pagefile: 13769.01 MB
Total Virtual: 4095.88 MB
Available Virtual: 3968.03 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:465.76 GB) (Free:433.15 GB) NTFS
2 Drive d: (Zastrzeżone przez system) (Fixed) (Total:0.34 GB) (Free:0.29 GB) NTFS
3 Drive e: () (Fixed) (Total:931.17 GB) (Free:800.61 GB) NTFS

========================= Users: ========================================

Konta uľytkownik˘w dla \\HAPPY

Administrator            Go†                     Rafa                    
Polecenie zostao wykonane pomylnie.

========================= Minidump Files ==================================

No minidump file found

========================= Restore Points ==================================

18-06-2014 15:54:34 Installed 7-Zip 9.20 (x64 edition)

**** End of log ****



Percentage of memory in use worries me a little because I am not running any programs. I think I am not running.