Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-05-2015 Ran by Witold at 2015-05-26 10:32:53 Running from C:\Users\Witold\Desktop\cleanery\FRST Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-4263293795-372819126-2868305949-500 - Administrator - Disabled) Gość (S-1-5-21-4263293795-372819126-2868305949-501 - Limited - Enabled) IME_ADMIN (S-1-5-21-4263293795-372819126-2868305949-1010 - Limited - Enabled) IME_USER (S-1-5-21-4263293795-372819126-2868305949-1009 - Limited - Enabled) Witold (S-1-5-21-4263293795-372819126-2868305949-1001 - Administrator - Enabled) => C:\Users\Witold ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) «Project CARS 1.0.1.3 (HKLM-x32\...\«Project CARS_is1) (Version: 1.0.1.3 - Slightly Mad Studios Ltd.) 7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov) ABBYY FineReader 12 Professional (HKLM-x32\...\{F12000FE-0001-0000-0000-074957833700}) (Version: 12.1.531 - ABBYY Production LLC) Adobe Reader XI (11.0.11) - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated) Age of Wonders III (HKLM-x32\...\QWdlb2ZXb25kZXJzSUlJ_is1) (Version: 1 - ) Alien Isolation (HKLM-x32\...\{XXXXXXXX-XXXX-XXXX-XXXX-BLACKBOX0017}) (Version: 6.0 - Black Box) AMD Catalyst Install Manager (HKLM\...\{F2A7CE36-57BF-5C86-952D-90DBF3746D82}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.) AMD VISION Engine Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD) ASUS Xonar DX Audio (HKLM-x32\...\{71B53BA8-4BE3-49AF-BC3E-07F392008788}) (Version: - ASUSTeK Computer Inc.) Auslogics Disk Defrag Touch (HKLM-x32\...\{B259CF8C-5028-4F71-95E0-30E1E4F56606}_is1) (Version: 1.1.0.0 - Auslogics Software Pty Ltd) BitComet 1.37 64-bit (HKLM-x32\...\BitComet_x64) (Version: 1.37 - CometNetwork) Call of Duty Advanced Warfare (HKLM-x32\...\Call of Duty Advanced Warfare_is1) (Version: - ) CCleaner (HKLM\...\CCleaner) (Version: 5.05 - Piriform) ChomikBox (HKLM-x32\...\{C7B52FAF-58D8-438C-B810-F78C3C927504}) (Version: 2.0.8.0 - Chomikuj.pl) Classic Shell (HKLM\...\{840C85B7-D3D6-4143-9AF9-DAE80FD54CFC}) (Version: 4.1.0 - IvoSoft) Combined Community Codec Pack 2014-04-20 (HKLM-x32\...\Combined Community Codec Pack_is1) (Version: 2014.04.20.0 - CCCP Project) CrystalDiskInfo 5.6.2 Shizuku Edition (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 5.6.2 - Crystal Dew World) DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd) Dying Light Ultimate Edition version 1.2.0 (HKLM-x32\...\Dying Light Ultimate Edition_is1) (Version: 1.2.0 - GMT-MAX.ORG) EDU CD. Vademecum języka angielskiego (HKLM-x32\...\EDU CD. Vademecum języka angielskiego_is1) (Version: - EDU CD) Etron USB3.0 Host Controller (HKLM-x32\...\InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.96 - Etron Technology) Etron USB3.0 Host Controller (x32 Version: 0.96 - Etron Technology) Hidden Far Cry 4 (HKLM-x32\...\Far Cry 4_is1) (Version: 1.0 - Релиз от R.G. Steamgames) GG (HKU\S-1-5-21-4263293795-372819126-2868305949-1001\...\GG) (Version: 12 - GG Network S.A.) GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team) Grand Theft Auto V v.1.0.333.1 (HKLM-x32\...\Grand Theft Auto V_is1) (Version: - ) GRID Autosport (HKLM-x32\...\R1JJREF1dG9zcG9ydA==_is1) (Version: 1 - ) HWiNFO64 Version 4.40 (HKLM\...\HWiNFO64_is1) (Version: 4.40 - Martin Malík - REALiX) IVONA 2 (HKLM-x32\...\IVONA 2) (Version: 1.6.63 - IVONA Software Sp. z o.o.) IVONA ControlCenter (HKLM-x32\...\IVONA ControlCenter) (Version: 1.1.10 - IVONA Software Sp. z o.o.) IVONA MiniReader (HKLM-x32\...\IVONA MiniReader) (Version: - IVONA Software Sp. z o.o.) IVONA Reader (HKLM-x32\...\IVONA Reader) (Version: - IVONA Software Sp. z o.o.) Malwarebytes Anti-Malware wersja 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Middle-earth Shadow of Mordor (HKLM-x32\...\Middle-earth Shadow of Mordor_is1) (Version: 1.0 - Релиз от R.G. Steamgames) Mobile Partner (HKLM-x32\...\Mobile Partner) (Version: 23.012.05.00.1185 - Huawei Technologies Co.,Ltd) Mortal Kombat X (HKLM-x32\...\Mortal Kombat X_R.G. Mechanics_is1) (Version: - R.G. Mechanics, spider91) MSI Afterburner 3.0.1 (HKLM-x32\...\Afterburner) (Version: 3.0.1 - MSI Co., LTD) Nokia Connectivity Cable Driver (HKLM\...\{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}) (Version: 7.1.32.69 - ) NVIDIA PhysX (HKLM-x32\...\{80407BA7-7763-4395-AB98-5233F1B34E65}) (Version: 9.13.1220 - NVIDIA Corporation) OpenAL (HKLM-x32\...\OpenAL) (Version: - ) OpenOffice 4.1.1 (HKLM-x32\...\{B5373BA3-BAD7-4EAC-A9D2-B66B41B82C57}) (Version: 4.11.9775 - Apache Software Foundation) PLAY ONLINE (HKLM-x32\...\PLAY ONLINE) (Version: 11.002.03.08.264 - Huawei Technologies Co.,Ltd) Plustek OpticSlim 2600 (HKLM-x32\...\{C0EEB671-169B-4423-971D-B2D710FE9132}) (Version: 5.1.0 - ) Qualcomm Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.13 - Qualcomm Atheros Communications Inc.) RIDE (HKLM-x32\...\RIDE_R.G. Mechanics_is1) (Version: - R.G. Mechanics, ProZorg_tm) Risen 3 (HKLM-x32\...\Risen 3_R.G. Mechanics_is1) (Version: - R.G. Mechanics, spider91) RivaTuner Statistics Server 6.1.2 (HKLM-x32\...\RTSS) (Version: 6.1.2 - Unwinder) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.6 - Rockstar Games) Ryse Son of Rome (HKLM-x32\...\Ryse Son of Rome_is1) (Version: - ) Saints Row Gat out of Hell (HKLM-x32\...\U2FpbnRzUm93R2F0b3V0b2ZIZWxs_is1) (Version: 1 - ) SlimCleaner (HKLM-x32\...\{6B8D6199-EE44-4FD7-813A-6D8C62C9B384}) (Version: 4.0.30878 - SlimWare Utilities, Inc.) Sniper Ghost Warrior 2 (HKLM-x32\...\Sniper Ghost Warrior 2_is1) (Version: - ) Sp5 (x32 Version: 5.1.4324.0 - Microsoft) Hidden Sp5Intl (x32 Version: 5.1.4324.0 - Microsoft) Hidden Sp5TTInt (x32 Version: 5.1.4324.0 - Microsoft) Hidden SpCommon (x32 Version: 5.1.4324.0 - Microsoft) Hidden SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - ) SpPhones (x32 Version: 6.0.3122.0 - Microsoft) Hidden The Witcher 3 (HKLM-x32\...\The Witcher 3_is1) (Version: 1.02 - Релиз от R.G. Steamgames) Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-4263293795-372819126-2868305949-1001_Classes\CLSID\{44996865-E670-9DC1-3743-37B4D650EA9E}\InprocServer32 -> C:\WINDOWS\system32\ole32.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4263293795-372819126-2868305949-1001_Classes\CLSID\{E68D0A55-3C40-4712-B90D-DCFA93FF2534}\InprocServer32 -> C:\Users\Witold\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll (GG Network S.A.) ==================== Restore Points ========================= 09-05-2015 19:23:56 Windows Update 12-05-2015 20:47:22 Windows Update 21-05-2015 16:12:25 Windows Update 26-05-2015 10:23:34 Restore Point Created by FRST ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 15:25 - 2015-05-25 11:17 - 00000855 ____A C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {2E940A9F-FBA0-4A8B-9CD3-28376EF75A04} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation) Task: {6A50758B-3B65-4B2C-B3ED-F4C8EAC68B31} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-06] (Microsoft Corporation) Task: {8C2E3FB2-8B35-47E9-8BE6-DAE16186506E} - System32\Tasks\SlimCleaner Run => C:\Program Files (x86)\SlimCleaner\SlimCleaner.exe [2013-07-10] (SlimWare Utilities, Inc.) Task: {AB187E69-10F5-48E0-9F02-C1034B2B9717} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated) Task: {B50033B8-D5BC-4DD9-8876-B0A7F61080F5} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-04-23] (Piriform Ltd) Task: {DF59A758-D284-42A2-8706-48D2AAD73628} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-05-12] (Microsoft Corporation) ==================== Loaded Modules (Whitelisted) ============== 2014-11-20 22:23 - 2014-11-20 22:23 - 00214528 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll 2014-02-11 07:08 - 2014-02-11 07:08 - 00817152 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Device.dll 2014-02-11 07:08 - 2014-02-11 07:08 - 03650560 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Platform.dll 2013-04-10 07:58 - 2013-04-10 07:58 - 00351824 _____ () C:\ProgramData\DatacardService\HWDeviceService64.exe 2014-07-14 23:00 - 2014-07-14 23:00 - 00200704 ____N () C:\Windows\SysWOW64\HsMgr.exe 2014-07-14 23:00 - 2014-07-14 23:00 - 00282112 ____N () C:\Windows\System\HsMgr64.exe 2014-07-15 14:52 - 2013-03-25 17:06 - 00210944 _____ () C:\Program Files (x86)\Plustek\Plustek OpticSlim 2600\DocuAction.exe 2014-11-20 22:23 - 2014-11-20 22:23 - 00102400 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Proxy.Native.dll 2014-12-28 19:19 - 2012-06-06 10:56 - 00143360 ____N () C:\Program Files\ASUS Xonar DX Audio\Customapp\VmixP8.dll 2014-07-15 14:52 - 2013-03-25 17:05 - 00027136 _____ () C:\Program Files (x86)\Plustek\Plustek OpticSlim 2600\AmCommonLib.dll 2014-07-15 14:52 - 2013-02-06 02:57 - 00098304 _____ () C:\Program Files (x86)\Plustek\Plustek OpticSlim 2600\DocuRes.dll 2014-07-15 14:52 - 2008-06-25 14:03 - 00045056 _____ () C:\Program Files (x86)\Common Files\iMpacct\EdgeFillRsc.dll 2014-07-15 14:52 - 2006-05-15 15:24 - 00122938 _____ () C:\Program Files (x86)\Common Files\iMpacct\CommonFunc.dll 2014-07-15 14:52 - 2013-05-03 17:38 - 00269824 _____ () C:\Program Files (x86)\Plustek\Plustek OpticSlim 2600\Scan.dll 2014-07-15 14:52 - 2013-05-03 16:27 - 00163840 _____ () C:\Program Files (x86)\Plustek\Plustek OpticSlim 2600\ScanRes.dll 2014-07-15 14:52 - 2013-04-25 09:31 - 00151552 _____ () C:\Program Files (x86)\Plustek\Plustek OpticSlim 2600\ScanProcess.dll 2014-07-15 14:52 - 2009-06-25 10:00 - 00897024 _____ () C:\Program Files (x86)\Plustek\Plustek OpticSlim 2600\EncryptPdf.dll 2014-07-15 14:52 - 2013-04-25 09:31 - 00058368 _____ () C:\Program Files (x86)\Plustek\Plustek OpticSlim 2600\PlkMsg.dll 2014-07-15 14:52 - 2013-03-08 21:19 - 00069632 _____ () C:\Program Files (x86)\Plustek\Plustek OpticSlim 2600\PlkMsgRes.dll 2014-07-15 14:52 - 2013-03-25 17:06 - 00038912 _____ () C:\Program Files (x86)\Plustek\Plustek OpticSlim 2600\Copy.DLL 2014-07-15 14:52 - 2010-06-07 15:06 - 00045056 _____ () C:\Program Files (x86)\Plustek\Plustek OpticSlim 2600\CopyRes.dll 2014-07-15 14:52 - 2005-09-21 14:36 - 00061440 _____ () C:\Program Files (x86)\Plustek\Plustek OpticSlim 2600\PrnDriver.dll 2014-07-15 14:52 - 2013-03-25 17:05 - 00075264 _____ () C:\Program Files (x86)\Plustek\Plustek OpticSlim 2600\OCR.DLL 2014-07-15 14:52 - 2012-11-13 05:51 - 00049152 _____ () C:\Program Files (x86)\Plustek\Plustek OpticSlim 2600\OcrRes.dll 2014-07-15 14:52 - 2013-03-25 17:06 - 00060416 _____ () C:\Program Files (x86)\Plustek\Plustek OpticSlim 2600\eMail.DLL 2014-07-15 14:52 - 2013-03-25 17:05 - 00087040 _____ () C:\Program Files (x86)\Plustek\Plustek OpticSlim 2600\FormatManager.dll 2014-07-15 14:52 - 2013-02-06 02:57 - 00061440 _____ () C:\Program Files (x86)\Plustek\Plustek OpticSlim 2600\FormatManagerRes.dll 2014-07-15 14:52 - 2010-06-07 15:06 - 00049152 _____ () C:\Program Files (x86)\Plustek\Plustek OpticSlim 2600\EmailRes.dll 2014-07-15 14:52 - 2013-03-25 17:06 - 00104448 _____ () C:\Program Files (x86)\Plustek\Plustek OpticSlim 2600\Custom.DLL 2014-07-15 14:52 - 2012-11-13 05:51 - 00049152 _____ () C:\Program Files (x86)\Plustek\Plustek OpticSlim 2600\CustomRes.dll 2014-07-15 14:52 - 2013-03-25 17:05 - 00098304 _____ () C:\Program Files (x86)\Plustek\Plustek OpticSlim 2600\PDF.DLL 2014-07-15 14:52 - 2012-11-13 05:51 - 00049152 _____ () C:\Program Files (x86)\Plustek\Plustek OpticSlim 2600\FilingRes.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE trusted site: HKU\S-1-5-21-4263293795-372819126-2868305949-1001\...\mailgrupowy.pl -> hxxps://mailgrupowy.pl ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-4263293795-372819126-2868305949-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Witold\Pictures\dhhfh.jpg DNS Servers: 8.8.8.8 - 8.8.4.4 ==================== MSCONFIG/TASK MANAGER Error getting == (Currently there is no automatic fix for this section.) HKLM\...\StartupApproved\Run32: => "Adobe ARM" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppextcomobj.exe FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppextcomobj.exe ==================== Faulty Device Manager Devices ============= Name: Standardowa klawiatura PS/2 Description: Standardowa klawiatura PS/2 Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318} Manufacturer: (Klawiatury standardowe) Service: i8042prt Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. Name: Mysz Microsoft PS/2 Description: Mysz Microsoft PS/2 Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: i8042prt Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. ==================== Event log errors: ========================= Application errors: ================== Error: (05/26/2015 10:23:44 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Przetwarzanie wywołania OnIdentity() w obiekcie System Writer przez Usługi kryptograficzne nie powiodło się. Details: AddLegacyDriverFiles: Unable to back up image of binary Protokół LLDP (Link-Layer Discovery Protocol) firmy Microsoft. System Error: Odmowa dostępu. . Error: (05/26/2015 10:23:34 AM) (Source: VSS) (EventID: 8194) (User: ) Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas badania interfejsu IVssWriterCallback. hr = 0x80070005, Odmowa dostępu. . To jest często spowodowane przez niepoprawne ustawienia zabezpieczeń w procesie zapisującym lub żądającym. Operacja: Zbieranie danych modułu zapisującego Kontekst: Identyfikator klasy modułu zapisującego: {e8132975-6f93-4464-a53e-1050253ae220} Nazwa modułu zapisującego: System Writer Identyfikator wystąpienia modułu zapisującego: {75537437-a85d-4a97-b384-61655611f1e1} Error: (05/25/2015 11:43:49 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: ) Description: Zainicjowanie bazy danych wykazu przez Usługi kryptograficzne nie powiodło się. Błąd ESENT: -1216. Error: (05/25/2015 11:43:49 AM) (Source: ESENT) (EventID: 454) (User: ) Description: Catalog Database (1176) Catalog Database: Odzyskiwanie/przywracanie bazy danych nie powiodło się z powodu nieoczekiwanego błędu: -1216. Error: (05/25/2015 11:43:49 AM) (Source: ESENT) (EventID: 494) (User: ) Description: Catalog Database (1176) Catalog Database: Odzyskiwanie bazy danych zakończyło się niepomyślnie z błędem -1216, ponieważ napotkano odwołania do bazy danych 'C:\WINDOWS\system32\CatRoot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb', której już nie ma. Baza danych nie została doprowadzona do stanu Zamknięcie czyste zanim została usunięta (możliwe też, że ją przeniesiono lub zmieniono jej nazwę). Aparat bazy danych nie pozwoli na dokończenie odzyskiwania w przypadku tego wystąpienia, dopóki brakująca baza danych nie zostanie przywrócona na miejsce. Jeśli baza danych faktycznie nie jest już dostępna ani wymagana, procedury dotyczące odzyskiwania sprawności po tym błędzie są dostępne w bazie wiedzy Microsoft Knowledge Base. Można też do nich dotrzeć, używając łącza „więcej informacji” na dole tego komunikatu. Error: (05/25/2015 11:16:45 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: ZARZĄDZANIE NT) Description: Dostawca zdarzeń StorageWMI próbował zarejestrować zapytanie „select * from MSFT_StorageModificationEvent”, w przypadku którego klasa docelowa „MSFT_StorageModificationEvent” w przestrzeni nazw //./root/Microsoft/Windows/Storage nie istnieje. Zapytanie zostanie zignorowane. Error: (05/25/2015 11:16:45 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: ZARZĄDZANIE NT) Description: Dostawca zdarzeń StorageWMI próbował zarejestrować zapytanie „select * from MSFT_StorageDepartureEvent”, w przypadku którego klasa docelowa „MSFT_StorageDepartureEvent” w przestrzeni nazw //./root/Microsoft/Windows/Storage nie istnieje. Zapytanie zostanie zignorowane. Error: (05/25/2015 11:16:45 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: ZARZĄDZANIE NT) Description: Dostawca zdarzeń StorageWMI próbował zarejestrować zapytanie „select * from MSFT_StorageArrivalEvent”, w przypadku którego klasa docelowa „MSFT_StorageArrivalEvent” w przestrzeni nazw //./root/Microsoft/Windows/Storage nie istnieje. Zapytanie zostanie zignorowane. Error: (05/25/2015 11:16:45 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: ZARZĄDZANIE NT) Description: Dostawca zdarzeń StorageWMI próbował zarejestrować zapytanie „select * from MSFT_StorageAlertEvent”, w przypadku którego klasa docelowa „MSFT_StorageAlertEvent” w przestrzeni nazw //./root/Microsoft/Windows/Storage nie istnieje. Zapytanie zostanie zignorowane. Error: (05/25/2015 11:16:45 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: ZARZĄDZANIE NT) Description: Dostawca zdarzeń próbował zarejestrować zapytanie „select * from MSFT_StorageModificationEvent”, w przypadku którego klasa docelowa „MSFT_StorageModificationEvent” w przestrzeni nazw //./root/Microsoft/Windows/Storage nie istnieje. Zapytanie zostanie zignorowane. System errors: ============= Error: (05/26/2015 10:25:08 AM) (Source: NETLOGON) (EventID: 3095) (User: ) Description: Ten komputer jest skonfigurowany jako członek grupy roboczej, a nie domeny. W tej konfiguracji usługa Netlogon nie musi być uruchamiana. Error: (05/26/2015 10:24:04 AM) (Source: Service Control Manager) (EventID: 7032) (User: ) Description: Menedżer sterowania usługami próbował podjąć akcję korekcyjną (Uruchom usługę ponownie) po nieoczekiwanym zakończeniu usługi Windows Search, ale ta akcja nie powiodła się przy następującym błędzie: %%1056. Error: (05/26/2015 10:23:34 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Windows Search niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 30000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (05/26/2015 10:23:34 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Usługa udostępniania w sieci programu Windows Media Player niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 30000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (05/26/2015 10:23:34 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Administrator usług IIS niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 0 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom skonfigurowany program odzyskiwania. Error: (05/26/2015 10:23:34 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa HWDeviceService64.exe niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (05/26/2015 10:23:34 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa AMD FUEL Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (05/26/2015 10:23:34 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa ABBYY FineReader 12 PE Licensing Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (05/26/2015 10:23:34 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Adobe Acrobat Update Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (05/26/2015 10:23:34 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Bufor wydruku niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 5000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Microsoft Office: ========================= Error: (05/26/2015 10:23:44 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Details: AddLegacyDriverFiles: Unable to back up image of binary Protokół LLDP (Link-Layer Discovery Protocol) firmy Microsoft. System Error: Odmowa dostępu. Error: (05/26/2015 10:23:34 AM) (Source: VSS) (EventID: 8194) (User: ) Description: 0x80070005, Odmowa dostępu. Operacja: Zbieranie danych modułu zapisującego Kontekst: Identyfikator klasy modułu zapisującego: {e8132975-6f93-4464-a53e-1050253ae220} Nazwa modułu zapisującego: System Writer Identyfikator wystąpienia modułu zapisującego: {75537437-a85d-4a97-b384-61655611f1e1} Error: (05/25/2015 11:43:49 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: ) Description: -1216 Error: (05/25/2015 11:43:49 AM) (Source: ESENT) (EventID: 454) (User: ) Description: Catalog Database1176Catalog Database: -1216 Error: (05/25/2015 11:43:49 AM) (Source: ESENT) (EventID: 494) (User: ) Description: Catalog Database1176Catalog Database: -1216C:\WINDOWS\system32\CatRoot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb Error: (05/25/2015 11:16:45 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: ZARZĄDZANIE NT) Description: StorageWMIselect * from MSFT_StorageModificationEventMSFT_StorageModificationEvent//./root/Microsoft/Windows/Storage Error: (05/25/2015 11:16:45 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: ZARZĄDZANIE NT) Description: StorageWMIselect * from MSFT_StorageDepartureEventMSFT_StorageDepartureEvent//./root/Microsoft/Windows/Storage Error: (05/25/2015 11:16:45 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: ZARZĄDZANIE NT) Description: StorageWMIselect * from MSFT_StorageArrivalEventMSFT_StorageArrivalEvent//./root/Microsoft/Windows/Storage Error: (05/25/2015 11:16:45 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: ZARZĄDZANIE NT) Description: StorageWMIselect * from MSFT_StorageAlertEventMSFT_StorageAlertEvent//./root/Microsoft/Windows/Storage Error: (05/25/2015 11:16:45 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: ZARZĄDZANIE NT) Description: select * from MSFT_StorageModificationEventMSFT_StorageModificationEvent//./root/Microsoft/Windows/Storage CodeIntegrity Errors: =================================== Date: 2015-05-25 20:05:53.012 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-05-25 20:05:52.884 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-05-25 20:05:52.756 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-05-25 19:21:02.067 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-05-25 19:21:01.926 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-05-25 19:21:01.789 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-05-25 19:20:54.576 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-05-25 19:20:54.439 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-05-25 19:20:54.064 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-05-25 19:20:53.934 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Memory info =========================== Processor: AMD FX(tm)-8350 Eight-Core Processor Percentage of memory in use: 5% Total physical RAM: 32747.62 MB Available physical RAM: 31052.52 MB Total Pagefile: 37611.62 MB Available Pagefile: 35777.86 MB Total Virtual: 131072 MB Available Virtual: 131071.81 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:491.33 GB) (Free:147.57 GB) NTFS ==>[Drive with boot components (obtained from BCD)] Drive d: (Nowy) (Fixed) (Total:488.28 GB) (Free:281.75 GB) NTFS Drive e: () (Fixed) (Total:111.79 GB) (Free:24.68 GB) NTFS Drive f: (Nowy) (Fixed) (Total:443.23 GB) (Free:77.63 GB) NTFS Drive g: (Nowy) (Fixed) (Total:440.18 GB) (Free:48.26 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 8448BAFA) Partition 1: (Not Active) - (Size=488.3 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=443.2 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 756344DF) Partition 1: (Not Active) - (Size=111.8 GB) - (Type=07 NTFS) ======================================================== Disk: 2 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 77AA0808) Partition 1: (Active) - (Size=491.3 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=440.2 GB) - (Type=07 NTFS) ==================== End of log ============================