Additional scan result of Farbar Recovery Scan Tool (x64) Version:24-08-2015 Ran by GenesisQ (2015-08-24 19:58:05) Running from C:\Users\GenesisQ\Desktop Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrador (S-1-5-21-1506094221-713273713-2986573324-500 - Administrator - Disabled) Convidado (S-1-5-21-1506094221-713273713-2986573324-501 - Limited - Disabled) GenesisQ (S-1-5-21-1506094221-713273713-2986573324-1001 - Administrator - Enabled) => C:\Users\GenesisQ ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Bejeweled(R) 3 (remove only) (HKLM-x32\...\Bejeweled(R) 3) (Version: - ) Canal Positivo (HKLM-x32\...\Canal Positivo_is1) (Version: 1.0 - Positivo Informática) CCleaner (HKLM\...\CCleaner) (Version: 5.08 - Piriform) Driver 1.3.1 (HKLM\...\{BA56CD60-1D9F-4BE6-AC2F-B7C4A5437C35}) (Version: 1.3.1 - OEM) Farmscapes(TM) Premium Edition (remove only) (HKLM-x32\...\Farmscapes(TM) Premium Edition) (Version: - ) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.157 - Google Inc.) Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden Haunted Past - Realm of Ghosts Deluxe (remove only) (HKLM-x32\...\Haunted Past - Realm of Ghosts Deluxe) (Version: - ) ICM Trainer Light (HKLM-x32\...\{3C630BB8-692D-4495-A0BD-40336CD51F99}) (Version: 1.4 - PokerStrategy.com) ICMIZER (HKU\S-1-5-21-1506094221-713273713-2986573324-1001\...\736316902.www.icmpoker.com) (Version: - www.icmpoker.com) Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation) Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.36354 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2828 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.0.1207 - Intel Corporation) Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation) IPM 1.9.2 (HKLM-x32\...\{AADF4228-0772-4D43-92EB-B245E3A17B00}) (Version: 1.9.2 - OEM) JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.72.4 - JMicron Technology Corp.) Luxor (remove only) (HKLM-x32\...\Luxor) (Version: - ) Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Mundo Positivo Bateria (HKLM-x32\...\{FD6F6859-2863-4ABB-87D0-A263F3E9FF45}_is1) (Version: 1.4.6.0 - Positivo Informática S.A.) Mundo Positivo Gerenciador de Inicialização (HKLM\...\{E365D4D7-BD51-4A7F-8ECA-0B6C0C42D3CF}_is1) (Version: 1.1.4.0 - Positivo Informática S.A.) Mundo Positivo Monitora (HKLM-x32\...\{8aaef6d0-68e7-4f99-b98d-e5ae19edbc99}_is1) (Version: 1.0.7.0 - Positivo Informática S.A.) Mundo Positivo Webcam (HKLM-x32\...\{E11C7438-7550-4676-92CE-846CC5DA3548}_is1) (Version: 1.5.7.0 - Positivo Informática S.A.) Mystery Legends - Beauty and the Beast (remove only) (HKLM-x32\...\Mystery Legends - Beauty and the Beast) (Version: - ) PokerStars (HKLM-x32\...\PokerStars) (Version: - PokerStars) PokerStrategy.com Equilab (HKLM-x32\...\{86D09F48-CDAB-4B4C-8806-F6C16F17935A}) (Version: 1.2.8.0 - PokerStrategy.com) PokerStrategy.com SideKick (HKU\S-1-5-21-1506094221-713273713-2986573324-1001\...\25d18212dc9175a9) (Version: 2.1.20409.2 - PokerStrategy.com) Positivo Aplicativos (HKLM\...\{AAB13E97-449B-4D5B-BDE2-AB47B938B722}_is1) (Version: 1.3.10.4 - Positivo Informática S.A.) Positivo Backup (HKLM-x32\...\PSafe) (Version: 3.0.1208.24401 - PSafe) Positivo Conecta (HKLM-x32\...\{4F23361B-2B38-46E2-BA1A-D920F270D5FB}_is1) (Version: 1.3.23.0 - Positivo Informática S.A.) Positivo Fotos (HKLM-x32\...\{D53F9978-D5C1-4C71-9757-2F53DC8BEE6D}_is1) (Version: 1.0.0.0 - Positivo Informática S.A.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6668 - Realtek Semiconductor Corp.) REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.0193 - REALTEK Semiconductor Corp.) Rising Antivirus (HKLM-x32\...\RAV) (Version: 24.00.45.66 - Beijing Rising Information Technology, Inc.) Setup (HKLM-x32\...\{7ADF667E-E14D-4D2C-827C-B0108F0D93BC}) (Version: - ) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.14.0 - Synaptics Incorporated) VDownloader 4.1.1403.0 (HKLM\...\{A7E19604-93AF-4611-8C9F-CE509C2B286E}_is1) (Version: 4.1.1403.0 - Vitzo Limited) VLC media player 2.0.3 (HKLM-x32\...\VLC media player) (Version: 2.0.3 - VideoLAN) WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== Restore Points ========================= 31-07-2015 19:31:20 Windows Update 09-08-2015 09:11:20 Ponto de Verificação Agendado 18-08-2015 11:38:21 Removed Shared C Run-time for x64 19-08-2015 14:53:58 Restore Point Created by FRST 21-08-2015 16:35:32 JRT Pre-Junkware Removal 21-08-2015 17:15:30 Restore Point Created by FRST ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2012-07-26 02:26 - 2015-08-21 17:15 - 00000035 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {19BC35A5-D389-4D44-AAD7-D96427AE64C2} - System32\Tasks\{D4014935-2DC6-475D-A13E-B03CF74C2A05} => pcalua.exe -a C:\Users\GenesisQ\AppData\Local\SmartWeb\__u.exe -c _?=C:\Users\GenesisQ\AppData\Local\SmartWeb Task: {246EB184-7850-49F5-B0FE-594FFC0D6335} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-04-16] (Intel Corporation) Task: {32822C99-AE1E-41F4-9C54-F238BE2C2138} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-07-17] (Piriform Ltd) Task: {44625FC8-A475-4A76-B974-B03D2384E2A2} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-09-10] (Synaptics Incorporated) Task: {9542989A-4030-4586-BDD6-211054094AAC} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-04-16] (Intel Corporation) Task: {D31DEEE9-2543-4EE4-AD84-E8347C2452FD} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-07-03] (Microsoft Corporation) Task: {F2CA0445-58CB-4D16-B041-2F2991F203D8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-21] (Google Inc.) Task: {F2DC85A9-71CB-4DBB-A26A-C2B05984E8B3} - System32\Tasks\{CAB9D268-01A9-4513-9330-82E9D761ACCF} => pcalua.exe -a C:\Users\GenesisQ\AppData\Roaming\oursurfing\UninstallManager.exe -c -ptid=2sq1 Task: {FDD17EB0-572A-4466-B1CC-B07736F69D3D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-21] (Google Inc.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe Task: C:\WINDOWS\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe ==================== Loaded Modules (Whitelisted) ============== 2015-08-15 21:04 - 2015-08-14 13:50 - 03311248 _____ () C:\Users\GenesisQ\AppData\Local\gmsd_br_006010061\upgmsd_br_006010061.exe 2013-01-10 15:47 - 2012-11-01 13:43 - 00175008 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4396.1016_x64__8wekyb3d8bbwe\ModernShared\ErrorReporting\ErrorReporting.dll 2012-04-16 13:45 - 2012-04-16 13:45 - 00119808 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\updateui.exe 2015-08-16 09:02 - 2015-08-16 09:02 - 00016384 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PSIClient\23ae651b7c58816ab7e53f2165c92fac\PSIClient.ni.dll 2013-01-26 16:40 - 2012-06-25 10:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll 2011-08-15 19:12 - 2011-08-15 19:12 - 02603520 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtCore4.dll 2011-08-17 15:48 - 2011-08-17 15:48 - 00322048 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\log4cplus.dll 2011-08-15 19:15 - 2011-08-15 19:15 - 00382464 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtXml4.dll 2011-08-17 15:48 - 2011-08-17 15:48 - 00195584 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\libgsoap.dll 2012-04-16 10:37 - 2012-04-16 10:37 - 00071680 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\ServiceManagerStarter.dll 2011-08-15 18:23 - 2011-08-15 18:23 - 00062464 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\zlib1.dll 2011-08-15 19:12 - 2011-08-15 19:12 - 01006592 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtNetwork4.dll 2012-04-16 10:42 - 2012-04-16 10:42 - 00015872 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\featureController.dll 2011-08-17 15:41 - 2011-08-17 15:41 - 00400384 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\sqlite3.dll 2012-04-16 10:41 - 2012-04-16 10:41 - 00484864 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\DeviceProfile.dll 2012-04-16 10:56 - 2012-04-16 10:56 - 00500032 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\plugin\PServerPlugin.dll 2012-04-16 10:38 - 2012-04-16 10:38 - 00013824 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\eventsSender.dll 2011-07-19 15:05 - 2011-07-19 15:05 - 14978048 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtWebKit4.dll 2011-08-15 19:17 - 2011-08-15 19:17 - 09224704 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtGui4.dll 2011-07-19 15:04 - 2011-07-19 15:04 - 00317952 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\phonon4.dll 2015-08-22 10:03 - 2015-08-18 02:23 - 01405768 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.157\libglesv2.dll 2015-08-22 10:03 - 2015-08-18 02:23 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.157\libegl.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="" ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-1506094221-713273713-2986573324-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\WEB\WALLPAPER\WALLPAPER.JPG DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) HKLM\...\StartupApproved\Run: => "VDownloader" HKLM\...\StartupApproved\Run32: => "mcpltui_exe" HKU\S-1-5-21-1506094221-713273713-2986573324-1001\...\StartupApproved\Run: => "SmartProtect" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{98D1D516-D84C-4607-98A7-567F2BA875C1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Faulty Device Manager Devices ============= Name: Teredo Tunneling Pseudo-Interface Description: Adaptador de Túnel Teredo da Microsoft Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (08/23/2015 07:19:07 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Genesis) Description: Falha na ativação do aplicativo microsoft.windowsphotos_8wekyb3d8bbwe!Microsoft.WindowsLive.ModernPhotos com o erro: -2144927142. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais. Error: (08/23/2015 07:19:07 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: O programa wwahost.exe versão 6.2.9200.16420 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações. ID do Processo: 940 Hora de Início: 01d0ddf18d3f4cd3 Hora de Término: 4294967295 Caminho do Aplicativo: C:\WINDOWS\system32\wwahost.exe ID do Relatório: d426b372-49e4-11e5-be8a-80ee7359901e Nome completo do pacote com falha: microsoft.windowsphotos_16.4.4388.928_x64__8wekyb3d8bbwe ID do aplicativo relativo ao pacote com falha: Microsoft.WindowsLive.ModernPhotos Error: (08/23/2015 07:18:05 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: Genesis) Description: O aplicativo microsoft.windowsphotos_8wekyb3d8bbwe!Microsoft.WindowsLive.ModernPhotos não foi iniciado dentro do tempo alocado. Error: (08/23/2015 07:17:49 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Genesis) Description: Falha na ativação do aplicativo microsoft.windowsphotos_8wekyb3d8bbwe!Microsoft.WindowsLive.ModernPhotos com o erro: -2144927142. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais. Error: (08/23/2015 07:17:39 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: Genesis) Description: O aplicativo microsoft.windowsphotos_8wekyb3d8bbwe!Microsoft.WindowsLive.ModernPhotos não foi iniciado dentro do tempo alocado. Error: (08/23/2015 07:16:46 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Genesis) Description: Falha na ativação do aplicativo microsoft.windowsphotos_8wekyb3d8bbwe!Microsoft.WindowsLive.ModernPhotos com o erro: -2144927142. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais. Error: (08/23/2015 07:16:45 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: Genesis) Description: O aplicativo microsoft.windowsphotos_8wekyb3d8bbwe!Microsoft.WindowsLive.ModernPhotos não foi iniciado dentro do tempo alocado. Error: (08/23/2015 07:14:39 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: Genesis) Description: O pacote microsoft.windowsphotos_16.4.4388.928_x64__8wekyb3d8bbwe foi terminado porque levou muito tempo para ser suspenso. Error: (08/23/2015 07:11:32 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: O programa wwahost.exe versão 6.2.9200.16420 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações. ID do Processo: 284 Hora de Início: 01d0ddf070ef8d92 Hora de Término: 4294967295 Caminho do Aplicativo: C:\WINDOWS\system32\wwahost.exe ID do Relatório: e810ecfb-49e3-11e5-be8a-80ee7359901e Nome completo do pacote com falha: microsoft.windowsphotos_16.4.4388.928_x64__8wekyb3d8bbwe ID do aplicativo relativo ao pacote com falha: Microsoft.WindowsLive.ModernPhotos Error: (08/23/2015 07:11:29 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Genesis) Description: Falha na ativação do aplicativo microsoft.windowsphotos_8wekyb3d8bbwe!Microsoft.WindowsLive.ModernPhotos com o erro: -2144927142. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais. System errors: ============= Error: (08/23/2015 07:19:07 PM) (Source: DCOM) (EventID: 10010) (User: Genesis) Description: Microsoft.WindowsLive.ModernPhotos.AppXsjk229593yvkhw8w13eans3t0eh9strp.wwa Error: (08/23/2015 07:17:50 PM) (Source: DCOM) (EventID: 10010) (User: Genesis) Description: Microsoft.WindowsLive.ModernPhotos.AppXsjk229593yvkhw8w13eans3t0eh9strp.wwa Error: (08/22/2015 10:08:14 PM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: Serviço Windows Search suspenso ao iniciar. Error: (08/22/2015 10:01:29 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: AUTORIDADE NT) Description: Módulo de Extensibilidade de WLAN interrompido inesperadamente. Caminho do Módulo: C:\WINDOWS\system32\Rtlihvs.dll Error: (08/22/2015 10:01:29 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: AUTORIDADE NT) Description: Módulo de Extensibilidade de WLAN interrompido inesperadamente. Caminho do Módulo: C:\WINDOWS\system32\Rtlihvs.dll Error: (08/22/2015 10:01:22 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: AUTORIDADE NT) Description: Módulo de Extensibilidade de WLAN interrompido inesperadamente. Caminho do Módulo: C:\WINDOWS\system32\Rtlihvs.dll Error: (08/22/2015 10:00:35 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: O serviço Intel(R) Management and Security Application User Notification Service foi encerrado inesperadamente. Isso aconteceu 1 vez(es). Error: (08/22/2015 10:00:35 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: O serviço Windows Search foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 30000 milissegundos: Reiniciar o serviço. Error: (08/22/2015 10:00:35 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: O serviço Intel(R) ME Service foi encerrado inesperadamente. Isso aconteceu 1 vez(es). Error: (08/22/2015 10:00:35 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: O serviço Intel(R) Dynamic Application Loader Host Interface Service foi encerrado inesperadamente. Isso aconteceu 1 vez(es). Microsoft Office: ========================= Error: (08/23/2015 07:19:07 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Genesis) Description: microsoft.windowsphotos_8wekyb3d8bbwe!Microsoft.WindowsLive.ModernPhotos-2144927142 Error: (08/23/2015 07:19:07 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: wwahost.exe6.2.9200.1642094001d0ddf18d3f4cd34294967295C:\WINDOWS\system32\wwahost.exed426b372-49e4-11e5-be8a-80ee7359901emicrosoft.windowsphotos_16.4.4388.928_x64__8wekyb3d8bbweMicrosoft.WindowsLive.ModernPhotos Error: (08/23/2015 07:18:05 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: Genesis) Description: microsoft.windowsphotos_8wekyb3d8bbwe!Microsoft.WindowsLive.ModernPhotos Error: (08/23/2015 07:17:49 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Genesis) Description: microsoft.windowsphotos_8wekyb3d8bbwe!Microsoft.WindowsLive.ModernPhotos-2144927142 Error: (08/23/2015 07:17:39 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: Genesis) Description: microsoft.windowsphotos_8wekyb3d8bbwe!Microsoft.WindowsLive.ModernPhotos Error: (08/23/2015 07:16:46 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Genesis) Description: microsoft.windowsphotos_8wekyb3d8bbwe!Microsoft.WindowsLive.ModernPhotos-2144927142 Error: (08/23/2015 07:16:45 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: Genesis) Description: microsoft.windowsphotos_8wekyb3d8bbwe!Microsoft.WindowsLive.ModernPhotos Error: (08/23/2015 07:14:39 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: Genesis) Description: microsoft.windowsphotos_16.4.4388.928_x64__8wekyb3d8bbwe Error: (08/23/2015 07:11:32 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: wwahost.exe6.2.9200.1642028401d0ddf070ef8d924294967295C:\WINDOWS\system32\wwahost.exee810ecfb-49e3-11e5-be8a-80ee7359901emicrosoft.windowsphotos_16.4.4388.928_x64__8wekyb3d8bbweMicrosoft.WindowsLive.ModernPhotos Error: (08/23/2015 07:11:29 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Genesis) Description: microsoft.windowsphotos_8wekyb3d8bbwe!Microsoft.WindowsLive.ModernPhotos-2144927142 ==================== Memory info =========================== Processor: Intel(R) Celeron(R) CPU B800 @ 1.50GHz Percentage of memory in use: 65% Total physical RAM: 1488.24 MB Available physical RAM: 514.97 MB Total Virtual: 4432.24 MB Available Virtual: 2794.97 MB ==================== Drives ================================ Drive c: (Windows) (Fixed) (Total:212.4 GB) (Free:171.28 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 232.9 GB) (Disk ID: DA62E76E) Partition: GPT. ==================== End of FRST.txt ============================