Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão: 04-11-2016
Executado por Administrador (11-11-2016 20:13:46)
Executando a partir de C:\Users\Administrador\Downloads
Windows Server 2012 R2 Standard (X64) (2016-11-11 20:57:47)
Modo da Inicialização: Normal
==========================================================


==================== Contas: =============================

Administrador (S-1-5-21-541630837-298539087-3693956467-500 - Administrator - Enabled) => C:\Users\Administrador
Convidado (S-1-5-21-541630837-298539087-3693956467-501 - Limited - Disabled)

==================== Central de Segurança ========================

(Se uma entrada for incluída na fixlist, será removida.)


==================== Programas Instalados ======================

(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 54.0.2840.99 - Google Inc.)
Herramientas de corrección de Microsoft Office 2016: español (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Java 8 Update 60 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418060F0}) (Version: 8.0.600.27 - Oracle Corporation)
KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version:  - )
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Revisores de Texto do Microsoft Office 2016 – Português (Brasil) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
TAP-Windows 9.21.0 (HKLM\...\TAP-Windows) (Version: 9.21.0 - )

==================== Exame Personalizado CLSID (Whitelisted): ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


==================== Tarefas Agendadas (Whitelisted) =============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

Task: {057808CB-B264-418C-AE10-F719CD778182} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-11-11] (Google Inc.)
Task: {22F8933B-6077-471D-A4C3-56C7647164AD} - System32\Tasks\Microsoft\Windows\Server Manager\CleanupOldPerfLogs => Cscript.exe /B /nologo %systemroot%\system32\calluxxprovider.vbs $(Arg0) $(Arg1) $(Arg2)
Task: {651FF2A7-84D4-4AE6-9231-BB0411D3A64F} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\Server\ServerCeipAssistant => C:\Windows\system32\ceipdata.exe [2013-08-22] (Microsoft Corporation)
Task: {75883200-985B-4FC5-88E9-A3376B09D63D} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\Server\ServerRoleCollector-RunOnce => C:\Windows\system32\ceipdata.exe [2013-08-22] (Microsoft Corporation)
Task: {787E2442-1350-4D4B-B3DF-F73EDF626879} - System32\Tasks\Microsoft\Windows\PLA\Server Manager Performance Monitor => Rundll32.exe %systemroot%\system32\pla.dll,PlaHost "Server Manager Performance Monitor" "$(Arg0)"
Task: {9536335E-476B-42F7-8624-2308CA0F222B} - System32\Tasks\Microsoft\Windows\Server Manager\ServerManager => C:\Windows\system32\ServerManagerLauncher.exe [2013-08-22] (Microsoft Corporation)
Task: {A698FBF9-2ABA-4A15-A548-35C0A06E10E9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
Task: {B4D3DF86-E076-4A22-935B-69E77CCC6A16} - System32\Tasks\R@1n-KMS\Office16ProPlus => wmic [Argument = path SoftwareLicensingProduct where (ID="d450596f-894d-49e0-966a-fd39ed4c4c64") call Activate]
Task: {C6074118-E2EF-4C0D-A98A-CBEAB76CDE0E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
Task: {E17CE1E2-2876-42D3-B6F5-40A269D1D3C4} - System32\Tasks\Microsoft\Windows\Software Inventory Logging\Daily Collector => Cscript.exe %systemroot%\system32\sildailycollector.vbs
Task: {EB058CBD-8973-4695-9B4F-B9CB56BBFAD1} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2015-07-31] (Microsoft Corporation)
Task: {F1B52D22-AC88-43A7-AA88-290FA6719DE9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-11-11] (Google Inc.)
Task: {FDE62500-A89F-4A4C-BF53-650F33D3AC63} - System32\Tasks\AutoPico Daily Restart => E:\KMSpico [Argument = Portable\AutoPico.exe /silent]

(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Atalhos =============================

(As entradas podem ser listadas para serem restauradas ou removidas.)

==================== Módulos Carregados (Whitelisted) ==============

2016-11-11 20:05 - 2016-11-11 20:05 - 00016896 _____ () C:\Program Files\KMSpico\WinDivert.dll

==================== Alternate Data Streams (Whitelisted) =========

==================== Modo de Segurança (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)


==================== Associação (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)


==================== Internet Explorer confiável/restrito ===============

(Se uma entrada for incluída na fixlist, será removida do Registro.)


==================== Hosts Conteúdo: ===============================

(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)

2013-08-22 09:25 - 2013-08-22 09:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Outras Áreas ============================

(Atualmente não há nenhuma correção automática para esta seção.)

HKU\S-1-5-21-541630837-298539087-3693956467-500\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 200.149.55.140 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está habilitado.

==================== MSCONFIG/TASK MANAGER ítens desabilitados ==


==================== Regras do Firewall (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [SCW-Allow-Inbound-Access-To-ScsHost-TCP-RPC] => (Allow) %systemroot%\system32\scshost.exe
FirewallRules: [SCW-Allow-Inbound-Access-To-ScsHost-TCP-RPC-EndPointMapper] => (Allow) %systemroot%\system32\scshost.exe
FirewallRules: [ComPlusRemoteAdministration-DCOM-In] => (Allow) %systemroot%\system32\dllhost.exe
FirewallRules: [{121A1A51-4E39-4641-9B99-F5681EB64F6C}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe
FirewallRules: [{EDDD8199-8D9B-4C61-8FE6-268080B0DFD0}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe
FirewallRules: [{2B283B47-9E42-4CEB-8212-CD983F44CBA0}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe
FirewallRules: [{7D54756A-D475-4CB1-8BA1-1391BC305B53}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe
FirewallRules: [{50C8D3B9-9D76-4884-8E36-3EA7DCC7E58B}] => (Allow) C:\Windows\KMS-R@1n.exe
FirewallRules: [{D4DFB8CA-D707-4E99-98AC-83B4EAED01E5}] => (Allow) C:\Windows\KMS-R@1n.exe
FirewallRules: [{FB1AA98D-153E-4DC7-9BCE-DBAD1FF765E3}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Pontos de Restauração =========================

ATENÇÃO: A Restauração do Sistema está desabilitada
Cheque o serviço "winmgmt" ou repare o WMI.


==================== Dispositivos Apresentando Falhas No Gerenciador =============

Name: Dispositivo do sistema básico
Description: Dispositivo do sistema básico
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: TAP-Windows Adapter V9
Description: TAP-Windows Adapter V9
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Windows Provider V9
Service: tap0901
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Mouse compatível com PS/2
Description: Mouse compatível com PS/2
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Teclado Padrão PS/2
Description: Teclado Padrão PS/2
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (teclados padrões)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Dispositivo do sistema básico
Description: Dispositivo do sistema básico
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Erros no Log de eventos: =========================

Erros em Aplicativos:
==================
Error: (11/11/2016 07:48:55 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Falha na Ativação de Licença (slui.exe). Código de erro:
hr=0xC004F057
Argumento de linha de comando:
RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c7e5dd52-ef14-4bf6-bc71-1bf5f5794cd0;NotificationInterval=1440;Trigger=TimerEvent

Error: (11/11/2016 05:10:30 PM) (Source: Service1) (EventID: 0) (User: )
Description: Serviço não pode ser iniciado. O processo do serviço não pôde se conectar ao controlador do serviço

Error: (11/11/2016 04:58:10 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Falha na Ativação de Licença (slui.exe). Código de erro:
hr=0x8007267C
Argumento de linha de comando:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=b3ca044e-a358-4d68-9883-aaa2941aca99;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

Error: (11/11/2016 04:57:52 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Falha na Ativação de Licença (slui.exe). Código de erro:
hr=0x8007267C
Argumento de linha de comando:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=b3ca044e-a358-4d68-9883-aaa2941aca99;NotificationInterval=1440;Trigger=TimerEvent


Erros de Sistema:
=============
Error: (11/11/2016 07:52:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço KMS-R@1n foi encerrado inesperadamente.  Isso aconteceu 1 vez(es).

Error: (11/11/2016 05:16:08 PM) (Source: DCOM) (EventID: 10010) (User: DIA-A-DIA)
Description: O servidor {9BA05972-F6A8-11CF-A442-00A0C90A8F39} não se registrou no DCOM dentro do tempo limite necessário.

Error: (11/11/2016 04:52:55 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: O serviço Auxiliar de IP terminou com o erro: 
O serviço não pode ser iniciado porque está desativado ou não tem dispositivos ativados associados.

Error: (11/11/2016 04:52:23 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Falha na inicialização do despejo de memória!


==================== Informações da Memória =========================== 

Processador: Intel(R) Xeon(R) CPU E3-1220 v3 @ 3.10GHz
Percentagem de memória em uso: 20%
RAM física total: 8157.48 MB
RAM física disponível: 6521.32 MB
Virtual Total: 10077.48 MB
Virtual disponível: 8009.53 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:270.11 GB) (Free:255.85 GB) NTFS
Drive d: () (Fixed) (Total:195.31 GB) (Free:195.19 GB) NTFS
Drive e: (PerfectSoft) (CDROM) (Total:2.05 GB) (Free:0 GB) CDFS

==================== MBR & Tabela de Partições ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 5C8D357E)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=270.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=195.3 GB) - (Type=07 NTFS)

==================== Fim de Addition.txt ============================