Ir ao conteúdo
  • Cadastre-se

winlogon.exe utilizando 60% da cpu - Windows 10


Posts recomendados

Bom pessoal... há algumas semanas, de um dia pro outro, meu notebook ficou lento demais. Num nível que não consigo abrir o explorador de arquivos sem querer tacar na parede. Já usei vários anti-vírus diferentes, até encontrava um aqui e outro ali, mas não resolveu. Fiz limpeza do cooler e memória, só resolveu o problema do aquecimento. 

Depois de muito pesquisar, descobri sobre o tal do Gbplugin, já desinstalei todos os programas de banco que utilizei e não resolveu.

E hoje, abri meu gerenciador de tarefas e vi o famoso Winlogon.exe, consumindo 60% da minha cpu.

Tentei o método da inicialização no modo de segurança, mas minha senha dava incorreta toda hora, utilizei teclado virtual e tudo, mas não consegui entrar. Por sorte consegui entrar por outro usuário, mas nem tentei o restante do método porque fiquei com medo, porque já começou dando errado kkkk...

Enfim, segue abaixo a descrição do meu notebook e o log do hijackThis, espero que possam me ajudar :D

Obs.: não gostaria de ter que formatar. Posso tentar o modo de segurança de novo.

 

Edição: Windows 10 Pro

Processador: Intel Core i3-2310M CPU @ 2.10 GHz 

RAM: 3 GB

Sistema 32 bits, processador com base em x64

Marca CCE

 

 

 

 

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:48:01, on 15/11/2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10240.16412)
Boot mode: Normal
 
Running processes:
C:\WINDOWS\system32\taskhostw.exe
C:\WINDOWS\system32\sihost.exe
C:\PROGRA~1\GbPlugin\GbpSv.exe
C:\Windows\System32\RuntimeBroker.exe
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\System32\igfxpers.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Keyboard status\Key_status.exe
C:\WINDOWS\system32\SettingSyncHost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\explorer.exe
C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\new\Downloads\HijackThis.exe
 
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.oquefazernainternet.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = www.google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O1 - Hosts: 23.56.197.109 guardiao.itau.com.br # gbplugin
O2 - BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_65\bin\ssv.dll
O2 - BHO: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - (no file)
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: Advanced SystemCare Surfing Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~1\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL
O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\PROGRAM FILES\GBPLUGIN\gbieh.dll
O2 - BHO: G-Buster Browser Defense CEF - {C41A1C0E-EA6C-11D4-B1B8-444553540003} - C:\Program Files\GbPlugin\gbiehCef.dll
O2 - BHO: G-Buster Browser Defense Itaú Unibanco - {C41A1C0E-EA6C-11D4-B1B8-444553540008} - C:\Program Files\GbPlugin\gbiehuni.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_65\bin\jp2ssv.dll
O4 - HKLM\..\Run: [igfxTray] "C:\WINDOWS\system32\igfxtray.exe"
O4 - HKLM\..\Run: [HotKeysCmds] "C:\WINDOWS\system32\hkcmd.exe"
O4 - HKLM\..\Run: [Persistence] "C:\WINDOWS\system32\igfxpers.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [ADSK DLMSession] C:\Program Files\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe
O4 - HKLM\..\Run: [ADSKAppManager] "C:\Program Files\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe" -showminimized -checkautorun
O4 - HKLM\..\Run: [fspuip] %ProgramFiles%\FSP\fspuip.exe
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\new\AppData\Local\Akamai\netsession_win.exe"
O4 - HKCU\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
O4 - HKCU\..\Run: [OneDrive] "C:\Users\new\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [Advanced SystemCare 8] "C:\Program Files\IObit\Advanced SystemCare 8\ASCTray.exe" /Auto
O4 - Global Startup: Key_status.lnk = C:\Program Files\Keyboard status\Key_status.exe
O8 - Extra context menu item: &Enviar para o OneNote - res://C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\Program Files\Microsoft Office\Office14\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://www.bb.com.br
O15 - Trusted Zone: http://www.caixa.gov.br
O15 - Trusted Zone: http://www.itau.com.br
O17 - HKLM\System\CCS\Services\Tcpip\..\{a2540e23-3b0a-4104-914e-168f4dbf4b3f}: NameServer = 208.67.222.222,208.67.220.220
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\PROGRA~2\{29B9C~1\192~1.1\losa.dll
O20 - Winlogon Notify:  GbPluginBb - C:\Program Files\GbPlugin\gbieh.dll
O20 - Winlogon Notify:  GbPluginCef - C:\Program Files\GbPlugin\gbiehCef.dll
O20 - Winlogon Notify:  GbPluginUni - C:\Program Files\GbPlugin\gbiehUni.dll
O21 - SSODL: EldosMountNotificator-cbfs5 - {DAA9ED3A-71F2-40FA-BCF6-A09F65E87A22} - C:\WINDOWS\system32\cbfsMntNtf5.dll
O22 - SharedTaskScheduler: Virtual Storage Mount Notification - {DAA9ED3A-71F2-40FA-BCF6-A09F65E87A22} - C:\WINDOWS\system32\cbfsMntNtf5.dll
O23 - Service: Autodesk Application Manager Service (AdAppMgrSvc) - Autodesk Inc. - C:\Program Files\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Advanced SystemCare Service 8 (AdvancedSystemCareService8) - IObit - C:\Program Files\IObit\Advanced SystemCare 8\ASCService.exe
O23 - Service: Autodesk Content Service - Autodesk, Inc. - C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\system32\IntelCpHeciSvc.exe
O23 - Service: FlexNet Licensing Service - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe
O23 - Service: FspService (FspSvc) - Unknown owner - C:\WINDOWS\System32\FspService.exe
O23 - Service: Gbp Service (GbpSv) - GAS Tecnologia - C:\PROGRA~1\GbPlugin\GbpSv.exe
O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Messenger Plus! Service (MsgPlusService) - Yuna Software - C:\Program Files\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe
O23 - Service: Scrybe Updater (ScrybeUpdater) - Synaptics, Inc. - C:\Program Files\Synaptics\Scrybe\Service\ScrybeUpdater.exe
 
--
End of file - 9279 bytes
 
Link para o comentário
Compartilhar em outros sites

  • 1 ano depois...
Visitante
Este tópico está impedido de receber novas respostas.

Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas comunidades sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

×
×
  • Criar novo...