【問題】幫我看我procexp檢查出來的結果

我用procexp看東西
但是我不知道那個才是真的正確的程式
我怕我不會看
把正確的刪掉了
錯誤的留下來
我把內容貼上來
因為我不會用檔案上來
Process PID CPU Description Company Name
System Idle Process 0 89.23
Interrupts n/a Hardware Interrupts
DPCs n/a Deferred Procedure Calls
System 4
smss.exe 436 Windows NT Session Manager Microsoft Corporation
csrss.exe 500 Client Server Runtime Process Microsoft Corporation
winlogon.exe 528 Windows NT Logon Application Microsoft Corporation
services.exe 572 1.54 Services and Controller app Microsoft Corporation
ati2evxx.exe 740 ATI External Event Utility EXE Module ATI Technologies Inc.
svchost.exe 752 Generic Host Process for Win32 Services Microsoft Corporation
svchost.exe 836 Generic Host Process for Win32 Services Microsoft Corporation
svchost.exe 908 Generic Host Process for Win32 Services Microsoft Corporation
svchost.exe 996 Generic Host Process for Win32 Services Microsoft Corporation
svchost.exe 1052 Generic Host Process for Win32 Services Microsoft Corporation
spoolsv.exe 1400 Spooler SubSystem App Microsoft Corporation
alg.exe 788 Application Layer Gateway Service Microsoft Corporation
nod32krn.exe 988 NOD32 Kernel Service Eset
oodag.exe 1064 O&O Defrag Agent (Win32) O&O Software GmbH
svchost.exe 1344 Generic Host Process for Win32 Services Microsoft Corporation
usnsvc.exe 3440 Messenger Sharing USN Journal Reader Service Microsoft Corporation
lsass.exe 584 LSA Shell (Export Version) Microsoft Corporation
ati2evxx.exe 1296 ATI External Event Utility EXE Module ATI Technologies Inc.
explorer.exe 1404 Windows Explorer Microsoft Corporation
rundll32.exe 1676 Run a DLL as an App Microsoft Corporation
nod32kui.exe 1684 NOD32 Control Center GUI Eset
ctfmon.exe 1712 CTF Loader Microsoft Corporation
msnmsgr.exe 1724 Messenger Microsoft Corporation
YahooMessenger.exe 1760 Yahoo! Messenger Yahoo! Inc.
E_FATIBVP.EXE 1880 EPSON Status Monitor 3 SEIKO EPSON CORPORATION
wmplayer.exe 3948 3.08 Windows Media Player Microsoft Corporation
IEXPLORE.EXE 404 Internet Explorer Microsoft Corporation
procexp.exe 264 4.62 Sysinternals Process Explorer Sysinternals
WoW.exe 3476 1.54 World of Warcraft Blizzard Entertainment

感覺好像很亂><
但是抱歉了
我真的不會上傳檔案

最好把檔案的路徑也一起列出來吧...

這樣實在不好判斷

要怎麼用阿
不太會用耶

剛剛小用了一下
不知道是不是這樣
Process PID CPU Description Company Name Path User Name Window Title Session Command Line Version Comment Window Status DEP Status Verified Signer
System Idle Process 0 90.91 NT AUTHORITY\SYSTEM <n/a>
Interrupts n/a Hardware Interrupts 0 <n/a>
DPCs n/a Deferred Procedure Calls 0 <n/a>
System 4 NT AUTHORITY\SYSTEM 0 On
smss.exe 436 Windows NT Session Manager Microsoft Corporation D:\WINDOWS\system32\smss.exe NT AUTHORITY\SYSTEM 0 \SystemRoot\System32\smss.exe 5.01.2600.2180 On
csrss.exe 500 Client Server Runtime Process Microsoft Corporation D:\WINDOWS\system32\csrss.exe NT AUTHORITY\SYSTEM 0 D:\WINDOWS\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16 5.01.2600.2180 On
winlogon.exe 528 Windows NT Logon Application Microsoft Corporation D:\WINDOWS\system32\winlogon.exe NT AUTHORITY\SYSTEM 0 winlogon.exe 5.01.2600.2180 On
services.exe 572 Services and Controller app Microsoft Corporation D:\WINDOWS\system32\services.exe NT AUTHORITY\SYSTEM 0 D:\WINDOWS\system32\services.exe 5.01.2600.2180 On
ati2evxx.exe 740 ATI External Event Utility EXE Module ATI Technologies Inc. D:\WINDOWS\system32\ati2evxx.exe NT AUTHORITY\SYSTEM 0 D:\WINDOWS\system32\Ati2evxx.exe 6.14.0010.4132 Off
svchost.exe 752 Generic Host Process for Win32 Services Microsoft Corporation D:\WINDOWS\system32\svchost.exe NT AUTHORITY\SYSTEM 0 D:\WINDOWS\system32\svchost -k DcomLaunch 5.01.2600.2180 On
svchost.exe 836 Generic Host Process for Win32 Services Microsoft Corporation D:\WINDOWS\system32\svchost.exe NT AUTHORITY\NETWORK SERVICE 0 D:\WINDOWS\system32\svchost -k rpcss 5.01.2600.2180 On
svchost.exe 908 Generic Host Process for Win32 Services Microsoft Corporation D:\WINDOWS\system32\svchost.exe NT AUTHORITY\SYSTEM 0 D:\WINDOWS\System32\svchost.exe -k netsvcs 5.01.2600.2180 On
svchost.exe 996 Generic Host Process for Win32 Services Microsoft Corporation D:\WINDOWS\system32\svchost.exe NT AUTHORITY\NETWORK SERVICE 0 D:\WINDOWS\system32\svchost.exe -k NetworkService 5.01.2600.2180 On (Not verified) Microsoft Corporation
svchost.exe 1052 Generic Host Process for Win32 Services Microsoft Corporation D:\WINDOWS\system32\svchost.exe NT AUTHORITY\LOCAL SERVICE 0 D:\WINDOWS\system32\svchost.exe -k LocalService 5.01.2600.2180 On
spoolsv.exe 1400 Spooler SubSystem App Microsoft Corporation D:\WINDOWS\system32\spoolsv.exe NT AUTHORITY\SYSTEM 0 D:\WINDOWS\system32\spoolsv.exe 5.01.2600.2696 On
alg.exe 788 Application Layer Gateway Service Microsoft Corporation D:\WINDOWS\system32\alg.exe NT AUTHORITY\LOCAL SERVICE 0 D:\WINDOWS\System32\alg.exe 5.01.2600.2180 On
nod32krn.exe 988 NOD32 Kernel Service Eset D:\Program Files\ESET\nod32krn.exe NT AUTHORITY\SYSTEM 0 "D:\Program Files\Eset\nod32krn.exe" 2.70.0032.0000 Off
oodag.exe 1064 O&O Defrag Agent (Win32) O&O Software GmbH D:\WINDOWS\system32\oodag.exe NT AUTHORITY\SYSTEM 0 D:\WINDOWS\system32\oodag.exe 8.05.1788.0000 Off
svchost.exe 1344 Generic Host Process for Win32 Services Microsoft Corporation D:\WINDOWS\system32\svchost.exe NT AUTHORITY\SYSTEM 0 D:\WINDOWS\system32\svchost.exe -k imgsvc 5.01.2600.2180 On
usnsvc.exe 3440 Messenger Sharing USN Journal Reader Service Microsoft Corporation D:\Program Files\MSN Messenger\usnsvc.exe NT AUTHORITY\SYSTEM 0 "D:\Program Files\MSN Messenger\usnsvc.exe" 8.01.0178.0000 Off
lsass.exe 584 LSA Shell (Export Version) Microsoft Corporation D:\WINDOWS\system32\lsass.exe NT AUTHORITY\SYSTEM 0 D:\WINDOWS\system32\lsass.exe 5.01.2600.2180 On
ati2evxx.exe 1296 ATI External Event Utility EXE Module ATI Technologies Inc. D:\WINDOWS\system32\ati2evxx.exe 888TIGER-BD41BD\Administrator 0 Ati2evxx.exe -Client 6.14.0010.4132 Off
explorer.exe 1404 Windows Explorer Microsoft Corporation D:\WINDOWS\explorer.exe 888TIGER-BD41BD\Administrator ProcessExplorerNt 0 D:\WINDOWS\Explorer.EXE 6.00.2900.3156 Running On
rundll32.exe 1676 Run a DLL as an App Microsoft Corporation D:\WINDOWS\system32\rundll32.exe 888TIGER-BD41BD\Administrator 0 "D:\WINDOWS\system32\RunDll32.exe" cmicnfg.cpl,CMICtrlWnd 5.01.2600.2180 On
nod32kui.exe 1684 NOD32 Control Center GUI Eset D:\Program Files\ESET\nod32kui.exe 888TIGER-BD41BD\Administrator 0 "D:\Program Files\Eset\nod32kui.exe" /WAITSERVICE 2.70.0032.0000 Off
ctfmon.exe 1712 CTF Loader Microsoft Corporation D:\WINDOWS\system32\ctfmon.exe 888TIGER-BD41BD\Administrator 0 "D:\WINDOWS\system32\ctfmon.exe" 5.01.2600.2180 On
msnmsgr.exe 1724 Messenger Microsoft Corporation D:\Program Files\MSN Messenger\msnmsgr.exe 888TIGER-BD41BD\Administrator 0 "D:\Program Files\MSN Messenger\msnmsgr.exe" /background 8.01.0178.0000 Off
YahooMessenger.exe 1760 Yahoo! Messenger Yahoo! Inc. D:\Program Files\Yahoo!\Messenger\YahooMessenger.exe 888TIGER-BD41BD\Administrator 0 "D:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet 8.01.0000.0413 Off
E_FATIBVP.EXE 1880 EPSON Status Monitor 3 SEIKO EPSON CORPORATION D:\WINDOWS\system32\spool\drivers\w32x86\3\E_FATIBVP.EXE 888TIGER-BD41BD\Administrator 0 "D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBVP.EXE" /FU "D:\WINDOWS\TEMP\E_SBEF.tmp" /EF "HKCU" 4.00.0001.0000 Off
wmplayer.exe 3948 Windows Media Player Microsoft Corporation D:\Program Files\Windows Media Player\wmplayer.exe 888TIGER-BD41BD\Administrator 0 "D:\Program Files\Windows Media Player\wmplayer.exe" /SHELLHLP_V9 Play /DataObject:NEFEPEHFBAAAAAAAOABAAAAAAAAAAAAAAMAAAAAAAAAAAAGEAAAAAAAAFAAAAAAAEJBCFFDBCCLMONPNJANPDGBJAPMLHAPEMAEKAAAAMHFAEIFAKLHEFHJNMBCJFJJMAAAAAAAA 11.00.5721.5145 Off
IEXPLORE.EXE 2228 Internet Explorer Microsoft Corporation D:\Program Files\Internet Explorer\IEXPLORE.EXE 888TIGER-BD41BD\Administrator 【問題】幫我看我procexp檢查出來的結果 - Microsoft Internet Explorer 0 "D:\Program Files\Internet Explorer\IEXPLORE.EXE" 6.00.2900.2180 Running Off
procexp.exe 3188 3.03 Sysinternals Process Explorer Sysinternals D:\Documents and Settings\Administrator\桌面\ProcessExplorerNt\procexp.exe 888TIGER-BD41BD\Administrator Process Explorer - Sysinternals: [url]www.sysinternals.com[/url] [888TIGER-BD41BD\Administrator] 0 10.20.0000.0000 Running Off
WoW.exe 1336 6.06 World of Warcraft Blizzard Entertainment D:\Program Files\World of Warcraft\WoW.exe 888TIGER-BD41BD\Administrator 魔獸世界 0 "D:\Program Files\World of Warcraft\WoW.exe" 2.01.0003.6898 Running Off

感覺好亂

再貼一次
看會不會比較好
怎麼貼都感覺好亂
還是因為我不會看的原因?
Process PID CPU Description Company Name Path User Name Command Line Window Status DEP Status Verified Signer
System Idle Process 0 83.08 NT AUTHORITY\SYSTEM <n/a>
Interrupts n/a Hardware Interrupts <n/a>
DPCs n/a Deferred Procedure Calls <n/a>
System 4 NT AUTHORITY\SYSTEM On
smss.exe 436 Windows NT Session Manager Microsoft Corporation D:\WINDOWS\system32\smss.exe NT AUTHORITY\SYSTEM \SystemRoot\System32\smss.exe On
csrss.exe 500 Client Server Runtime Process Microsoft Corporation D:\WINDOWS\system32\csrss.exe NT AUTHORITY\SYSTEM D:\WINDOWS\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16 On
winlogon.exe 528 Windows NT Logon Application Microsoft Corporation D:\WINDOWS\system32\winlogon.exe NT AUTHORITY\SYSTEM winlogon.exe On
services.exe 572 Services and Controller app Microsoft Corporation D:\WINDOWS\system32\services.exe NT AUTHORITY\SYSTEM D:\WINDOWS\system32\services.exe On
ati2evxx.exe 740 ATI External Event Utility EXE Module ATI Technologies Inc. D:\WINDOWS\system32\ati2evxx.exe NT AUTHORITY\SYSTEM D:\WINDOWS\system32\Ati2evxx.exe Off
svchost.exe 752 Generic Host Process for Win32 Services Microsoft Corporation D:\WINDOWS\system32\svchost.exe NT AUTHORITY\SYSTEM D:\WINDOWS\system32\svchost -k DcomLaunch On
svchost.exe 836 Generic Host Process for Win32 Services Microsoft Corporation D:\WINDOWS\system32\svchost.exe NT AUTHORITY\NETWORK SERVICE D:\WINDOWS\system32\svchost -k rpcss On
svchost.exe 908 Generic Host Process for Win32 Services Microsoft Corporation D:\WINDOWS\system32\svchost.exe NT AUTHORITY\SYSTEM D:\WINDOWS\System32\svchost.exe -k netsvcs On
svchost.exe 996 Generic Host Process for Win32 Services Microsoft Corporation D:\WINDOWS\system32\svchost.exe NT AUTHORITY\NETWORK SERVICE D:\WINDOWS\system32\svchost.exe -k NetworkService On (Not verified) Microsoft Corporation
svchost.exe 1052 Generic Host Process for Win32 Services Microsoft Corporation D:\WINDOWS\system32\svchost.exe NT AUTHORITY\LOCAL SERVICE D:\WINDOWS\system32\svchost.exe -k LocalService On
spoolsv.exe 1400 Spooler SubSystem App Microsoft Corporation D:\WINDOWS\system32\spoolsv.exe NT AUTHORITY\SYSTEM D:\WINDOWS\system32\spoolsv.exe On
alg.exe 788 Application Layer Gateway Service Microsoft Corporation D:\WINDOWS\system32\alg.exe NT AUTHORITY\LOCAL SERVICE D:\WINDOWS\System32\alg.exe On
nod32krn.exe 988 NOD32 Kernel Service Eset D:\Program Files\ESET\nod32krn.exe NT AUTHORITY\SYSTEM "D:\Program Files\Eset\nod32krn.exe" Off
oodag.exe 1064 O&O Defrag Agent (Win32) O&O Software GmbH D:\WINDOWS\system32\oodag.exe NT AUTHORITY\SYSTEM D:\WINDOWS\system32\oodag.exe Off
svchost.exe 1344 Generic Host Process for Win32 Services Microsoft Corporation D:\WINDOWS\system32\svchost.exe NT AUTHORITY\SYSTEM D:\WINDOWS\system32\svchost.exe -k imgsvc On
usnsvc.exe 3440 Messenger Sharing USN Journal Reader Service Microsoft Corporation D:\Program Files\MSN Messenger\usnsvc.exe NT AUTHORITY\SYSTEM "D:\Program Files\MSN Messenger\usnsvc.exe" Off
lsass.exe 584 LSA Shell (Export Version) Microsoft Corporation D:\WINDOWS\system32\lsass.exe NT AUTHORITY\SYSTEM D:\WINDOWS\system32\lsass.exe On
ati2evxx.exe 1296 ATI External Event Utility EXE Module ATI Technologies Inc. D:\WINDOWS\system32\ati2evxx.exe 888TIGER-BD41BD\Administrator Ati2evxx.exe -Client Off
explorer.exe 1404 Windows Explorer Microsoft Corporation D:\WINDOWS\explorer.exe 888TIGER-BD41BD\Administrator D:\WINDOWS\Explorer.EXE Running On
rundll32.exe 1676 Run a DLL as an App Microsoft Corporation D:\WINDOWS\system32\rundll32.exe 888TIGER-BD41BD\Administrator "D:\WINDOWS\system32\RunDll32.exe" cmicnfg.cpl,CMICtrlWnd On
nod32kui.exe 1684 NOD32 Control Center GUI Eset D:\Program Files\ESET\nod32kui.exe 888TIGER-BD41BD\Administrator "D:\Program Files\Eset\nod32kui.exe" /WAITSERVICE Off
ctfmon.exe 1712 CTF Loader Microsoft Corporation D:\WINDOWS\system32\ctfmon.exe 888TIGER-BD41BD\Administrator "D:\WINDOWS\system32\ctfmon.exe" On
msnmsgr.exe 1724 Messenger Microsoft Corporation D:\Program Files\MSN Messenger\msnmsgr.exe 888TIGER-BD41BD\Administrator "D:\Program Files\MSN Messenger\msnmsgr.exe" /background Off
YahooMessenger.exe 1760 Yahoo! Messenger Yahoo! Inc. D:\Program Files\Yahoo!\Messenger\YahooMessenger.exe 888TIGER-BD41BD\Administrator "D:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet Off
E_FATIBVP.EXE 1880 EPSON Status Monitor 3 SEIKO EPSON CORPORATION D:\WINDOWS\system32\spool\drivers\w32x86\3\E_FATIBVP.EXE 888TIGER-BD41BD\Administrator "D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBVP.EXE" /FU "D:\WINDOWS\TEMP\E_SBEF.tmp" /EF "HKCU" Off
wmplayer.exe 3948 Windows Media Player Microsoft Corporation D:\Program Files\Windows Media Player\wmplayer.exe 888TIGER-BD41BD\Administrator "D:\Program Files\Windows Media Player\wmplayer.exe" /SHELLHLP_V9 Play /DataObject:NEFEPEHFBAAAAAAAOABAAAAAAAAAAAAAAMAAAAAAAAAAAAGEAAAAAAAAFAAAAAAAEJBCFFDBCCLMONPNJANPDGBJAPMLHAPEMAEKAAAAMHFAEIFAKLHEFHJNMBCJFJJMAAAAAAAA Off
IEXPLORE.EXE 2228 Internet Explorer Microsoft Corporation D:\Program Files\Internet Explorer\IEXPLORE.EXE 888TIGER-BD41BD\Administrator "D:\Program Files\Internet Explorer\IEXPLORE.EXE" Running Off
procexp.exe 3188 10.77 Sysinternals Process Explorer Sysinternals D:\Documents and Settings\Administrator\桌面\ProcessExplorerNt\procexp.exe 888TIGER-BD41BD\Administrator Running Off
WoW.exe 1336 6.15 World of Warcraft Blizzard Entertainment D:\Program Files\World of Warcraft\WoW.exe 888TIGER-BD41BD\Administrator "D:\Program Files\World of Warcraft\WoW.exe" Running Off

光這樣觀察不見得可以發現異常的程式
先用防毒軟體掃一遍看看 ～

你執行的程式真是很多， 建議把不必要先關掉
這樣會比較好觀察 ！

用表格對齊，否則就用圖片....