會員 | 【問題】幫我看我procexp檢查出來的結果 我用procexp看東西 但是我不知道那個才是真的正確的程式 我怕我不會看 把正確的刪掉了 錯誤的留下來 我把內容貼上來 因為我不會用檔案上來 Process PID CPU Description Company Name System Idle Process 0 89.23 Interrupts n/a Hardware Interrupts DPCs n/a Deferred Procedure Calls System 4 smss.exe 436 Windows NT Session Manager Microsoft Corporation csrss.exe 500 Client Server Runtime Process Microsoft Corporation winlogon.exe 528 Windows NT Logon Application Microsoft Corporation services.exe 572 1.54 Services and Controller app Microsoft Corporation ati2evxx.exe 740 ATI External Event Utility EXE Module ATI Technologies Inc. svchost.exe 752 Generic Host Process for Win32 Services Microsoft Corporation svchost.exe 836 Generic Host Process for Win32 Services Microsoft Corporation svchost.exe 908 Generic Host Process for Win32 Services Microsoft Corporation svchost.exe 996 Generic Host Process for Win32 Services Microsoft Corporation svchost.exe 1052 Generic Host Process for Win32 Services Microsoft Corporation spoolsv.exe 1400 Spooler SubSystem App Microsoft Corporation alg.exe 788 Application Layer Gateway Service Microsoft Corporation nod32krn.exe 988 NOD32 Kernel Service Eset oodag.exe 1064 O&O Defrag Agent (Win32) O&O Software GmbH svchost.exe 1344 Generic Host Process for Win32 Services Microsoft Corporation usnsvc.exe 3440 Messenger Sharing USN Journal Reader Service Microsoft Corporation lsass.exe 584 LSA Shell (Export Version) Microsoft Corporation ati2evxx.exe 1296 ATI External Event Utility EXE Module ATI Technologies Inc. explorer.exe 1404 Windows Explorer Microsoft Corporation rundll32.exe 1676 Run a DLL as an App Microsoft Corporation nod32kui.exe 1684 NOD32 Control Center GUI Eset ctfmon.exe 1712 CTF Loader Microsoft Corporation msnmsgr.exe 1724 Messenger Microsoft Corporation YahooMessenger.exe 1760 Yahoo! Messenger Yahoo! Inc. E_FATIBVP.EXE 1880 EPSON Status Monitor 3 SEIKO EPSON CORPORATION wmplayer.exe 3948 3.08 Windows Media Player Microsoft Corporation IEXPLORE.EXE 404 Internet Explorer Microsoft Corporation procexp.exe 264 4.62 Sysinternals Process Explorer Sysinternals WoW.exe 3476 1.54 World of Warcraft Blizzard Entertainment 感覺好像很亂>< 但是抱歉了 我真的不會上傳檔案 |
回覆 |
會員 | 回覆: 【問題】幫我看我procexp檢查出來的結果 最好把檔案的路徑也一起列出來吧... 這樣實在不好判斷 |
回覆 |
會員 | 回覆: 【問題】幫我看我procexp檢查出來的結果 要怎麼用阿 不太會用耶 |
回覆 |
會員 | 回覆: 【問題】幫我看我procexp檢查出來的結果 剛剛小用了一下 不知道是不是這樣 Process PID CPU Description Company Name Path User Name Window Title Session Command Line Version Comment Window Status DEP Status Verified Signer System Idle Process 0 90.91 NT AUTHORITY\SYSTEM <n/a> Interrupts n/a Hardware Interrupts 0 <n/a> DPCs n/a Deferred Procedure Calls 0 <n/a> System 4 NT AUTHORITY\SYSTEM 0 On smss.exe 436 Windows NT Session Manager Microsoft Corporation D:\WINDOWS\system32\smss.exe NT AUTHORITY\SYSTEM 0 \SystemRoot\System32\smss.exe 5.01.2600.2180 On csrss.exe 500 Client Server Runtime Process Microsoft Corporation D:\WINDOWS\system32\csrss.exe NT AUTHORITY\SYSTEM 0 D:\WINDOWS\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16 5.01.2600.2180 On winlogon.exe 528 Windows NT Logon Application Microsoft Corporation D:\WINDOWS\system32\winlogon.exe NT AUTHORITY\SYSTEM 0 winlogon.exe 5.01.2600.2180 On services.exe 572 Services and Controller app Microsoft Corporation D:\WINDOWS\system32\services.exe NT AUTHORITY\SYSTEM 0 D:\WINDOWS\system32\services.exe 5.01.2600.2180 On ati2evxx.exe 740 ATI External Event Utility EXE Module ATI Technologies Inc. D:\WINDOWS\system32\ati2evxx.exe NT AUTHORITY\SYSTEM 0 D:\WINDOWS\system32\Ati2evxx.exe 6.14.0010.4132 Off svchost.exe 752 Generic Host Process for Win32 Services Microsoft Corporation D:\WINDOWS\system32\svchost.exe NT AUTHORITY\SYSTEM 0 D:\WINDOWS\system32\svchost -k DcomLaunch 5.01.2600.2180 On svchost.exe 836 Generic Host Process for Win32 Services Microsoft Corporation D:\WINDOWS\system32\svchost.exe NT AUTHORITY\NETWORK SERVICE 0 D:\WINDOWS\system32\svchost -k rpcss 5.01.2600.2180 On svchost.exe 908 Generic Host Process for Win32 Services Microsoft Corporation D:\WINDOWS\system32\svchost.exe NT AUTHORITY\SYSTEM 0 D:\WINDOWS\System32\svchost.exe -k netsvcs 5.01.2600.2180 On svchost.exe 996 Generic Host Process for Win32 Services Microsoft Corporation D:\WINDOWS\system32\svchost.exe NT AUTHORITY\NETWORK SERVICE 0 D:\WINDOWS\system32\svchost.exe -k NetworkService 5.01.2600.2180 On (Not verified) Microsoft Corporation svchost.exe 1052 Generic Host Process for Win32 Services Microsoft Corporation D:\WINDOWS\system32\svchost.exe NT AUTHORITY\LOCAL SERVICE 0 D:\WINDOWS\system32\svchost.exe -k LocalService 5.01.2600.2180 On spoolsv.exe 1400 Spooler SubSystem App Microsoft Corporation D:\WINDOWS\system32\spoolsv.exe NT AUTHORITY\SYSTEM 0 D:\WINDOWS\system32\spoolsv.exe 5.01.2600.2696 On alg.exe 788 Application Layer Gateway Service Microsoft Corporation D:\WINDOWS\system32\alg.exe NT AUTHORITY\LOCAL SERVICE 0 D:\WINDOWS\System32\alg.exe 5.01.2600.2180 On nod32krn.exe 988 NOD32 Kernel Service Eset D:\Program Files\ESET\nod32krn.exe NT AUTHORITY\SYSTEM 0 "D:\Program Files\Eset\nod32krn.exe" 2.70.0032.0000 Off oodag.exe 1064 O&O Defrag Agent (Win32) O&O Software GmbH D:\WINDOWS\system32\oodag.exe NT AUTHORITY\SYSTEM 0 D:\WINDOWS\system32\oodag.exe 8.05.1788.0000 Off svchost.exe 1344 Generic Host Process for Win32 Services Microsoft Corporation D:\WINDOWS\system32\svchost.exe NT AUTHORITY\SYSTEM 0 D:\WINDOWS\system32\svchost.exe -k imgsvc 5.01.2600.2180 On usnsvc.exe 3440 Messenger Sharing USN Journal Reader Service Microsoft Corporation D:\Program Files\MSN Messenger\usnsvc.exe NT AUTHORITY\SYSTEM 0 "D:\Program Files\MSN Messenger\usnsvc.exe" 8.01.0178.0000 Off lsass.exe 584 LSA Shell (Export Version) Microsoft Corporation D:\WINDOWS\system32\lsass.exe NT AUTHORITY\SYSTEM 0 D:\WINDOWS\system32\lsass.exe 5.01.2600.2180 On ati2evxx.exe 1296 ATI External Event Utility EXE Module ATI Technologies Inc. D:\WINDOWS\system32\ati2evxx.exe 888TIGER-BD41BD\Administrator 0 Ati2evxx.exe -Client 6.14.0010.4132 Off explorer.exe 1404 Windows Explorer Microsoft Corporation D:\WINDOWS\explorer.exe 888TIGER-BD41BD\Administrator ProcessExplorerNt 0 D:\WINDOWS\Explorer.EXE 6.00.2900.3156 Running On rundll32.exe 1676 Run a DLL as an App Microsoft Corporation D:\WINDOWS\system32\rundll32.exe 888TIGER-BD41BD\Administrator 0 "D:\WINDOWS\system32\RunDll32.exe" cmicnfg.cpl,CMICtrlWnd 5.01.2600.2180 On nod32kui.exe 1684 NOD32 Control Center GUI Eset D:\Program Files\ESET\nod32kui.exe 888TIGER-BD41BD\Administrator 0 "D:\Program Files\Eset\nod32kui.exe" /WAITSERVICE 2.70.0032.0000 Off ctfmon.exe 1712 CTF Loader Microsoft Corporation D:\WINDOWS\system32\ctfmon.exe 888TIGER-BD41BD\Administrator 0 "D:\WINDOWS\system32\ctfmon.exe" 5.01.2600.2180 On msnmsgr.exe 1724 Messenger Microsoft Corporation D:\Program Files\MSN Messenger\msnmsgr.exe 888TIGER-BD41BD\Administrator 0 "D:\Program Files\MSN Messenger\msnmsgr.exe" /background 8.01.0178.0000 Off YahooMessenger.exe 1760 Yahoo! Messenger Yahoo! Inc. D:\Program Files\Yahoo!\Messenger\YahooMessenger.exe 888TIGER-BD41BD\Administrator 0 "D:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet 8.01.0000.0413 Off E_FATIBVP.EXE 1880 EPSON Status Monitor 3 SEIKO EPSON CORPORATION D:\WINDOWS\system32\spool\drivers\w32x86\3\E_FATIBVP.EXE 888TIGER-BD41BD\Administrator 0 "D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBVP.EXE" /FU "D:\WINDOWS\TEMP\E_SBEF.tmp" /EF "HKCU" 4.00.0001.0000 Off wmplayer.exe 3948 Windows Media Player Microsoft Corporation D:\Program Files\Windows Media Player\wmplayer.exe 888TIGER-BD41BD\Administrator 0 "D:\Program Files\Windows Media Player\wmplayer.exe" /SHELLHLP_V9 Play /DataObject:NEFEPEHFBAAAAAAAOABAAAAAAAAAAAAAAMAAAAAAAAAAAAGEAAAAAAAAFAAAAAAAEJBCFFDBCCLMONPNJANPDGBJAPMLHAPEMAEKAAAAMHFAEIFAKLHEFHJNMBCJFJJMAAAAAAAA 11.00.5721.5145 Off IEXPLORE.EXE 2228 Internet Explorer Microsoft Corporation D:\Program Files\Internet Explorer\IEXPLORE.EXE 888TIGER-BD41BD\Administrator 【問題】幫我看我procexp檢查出來的結果 - Microsoft Internet Explorer 0 "D:\Program Files\Internet Explorer\IEXPLORE.EXE" 6.00.2900.2180 Running Off procexp.exe 3188 3.03 Sysinternals Process Explorer Sysinternals D:\Documents and Settings\Administrator\桌面\ProcessExplorerNt\procexp.exe 888TIGER-BD41BD\Administrator Process Explorer - Sysinternals: www.sysinternals.com [888TIGER-BD41BD\Administrator] 0 10.20.0000.0000 Running Off WoW.exe 1336 6.06 World of Warcraft Blizzard Entertainment D:\Program Files\World of Warcraft\WoW.exe 888TIGER-BD41BD\Administrator 魔獸世界 0 "D:\Program Files\World of Warcraft\WoW.exe" 2.01.0003.6898 Running Off 感覺好亂 |
回覆 |
會員 | 回覆: 【問題】幫我看我procexp檢查出來的結果 再貼一次 看會不會比較好 怎麼貼都感覺好亂 還是因為我不會看的原因? Process PID CPU Description Company Name Path User Name Command Line Window Status DEP Status Verified Signer System Idle Process 0 83.08 NT AUTHORITY\SYSTEM <n/a> Interrupts n/a Hardware Interrupts <n/a> DPCs n/a Deferred Procedure Calls <n/a> System 4 NT AUTHORITY\SYSTEM On smss.exe 436 Windows NT Session Manager Microsoft Corporation D:\WINDOWS\system32\smss.exe NT AUTHORITY\SYSTEM \SystemRoot\System32\smss.exe On csrss.exe 500 Client Server Runtime Process Microsoft Corporation D:\WINDOWS\system32\csrss.exe NT AUTHORITY\SYSTEM D:\WINDOWS\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16 On winlogon.exe 528 Windows NT Logon Application Microsoft Corporation D:\WINDOWS\system32\winlogon.exe NT AUTHORITY\SYSTEM winlogon.exe On services.exe 572 Services and Controller app Microsoft Corporation D:\WINDOWS\system32\services.exe NT AUTHORITY\SYSTEM D:\WINDOWS\system32\services.exe On ati2evxx.exe 740 ATI External Event Utility EXE Module ATI Technologies Inc. D:\WINDOWS\system32\ati2evxx.exe NT AUTHORITY\SYSTEM D:\WINDOWS\system32\Ati2evxx.exe Off svchost.exe 752 Generic Host Process for Win32 Services Microsoft Corporation D:\WINDOWS\system32\svchost.exe NT AUTHORITY\SYSTEM D:\WINDOWS\system32\svchost -k DcomLaunch On svchost.exe 836 Generic Host Process for Win32 Services Microsoft Corporation D:\WINDOWS\system32\svchost.exe NT AUTHORITY\NETWORK SERVICE D:\WINDOWS\system32\svchost -k rpcss On svchost.exe 908 Generic Host Process for Win32 Services Microsoft Corporation D:\WINDOWS\system32\svchost.exe NT AUTHORITY\SYSTEM D:\WINDOWS\System32\svchost.exe -k netsvcs On svchost.exe 996 Generic Host Process for Win32 Services Microsoft Corporation D:\WINDOWS\system32\svchost.exe NT AUTHORITY\NETWORK SERVICE D:\WINDOWS\system32\svchost.exe -k NetworkService On (Not verified) Microsoft Corporation svchost.exe 1052 Generic Host Process for Win32 Services Microsoft Corporation D:\WINDOWS\system32\svchost.exe NT AUTHORITY\LOCAL SERVICE D:\WINDOWS\system32\svchost.exe -k LocalService On spoolsv.exe 1400 Spooler SubSystem App Microsoft Corporation D:\WINDOWS\system32\spoolsv.exe NT AUTHORITY\SYSTEM D:\WINDOWS\system32\spoolsv.exe On alg.exe 788 Application Layer Gateway Service Microsoft Corporation D:\WINDOWS\system32\alg.exe NT AUTHORITY\LOCAL SERVICE D:\WINDOWS\System32\alg.exe On nod32krn.exe 988 NOD32 Kernel Service Eset D:\Program Files\ESET\nod32krn.exe NT AUTHORITY\SYSTEM "D:\Program Files\Eset\nod32krn.exe" Off oodag.exe 1064 O&O Defrag Agent (Win32) O&O Software GmbH D:\WINDOWS\system32\oodag.exe NT AUTHORITY\SYSTEM D:\WINDOWS\system32\oodag.exe Off svchost.exe 1344 Generic Host Process for Win32 Services Microsoft Corporation D:\WINDOWS\system32\svchost.exe NT AUTHORITY\SYSTEM D:\WINDOWS\system32\svchost.exe -k imgsvc On usnsvc.exe 3440 Messenger Sharing USN Journal Reader Service Microsoft Corporation D:\Program Files\MSN Messenger\usnsvc.exe NT AUTHORITY\SYSTEM "D:\Program Files\MSN Messenger\usnsvc.exe" Off lsass.exe 584 LSA Shell (Export Version) Microsoft Corporation D:\WINDOWS\system32\lsass.exe NT AUTHORITY\SYSTEM D:\WINDOWS\system32\lsass.exe On ati2evxx.exe 1296 ATI External Event Utility EXE Module ATI Technologies Inc. D:\WINDOWS\system32\ati2evxx.exe 888TIGER-BD41BD\Administrator Ati2evxx.exe -Client Off explorer.exe 1404 Windows Explorer Microsoft Corporation D:\WINDOWS\explorer.exe 888TIGER-BD41BD\Administrator D:\WINDOWS\Explorer.EXE Running On rundll32.exe 1676 Run a DLL as an App Microsoft Corporation D:\WINDOWS\system32\rundll32.exe 888TIGER-BD41BD\Administrator "D:\WINDOWS\system32\RunDll32.exe" cmicnfg.cpl,CMICtrlWnd On nod32kui.exe 1684 NOD32 Control Center GUI Eset D:\Program Files\ESET\nod32kui.exe 888TIGER-BD41BD\Administrator "D:\Program Files\Eset\nod32kui.exe" /WAITSERVICE Off ctfmon.exe 1712 CTF Loader Microsoft Corporation D:\WINDOWS\system32\ctfmon.exe 888TIGER-BD41BD\Administrator "D:\WINDOWS\system32\ctfmon.exe" On msnmsgr.exe 1724 Messenger Microsoft Corporation D:\Program Files\MSN Messenger\msnmsgr.exe 888TIGER-BD41BD\Administrator "D:\Program Files\MSN Messenger\msnmsgr.exe" /background Off YahooMessenger.exe 1760 Yahoo! Messenger Yahoo! Inc. D:\Program Files\Yahoo!\Messenger\YahooMessenger.exe 888TIGER-BD41BD\Administrator "D:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet Off E_FATIBVP.EXE 1880 EPSON Status Monitor 3 SEIKO EPSON CORPORATION D:\WINDOWS\system32\spool\drivers\w32x86\3\E_FATIBVP.EXE 888TIGER-BD41BD\Administrator "D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBVP.EXE" /FU "D:\WINDOWS\TEMP\E_SBEF.tmp" /EF "HKCU" Off wmplayer.exe 3948 Windows Media Player Microsoft Corporation D:\Program Files\Windows Media Player\wmplayer.exe 888TIGER-BD41BD\Administrator "D:\Program Files\Windows Media Player\wmplayer.exe" /SHELLHLP_V9 Play /DataObject:NEFEPEHFBAAAAAAAOABAAAAAAAAAAAAAAMAAAAAAAAAAAAGEAAAAAAAAFAAAAAAAEJBCFFDBCCLMONPNJANPDGBJAPMLHAPEMAEKAAAAMHFAEIFAKLHEFHJNMBCJFJJMAAAAAAAA Off IEXPLORE.EXE 2228 Internet Explorer Microsoft Corporation D:\Program Files\Internet Explorer\IEXPLORE.EXE 888TIGER-BD41BD\Administrator "D:\Program Files\Internet Explorer\IEXPLORE.EXE" Running Off procexp.exe 3188 10.77 Sysinternals Process Explorer Sysinternals D:\Documents and Settings\Administrator\桌面\ProcessExplorerNt\procexp.exe 888TIGER-BD41BD\Administrator Running Off WoW.exe 1336 6.15 World of Warcraft Blizzard Entertainment D:\Program Files\World of Warcraft\WoW.exe 888TIGER-BD41BD\Administrator "D:\Program Files\World of Warcraft\WoW.exe" Running Off |
回覆 |
高級會員 | 回覆: 【問題】幫我看我procexp檢查出來的結果 光這樣觀察不見得可以發現異常的程式 先用防毒軟體掃一遍看看 ~ 你執行的程式真是很多, 建議把不必要先關掉 這樣會比較好觀察 ! |
回覆 |
莫道君行早 | 回覆: 【問題】幫我看我procexp檢查出來的結果 用表格對齊,否則就用圖片.... |
回覆 |
|
XML | RSS 2.0 | RSS |
本論壇所有文章僅代表留言者個人意見,並不代表本站之立場,討論區以「即時留言」方式運作,故無法完全監察所有即時留言,若您發現文章可能有異議,請 email :[email protected] 處理。