Forum » Operacijski sistemi » Cudni procesi v winXP
Cudni procesi v winXP
Haby ::
Pozdravljeni.
V task managerju opazam cudne procese, ki povzrocajo pocasno delovanje racunalnika, ko jih koncam delujejo programi hitreje. Sistem sem pregledal z AVG in Ad aware6 pa ne najdeta nicesa, prav tako sem pogledal register in se mi ne zaganja noben cuden program. Kaj bi bilo to??
Slikca1
Slikca2
V task managerju opazam cudne procese, ki povzrocajo pocasno delovanje racunalnika, ko jih koncam delujejo programi hitreje. Sistem sem pregledal z AVG in Ad aware6 pa ne najdeta nicesa, prav tako sem pogledal register in se mi ne zaganja noben cuden program. Kaj bi bilo to??
Slikca1
Slikca2
LP
Svinja se valja v blatu in je srečna, če bi vedela, da je svinja ne bi bila srečna.
Microsoft ::
Kaj pravis na idejo, da bi vprasal googla?
AUFILE~1.EXE
BROADC~1.EXE
CONNMN~1.exe
They got you all the way! :)))
by Miha
AUFILE~1.EXE
BROADC~1.EXE
CONNMN~1.exe
They got you all the way! :)))
by Miha
s8eqaWrumatu*h-+r5wre3$ev_pheNeyut#VUbraS@e2$u5ESwE67&uhukuCh3pr
Haby ::
Morem rec da mi google tko velik ni povedal oz. ne vem ce mi je povedal vse, ker vecina stvari napisanih je vezana na IE, ki ga ne uporabljam oz. imam odinstaliranega (kolikor je to pac mogoce). Nekaj sem porihtal ampak ne vem ce je to vse. Je imel se kdo probleme s tem wormom?
Evo se log:
Logfile of HijackThis v1.98.2
Scan saved at 21:10:04, on 10.9.2004
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\sstray.exe
C:\WINDOWS\system32\MMTray.exe
C:\WINDOWS\system32\MMTray2k.exe
C:\WINDOWS\system32\MMTrayLSI.exe
C:\Program Files\VibrateGameDeviceDriver\RFPIcon.exe
C:\Program Files\Keymaestro\Multimedia Keyboard\MMKeybd.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Keymaestro\Multimedia Keyboard\TrayMon.exe
C:\Program Files\Keymaestro\Onscreen Display\OSD.exe
C:\PROGRA~1\Grisoft\AVG6\avgserv.exe
C:\PROGRA~1\SiOL\ADSL\app\pppoeservice.exe
C:\Program Files\Grisoft\AVG6\avgcc32.exe
C:\PROGRA~1\SiOL\ADSL\app\enternet.exe
C:\Program Files\mozilla.org\Mozilla\mozilla.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\XTODZ~1\LOCALS~1\Temp\Rar$EX00.125\HijackThis.exe
O4 - HKLM\..\Run: [nForce Tray Options] sstray.exe /r
O4 - HKLM\..\Run: [MMTray] MMTray.exe
O4 - HKLM\..\Run: [MMTray2K] MMTray2k.exe
O4 - HKLM\..\Run: [MMTrayLSI] MMTrayLSI.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKLM\..\Run: [AVG_CC] C:\Program Files\Grisoft\AVG6\avgcc32.exe /startup
O4 - HKLM\..\Run: [RTBatteryMeter] C:\Program Files\VibrateGameDeviceDriver\RFPIcon.exe
O4 - HKLM\..\Run: [MULTIMEDIA KEYBOARD] C:\Program Files\Keymaestro\Multimedia Keyboard\MMKeybd.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
Sumljivi so mi boldani procesi
Pa se tale log ce komu kj pove (spet mi je boldano sumljivo)
Image Name PID Services
========================= ====== =============================================
System Idle Process 0 N/A
System 4 N/A
smss.exe 376 N/A
csrss.exe 452 N/A
winlogon.exe 476 N/A
services.exe 520 Eventlog, PlugPlay
lsass.exe 532 PolicyAgent, ProtectedStorage, SamSs
ati2evxx.exe 688 Ati HotKey Poller
svchost.exe 708 DcomLaunch, TermService
svchost.exe 764 RpcSs
svchost.exe 800 AudioSrv, CryptSvc, Dhcp, dmserver, ERSvc,
EventSystem, FastUserSwitchingCompatibility,
helpsvc, lanmanserver, lanmanworkstation,
Netman, Nla, RasMan, Schedule, seclogon,
SENS, SharedAccess, ShellHWDetection,
TapiSrv, Themes, TrkWks, W32Time, winmgmt,
wscsvc, wuauserv, WZCSVC
svchost.exe 860 Dnscache
svchost.exe 924 LmHosts, RemoteRegistry, SSDPSRV, WebClient
ati2evxx.exe 1104 N/A
explorer.exe 1216 N/A
spoolsv.exe 1792 Spooler
sstray.exe 1980 N/A
MMTray.exe 1996 N/A
MMTray2k.exe 2004 N/A
MMTrayLSI.exe 2012 N/A
rfpicon.exe 208 N/A
MMKeybd.exe 220 N/A
msmsgs.exe 232 N/A
Traymon.exe 1544 N/A
osd.exe 1552 N/A
avgserv.exe 364 AvgServ
PPPoEService.exe 636 PPPoEService
avgcc32.exe 1336 N/A
alg.exe 1712 ALG
EnterNet.exe 120 N/A
mozilla.exe 1036 N/A
notepad.exe 2316 N/A
regedit.exe 2492 N/A
cmd.exe 2488 N/A
wmiprvse.exe 2172 N/A
tasklist.exe 2920 N/A
Evo se log:
Logfile of HijackThis v1.98.2
Scan saved at 21:10:04, on 10.9.2004
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\sstray.exe
C:\WINDOWS\system32\MMTray.exe
C:\WINDOWS\system32\MMTray2k.exe
C:\WINDOWS\system32\MMTrayLSI.exe
C:\Program Files\VibrateGameDeviceDriver\RFPIcon.exe
C:\Program Files\Keymaestro\Multimedia Keyboard\MMKeybd.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Keymaestro\Multimedia Keyboard\TrayMon.exe
C:\Program Files\Keymaestro\Onscreen Display\OSD.exe
C:\PROGRA~1\Grisoft\AVG6\avgserv.exe
C:\PROGRA~1\SiOL\ADSL\app\pppoeservice.exe
C:\Program Files\Grisoft\AVG6\avgcc32.exe
C:\PROGRA~1\SiOL\ADSL\app\enternet.exe
C:\Program Files\mozilla.org\Mozilla\mozilla.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\XTODZ~1\LOCALS~1\Temp\Rar$EX00.125\HijackThis.exe
O4 - HKLM\..\Run: [nForce Tray Options] sstray.exe /r
O4 - HKLM\..\Run: [MMTray] MMTray.exe
O4 - HKLM\..\Run: [MMTray2K] MMTray2k.exe
O4 - HKLM\..\Run: [MMTrayLSI] MMTrayLSI.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKLM\..\Run: [AVG_CC] C:\Program Files\Grisoft\AVG6\avgcc32.exe /startup
O4 - HKLM\..\Run: [RTBatteryMeter] C:\Program Files\VibrateGameDeviceDriver\RFPIcon.exe
O4 - HKLM\..\Run: [MULTIMEDIA KEYBOARD] C:\Program Files\Keymaestro\Multimedia Keyboard\MMKeybd.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
Sumljivi so mi boldani procesi
Pa se tale log ce komu kj pove (spet mi je boldano sumljivo)
Image Name PID Services
========================= ====== =============================================
System Idle Process 0 N/A
System 4 N/A
smss.exe 376 N/A
csrss.exe 452 N/A
winlogon.exe 476 N/A
services.exe 520 Eventlog, PlugPlay
lsass.exe 532 PolicyAgent, ProtectedStorage, SamSs
ati2evxx.exe 688 Ati HotKey Poller
svchost.exe 708 DcomLaunch, TermService
svchost.exe 764 RpcSs
svchost.exe 800 AudioSrv, CryptSvc, Dhcp, dmserver, ERSvc,
EventSystem, FastUserSwitchingCompatibility,
helpsvc, lanmanserver, lanmanworkstation,
Netman, Nla, RasMan, Schedule, seclogon,
SENS, SharedAccess, ShellHWDetection,
TapiSrv, Themes, TrkWks, W32Time, winmgmt,
wscsvc, wuauserv, WZCSVC
svchost.exe 860 Dnscache
svchost.exe 924 LmHosts, RemoteRegistry, SSDPSRV, WebClient
ati2evxx.exe 1104 N/A
explorer.exe 1216 N/A
spoolsv.exe 1792 Spooler
sstray.exe 1980 N/A
MMTray.exe 1996 N/A
MMTray2k.exe 2004 N/A
MMTrayLSI.exe 2012 N/A
rfpicon.exe 208 N/A
MMKeybd.exe 220 N/A
msmsgs.exe 232 N/A
Traymon.exe 1544 N/A
osd.exe 1552 N/A
avgserv.exe 364 AvgServ
PPPoEService.exe 636 PPPoEService
avgcc32.exe 1336 N/A
alg.exe 1712 ALG
EnterNet.exe 120 N/A
mozilla.exe 1036 N/A
notepad.exe 2316 N/A
regedit.exe 2492 N/A
cmd.exe 2488 N/A
wmiprvse.exe 2172 N/A
tasklist.exe 2920 N/A
LP
Svinja se valja v blatu in je srečna, če bi vedela, da je svinja ne bi bila srečna.
Zgodovina sprememb…
- spremenilo: Haby ()
Haby ::
Verjetn mislis tadrug log ne?
1.) Start --> Run --> cmd
2.) Tasklist /svc >C:\ianaginfo.txt
Dela pa tole samo v xpjih s sp1 in sp2, osnovni se mi zdi da tasklista nimajo.
1.) Start --> Run --> cmd
2.) Tasklist /svc >C:\ianaginfo.txt
Dela pa tole samo v xpjih s sp1 in sp2, osnovni se mi zdi da tasklista nimajo.
LP
Svinja se valja v blatu in je srečna, če bi vedela, da je svinja ne bi bila srečna.
ToniT ::
Nobeden od servisov ni sumljiv.
Jaz bi zamenjal Siolov Enternet z vgrajenim PPPoE odjemalcem v Windowsih!
Še navodilo
Jaz bi zamenjal Siolov Enternet z vgrajenim PPPoE odjemalcem v Windowsih!
Še navodilo
Haby ::
Meni tudi ni bil noben sumljiv. Ampak prej pa priklopim mobitel na racunalnik in hop nastane TOLE:( Pa gremo spet googlat za resitvami
Odjemalca bom pa zamenjal ce bo kaj boljse.
Odjemalca bom pa zamenjal ce bo kaj boljse.
LP
Svinja se valja v blatu in je srečna, če bi vedela, da je svinja ne bi bila srečna.
Vredno ogleda ...
Tema | Ogledi | Zadnje sporočilo | |
---|---|---|---|
Tema | Ogledi | Zadnje sporočilo | |
» | problem z računalnikom!!Oddelek: Pomoč in nasveti | 2298 (2097) | mjk |
» | Optimizacija Win XPOddelek: Operacijski sistemi | 3002 (2741) | jan01 |
» | Težave Firefox-omOddelek: Pomoč in nasveti | 2143 (2016) | mikes |
» | Trojan big problem:(Oddelek: Strojna oprema | 3812 (3605) | mini-moris |
» | Proxy trojanski konjOddelek: Pomoč in nasveti | 2553 (2272) | jan01 |