Overclock.net › Forums › Software, Programming and Coding › Networking & Security › Suspicious Processes
New Posts  All Forums:Forum Nav:

Suspicious Processes

post #1 of 21
Thread Starter 
Hi.

Could you guys take a look at the screeny below and tell me what you think of the circled processes (or any of the others for that matter)?

Sources on the Net state that the first three are possible Worms/Trojans...



Thanks for your time and insight.
Flux
(13 items)
 
  
CPUMotherboardGraphicsRAM
i7 2600K GA-P67A-UD7 GTX 580 2 x 2GB Corsair 
Hard DriveOptical DriveOSMonitor
C300 (OS), Velociraptor (storage) Lite-On W7 64-bit Pro Samsung 275T 
KeyboardPowerCaseMouse
Black Widow Ult. Silverstone DA750 Lian Li T60 R.A.T. 7 
Mouse Pad
Q-Pad 
  hide details  
Reply
Flux
(13 items)
 
  
CPUMotherboardGraphicsRAM
i7 2600K GA-P67A-UD7 GTX 580 2 x 2GB Corsair 
Hard DriveOptical DriveOSMonitor
C300 (OS), Velociraptor (storage) Lite-On W7 64-bit Pro Samsung 275T 
KeyboardPowerCaseMouse
Black Widow Ult. Silverstone DA750 Lian Li T60 R.A.T. 7 
Mouse Pad
Q-Pad 
  hide details  
Reply
post #2 of 21
I have smss.exe, csrss.exe, and lsass.exe. I believe these belong to Window's SMP.

The other two, I don't know.
Main
(13 items)
 
  
CPUMotherboardGraphicsRAM
Core i5 3570K ASRock Z77 Pro3 Galaxy 560Ti G.Skills DDR3 
Hard DriveOSMonitorPower
WD Cavier 250GB + SimpleTech 320GB EXHDD Windows 7 x64 Samsung 19" SyncMaster 940BW OCZ 600w GameXStream 
Case
COOLER MASTER Centurion 5 
  hide details  
Reply
Main
(13 items)
 
  
CPUMotherboardGraphicsRAM
Core i5 3570K ASRock Z77 Pro3 Galaxy 560Ti G.Skills DDR3 
Hard DriveOSMonitorPower
WD Cavier 250GB + SimpleTech 320GB EXHDD Windows 7 x64 Samsung 19" SyncMaster 940BW OCZ 600w GameXStream 
Case
COOLER MASTER Centurion 5 
  hide details  
Reply
post #3 of 21
They're okay.
Studio Machine
(13 items)
 
  
CPUMotherboardGraphicsRAM
Intel Q6600 @ 2.6 Ghz I forget. nVidia 8400 2GB DDR2 
Hard DriveOptical DriveOSMonitor
1x320GB, 1x750GB CD/DVD+-RW Windows Vista Ultimate SP1 & Arch Linux 64bit 19inch Acer X193W 
KeyboardPowerCaseMouse
Logitech UltraSlim Pathetic 350w Cube 2 Quid Bargain Bin Thing 
  hide details  
Reply
Studio Machine
(13 items)
 
  
CPUMotherboardGraphicsRAM
Intel Q6600 @ 2.6 Ghz I forget. nVidia 8400 2GB DDR2 
Hard DriveOptical DriveOSMonitor
1x320GB, 1x750GB CD/DVD+-RW Windows Vista Ultimate SP1 & Arch Linux 64bit 19inch Acer X193W 
KeyboardPowerCaseMouse
Logitech UltraSlim Pathetic 350w Cube 2 Quid Bargain Bin Thing 
  hide details  
Reply
post #4 of 21
winauclt.exe handles windows updates
mcods.exe is for McAfee antivirus
and the other 3 processes are normal ones in windows I think. I have all 3 of those running also.
('́⌣'̀ )
(13 items)
 
  
CPUMotherboardGraphicsRAM
i5 2500K ASUS P8P67 (REV 3.0) MSI GTX 560Ti Twin Frozr II/OC 8GB G.SKILL Ripjaws 1600 
Hard DriveOSPowerCase
Seagate 500GB Windows 7 x64 Corsair HX650 Antec 900 
Mouse
Logitech MX518 
  hide details  
Reply
('́⌣'̀ )
(13 items)
 
  
CPUMotherboardGraphicsRAM
i5 2500K ASUS P8P67 (REV 3.0) MSI GTX 560Ti Twin Frozr II/OC 8GB G.SKILL Ripjaws 1600 
Hard DriveOSPowerCase
Seagate 500GB Windows 7 x64 Corsair HX650 Antec 900 
Mouse
Logitech MX518 
  hide details  
Reply
post #5 of 21
post #6 of 21
If you wanna be sure, download, update and run both

Adaware Personal Edition
Spybot Seek and Destroy

Those two will rat out 99% if not _all_ spyware.
Studio Machine
(13 items)
 
  
CPUMotherboardGraphicsRAM
Intel Q6600 @ 2.6 Ghz I forget. nVidia 8400 2GB DDR2 
Hard DriveOptical DriveOSMonitor
1x320GB, 1x750GB CD/DVD+-RW Windows Vista Ultimate SP1 & Arch Linux 64bit 19inch Acer X193W 
KeyboardPowerCaseMouse
Logitech UltraSlim Pathetic 350w Cube 2 Quid Bargain Bin Thing 
  hide details  
Reply
Studio Machine
(13 items)
 
  
CPUMotherboardGraphicsRAM
Intel Q6600 @ 2.6 Ghz I forget. nVidia 8400 2GB DDR2 
Hard DriveOptical DriveOSMonitor
1x320GB, 1x750GB CD/DVD+-RW Windows Vista Ultimate SP1 & Arch Linux 64bit 19inch Acer X193W 
KeyboardPowerCaseMouse
Logitech UltraSlim Pathetic 350w Cube 2 Quid Bargain Bin Thing 
  hide details  
Reply
post #7 of 21
smss.exe: This is the session manager subsystem, which is responsible for starting the user session. This process is initiated by the system thread and is responsible for various activities, including launching the Winlogon and Win32 (Csrss.exe) processes and setting system variables.

lsass.exe: lsass.exe is a system process of the Microsoft Windows security mechanisms. It specifically deals with local security and login policies. This program is important for the stable and secure running of your computer and should not be terminated.

mcods: I think this is part of McAfee.

wuauclt.exe: wuauclt.exe is a process managing automatic updates for Microsoft Windows. This process continuously checks for the latest updates and uses the Internet to do so. This program is important for the stable and secure running of your computer and should not be terminated.
Main
(13 items)
 
  
CPUMotherboardGraphicsRAM
Core i5 3570K ASRock Z77 Pro3 Galaxy 560Ti G.Skills DDR3 
Hard DriveOSMonitorPower
WD Cavier 250GB + SimpleTech 320GB EXHDD Windows 7 x64 Samsung 19" SyncMaster 940BW OCZ 600w GameXStream 
Case
COOLER MASTER Centurion 5 
  hide details  
Reply
Main
(13 items)
 
  
CPUMotherboardGraphicsRAM
Core i5 3570K ASRock Z77 Pro3 Galaxy 560Ti G.Skills DDR3 
Hard DriveOSMonitorPower
WD Cavier 250GB + SimpleTech 320GB EXHDD Windows 7 x64 Samsung 19" SyncMaster 940BW OCZ 600w GameXStream 
Case
COOLER MASTER Centurion 5 
  hide details  
Reply
post #8 of 21
He doesnt have an sass.exe running
('́⌣'̀ )
(13 items)
 
  
CPUMotherboardGraphicsRAM
i5 2500K ASUS P8P67 (REV 3.0) MSI GTX 560Ti Twin Frozr II/OC 8GB G.SKILL Ripjaws 1600 
Hard DriveOSPowerCase
Seagate 500GB Windows 7 x64 Corsair HX650 Antec 900 
Mouse
Logitech MX518 
  hide details  
Reply
('́⌣'̀ )
(13 items)
 
  
CPUMotherboardGraphicsRAM
i5 2500K ASUS P8P67 (REV 3.0) MSI GTX 560Ti Twin Frozr II/OC 8GB G.SKILL Ripjaws 1600 
Hard DriveOSPowerCase
Seagate 500GB Windows 7 x64 Corsair HX650 Antec 900 
Mouse
Logitech MX518 
  hide details  
Reply
post #9 of 21
Quote:
Originally Posted by phantomgrave View Post
He doesnt have an sass.exe running
he have, look careful again
post #10 of 21
Quote:
Originally Posted by Syrillian View Post
Hi.

Could you guys take a look at the screeny below and tell me what you think of the circled processes (or any of the others for that matter)?

Sources on the Net state that the first three are possible Worms/Trojans...



Thanks for your time and insight.
That'll be some new updates from M$...had a time getting them off with my busy schedule...fubar'd my XP64 rig but it's fixed now with wireless Linksys...checking numbers now for the necessary installs.
PRONE
(19 items)
 
Cap't Crunch
(14 items)
 
 
CPUMotherboardGraphicsRAM
i7 3930k @ 5Ghz Msi X79A-GD45 Gigabyte Radeon 7950 Patriot Sector 7 
Hard DriveOptical DriveCoolingCooling
2xCorsair Force Series 3 Raid-0 LG DVDR/W Custom Water Loop Swiftech Apogee Drive II waterblock/pump 
CoolingCoolingOSMonitor
Swiftech MCRES-Micro Rev 2 Larkooler 240mm Rad server 2008 RC2 HP 2207HD 
KeyboardPowerCaseMouse
HP Classic wireless PC Power and Cooling Silencer Mk II 950W High P... NZXT Phantom...again lol HP Classic wireless 
Mouse PadAudioOther
MicroCenter Onboard TBA 
CPUMotherboardGraphicsRAM
2500k Maximus V Extreme Radeon 6950HD Avexir 
Hard DriveOptical DriveCoolingOS
Corsair Force 3 LG DVD RW Corsair H100i WIndowd 8.1 
MonitorKeyboardPowerCase
HP 2159M Logitech CX750M Cosair Carbide 540AIR 
MouseMouse Pad
logitech logitech 
  hide details  
Reply
PRONE
(19 items)
 
Cap't Crunch
(14 items)
 
 
CPUMotherboardGraphicsRAM
i7 3930k @ 5Ghz Msi X79A-GD45 Gigabyte Radeon 7950 Patriot Sector 7 
Hard DriveOptical DriveCoolingCooling
2xCorsair Force Series 3 Raid-0 LG DVDR/W Custom Water Loop Swiftech Apogee Drive II waterblock/pump 
CoolingCoolingOSMonitor
Swiftech MCRES-Micro Rev 2 Larkooler 240mm Rad server 2008 RC2 HP 2207HD 
KeyboardPowerCaseMouse
HP Classic wireless PC Power and Cooling Silencer Mk II 950W High P... NZXT Phantom...again lol HP Classic wireless 
Mouse PadAudioOther
MicroCenter Onboard TBA 
CPUMotherboardGraphicsRAM
2500k Maximus V Extreme Radeon 6950HD Avexir 
Hard DriveOptical DriveCoolingOS
Corsair Force 3 LG DVD RW Corsair H100i WIndowd 8.1 
MonitorKeyboardPowerCase
HP 2159M Logitech CX750M Cosair Carbide 540AIR 
MouseMouse Pad
logitech logitech 
  hide details  
Reply
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Networking & Security
Overclock.net › Forums › Software, Programming and Coding › Networking & Security › Suspicious Processes