Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

csrss.exe winlogon.exe and atieclxx.exe


  • Please log in to reply
No replies to this topic

#1 lavieenrose

lavieenrose

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:04:05 AM

Posted 22 July 2012 - 12:30 AM

I've noticed that these three processes are running without any description or username through task manager.

1) csrss.exe
2) winlogon.exe
3) atieclxx.exe





That said, I'm paranoid that my laptop has contracted some kind of malware. Are these processes some kind of trojan/virus/malware or legitimate processes? I have downloaded and executed the Process Explorer and have C&P the file down below.


Process PID CPU Private Bytes Working Set Description Company Name Command Line
System Idle Process 0 99.07 0 K 24 K
System 4 0.04 592 K 11,208 K
Interrupts n/a 0.11 0 K 0 K Hardware Interrupts and DPCs
smss.exe 328 772 K 1,448 K
avgrsa.exe 420 < 0.01 39,944 K 2,144 K
avgcsrva.exe 464 22,032 K 4,160 K
csrss.exe 876 < 0.01 2,644 K 5,052 K
conhost.exe 1908 1,468 K 3,156 K
wininit.exe 952 2,064 K 5,128 K
services.exe 1012 5,988 K 10,716 K
svchost.exe 868 0.01 5,592 K 10,764 K Host Process for Windows Services Microsoft Corporation C:\Windows\system32\svchost.exe -k DcomLaunch
unsecapp.exe 2528 2,404 K 5,648 K
WmiPrvSE.exe 2560 6,692 K 12,468 K
rundll32.exe 4000 2,668 K 7,252 K Windows host process (Rundll32) Microsoft Corporation C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
unsecapp.exe 4196 2,860 K 6,676 K Sink to receive asynchronous callbacks for WMI client application Microsoft Corporation C:\Windows\system32\wbem\unsecapp.exe -Embedding
svchost.exe 1072 5,300 K 9,220 K Host Process for Windows Services Microsoft Corporation C:\Windows\system32\svchost.exe -k RPCSS
MsMpEng.exe 1132 0.01 74,340 K 70,940 K Antimalware Service Executable Microsoft Corporation "c:\Program Files\Microsoft Security Client\MsMpEng.exe"
atiesrxx.exe 1176 2,296 K 5,104 K AMD External Events Service Module AMD C:\Windows\system32\atiesrxx.exe
atieclxx.exe 1624 3,540 K 7,616 K
svchost.exe 1272 20,024 K 20,980 K Host Process for Windows Services Microsoft Corporation C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
audiodg.exe 5000 16,136 K 15,920 K
svchost.exe 1312 0.11 172,748 K 178,444 K Host Process for Windows Services Microsoft Corporation C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
wlanext.exe 1900 11,104 K 19,660 K
dwm.exe 2860 3,956 K 9,980 K Desktop Window Manager Microsoft Corporation "C:\Windows\system32\Dwm.exe"
svchost.exe 1360 < 0.01 26,792 K 41,820 K Host Process for Windows Services Microsoft Corporation C:\Windows\system32\svchost.exe -k netsvcs
svchost.exe 1536 6,876 K 11,772 K Host Process for Windows Services Microsoft Corporation C:\Windows\system32\svchost.exe -k LocalService
DockLogin.exe 1688 1,392 K 4,296 K Dock Login Service Stardock Corporation C:\Program Files\Dell\DellDock\DockLogin.exe
svchost.exe 1792 < 0.01 16,748 K 17,244 K Host Process for Windows Services Microsoft Corporation C:\Windows\system32\svchost.exe -k NetworkService
spoolsv.exe 1996 8,140 K 13,856 K Spooler SubSystem App Microsoft Corporation C:\Windows\System32\spoolsv.exe
svchost.exe 2032 13,292 K 14,680 K Host Process for Windows Services Microsoft Corporation C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
AppleMobileDeviceService.exe 1756 < 0.01 3,436 K 9,680 K MobileDeviceService Apple Inc. "C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
avgwdsvc.exe 1912 < 0.01 9,656 K 18,372 K AVG Watchdog Service AVG Technologies CZ, s.r.o. "C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe"
avgnsa.exe 3404 < 0.01 9,856 K 256 K
avgemca.exe 3596 3,504 K 7,472 K
mDNSResponder.exe 2064 3,368 K 6,808 K Bonjour Service Apple Inc. "C:\Program Files\Bonjour\mDNSResponder.exe"
EvtEng.exe 2092 < 0.01 14,296 K 23,344 K Intel® PROSet/Wireless Event Log Service Intel® Corporation C:\Program Files\Intel\WiFi\bin\EvtEng.exe
LMS.exe 2144 0.01 2,628 K 4,980 K Local Manageability Service Intel Corporation C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
RegSrvc.exe 2200 3,136 K 7,272 K Intel® PROSet/Wireless Registry Service Intel® Corporation C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
ToolbarUpdater.exe 2248 1,920 K 5,024 K ToolbarU Application C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe
avgidsagent.exe 2368 0.01 16,492 K 15,948 K AVG Identity Protection Service AVG Technologies CZ, s.r.o. "C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe"
taskhost.exe 2780 8,756 K 9,904 K Host Process for Windows Tasks Microsoft Corporation "taskhost.exe"
iPodService.exe 3976 < 0.01 4,168 K 8,488 K iPodService Module (64-bit) Apple Inc. "C:\Program Files\iPod\bin\iPodService.exe"
SearchIndexer.exe 4184 < 0.01 25,084 K 15,856 K Microsoft Windows Search Indexer Microsoft Corporation C:\Windows\system32\SearchIndexer.exe /Embedding
svchost.exe 4904 6,000 K 12,992 K Host Process for Windows Services Microsoft Corporation C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
UNS.exe 2332 < 0.01 4,144 K 9,040 K User Notification Service Intel Corporation "C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe"
wmpnetwk.exe 4148 13,464 K 7,652 K Windows Media Player Network Sharing Service Microsoft Corporation "C:\Program Files\Windows Media Player\wmpnetwk.exe"
PresentationFontCache.exe 980 27,336 K 18,380 K PresentationFontCache.exe Microsoft Corporation C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
svchost.exe 4504 2,608 K 4,800 K Host Process for Windows Services Microsoft Corporation C:\Windows\system32\svchost.exe -k SDRSVC
lsm.exe 140 3,036 K 4,780 K
lsass.exe 152 4,804 K 11,716 K Local Security Authority Process Microsoft Corporation C:\Windows\system32\lsass.exe
csrss.exe 988 0.07 12,012 K 13,552 K
winlogon.exe 1228 3,848 K 8,028 K
explorer.exe 2892 0.01 44,212 K 64,076 K Windows Explorer Microsoft Corporation C:\Windows\Explorer.EXE
msseces.exe 3012 8,688 K 18,960 K Microsoft Security Client User Interface Microsoft Corporation "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
quickset.exe 3500 8,896 K 11,104 K QuickSet Dell Inc. "C:\Program Files\Dell\QuickSet\quickset.exe"
iFrmewrk.exe 3520 14,692 K 26,632 K Intel® PROSet/Wireless Framework Intel® Corporation "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray
DellDock.exe 3640 0.01 46,908 K 16,128 K Dell Dock Stardock Corporation "C:\Program Files\Dell\DellDock\DellDock.exe"
chrome.exe 4288 114,380 K 140,932 K Google Chrome Google Inc. "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
chrome.exe 4784 < 0.01 75,444 K 80,276 K Google Chrome Google Inc. "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/CONTROL/OmniboxPrerenderHitWeightingTrial/OmniboxPrerenderWeight8.0/OmniboxSearchSuggest/6/Prerender/ContentPrefetchPrerender1/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin16/SpdyImpact/spdy3/UMA-Uniformity-Trial-1-Percent/group_14/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-50-Percent/group_01/WarmSocketImpact/warm_socket/WebStoreLinkExperiment/FooterLink/ --extension-process --renderer-print-preview --disable-accelerated-2d-canvas --channel="4288.1.1302419442\1253679770" /prefetch:3
chrome.exe 5024 0.01 50,224 K 36,500 K Google Chrome Google Inc. "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="4288.2.2033494446\301102613" --reduce-gpu-sandbox --disable-image-transport-surface --ignored=" --type=renderer " /prefetch:12
chrome.exe 2132 52,372 K 58,680 K Google Chrome Google Inc. "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/CONTROL/OmniboxPrerenderHitWeightingTrial/OmniboxPrerenderWeight8.0/OmniboxSearchSuggest/6/Prerender/ContentPrefetchPrerender1/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin16/SpdyImpact/spdy3/UMA-Uniformity-Trial-1-Percent/group_14/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-50-Percent/group_01/WarmSocketImpact/warm_socket/WebStoreLinkExperiment/FooterLink/ --renderer-print-preview --disable-accelerated-2d-canvas --channel="4288.4.90968463\1596590116" /prefetch:3
chrome.exe 4364 52,124 K 58,372 K Google Chrome Google Inc. "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/CONTROL/OmniboxPrerenderHitWeightingTrial/OmniboxPrerenderWeight8.0/OmniboxSearchSuggest/6/Prerender/ContentPrefetchPrerender1/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin16/SpdyImpact/spdy3/UMA-Uniformity-Trial-1-Percent/group_14/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-50-Percent/group_01/WarmSocketImpact/warm_socket/WebStoreLinkExperiment/FooterLink/ --renderer-print-preview --disable-accelerated-2d-canvas --channel="4288.13.1909926751\1086389199" /prefetch:3
chrome.exe 4612 60,656 K 67,316 K Google Chrome Google Inc. "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/CONTROL/OmniboxPrerenderHitWeightingTrial/OmniboxPrerenderWeight8.0/OmniboxSearchSuggest/6/Prerender/ContentPrefetchPrerender1/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin16/SpdyImpact/spdy3/UMA-Uniformity-Trial-1-Percent/group_14/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-50-Percent/group_01/WarmSocketImpact/warm_socket/WebStoreLinkExperiment/FooterLink/ --renderer-print-preview --disable-accelerated-2d-canvas --channel="4288.16.2127131851\1263463595" /prefetch:3
procexp.exe 4496 2,488 K 7,488 K Sysinternals Process Explorer Sysinternals - www.sysinternals.com "C:\Users\Natalie\Downloads\ProcessExplorer\procexp.exe"
procexp64.exe 4392 0.40 21,896 K 38,512 K Sysinternals Process Explorer Sysinternals - www.sysinternals.com "C:\Users\Natalie\Downloads\ProcessExplorer\procexp.exe"
avgtray.exe 3936 < 0.01 8,076 K 11,284 K AVG Tray Monitor AVG Technologies CZ, s.r.o. "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
vprot.exe 3964 0.06 9,312 K 14,744 K VProtect Application "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
iTunesHelper.exe 3740 < 0.01 4,124 K 11,692 K iTunesHelper Apple Inc. "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MOM.exe 4380 < 0.01 43,016 K 7,652 K Catalyst Control Center: Monitoring program Advanced Micro Devices Inc. "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
CCC.exe 2948 0.01 118,248 K 25,996 K Catalyst Control Center: Host application ATI Technologies Inc. "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0

BC AdBot (Login to Remove)

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users