1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Task manager Processes

Discussion in 'Windows XP' started by llaniman, Oct 29, 2008.

Thread Status:
Not open for further replies.
Advertisement
  1. llaniman

    llaniman Thread Starter

    Joined:
    Oct 29, 2008
    Messages:
    6
    Why do processes for programs (like winword, firefox) stay in the processes list even after I have exited the programs? Sometimes the amount of memory used is small, other times it is large, Firefox particularly refuses to run or runs badly until I have manually ended the process, but the others just stay there eating up memory.
     
  2. flavallee

    flavallee Trusted Advisor

    Joined:
    May 12, 2002
    Messages:
    78,618
    First Name:
    Frank
    Download and install HijackThis 2.0.2, run a scan with it, then copy-and-paste the entire log here.

    From my experience, most users have too many programs and services running in the background. That will equate to a large number of processes running in Windows Task Manager and will also result in overall slower performance.

    -------------------------------------------------------------------
     
  3. llaniman

    llaniman Thread Starter

    Joined:
    Oct 29, 2008
    Messages:
    6
    Thanks! - here is the file...

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 16:19:29, on 30/10/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16735)
    Boot mode: Normal

    Running processes:
    C:\WINNT\System32\smss.exe
    C:\WINNT\system32\winlogon.exe
    C:\WINNT\system32\services.exe
    C:\WINNT\system32\lsass.exe
    C:\WINNT\system32\svchost.exe
    C:\WINNT\System32\svchost.exe
    C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    C:\WINNT\system32\spoolsv.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\FolderSize\FolderSizeSvc.exe
    C:\WINNT\system32\svchost.exe
    C:\WINNT\system32\CAPRPCSK.EXE
    C:\WINNT\Explorer.EXE
    C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
    C:\WINNT\soundman.exe
    C:\WINNT\System32\svchost.exe
    C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\WINNT\system32\wuauclt.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\WINNT\system32\ctfmon.exe
    C:\Program Files\Plaxo\3.14.0.44\PlaxoHelper_en.exe
    C:\Documents and Settings\Douglas\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Adobe\Acrobat 4.0\Distillr\AcroTray.exe
    C:\WINNT\system32\spool\drivers\w32x86\3\CAPPSWK.EXE
    C:\WINNT\system32\spool\drivers\w32x86\3\CAPPSWK.EXE
    C:\WINNT\system32\spool\drivers\w32x86\3\CAPPSWK.EXE
    C:\WINNT\system32\spool\drivers\w32x86\3\CAPPSWK.EXE
    C:\Program Files\Magic Keyboard\MagicKey.exe
    C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
    C:\Program Files\Magic Keyboard\OSD.EXE
    C:\Program Files\CLCL\CLCL.exe
    C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
    C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE
    C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
    C:\Program Files\Adobe\PageMaker 7.0\PM70.EXE
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
    C:\Program Files\Real\RealPlayer\RealPlay.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.myforecast.com/bin/expanded_forecast.m?city=63264&metric=true
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\coIEPlg.dll
    O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll
    O4 - HKLM\..\Run: [FineReader7NewsReaderPro] C:\Program Files\ABBYY FineReader 7.0 Professional Edition\AbbyyNewsReader.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINNT\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
    O4 - HKLM\..\Run: [SoundMan] soundman.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [CAPON] C:\WINNT\system32\Spool\Drivers\w32x86\3\CAPONN.EXE
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton 360\osCheck.exe"
    O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKCU\..\Run: [updateMgr] c:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINNT\system32\ctfmon.exe
    O4 - HKCU\..\Run: [PlaxoUpdate] C:\Program Files\Plaxo\3.14.0.44\PlaxoHelper_en.exe -a
    O4 - HKCU\..\Run: [PlaxoSysTray] C:\Program Files\Plaxo\3.14.0.44\PlaxoSysTray.exe
    O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Douglas\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
    O4 - HKUS\S-1-5-19\..\RunOnce: [nLite] %systemroot%\inf\nlite.cmd (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\RunOnce: [nLite] %systemroot%\inf\nlite.cmd (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')
    O4 - Startup: Launch Microsoft Office Outlook.lnk = C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
    O4 - Startup: Shortcut to CLCL.lnk = C:\Program Files\CLCL\CLCL.exe
    O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 4.0\Distillr\AcroTray.exe
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Canon LBP-810 Status Window.LNK = C:\WINNT\system32\spool\drivers\w32x86\3\CAPPSWK.EXE
    O4 - Global Startup: Magic Keyboard.lnk = C:\Program Files\Magic Keyboard\MagicKey.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINNT\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINNT\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
    O23 - Service: Folder Size (FolderSize) - Brio - C:\Program Files\FolderSize\FolderSizeSvc.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
    O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
    O23 - Service: InCD Helper (read only) (InCDsrvR) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
    O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
    O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
    O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe

    --
    End of file - 9270 bytes
     
  4. flavallee

    flavallee Trusted Advisor

    Joined:
    May 12, 2002
    Messages:
    78,618
    First Name:
    Frank
    You might want to print off these instructions so you can follow them more easily and not miss anything.

    ----------------------------------------------------------------

    Go here to download Sun Java Runtime Environment 1.6.0.10, but don't install it yet.

    Go into Add/Remove Programs and uninstall version 1.6.0.07 and any other older version that might be present.

    After that's done, go into the C:\Program Files\Java folder and then delete any leftover folders inside the Java folder.

    Install version 1.6.0.10 and then restart your computer.

    ---------------------------------------------------------------

    Click Start - Run, type in MSCONFIG and then click OK - "Startup" tab.

    Remove the checkmark from:

    SunJavaUpdateSched C:\Program Files\Java\jre1.6.0_10\bin\jusched.exe

    SoundMan soundman.exe

    Adobe Reader Speed Launcher C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe

    QuickTime Task C:\Program Files\QuickTime\QTTask.exe

    iTunesHelper C:\Program Files\iTunes\iTunesHelper.exe

    updateMgr c:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe

    MSMSGS C:\Program Files\Messenger\msmsgs.exe

    Google Update C:\Documents and Settings\Douglas\Local Settings\Application Data\Google\Update\GoogleUpdate.exe

    Acrobat Assistant C:\Program Files\Adobe\Acrobat 4.0\Distillr\AcroTray.exe

    Adobe Gamma Loader C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

    Click Apply - OK - Do Not Restart.

    Click Start - Run, type in SERVICES.MSC and then click OK.

    Expand the Services window so you can see the list more clearly.

    Double-click on(or right-click on and then click Properties):

    Bonjour Service

    InstallDriver Table Manager


    Change the setting from "Automatic" to "Manual" and then click Apply. You have to do one entry at a time.

    Close the Services window and then restart your computer.

    When the small SCU window appears on the desktop during restart, ignore the message. Place a checkmark in it and then click OK.

    ---------------------------------------------------------------

    After all the above had been done, run a new scan with HijackThis and then post that new log here.

    ---------------------------------------------------------------

    I'm not sure if these log entries:

    O4 - HKUS\S-1-5-19\..\RunOnce: [nLite] %systemroot%\inf\nlite.cmd (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\RunOnce: [nLite] %systemroot%\inf\nlite.cmd (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')


    are normal or are a problem. Let's see if one of the malware/hijackthis experts jumps in to advise.

    ----------------------------------------------------------------
     
  5. llaniman

    llaniman Thread Starter

    Joined:
    Oct 29, 2008
    Messages:
    6
    Thanks flavalee, looks complicated! I am going on holiday for two weeks, will try this on my return
     
  6. flavallee

    flavallee Trusted Advisor

    Joined:
    May 12, 2002
    Messages:
    78,618
    First Name:
    Frank
    It's not complicated at all. Just follow the directions carefully and you'll be fine.

    -----------------------------------------------------------------
     
  7. Frank4d

    Frank4d Retired Trusted Advisor

    Joined:
    Sep 10, 2006
    Messages:
    9,126
    One process you mentioned, "Winword", will be open anytime "Outlook" is open.
     
  8. flavallee

    flavallee Trusted Advisor

    Joined:
    May 12, 2002
    Messages:
    78,618
    First Name:
    Frank
    Yep. Unless you have a reason for having your Microsoft Outlook e-mail program automatically load and run, you can open it manually when you're ready to use it.

    If you want to open it manually when needed, you can uncheck this startup entry:

    Launch Microsoft Office Outlook C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE

    with the rest of the list in post #4.

    -------------------------------------------------------------------
     
  9. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/763903

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice