Too many proscesses(45 at idle)
-
Too many proscesses(45 at idle)
Over the 20 months I've run my PCUSA.com-built machine, lots of running things have crept into my little junk yard to squat inside of my abandoned but useful junk.
George Carlin said it best when he offered ;Your stuff is junk...my junk is stuff...if you get5 my drift! CODE stuff starter is loaded and ready but it may not be necessary:-\ too!
I would like to just post a log of my proscesses if that helps (but you'll have to tell me how) but I want to trim the junk as soon as possible.
There are other concerns that I hope to resolve soon, but this bulky Balky list is at the top of my do sheet.
Thanx in advance
-
First off get Hijack This!
http://www.majorgeeks.com/download3155.html
Theres a guide to using it on that page but it will allow you to save a log file which displays all your running processes which you can then post easily here. Someone (not me!) in the know will then guide you through the rest.
-
Yopp, exactlya as hersnab said, run HijackThis and post back the log. Once u done that we will have a look 
-
UNDERWEAR and all, check out myjunk / STUFF..I think I'm seeing dDoubBle
Logfile of HijackThis v1.98.2
Scan saved at 12:41:21 PM, on 4/3/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lexmark X5100 Series\lxbabmgr.exe
C:\Program Files\Lexmark X5100 Series\lxbabmon.exe
C:\Program Files\BroadJump\Client Foundation\CFD.exe
C:\Program Files\Creative\SBAudigy LS\Surround Mixer\CTSysVol.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\NovaStor\NovaBACKUP\NbkCtrl.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\PROGRA~1\NovaStor\NOVABA~1\NSENGINE.exe
C:\WINDOWS\system32\CTSVCCDA.EXE
C:\WINDOWS\SYSTEM32\GEARSEC.EXE
C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\slserv.exe
C:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\TBPanel.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\Documents and Settings\Robert Redford\Desktop\Unused Desktop Shortcuts\FreeRAM XP Pro 1.40.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ASUS\Probe\ASUSPROB.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Robert Redford\Desktop\HijackThis.exe
C:\Program Files\Messenger\msmsgs.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://my.myway.com/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Idea2 SidebarBrowserMonitor Class - {45AD732C-2CE2-4666-B366-B2214AD57A49} - F:\Desktop Sidebar\sbhelp.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Lexmark X5100 Series] "C:\Program Files\Lexmark X5100 Series\lxbabmgr.exe"
O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy LS\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NovaBackup 7 Tray Control] "C:\Program Files\NovaStor\NovaBACKUP\NbkCtrl.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Gainward] C:\WINDOWS\TBPanel.exe /A
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [WashAndGo - Cleanup of old Backupfiles] "C:\Program Files\WashAndGo\checker.exe /check"
O4 - HKCU\..\Run: [FreeRAM XP] "C:\Documents and Settings\Robert Redford\Desktop\Unused Desktop Shortcuts\FreeRAM XP Pro 1.40.exe" -win
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: E-&mail Page - C:\WINDOWS\Web\Mailto_URL.HTM
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - F:\Desktop Sidebar\sbhelp.dll
O9 - Extra 'Tools' menuitem: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - F:\Desktop Sidebar\sbhelp.dll
O9 - Extra button: Flash Movie Extractor Scout - {4AD9B94F-4178-4DAB-9A4F-444AE80EE35A} - C:\Program Files\Flash Movie Extractor Scout\flashextract.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .bcf: C:\Program Files\Internet Explorer\Plugins\NPBelv32.dll
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/12119/CTSUEng.cab
O16 - DPF: {1842B0EE-B597-11D4-8997-00104BD12D94} (iCC Class) - http://www.pcpitstop.com/internet/pcpConnCheck.cab
O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/214b6e89...p/RdxIE601.cab
O16 - DPF: {6F74F92E-8DD8-4DDE-8FB8-CBB882A68048} - file://E:\cd\setup\mitm0026.cab
O16 - DPF: {72D59B9C-1E59-4958-803A-ABDEE2D4CFA6} - http://download.divx.com/player/DivXPlayerInstaller.exe
O16 - DPF: {82202BE7-C56A-487E-9E55-D84BDC1A5776} - http://install.anark.com/client/vers...n/AMClient.cab
O16 - DPF: {E123BED4-B8C7-42BB-958F-F13CA77EF95D} (Anark Client ActiveX Control) - http://install.anark.com/client/vers...n/AMClient.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) -
http://www.creative.com/su/ocx/15008/CTPID.cab
-
-
Ok, had a look at the processes list and sorted out the vital ones that u better not touch. Here is the list of delinquents which are to be discussed
C:\Program Files\Ahead\InCD\InCDsrv.exe
Not really vital, unless u regularly use packet writing to CD-RWs
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Lexmark X5100 Series\lxbabmgr.exe
C:\Program Files\Lexmark X5100 Series\lxbabmon.exe
Print Managment Software which offers all that status information
on fill grade of the ink cartridges and stuff, LexPPS is responsible for printer sharing over a network. Turning that off wont affect printing much unless you print over a network though.
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
All part of Norton System works, which i say is way oversized and clogging ur system up a lot. NPROTECT (Norton Protection might as well be turned off)
C:\Program Files\Creative\SBAudigy LS\Surround Mixer\CTSysVol.exe
C:\WINDOWS\system32\CTSVCCDA.EXE
The latter one can be disabled no problem. ctsvccda.exe this process was authored by Creative Labs, and is usually installed alongside Soundblaster card drivers or some Creative Labs applications. It assists Windows manage the CD-Rom on Windows 9x and Me systems, however it has no use on faster CD-Rom drives.
C:\PROGRA~1\NovaStor\NOVABA~1\NSENGINE.exe
C:\Program Files\NovaStor\NovaBACKUP\NbkCtrl.exe
No idead what this is, guess some backup software. Might as well be started manually.
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
Kill this, kill this, kill this, kill this
C:\Program Files\BroadJump\Client Foundation\CFD.exe
cfd.exe is a process belonging to a trouble-shooting software from Motive Communications. It enables your broadband provider to offer easy installation and ongoing services to your computer. Kill this kill this
C:\WINDOWS\SYSTEM32\GEARSEC.EXE
DVD and CD copy engine, can be disabled or started manually
C:\WINDOWS\system32\slserv.exe
C:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
Norton Speeddisk, can be started manually
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
Can be started manually
C:\WINDOWS\TBPanel.exe
Gainward Toll/Taskutility, leave it running if you change display settings a lot
Other then that remove it from starting automatically.
C:\Documents and Settings\Robert Redford\Desktop\Unused Desktop Shortcuts\FreeRAM XP Pro 1.40.exe
Useless piece of ****, kill this
C:\Program Files\ASUS\Probe\ASUSPROB.EXE
Motherboard Managment Software, can be disabled
C:\Program Files\Messenger\msmsgs.exe
MSN Messenger, depends on if u use it or not
Sooooo,
long text, lost several keys on my keyboard.
Bottom line:
All the processes above are non-vital for the correct operation of Windows XP. If u want the number of processes to be decreased u can theoretically set their starting options to Manual. To do that go to Start - Run and type services.msc then confirm with OK, this will bring you to the list of services. Rightclick the service you want to change, select Properties and set the Starting type to "manual", then apply and u are done.
As i said already, all of them services could be set to manual, best way to figure out if this causes any problems is to change them one by one.
Oh right, and excuse my english, i am german after all ehheheh.
If u got any questions just lemme know
-
Be back after a few unwind5,
might even unwind myself.
I'll follow your guide then re-boot an send another "proof" log
-
Do that,
meanwhile i have a look at the rest of that logfile
-
Whew! I hope I didn't cough up anything I wanted to keep!
Logfile of HijackThis v1.98.2
Scan saved at 2:22:36 PM, on 4/3/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Creative\SBAudigy LS\Surround Mixer\CTSysVol.exe
C:\WINDOWS\system32\CTSVCCDA.EXE
C:\WINDOWS\SYSTEM32\GEARSEC.EXE
C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\slserv.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\Documents and Settings\Robert Redford\Desktop\HijackThis.exe
C:\WINDOWS\System32\svchost.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://my.myway.com/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Idea2 SidebarBrowserMonitor Class - {45AD732C-2CE2-4666-B366-B2214AD57A49} - F:\Desktop Sidebar\sbhelp.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy LS\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [WashAndGo - Cleanup of old Backupfiles] "C:\Program Files\WashAndGo\checker.exe /check"
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: E-&mail Page - C:\WINDOWS\Web\Mailto_URL.HTM
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - F:\Desktop Sidebar\sbhelp.dll
O9 - Extra 'Tools' menuitem: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - F:\Desktop Sidebar\sbhelp.dll
O9 - Extra button: Flash Movie Extractor Scout - {4AD9B94F-4178-4DAB-9A4F-444AE80EE35A} - C:\Program Files\Flash Movie Extractor Scout\flashextract.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .bcf: C:\Program Files\Internet Explorer\Plugins\NPBelv32.dll
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/12119/CTSUEng.cab
O16 - DPF: {1842B0EE-B597-11D4-8997-00104BD12D94} (iCC Class) - http://www.pcpitstop.com/internet/pcpConnCheck.cab
O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/214b6e89...p/RdxIE601.cab
O16 - DPF: {6F74F92E-8DD8-4DDE-8FB8-CBB882A68048} - file://E:\cd\setup\mitm0026.cab
O16 - DPF: {72D59B9C-1E59-4958-803A-ABDEE2D4CFA6} - http://download.divx.com/player/DivXPlayerInstaller.exe
O16 - DPF: {82202BE7-C56A-487E-9E55-D84BDC1A5776} - http://install.anark.com/client/vers...n/AMClient.cab
O16 - DPF: {E123BED4-B8C7-42BB-958F-F13CA77EF95D} (Anark Client ActiveX Control) - http://install.anark.com/client/vers...n/AMClient.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15008/CTPID.cab
-
I FEEL LIKE WE'VE MADE GOOD PROGRESS HERE , My system seems lighter on it's feet and it's down to 35 running proc's... BTW,I had to restart some of Symantec's stuff because I had turned off the Auto-Protect and e-mail scanning.
But to my surprise you were right-on with Broadjump Client Foundation I uninstalled it and still have my dsl connection! Thanks Bad!
Newbie
