Solved

Multiple processes running

Posted on 2004-03-22
6
681 Views
Last Modified: 2008-02-01
A friend call me today with a problem I have not heard of.  I have not seen it happen yet but trying to troubleshoot over the phone with herI have the following info.  She has a 6month old HP cpu w/ xp media edition on it.  After a fresh boot I had her hit ALT+CTRL+DEL to bring up task manager, 27 instances opened up.  She only hit once and from what I gather didnt hold it down long enough for multiple instances to open.  My initial reaction was a virus but she ran the Norton Live update and then a full scan and it found nothing.  I am going over later tonight.  Any suggestions to look for.  From the time it took to reboot I know she has many programs opening at start up which I will get rid of using msconfig>startup tab.  How many processes should be open on task manager after reboot?
0
Comment
Question by:rngrfan
6 Comments
 
LVL 32

Accepted Solution

by:
Luc Franken earned 250 total points
ID: 10649404
Hi rngrfan,

The computer might have picked up some ad/spyware: (make sure to update before running)
Ad-aware :                          http://www.spychecker.com/download/download_adaware.html
Spybot Search and Destroy : http://www.spychecker.com/download/download_spybot.html
CoolWebShredder :              http://209.133.47.200/~merijn/files/CWShredder.exe

Still no luck? Use this tool and post the logfile.
Hijackthis :                           http://209.133.47.200/~merijn/files/HijackThis.exe

Anyway I don't think 27 processes is very much...

Greetings,

LucF
0
 

Author Comment

by:rngrfan
ID: 10651020
I meant to say that 27 task managers opened up.  I was just curious as to  approx how many processes should be running after a fresh boot.  Is there a list I can check against to see if something is running that should not be?  Are there suspicious ones I should look for?
0
 
LVL 32

Expert Comment

by:Luc Franken
ID: 10651043
Just checked and I have 39 processes running. (Which includes my virusscanner/software firewall/etc)
I don't know what is default, in fact, I don't want to know as it all depends on what you have installed on your computer.

If you're in doubt, please post the logfile from hijackthis so we can take a look at it.

LucF
0
Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

 
LVL 1

Assisted Solution

by:slackspace
slackspace earned 125 total points
ID: 10651169
Hello Rngrfan,

I understand you are getting multiple instances of Task Manager in your friends process list.  Yes, removing Spyware is a great idea.  Yes, doing a full system scan to rul eout a virus is also a great idea.  However, I have had this same thing happen to a customer of mine I was dealing with.  It boiled down to user error.  My customer was holding down the CNTL+ALT+DELETE buttons long enough to launch multiple instances of task manager.  As a test you could have your friend do one of two things:

A)  Right click in a blank area of the task bar, choose Task Manager.

B)  Click on start, click on run, type taskmgr and hit enter.

Either one of those alternative ways of opening the task manager should show only one instance of taskmgr and prove our thoery true.  Hope that answers your question.

Slackspace
0
 

Author Comment

by:rngrfan
ID: 10651222
I would tend to agree and I will find out tonight but I had her do it 2x and heard her do it quick enough the second time so I am pretty certain that is not the case.   She also swears her keyboard is not sticking.
0
 
LVL 10

Assisted Solution

by:LRI41
LRI41 earned 125 total points
ID: 10652768
To many processes in XP

two truly comprehensive web sites:
 which covers the topic of xp efficiency in an extremely thorough and comprehensive manner; which handles virtually any question regarding startup programs.

http://www.blackviper.com/WinXP/servicecfg.htm

This will help you out.

http://www.pacs-portal.co.uk/startup_pages/startup_full.htm

Windows XP Services:

http://www.scotsnewsletter.com/forums/index.php?act=ST&f=4&t=1271&s=


TASK LIST PROGRAMS

Smart Computing Q&A Board
Mossberg's Mailbag, WSJ 3-18-2004

One of the processes listed is "System" for example; when I check this on a web site that I came across, it states concerning "System" - "Leave it alone". The link for Task List Programs for your interest is:

there is a better way to see what's what. Go to

 www.answersthatwork.com

 and click on the button called "Task List." It's a reference library that explains most of these processes, and advises on what to do about them.

http://www.answersthatwork.com/Tasklist_pages/tasklist.htm

Through our support service we often come across problems caused primarily by programs running in the background, programs which in most cases start at the same time as Windows.  Sometimes these programs are useful and need to be there;  quite often, however, they are not needed, and in too many cases they cause severe problems.The pages below are from our in-house database and provide guidance on the usefulness or not of these programs, and removal procedures when recommended.In Windows 95/98/ME you can bring up the Task List by pressing Ctrl+Alt+Del.  In Windows NT4/2000/XP you bring up the Task List by right-clicking on the Task Bar and choosing "Task Manager"
             


Mossberg's Mailbag, WSJ 3-18-2004

At the same Web site

  www.answersthatwork.com

you can buy a $20 program called "The Ultimate Troubleshooter," which places the same list and advice on your own PC, and can also disable processes you don't want.
             

The WinTasks Process Library

The WinTasks Process Library contains information about all common Windows processes as is continously updated with new information. On this page you can find a subset of the most popular processes listed in WinTasks Process Library. The categories available online are: Security Risks, System Processes, and Applications.

http://www.liutilities.com/products/wintaskspro/processlibrary/

Processes
A process is an executable program on both Linux and Windows. By convention, a filename with a .exe extension (suffix) is an executable on Windows. Processes are made by compiling source files and producing executables. Compilation is quite similar on both Windows and Linux:



Process Explorer v7.02

[Lockergnome Windows Digest] A Million Messaging Movies  
Date: 9/20/2003 12:57:01 PM Pacific Daylight Time

Process Explorer v7.02 [152k] W2k/XP FREE

Process Explorer shows you information about which handles and
DLLs processes have opened or loaded. The Process Explorer display
consists of two sub-windows. The top always shows a list of the
currently active processes, including the names of their owning
accounts, whereas the information displayed in the bottom window
depends on the mode that Process Explorer is in. If it is in
handle mode, you'll see the handles that the process (selected in
the top window) has opened; if Process Explorer is in DLL mode,
you'll see the DLLs and memory-mapped files that the process has
loaded. Process Explorer also has a powerful search capability
that will quickly show you which processes have particular handles
opened or DLLs loaded.

   
http://www.mywebattack.com/gnomeapp.php?id=102763

http://www.sysinternals.com/ntw2k/freeware/procexp.shtml


0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
How to safeguard files on QNAP NAS from Cryptolocker virus ? 16 249
Russian pop up ad virus 8 115
Website BlackListed 22 84
Is this virus ? 6 36
Change your password...do it now!. Probably the easiest point of access to your account is through guessing your password. If your password is guessable, do change it now. If not for your sake but for everyone else in your friends list. Remember …
PREFACE The purpose of this guide is to explain what the SEPC Status Utility is and how it works. I have written the utility using AutoIt and have included the source code for your review. You are welcome to modify the code to your liking, but I wi…
Migrating to Microsoft Office 365 is becoming increasingly popular for organizations both large and small. If you have made the leap to Microsoft’s cloud platform, you know that you will need to create a corporate email signature for your Office 365…
This is used to tweak the memory usage for your computer, it is used for servers more so than workstations but just be careful editing registry settings as it may cause irreversible results. I hold no responsibility for anything you do to the regist…

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now