Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

my computer is dead slow. I think it's infected. Pls. help

malware infection

  • Please log in to reply

#61
abhi6512

abhi6512

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 143 posts

Hi Kinner,

 

I unchecked all the services  in service tab of msconfig & rebooted the machine. Machine is still slow (though Interrupts still shows <0.01 in process explorer log executed in safe mode).

 

Bit perplexed - which option should I proceed with now?

1. Try checking half the options in service tab & figure the service that makes Interrupts jump above 1.5%, by trial n error method or

2. check for the video driver 

 

If I have to execute option 2 what should I be doing here after rebooting machine in safe mode with low resolution video option.

 

-Abhi


Edited by abhi6512, 14 July 2016 - 11:22 PM.

  • 0

Advertisements


#62
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,598 posts
  • MVP

Could I see a Process Explorer log with everything unchecked?  It would still be useful to know what process is causing the high Interrupts.

 

If you do Option 2 then you just check to see if it runs faster and make a Process Explorer log so I can see what you have


  • 0

#63
abhi6512

abhi6512

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 143 posts

Sure Kinner - I shall post both the explorer logs soon. I just came back from a 2 week long PTO.

 

-Abhi


  • 0

#64
abhi6512

abhi6512

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 143 posts

Hi Kinner,

 

PFB the logs. Sorry for the delay from my end.

 

Log in safe mode with all boxes unchecked:

 

Process CPU Private Bytes Working Set PID Description Company Name Verified Signer
System Idle Process 99.23 0 K 24 K 0
procexp.exe 0.77 19,560 K 26,056 K 972 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
csrss.exe < 0.01 1,700 K 5,640 K 468 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows
svchost.exe < 0.01 12,384 K 16,940 K 1016 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
explorer.exe < 0.01 23,008 K 31,620 K 1844 Windows Explorer Microsoft Corporation (Verified) Microsoft Windows
WmiPrvSE.exe < 0.01 3,244 K 5,848 K 620 WMI Provider Host Microsoft Corporation (Verified) Microsoft Windows
MsMpEng.exe < 0.01 73,228 K 38,748 K 860 Antimalware Service Executable Microsoft Corporation (Verified) Microsoft Corporation
services.exe < 0.01 2,236 K 5,036 K 548 Services and Controller app Microsoft Corporation (Verified) Microsoft Windows
svchost.exe < 0.01 13,288 K 13,144 K 1096 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
csrss.exe < 0.01 1,536 K 4,984 K 432 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows
Interrupts < 0.01 0 K 0 K n/a Hardware Interrupts and DPCs
wmpnscfg.exe 1,524 K 4,504 K 388 Windows Media Player Network Sharing Service Configuration Application Microsoft Corporation (Verified) Microsoft Windows
winlogon.exe 1,376 K 4,420 K 520 Windows Logon Application Microsoft Corporation (Verified) Microsoft Windows
wininit.exe 1,124 K 3,732 K 476 Windows Start-Up Application Microsoft Corporation (Verified) Microsoft Windows
unsecapp.exe 2,112 K 4,084 K 1064 Sink to receive asynchronous callbacks for WMI client application Microsoft Corporation (Verified) Microsoft Windows
System 0 K 46,684 K 4
svchost.exe 7,796 K 11,884 K 1056 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 2,564 K 5,412 K 776 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 2,128 K 5,208 K 716 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 3,360 K 5,860 K 1112 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 4,228 K 6,460 K 984 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 6,200 K 10,280 K 1244 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 2,188 K 5,212 K 1348 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
smss.exe 288 K 744 K 380 Windows Session Manager Microsoft Corporation (Verified) Microsoft Windows
lsm.exe 1,512 K 3,648 K 572 Local Session Manager Service Microsoft Corporation (Verified) Microsoft Windows
lsass.exe 2,896 K 7,304 K 564 Local Security Authority Process Microsoft Corporation (Verified) Microsoft Windows
 
Log in safe mode with vdo option & all boxes unchecked:
 
Process CPU Private Bytes Working Set PID Description Company Name Verified Signer
System Idle Process 89.23 0 K 24 K 0
dwm.exe 0.77 34,832 K 23,696 K 2504 Desktop Window Manager Microsoft Corporation (No signature was present in the subject) Microsoft Corporation
Interrupts 5.38 0 K 0 K n/a Hardware Interrupts and DPCs
procexp.exe 4.62 18,836 K 29,748 K 3348 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
System 0 K 2,556 K 4
svchost.exe 26,308 K 25,228 K 1156 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
explorer.exe < 0.01 31,080 K 33,548 K 2660 Windows Explorer Microsoft Corporation (No signature was present in the subject) Microsoft Corporation
WmiPrvSE.exe 4,744 K 7,756 K 1224
WmiPrvSE.exe 3,200 K 5,316 K 3096
wlanext.exe 1,912 K 4,748 K 1676
winlogon.exe 2,068 K 5,128 K 732
wininit.exe 1,240 K 3,732 K 588
unsecapp.exe 2,272 K 4,228 K 3028 Sink to receive asynchronous callbacks for WMI client application Microsoft Corporation (No signature was present in the subject) Microsoft Corporation
taskeng.exe < 0.01 9,048 K 7,584 K 2592 Task Scheduler Engine Microsoft Corporation (Verified) Microsoft Windows
taskeng.exe 1,276 K 3,888 K 2512
svchost.exe 10,644 K 12,596 K 1808 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 50,544 K 51,692 K 1136 Host Process for Windows Services Microsoft Corporation (No signature was present in the subject) Microsoft Corporation
svchost.exe 2,408 K 5,276 K 836 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 15,316 K 10,644 K 1084 Host Process for Windows Services Microsoft Corporation (No signature was present in the subject) Microsoft Corporation
svchost.exe 3,412 K 6,468 K 4088 Host Process for Windows Services Microsoft Corporation (No signature was present in the subject) Microsoft Corporation
svchost.exe 13,792 K 10,816 K 1548 Host Process for Windows Services Microsoft Corporation (No signature was present in the subject) Microsoft Corporation
svchost.exe 1,600 K 4,360 K 3988
svchost.exe 2,728 K 5,324 K 900 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 2,136 K 4,864 K 380 Host Process for Windows Services Microsoft Corporation (No signature was present in the subject) Microsoft Corporation
svchost.exe 1,876 K 4,420 K 1284 Host Process for Windows Services Microsoft Corporation (No signature was present in the subject) Microsoft Corporation
svchost.exe 6,292 K 9,472 K 1348 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 2,076 K 3,112 K 1972 Host Process for Windows Services Microsoft Corporation (No signature was present in the subject) Microsoft Corporation
svchost.exe 4,268 K 5,972 K 544 Host Process for Windows Services Microsoft Corporation (No signature was present in the subject) Microsoft Corporation
svchost.exe 596 K 2,056 K 656 Host Process for Windows Services Microsoft Corporation (No signature was present in the subject) Microsoft Corporation
spoolsv.exe 5,976 K 8,384 K 1784 Spooler SubSystem App Microsoft Corporation (No signature was present in the subject) Microsoft Corporation
smss.exe 288 K 664 K 484
SLsvc.exe 5,664 K 7,684 K 1300 Microsoft Software Licensing Service Microsoft Corporation (Verified) Microsoft Windows
services.exe 2,372 K 6,288 K 632
SearchIndexer.exe 36,076 K 7,064 K 988 Microsoft Windows Search Indexer Microsoft Corporation (Verified) Microsoft Windows
MsMpEng.exe 76,540 K 26,732 K 936 Antimalware Service Executable Microsoft Corporation (Verified) Microsoft Corporation
lsm.exe 1,744 K 3,680 K 660
lsass.exe 3,416 K 7,408 K 652 Local Security Authority Process Microsoft Corporation (Verified) Microsoft Windows
csrss.exe 1,576 K 4,656 K 536
csrss.exe 1,664 K 5,856 K 600
audiodg.exe 13,052 K 13,068 K 1256
 
-Abhi

  • 0

#65
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,598 posts
  • MVP

The first Process Explorer log looks almost ideal.  Hard to believe it is running slow.  I would work from that and go back and check one half of the items, reboot and see if Interrupts shoots up.  Try to find which check causes the problem.  Then we can see about replacing it with a better program.  Once we have Process Explorer looking good with everything checked then we can look for other problems.


  • 0

#66
abhi6512

abhi6512

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 143 posts

ok kinner. I would  work with half of th eitems checked.

One query - Log for safe mofe with vdo option - ru good with the interrupts value around 5.38?

 

-Abhi


  • 0

#67
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,598 posts
  • MVP

interrupts value around 5.38 are still very bad.  We really need it under 1.5


  • 0

#68
abhi6512

abhi6512

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 143 posts
Hi Kinner,
 
One Query - Every time I check/uncheck options in services tab, do I need to restart the computer to test the computer performance?
Also, what do we need to do to improve on the interrupt value that's currently around 5.38?
 
-Abhi.

  • 0

#69
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,598 posts
  • MVP

Anything you do in msconfig only takes effect on the next boot.

 

A high interrupts value is usually a bad driver but can be a bad program.


  • 0

#70
abhi6512

abhi6512

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 143 posts

Thanks Kinner. I tried several combinations till now but my machine is behaving good surprisingly.

I will do another round of testing & get back to you.

 

-Abhi


  • 0

Advertisements


#71
abhi6512

abhi6512

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 143 posts
Hi Kinner,
 
My machine is still slow. I tried several permutations combinations of checking & unchecking the services.
With all the services unchecked speed is little bit improved when working locally but when browsing internet it's still [bleep] slow.
Using windows explorer and other local usage is still slow with bit of improvement in speed - all services unchecked.
 
Pls. suggest if I need to send you any report or dump or any other options to try to improve the speed
 
-Abhi

  • 0

#72
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,598 posts
  • MVP

Another process explorer log please.

 

Also let's check the Internet connection:

 

Go to http://www.speedtest.net/and click on Begin Test
 
When the Test finishes click on Share This Result and then select Forum then Copy then move to a reply and Ctrl + v

  • 0

#73
abhi6512

abhi6512

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 143 posts

Hi Kinner,

 

I will share the process explorer log.

Regarding internet speed - I use the same broadband & speed is very gud when I'm using internet on my smartfone that too through wifi.

 

-Abhishek


Edited by abhi6512, 19 August 2016 - 10:14 PM.

  • 0

#74
abhi6512

abhi6512

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 143 posts

Hi Kinner,

 

PFB the process explorer log (in safe mode with n/w & all the services unchecked).

I'm sorry for my delayed responses, actually I'm hardly using this machine these days it being so slow. Planning to buy a new one, may be it being old it's just getting slower n slower, day by day, no matter whatever we do to recover it.

 

**********************************************************************************************************************

Process CPU Private Bytes Working Set PID Description Company Name Verified Signer
System Idle Process 98.46 0 K 24 K 0
procexp.exe 1.54 20,412 K 26,576 K 1540 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
csrss.exe < 0.01 1,816 K 6,620 K 468 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows
explorer.exe < 0.01 24,392 K 33,616 K 1060 Windows Explorer Microsoft Corporation (Verified) Microsoft Windows
chrome.exe < 0.01 43,880 K 69,612 K 2008 Google Chrome Google Inc. (Verified) Google Inc
svchost.exe < 0.01 2,784 K 5,592 K 772 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe < 0.01 2,124 K 5,228 K 716 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
chrome.exe < 0.01 57,596 K 70,516 K 1464 Google Chrome Google Inc. (Verified) Google Inc
services.exe < 0.01 2,284 K 5,104 K 548 Services and Controller app Microsoft Corporation (Verified) Microsoft Windows
svchost.exe < 0.01 13,088 K 13,132 K 1096 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe < 0.01 11,496 K 16,064 K 1008 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
WmiPrvSE.exe < 0.01 3,020 K 5,680 K 1812 WMI Provider Host Microsoft Corporation (Verified) Microsoft Windows
csrss.exe < 0.01 1,520 K 4,988 K 432 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows
Interrupts < 0.01 0 K 0 K n/a Hardware Interrupts and DPCs
wmpnscfg.exe 1,632 K 4,616 K 1608 Windows Media Player Network Sharing Service Configuration Application Microsoft Corporation (Verified) Microsoft Windows
winlogon.exe 1,360 K 4,432 K 512 Windows Logon Application Microsoft Corporation (Verified) Microsoft Windows
wininit.exe 1,104 K 3,696 K 476 Windows Start-Up Application Microsoft Corporation (Verified) Microsoft Windows
unsecapp.exe 2,120 K 4,080 K 1848 Sink to receive asynchronous callbacks for WMI client application Microsoft Corporation (Verified) Microsoft Windows
System 0 K 46,980 K 4
svchost.exe 7,692 K 11,788 K 1048 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 4,224 K 6,656 K 980 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 6,408 K 10,420 K 1240 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 2,220 K 5,188 K 1340 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 3,356 K 5,920 K 1112 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
smss.exe 288 K 744 K 380 Windows Session Manager Microsoft Corporation (Verified) Microsoft Windows
MsMpEng.exe 75,552 K 41,044 K 844 Antimalware Service Executable Microsoft Corporation (Verified) Microsoft Corporation
lsm.exe 1,644 K 3,796 K 572 Local Session Manager Service Microsoft Corporation (Verified) Microsoft Windows
lsass.exe 2,876 K 1,956 K 564 Local Security Authority Process Microsoft Corporation (Verified) Microsoft Windows
chrome.exe 44,728 K 46,040 K 2632 Google Chrome Google Inc. (Verified) Google Inc
chrome.exe 25,524 K 21,692 K 1924 Google Chrome Google Inc. (Verified) Google Inc
chrome.exe 28,928 K 25,496 K 1984 Google Chrome Google Inc. (Verified) Google Inc
chrome.exe 23,384 K 17,028 K 324 Google Chrome Google Inc. (Verified) Google Inc
chrome.exe 14,960 K 15,552 K 2908 Google Chrome Google Inc. (Verified) Google Inc
chrome.exe 1,168 K 3,880 K 1692 Google Chrome Google Inc. (Verified) Google Inc
chrome.exe 29,964 K 28,644 K 1880 Google Chrome Google Inc. (Verified) Google Inc
 

***************************************************************************************************************************************************************

 

Speed test

***********************************************************************************************

5606916338.png

 

-Abhi

 

 

 

 


  • 0

#75
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,598 posts
  • MVP

Delays are no problem.  I don't keep track.

 

Your last PE log looks good.  Should be fairly responsive in this mode.  I assume the speed looks about what you are paying for?

 

If you boot into regular mode leaving the services unchecked what does it look like then?


  • 0






Similar Topics


Also tagged with one or more of these keywords: malware infection

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP