Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

NT Kernel & System

NT Kernel

  • Please log in to reply

#1
joseph456

joseph456

    Member

  • Member
  • PipPipPip
  • 380 posts

NT Kernel is constantly running.  How can I find out what it is connected to and why it is running?


Edited by joseph456, 22 November 2020 - 07:26 PM.

  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 23,305 posts
  • MVP

https://helpdeskgeek...age-in-windows/


  • 0

#3
joseph456

joseph456

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 380 posts

Thanks I saw that.  However, not sure how to run it in Windows 7 since it seemed like it was only good for XP?  Or maybe I am not sure how to run it in command line.  I downloaded the program but not sure what to do next.


  • 0

#4
RKinner

RKinner

    Malware Expert

  • Expert
  • 23,305 posts
  • MVP

Sorry didn't catch that KernView only ran on XP.  Use Process Explorer instead.
 Get Process Explorer

https://live.sysinte...com/procexp.exe

Save it to your desktop then run it (Vista or Win7+ - right click and Run As Administrator).  

View, Select Column, check Verified Signer, OK
Options, Verify Image Signatures


 Click on System then right click and select Properties then Threads and it should show you what is running in System.  They should be sorted by CPU use so the big users are at the top.  You can select one then hit Module and it will tell you what driver you are looking at.

 

 

An alternative is Latency Monitor:

 

Go to

http://www.resplendence.com/downloads

Scroll down to

System Monitoring Tools

and then find

LatencyMon 6.70 (or it may be a higher number if they update)

Click on Download free home edition

Save it then right click and Run As Admin.  It will install and then start the program.  
It will tell you to click on the Start button but there isn't one.  
Instead click on the green arrowhead (looks like a Play button).   Let it run for at least 20 seconds.  Then hit the red box to stop it.

Edit, Copy Report text to Clipboard then move to a REPLY and Ctrl + v to paste the text into a reply.  


Click on the Drivers Tab.  Click on the column header for "Total execution (ms)" once or twice until the biggest numbers are at the top of the column then take a screen shot (save as type jpg) and attach it.  
Click on the Processes tab then click on the  "Hard Pagefaults" column header once or twice until the big numbers are at the top of the column.  Take a screen shot (save as type jpg) and attach it.


  • 0

#5
joseph456

joseph456

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 380 posts

Here is the result from Latency Mon 7.0

 

Note unable to get a result from Process Explorer - see attachment

 

Attached other information from Latency Monitor

 

Also attached NT Kernel snapshot.  Not taking up a lot of CPU but running constantly

 

Thanks for your help!

 

 

 

________________________________________________________________________________________________________
CONCLUSION
_________________________________________________________________________________________________________
Your system appears to be having trouble handling real-time audio and other tasks. You are likely to experience buffer underruns appearing as drop outs, clicks or pops. One problem may be related to power management, disable CPU throttling settings in Control Panel and BIOS setup. Check for BIOS updates.
LatencyMon has been analyzing your system for  0:02:09  (h:mm:ss) on all processors.


_________________________________________________________________________________________________________
SYSTEM INFORMATION
_________________________________________________________________________________________________________
Computer name:                                        MININT-OEST1FQ
OS version:                                           Windows 7 Service Pack 1, 6.1, build: 7601 (x64)
Hardware:                                             Latitude E6540, Dell Inc.
CPU:                                                  GenuineIntel Intel® Core™ i7-4800MQ CPU @ 2.70GHz
Logical processors:                                   8
Processor groups:                                     1
RAM:                                                  16289 MB total


_________________________________________________________________________________________________________
CPU SPEED
_________________________________________________________________________________________________________
Reported CPU speed:                                   2693 MHz

Note: reported execution times may be calculated based on a fixed reported CPU speed. Disable variable speed settings like Intel Speed Step and AMD Cool N Quiet in the BIOS setup for more accurate results.


_________________________________________________________________________________________________________
MEASURED INTERRUPT TO USER PROCESS LATENCIES
_________________________________________________________________________________________________________
The interrupt to process latency reflects the measured interval that a usermode process needed to respond to a hardware request from the moment the interrupt service routine started execution. This includes the scheduling and execution of a DPC routine, the signaling of an event and the waking up of a usermode thread from an idle wait state in response to that event.

Highest measured interrupt to process latency (µs):   39739.622928
Average measured interrupt to process latency (µs):   21.083881

Highest measured interrupt to DPC latency (µs):       847.650905
Average measured interrupt to DPC latency (µs):       3.191645


_________________________________________________________________________________________________________
 REPORTED ISRs
_________________________________________________________________________________________________________
Interrupt service routines are routines installed by the OS and device drivers that execute in response to a hardware interrupt signal.

Highest ISR routine execution time (µs):              98.044189
Driver with highest ISR routine execution time:       ndis.sys - NDIS 6.20 driver, Microsoft Corporation

Highest reported total ISR routine time (%):          0.006404
Driver with highest ISR total time:                   hal.dll - Hardware Abstraction Layer DLL, Microsoft Corporation

Total time spent in ISRs (%)                          0.011847

ISR count (execution time <250 µs):                   20765
ISR count (execution time 250-500 µs):                0
ISR count (execution time 500-1000 µs):               0
ISR count (execution time 1000-2000 µs):              0
ISR count (execution time 2000-4000 µs):              0
ISR count (execution time >=4000 µs):                 0


_________________________________________________________________________________________________________
REPORTED DPCs
_________________________________________________________________________________________________________
DPC routines are part of the interrupt servicing dispatch mechanism and disable the possibility for a process to utilize the CPU while it is interrupted until the DPC has finished execution.

Highest DPC routine execution time (µs):              878.828444
Driver with highest DPC routine execution time:       iaStorA.sys - Intel Rapid Storage Technology driver - x64, Intel Corporation

Highest reported total DPC routine time (%):          0.025618
Driver with highest DPC total execution time:         iusb3xhc.sys - Intel® USB 3.0 eXtensible Host Controller Driver, Intel Corporation

Total time spent in DPCs (%)                          0.084554

DPC count (execution time <250 µs):                   118200
DPC count (execution time 250-500 µs):                0
DPC count (execution time 500-10000 µs):              30
DPC count (execution time 1000-2000 µs):              0
DPC count (execution time 2000-4000 µs):              0
DPC count (execution time >=4000 µs):                 0


_________________________________________________________________________________________________________
 REPORTED HARD PAGEFAULTS
_________________________________________________________________________________________________________
Hard pagefaults are events that get triggered by making use of virtual memory that is not resident in RAM but backed by a memory mapped file on disk. The process of resolving the hard pagefault requires reading in the memory from disk while the process is interrupted and blocked from execution.

NOTE: some processes were hit by hard pagefaults. If these were programs producing audio, they are likely to interrupt the audio stream resulting in dropouts, clicks and pops. Check the Processes tab to see which programs were hit.

Process with highest pagefault count:                 firefox.exe

Total number of hard pagefaults                       34
Hard pagefault count of hardest hit process:          17
Number of processes hit:                              3


_________________________________________________________________________________________________________
 PER CPU DATA
_________________________________________________________________________________________________________
CPU 0 Interrupt cycle time (s):                       2.799938
CPU 0 ISR highest execution time (µs):                94.680654
CPU 0 ISR total execution time (s):                   0.106093
CPU 0 ISR count:                                      20312
CPU 0 DPC highest execution time (µs):                878.828444
CPU 0 DPC total execution time (s):                   0.761383
CPU 0 DPC count:                                      113554
_________________________________________________________________________________________________________
CPU 1 Interrupt cycle time (s):                       1.869351
CPU 1 ISR highest execution time (µs):                98.044189
CPU 1 ISR total execution time (s):                   0.005024
CPU 1 ISR count:                                      165
CPU 1 DPC highest execution time (µs):                299.326030
CPU 1 DPC total execution time (s):                   0.050072
CPU 1 DPC count:                                      1742
_________________________________________________________________________________________________________
CPU 2 Interrupt cycle time (s):                       1.284345
CPU 2 ISR highest execution time (µs):                64.226513
CPU 2 ISR total execution time (s):                   0.002945
CPU 2 ISR count:                                      81
CPU 2 DPC highest execution time (µs):                250.349053
CPU 2 DPC total execution time (s):                   0.012911
CPU 2 DPC count:                                      635
_________________________________________________________________________________________________________
CPU 3 Interrupt cycle time (s):                       1.426071
CPU 3 ISR highest execution time (µs):                86.960267
CPU 3 ISR total execution time (s):                   0.005523
CPU 3 ISR count:                                      129
CPU 3 DPC highest execution time (µs):                259.588192
CPU 3 DPC total execution time (s):                   0.022570
CPU 3 DPC count:                                      896
_________________________________________________________________________________________________________
CPU 4 Interrupt cycle time (s):                       1.561641
CPU 4 ISR highest execution time (µs):                83.511326
CPU 4 ISR total execution time (s):                   0.000947
CPU 4 ISR count:                                      25
CPU 4 DPC highest execution time (µs):                161.252878
CPU 4 DPC total execution time (s):                   0.008765
CPU 4 DPC count:                                      468
_________________________________________________________________________________________________________
CPU 5 Interrupt cycle time (s):                       1.172249
CPU 5 ISR highest execution time (µs):                69.154475
CPU 5 ISR total execution time (s):                   0.001028
CPU 5 ISR count:                                      28
CPU 5 DPC highest execution time (µs):                218.451170
CPU 5 DPC total execution time (s):                   0.009627
CPU 5 DPC count:                                      418
_________________________________________________________________________________________________________
CPU 6 Interrupt cycle time (s):                       1.067425
CPU 6 ISR highest execution time (µs):                52.803565
CPU 6 ISR total execution time (s):                   0.000757
CPU 6 ISR count:                                      19
CPU 6 DPC highest execution time (µs):                248.333828
CPU 6 DPC total execution time (s):                   0.006212
CPU 6 DPC count:                                      416
_________________________________________________________________________________________________________
CPU 7 Interrupt cycle time (s):                       1.394468
CPU 7 ISR highest execution time (µs):                56.809506
CPU 7 ISR total execution time (s):                   0.000283
CPU 7 ISR count:                                      6
CPU 7 DPC highest execution time (µs):                147.286669
CPU 7 DPC total execution time (s):                   0.003468
CPU 7 DPC count:                                      101
_________________________________________________________________________________________________________

 

Attached Thumbnails

  • Latency Monitor Highest Execution.PNG
  • Latency Monitor Highest Execution.PNG
  • Process Explorer Threads.PNG
  • NT Kernel Snapshot.PNG

Edited by joseph456, Yesterday, 11:10 PM.

  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP