Results 1 to 8 of 8
  1. #1
    2 Star Lounger
    Join Date
    Dec 2009
    Location
    Colorado
    Posts
    135
    Thanks
    7
    Thanked 0 Times in 0 Posts

    Major performance problems, many rogue processes

    My son is having performance problems with his PC. He built it about 5 yrs ago as a gaming system. For quite a while it worked fine, but for the last 6-12 months it's been getting reeealllly slow. I told him to try re-installing Windows but he says he just did, about a month ago.

    He said he just rebooted the system, and it took HALF AN HOUR before he could browse the web. He launched Chrome and got a blank white window after about 10 minutes, but it was another 20 minutes before he could actually reach a web page.

    He says it also "lags" and half-freezes "every few seconds," though I believe that is exaggerated just a bit. It didn't seem that bad when I skyped with him and shared his screen.

    However I did notice something very interesting. Task Manager showed a ton of surprising processes. He had only about 3-4 tasks running -- Chrome, Steam (game engine), a few others. There were a bunch of dllhost.exe's running -- 12-15 or more -- but the really surprising one was browser.exe. This process identified itself as "Google Chrome." But even when my son exited his Chrome browser, and all the chrome.exe processes were gone, there were still 12-20 browser.exe's running. More suspicious, they were being created and exiting all the time. With no Chrome running at all, I watched it jump from about 8 browser.exe's to more than 20. CPU was generally running 80-100%.

    He says he "needs" a new system. I told him there's likely nothing wrong with his current hardware (except it's not the latest-greatest), but something is seriously hosed in his OS. Even if he bought new hardware, I suspect something he's doing would end up hosing it just like his current system.

    My first thought was some kind of virus. He claims all he downloads is Steam games, and those are squeaky-clean.
    I also wondered if maybe there was a rootkit, so the infection could persist across installs. (He can't remember if it was this bad right after his install. He thinks it was better.)

    Any suggestions?

    He's got a M4A79XTD Evo mobo, AMD Phenom II X4 965 CPU, 12GB RAM, GForce 550ti (EVGA?) graphics card, Windows 7 SP1.

    Thanks!
    Gary
    Last edited by garyfritz; 2014-08-31 at 19:22.

  2. #2
    Administrator
    Join Date
    Jun 2010
    Location
    Portugal
    Posts
    12,519
    Thanks
    152
    Thanked 1,398 Times in 1,221 Posts
    Does your son run security software? If so, which?

    I would nevertheless recommended a few scans with downloadable antimalware / AV apps, such as Malwarebytes anti malware, the Avira Rescue CD, Kaspersky Rescue Disk or the Emsisoft Free Emergency Kit.

    This should tell you without a doubt whether malware is responsible for that noticeable slowdown. I would start there.
    Rui
    -------
    R4

  3. #3
    Super Moderator CLiNT's Avatar
    Join Date
    Dec 2009
    Location
    California & Arizona
    Posts
    6,121
    Thanks
    160
    Thanked 609 Times in 557 Posts
    Either malware or some seriously poor personal choices of software installed on the system.

    There is no way a system behaves that way cleanly installed, unless your clean install wasn't really a clean install,
    you have cross infection from another drive or partition, or the software you're installing is just plain bad.

    Perform a thorough AV/AM scan with multiple tools, included on whatever other drives or partitions
    the system is in contact with or connected to.

    If the system performed well after the clean install, but before the installation of the personal software, then
    you're most likely looking at software as the culprit.
    DRIVE IMAGING
    Invest a little time and energy in a well thought out BACKUP regimen and you will have minimal down time, and headache.

    Build your own system; get everything you want and nothing you don't.
    Latest Build:
    ASUS X99 Deluxe, Core i7-5960X, Corsair Hydro H100i, Plextor M6e 256GB M.2 SSD, Corsair DOMINATOR Platinum 32GB DDR4@2666, W8.1 64 bit,
    EVGA GTX980, Seasonic PLATINUM-1000W PSU, MountainMods U2-UFO Case, and 7 other internal drives.

  4. #4
    2 Star Lounger
    Join Date
    Dec 2009
    Location
    Colorado
    Posts
    135
    Thanks
    7
    Thanked 0 Times in 0 Posts
    Thanks for the suggestions! Your analysis fits with mine. I'm not sure if he's already running AV/AM but I already told him to run Malwarebytes. I'll pass along the suggestions for the other scanners.

    Does the "many browser.exe's with no Chrome running" sound like any particular known problem?

  5. #5
    Administrator
    Join Date
    Jun 2010
    Location
    Portugal
    Posts
    12,519
    Thanks
    152
    Thanked 1,398 Times in 1,221 Posts
    Quote Originally Posted by garyfritz View Post
    Does the "many browser.exe's with no Chrome running" sound like any particular known problem?
    It's either malware and the scanners will tell you that, or some legitimate software that was installed is rather bad behaved. Impossible to say without a malware analysis.
    Rui
    -------
    R4

  6. #6
    Super Moderator
    Join Date
    Aug 2012
    Location
    Durham UK
    Posts
    6,622
    Thanks
    147
    Thanked 877 Times in 839 Posts
    If the malware scans come back clean then have your son perform a clean boot http://support.microsoft.com/kb/929135 but with a 5 year old machine it may also be worth running a chkdsk without any parameters to see if it reports any bad sectors.

    In addition to the malware scanners already suggested, have your son include AdwCleaner and Junkware Removal Tool - both of which can be downloaded from http://www.bleepingcomputer.com/download/adwcleaner/

    The link for JRT is lower down the page on that site.

    Windows also has its own tools such as for Maintenance and Performance in Control Panel/Find and fix problems.

    Process Explorer is also a useful program to see what is running http://technet.microsoft.com/en-gb/s.../bb896653.aspx

    Click on Options and ensure Verify Image Signatures is checked then hover over VirusTotal.com and ensure Check VirusTotal.com is also checked and then look for any high scores in red which will be the rogue applications which can be killed if not required.
    Last edited by Sudo15; 2014-09-01 at 07:17.

  7. #7
    Super Moderator satrow's Avatar
    Join Date
    Dec 2009
    Location
    Cardiff, UK
    Posts
    4,490
    Thanks
    284
    Thanked 577 Times in 480 Posts
    I wouldn't advise running JRT yet, it also wipes out the Windows logs, they might prove useful.

  8. The Following User Says Thank You to satrow For This Useful Post:

    Sudo15 (2014-09-01)

  9. #8
    Super Moderator
    Join Date
    Aug 2012
    Location
    Durham UK
    Posts
    6,622
    Thanks
    147
    Thanked 877 Times in 839 Posts
    Quote Originally Posted by satrow View Post
    I wouldn't advise running JRT yet, it also wipes out the Windows logs, they might prove useful.
    Good point.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •