High CPU Usage Rate (Windows System)

Last updated: 2019-08-09 18:46:46


High CPU utilization may cause problems such as slow service response speed and server login failure. You can use Cloud Monitor to create an alarm threshold for CPU utilization so that you are promptly notified when CPU utilization exceeds the threshold.
Troubleshooting high CPU utilization involves locating the processes consuming CPU power and analyzing those using a large amount of CPU power. If they are exceptional processes which may be caused by viruses or Trojans, you can terminate the processes or use your security software to check and kill them. If they are business processes, you need to analyze whether high CPU utilization is caused by large number of visits and whether it can be optimized. If they are processes generated by Tencent Cloud components, contact us by submitting a ticket, and we will help you locate and troubleshoot the problem.
The following describes how to locate a process with too high CPU utilization under Windows.

Tool for Locating Programs

Task Manager: A Windows application and process management tool that displays the information about PC performance and running software, including process name, use of CPU and memory, I/O, logged in user, and Windows services. You can launch Task Manager by pressing CtrL+Shift+Esc, right clicking Task Manager in the Start menu, or running taskmgr.
Process: A list of all running processes on Windows.
Performance: Information about system performance, such as overall CPU usage and memory in use.
User: All users with sessions on the current system.
Details: An enhancement to the Process tab, which displays details of processes such as PID, status, and use of CPU/memory.
Service: All services in the system (including those that are not running).

Problem Locating and Troubleshooting

Excessive CPU usage may be caused by hardware, system/business processes, Trojans, viruses, and other factors. The following describes how to locate the processes that use the most CPU power and how to analyze and handle these processes.

  1. Log in to the Windows server.
    Note: When the server is under high load, the remote connection may fail. It is recommended to log in to the server via VNC. For more information on how to log in to a Windows server via VNC, please see Login via VNC in Logging in to a Windows instance.

  2. Launch Task Manager by pressing Ctrl+Shift+Esc or by right clicking Task Manager in the Start menu. On the Details tab, click CPU to sort the processes in descending order of CPU utilization.

  3. Analyze the processes with high CPU utilization. Most of the processes with high CPU utilization are system, business, or exceptional processes. The following describes how to handle such processes respectively.

    1. System process.
      When you find that system processes occupy a large amount of CPU resources, check their process names carefully. Many viruses may confuse you by using names similar to those of system processes, such as svch0st.exe, explore.exe, and iexplorer.exe. Next, check the location of the executable files of these processes. System processes are often located in c:\windows\system32 and accompanied with complete signatures and descriptions. Right click Process in Task Manager, click Open File Location, and then you can see the location of the executable files. If the processes are not under c:\windows\system32, the server may be poisoned. Check and kill viruses manually or using a security tool.
      Common system processes include: System Idle Process (system space process showing the percentage of CPU idleness time), system (memory management process), explorer (desktop and file management), iexplore (Microsoft browser), csrss (Microsoft client/server runtime subsystem), svchost (system process for executing DLL), Taskmgr (Task Manager), Isass (local security permission service), etc.

    2. Exceptional process. If the processes with high CPU utilization have strange names, they may be Trojans or viruses. It is recommended that you search and confirm them (such as xmr64.exe) by using a browser. After that, check and kill them with a security tool.

    3. Business process. If the processes with high CPU utilization are your business processes (such as iis, httpd, php, and java), it is recommended that you analyze whether your current business volume is large. If yes, you are advised to upgrade the server configuration. Otherwise, try optimize spaces for business processes.