We help IT Professionals succeed at work.

We've partnered with Certified Experts, Carl Webster and Richard Faulkner, to bring you a podcast all about Citrix Workspace, moving to the cloud, and analytics & intelligence. Episode 2 coming soon!Listen Now

x

How to understand Process Explorer

Lucynka
Lucynka asked
on
Medium Priority
431 Views
Last Modified: 2012-08-13
Can someone help me understand Process Explorer? I've downloaded it to monitor the CPU usage of various applications, but now that I have it, I don't know how to read the various information it gives me and therefore how to isolate a problem behind an excessive CPU usage of one of my programs.

Thanks!
Comment
Watch Question

CERTIFIED EXPERT
Top Expert 2006

Commented:
Hi Lucynka,

process explorere is basically task manager on crack..... it wil not just show you the process running but will expand on them and tell you what process are caused by that process etc, it will also outline the dicey ones

there is a helpfile with process explorer   what exactly are you looking at

Cheers!
gonzal13Retired

Commented:
You could easily use CTRL ALT DEL, Performance, to monitor each start up program as well as other programs. You just have to do it one at a time.

Author

Commented:
>>>what exactly are you looking at

I was looking at an unusually high CPU usage by Firefox, but I already have an open question under Browser Issues about that and I don't think I can repeat the problem here.

The values were very similar to the task manager, but I didn't know how to get at the causes of the usage. I must not have downloaded the help file because it says "unable to open help file"

Commented:
Here's a little more information >
"Process Explorer Is What Task Manager Should Have Been":

http://www.softpedia.com/reviews/windows/Process-Explorer-Review-18162.shtml

Commented:
Select View > System Information       .. to display CPU Usage and Usage History.

You could also try downloading it again to reach that Help file, there's considerable information there.  
Try Process Explorer version 9.0     [scroll to centre, bottom, for WinXP download]    >>
 http://www.sysinternals.com/ntw2k/freeware/procexp.shtml

Commented:
   > didn't know how to get at the causes of the usage <
Have you tried this >>   Select Start > Run     then type MSCONFIG.  
From the System Configuration Utility(SCU) select the Startup tab.  
You can use the links below to decide which 'Task List Programs' you may wish to remove.  Untick them.  Reboot.   Good instructions with download:                      
http://netsquirrel.com/msconfig/

These two links between them, help by describing the function of each program in MSCONFIG :
http://www.answersthatwork.com/Tasklist_pages/tasklist.htm
http://www2.whidbey.net/djdenham/Uncheck.htm

Author

Commented:
Yes, I've seen the CPU usage history and the graph, but it just confirmed what I already knew - it was high. I think that the information it gives (threads, DLLs etc) is too technical for me. Even if it told me what DLLs and handles it was using, I wouldn't know what that meant and how to fix it. Sorry to be such a novice with this. I have version 10. Shoud I install version 9 instead? Is the help file written with beginners like me in mind?

Author

Commented:
Jonvee,

This is excellent information! My computer does boot up too slowly so I'm sure I have a lot there that can be unchecked. This will help a lot. And I have to investigate that help file for Process Explorer.

Commented:
The Help file is written very clearly and well worth obtaining, i can only believe that you'll gain by having a copy.  Installing Version 9 should be fine.   If you do this, it's *possible* you'll be informed that you need uninstall Version 10 first, but that shouldn't be a problem either.

Using MSCONFIG above, may also help resolve things.
Presume you have been virus and parasite scanning regularly?  This could have a bearing on CPU usage.

Take a look at this link:
"High CPU Usage Problems"
http://kadaitcha.cx/high_cpu.html

Commented:
This previous EE thread is for your *information only*, and not to alarm you.  Nevertheless it contains good information.
"Problem with High CPU Usage .."
http://www.experts-exchange.com/Operating_Systems/WinXP/Q_20947897.html
   
It would however still be prudent to carry out a scan later, *if* you are in any doubt.   Ewido is virtually custom built for the job.  [what one virus scanner can 'miss' another will 'catch'].
If you later download and install this free version of Ewido anti-malware, update first then scan in Safe mode:    
http://www.ewido.net/en/download/

Take your time, you may like to report back later on progress.
Commented:
Lucynka,
Have you been able to fix your problem using the comments above, or have other difficulties arisen ? If you have any further questions or perhaps require something explained in a different way, please ask.

See if these articles help in making more sense of processes, threads, and handles.  It can be a rather difficult concept, the Wikipedia probably explains the terms as well as anything, and if nothing more it gives you an awareness:

http://en.wikipedia.org/wiki/Multithreading
http://en.wikipedia.org/wiki/Smart_pointer#Handles

This article may also be of interest.
"High CPU Usage Problems":
http://kadaitcha.cx/high_cpu.html

Not the solution you were looking for? Getting a personalized solution is easy.

Ask the Experts

Author

Commented:
Jonvee,

Thank you so much for checking in. I was able to download the help file, but haven't had the time yet to go through it. The CPU usage is still high - it can go up to 36% without any activity on my part at all, so there must be some information gathering going on behind the scenes. I would really like to find all that out and stop it. I could really use the CPU. It slows me down. But it will take me some time to read through everything and learn.

I wish I could spend more time with it now but I'm working towards a deadline and really can't take hours away from that which is what I feel is required at this point. A half an hour or an hour here and there is pretty much my limit.

I may at some point post some more specific questions once I find what is using the resources, and will need some more info about it.

For now I think I received plenty of help with this question. Thank you very much!

Commented:
Lucynka,
     > CPU usage is still high - it can go up to 36% <
When you are able to find more time to troubleshoot, it's worth taking another look at the SCU (msconfig) to ensure that you really can't reduce the number of items running.  Pay particular attention to the "answersthatwork" article, there may well be still something you can remove.

It's also important to sequentially work through the suggestions above, you may well soon resolve it, and malware may still be responsible for some of your problems!

 > may at some point post some more specific questions <
Sounds a good idea, & meanwhile you've plenty above to study.  Thank you.

Author

Commented:
:::malware may still be responsible for some of your problems!
I do plenty of scanning - almost every day. I have Ewido and Microsoft AntiSpyware in addition to AD Aware and SpyBoot.

>>look at the SCU (msconfig)
The number of start up items wasn't big at all. I couldn't find any of the files listed in the articles. The only ones I didn't recognize were these:

hkcmd
GWMDMMSG
GWMDMpi
gcasServ
ctfmon

Any ideas would be appreciated.

So I think the key will be in understanding the info Process Explorer gives me while I run Firefox... Thanks for all the helpful tips. I look forward to learning all these new things.

Commented:
hkcmd:    See page 6 of 13.   Ref to "Restarting after an upgrade to SP2 ..."        Note the 'Resolution'.
http://www.hp.com/pond/windowsxp/HP_Compaq_Business_Desktops_SP2_v2.pdf

If it was an .exe file, then >>
Is hkcmd.exe spyware or a virus?
http://www.neuber.com/taskmanager/process/hkcmd.exe.html

GWMDMMSG:   Scroll to bottom and see penultimate entry:
http://www.answersthatwork.com/Tasklist_pages/tasklist_g.htm

gwmdmmsg - gwmdmmsg.exe - Process Information
http://www.liutilities.com/products/wintaskspro/processlibrary/gwmdmmsg/
You could try temporarily terminating it (msconfig).

GWMDMpi:     Last item here >>
http://www.answersthatwork.com/Tasklist_pages/tasklist_g.htm

gwmdmpi - gwmdmpi.exe - Process Information
http://www.liutilities.com/products/wintaskspro/processlibrary/gwmdmpi/

gcasServ:  Follow the yellow highlight.  Suggest you try disabling this one too, then check CPU usage:
http://72.14.207.104/search?q=cache:rOPnfiywq3YJ:www.annoyances.org/exec/forum/winxp/t1036093027+gcasServ+windows+xp&hl=en&ct=clnk&cd=2

ctfmon:    
ctfmon - ctfmon.exe
http://www.liutilities.com/products/wintaskspro/processlibrary/ctfmon/

If it's an exe file:
Frequently asked questions about Ctfmon.exe
http://support.microsoft.com/?kbid=282599

Hopefully not Ctfmon.dll ??    Because it's a virus.   See Ctfmon  (2) here:
http://www.answersthatwork.com/Tasklist_pages/tasklist_c.htm

One could dig deeper!  For now, hope that helps.  Keep up the learning.

Author

Commented:
Wonderful! Thanks so much!

Commented:
You're welcome.
Access more of Experts Exchange with a free account
Thanks for using Experts Exchange.

Create a free account to continue.

Limited access with a free account allows you to:

  • View three pieces of content (articles, solutions, posts, and videos)
  • Ask the experts questions (counted toward content limit)
  • Customize your dashboard and profile

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.