My system is having high CPU without any explanation and Task Manager does not add up. What can I do?

Today I would like to briefly discuss about what should be collected in a high CPU issue, where the reason cannot be identified using Task Manager and / or Process Explorer.

We see a lot of these issues coming in and I want to provide some useful guidelines about systems that are randomly having High CPU.

If you are thinking about opening a case with Microsoft, here is some initial data that you can gather before the call is open.

What can I do to find out what is happening?

What most Microsoft engineers will ask, in a high CPU scenario, will be to create a trace, while the issue is present, with a tool called XPerf.

What is Xperf?

Xperf is a performance tracing tool based on Event Tracing for Windows, using low overhead, so it will have a minimal impact on the system performance.

More details can be found also at: https://blogs.technet.microsoft.com/askperf/2008/06/27/two-minute-drill-introduction-to-xperf/

How to get Xperf:

Xperf is part of Windows Assessment and Deployment Kit (Windows ADK) and we will need to install it on a system, preferable on a Test system and retrieve some files.

Once ADK is installed, navigate to the installation location (default “C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit”) and retrieve the “xperf.exe” and “perfctrl.dll” files. Now, we can transfer these files to any system which need to be investigated for a high CPU issue.

Now that I have XPerf files, what’s next?

Wait for the high CPU issue to repeat and do the following:

  • Open an elevated command prompt and navigate to the XPerf location
  • Execute: Xperf -on latency -stackwalk profile
  • Leave the trace running for three to five minutes (don’t close the command prompt)
  • Stop the trace by executing: Xperf -d c:\temp\highcpu.etl (location can be changed to another folder, but the folder needs to exist prior to execution of the command)

If you would like to analyze the trace, simply move it to the system where you have installed the ADK tool and open the trace with Windows Performance Analyzer.

***

Please Note:

  • XPerf is not the only tool that can be used in this type of scenarios
  • Performance Monitor traces can also be set to capture a trace while the CPU utilization is high
  • Some Microsoft engineer may ask you to create different traces, depending on the issue description and preference

 

-- Alex