explorer.exe eating all CPU, how to to detect culprit?

Posted by JohnDoe on Server Fault See other posts from Server Fault or by JohnDoe
Published on 2012-09-16T18:16:25Z Indexed on 2012/09/16 21:41 UTC
Read the original article Hit count: 547

Filed under:

windows-7

|

64-bit

|

windows-explorer

|

process-explorer

|

x86-64

Windows 7 64bit.

I am using ProcessExplorer from Sysinternals, and it says, that the offending call is

ntdll.dll!RtlValidateHeap+0x170

however, the call stack towards the entry is always different, so it's hard for me to track the problem. Maybe it's a mal-programed trojan, causing exceptions in Explorer.exe, but that is only a wild speculation.

Explorer.exe is then consuming 25% (a core on a dual core). Killing the process makes the task bar go away, respawning from task manager, and half a minute later it's again eating all CPU cycles.

© Server Fault or respective owner

Related posts about windows-7

Server 2012 DFS New Member Issue

as seen on Server Fault - Search for 'Server Fault'
I am trying to add a new member to our DFS topology. We have 3 DCs (VMs - VMware) running Windows server 2012, two servers are located in or Primary site and the third at our DR site. Currently the two servers at our primary site are currently replicating DFS (full mesh) and are working fine. I have… >>> More
error in IIS7 but not on IIS6

as seen on Server Fault - Search for 'Server Fault'
I have a website that is we are now deploying to windows 2008 servers that has worked in the past on IIS6 without a problem. It is using .net 2 framework. Most of the website works. Just when we create a screen report over a certain size on the server we get this error. Event code: 3005 Event… >>> More
error in IIS7 but not on IIS6

as seen on Server Fault - Search for 'Server Fault'
I have a website that is we are now deploying to windows 2008 servers that has worked in the past on IIS6 without a problem. It is using .net 2 framework. Most of the website works. Just when we create a screen report over a certain size on the server we get this error. Event code: 3005 Event… >>> More
Microsoft Management Console stops working when I add snap-in to it

as seen on Super User - Search for 'Super User'
I have Windows 7 Ultimate OS. I'm opening mmc.exe as administrator and trying add Certificates or any other snap-in, then while loading that snap-in MMC breaks and displays following message and after that it closes automatically once I click on close button on that message. What could be the problem… >>> More
Handling keyboard and mouse input (Win API)

as seen on Game Development - Search for 'Game Development'
There is a number of ways to catch mouse or keyboard under Windows. So I tried some of them, but every of them has some advantages and drawbacks. I want to ask you: Which method do use? I've tried these: WM_KEYDOWN/WM_KEYUP - Main disadvantage is that, I can't distinguish between left and right-handed… >>> More

Related posts about 64-bit

64-bit 13.10 shows 1GB less RAM than 64-bit 13.04 did

as seen on Ask Ubuntu - Search for 'Ask Ubuntu'
Multiple 64-bit versions (Kubuntu, Lubuntu and Xubuntu) once installed on my ThinkPad R60 show 3GB of RAM, not the correct 4GB of RAM. Last week with 13.04, I had 4GB of RAM (which matches the BIOS) and this week I have 3GB available. Inquiring minds want to know. Details follow: Linux R60 3.11.0-12-generic… >>> More
VMWare Workstation 6.5.5 (64-bit) on Ubuntu 10.04 (64-bit) Odd Problem

as seen on Server Fault - Search for 'Server Fault'
I managed to successfully install VMWare Workstation 6.5.5 (64-bit) on Ubuntu 10.04 (64-bit). It works well and somehow feels faster and snappier than the same exact version on Ubuntu 8.04. However, there is one slight issue, somewhat hurting productivity: When the guest VM is Microsoft Windows… >>> More
How to build 64-bit Python on OS X 10.6 -- ONLY 64 bit, no Universal nonsense

as seen on Stack Overflow - Search for 'Stack Overflow'
I just want to build this on my development machine -- the binary install from Python.org is still 32 bits and installing extensions (MySQLdb, for example) is driving me nuts with trying to figure out the proper flags for each and every extension. Clarification: I did NOT replace the system Python… >>> More
Windows 7 on a 64-bit computer

as seen on Super User - Search for 'Super User'
I read on Wikipedia that Windows 7 on a 64-bit PC needs twice as much RAM as on a 32-bit PC. I understand why is that: every number stored in memory takes 8 bytes rather than just 4. That, in simple terms, means that your amount of RAM is reduced to half when you use Windows 7 on a 64-bit computer… >>> More
ActiveX component can't create Object Error? Check 64 bit Status

as seen on West-Wind - Search for 'West-Wind'
If you're running on IIS 7 and a 64 bit operating system you might run into the following error using ASP classic or ASP.NET with COM interop. In classic ASP applications the error will show up as: ActiveX component can't create object (Error 429) (actually without error handling the… >>> More