Interpreting ProcessExplorer values, need Help

Ok, i right click on the svchost.exe process, choose services, and task
manager shows me all the processes included in that istance of svchost. i
got one svchost proess with 10 sub process, how can i understand wich is
using all my cpu? There is not the CPU usage column... and no way to add
that column.

> In Process Explorer, if you hover your mouse over the svchost.exe that is
> using 100% of the CPU, you'll see a tooltip of all the services that are
> operating under that particular configuration of svchost.exe. There are
> quite a few. If you right-click on that process, and choose Properties,
> you'll get more details.
>
> The Desktop Windows Manager is basically
> responsible for the Aero User Interface. See:
>
> Under the Hood of the Desktop Window Manager
> http://blogs.msdn.com/greg_schechter...05/544314.aspx
>
> Vista takes a little time to get itself organized at first, it seems. On
> my
> computer, about 3 or 4 minutes after booting, that particular svchost
> process occasionally shows a 1.45% CPU blink, and that's about it.

When you right-click on the svchost that you are interested in, choose
Properties. When that window pops up, click on the Threads tab, which has a
column for CPU. You may have to do a little detective work (like clicking
on the Module button on that page, to find out, under the Start Address
column, what file is in play, and what service might be using it.


"Davide" <davide.benatti@gmail.com> wrote in message
news:BMWdnc1i2KHn85zbRVnyhAA@kpnqwest.it...

> Ok, i right click on the svchost.exe process, choose services, and task
> manager shows me all the processes included in that istance of svchost. i
> got one svchost proess with 10 sub process, how can i understand wich is
> using all my cpu? There is not the CPU usage column... and no way to add
> that column.
>
>
>

>> In Process Explorer, if you hover your mouse over the svchost.exe that is
>> using 100% of the CPU, you'll see a tooltip of all the services that are
>> operating under that particular configuration of svchost.exe. There are
>> quite a few. If you right-click on that process, and choose Properties,
>> you'll get more details.
>>
>> The Desktop Windows Manager is basically
>> responsible for the Aero User Interface. See:
>>
>> Under the Hood of the Desktop Window Manager
>> http://blogs.msdn.com/greg_schechter...05/544314.aspx
>>
>> Vista takes a little time to get itself organized at first, it seems. On
>> my
>> computer, about 3 or 4 minutes after booting, that particular svchost
>> process occasionally shows a 1.45% CPU blink, and that's about it.

>

Ok, i think i have found the guilt. I run Vista in italian, and the service
is called "Ottimizzazione avvio" i suppose is translated into "Optimize
boot" or something like this. The service name is SysMain. I disabled this
one and now after the boot my system runs perfectly without degree of
performance.

Now: what does this service? Is essential?

Davide



"dean-dean" <dean-dean@discussions.microsoft.com> ha scritto nel messaggio
news:4C09CC16-52DE-449F-9A3E-FECFFDF676F2@microsoft.com...

> When you right-click on the svchost that you are interested in, choose
> Properties. When that window pops up, click on the Threads tab, which has
> a column for CPU. You may have to do a little detective work (like
> clicking on the Module button on that page, to find out, under the Start
> Address column, what file is in play, and what service might be using it.

Davide

That does not sound like a default Windows service? It may be from a third
party product that you have installed.

Go to Start, type services and click on Services in the Programs list.
Locate the service and double click the service in question to see a
description of what it is and which application is using it.

--

Ronnie Vernon
Microsoft MVP
Windows Shell/User


"Davide" <davide.benatti@gmail.com> wrote in message
news:CbOdnWAiasOIVJ7bRVnytQA@kpnqwest.it...

> Ok, i think i have found the guilt. I run Vista in italian, and the
> service is called "Ottimizzazione avvio" i suppose is translated into
> "Optimize boot" or something like this. The service name is SysMain. I
> disabled this one and now after the boot my system runs perfectly without
> degree of performance.
>
> Now: what does this service? Is essential?
>
> Davide
>
>
>
> "dean-dean" <dean-dean@discussions.microsoft.com> ha scritto nel messaggio
> news:4C09CC16-52DE-449F-9A3E-FECFFDF676F2@microsoft.com...

>> When you right-click on the svchost that you are interested in, choose
>> Properties. When that window pops up, click on the Threads tab, which
>> has a column for CPU. You may have to do a little detective work (like
>> clicking on the Module button on that page, to find out, under the Start
>> Address column, what file is in play, and what service might be using it.

>

Sysmain.dll is the Superfetch Service Host, and yes, it's supposed to
optimize the opening of applications much like Prefetch did in Windows XP.
Logically, it's the Superfetch service.

"SuperFetch monitors which applications you use the most and preloads these
into your system memory so they'll be ready when you need them." Quoted
from:

http://www.microsoft.com/windows/pro...uperfetch.mspx

If you Google "Superfetch" you'll get a lot of information. Here's a pretty
in depth article:

Windows Vista's SuperFetch and ReadyBoost Analyzed
http://www.tomshardware.com/2007/01/...boostanalyzed/

On my computer, it's not causing much commotion. However, there are other
posts in the Vista newsgroups by people experiencing what you are. The
service is responsible for the folder C:\Windows\Prefetch, where it keeps
its data. The service's default startup type is automatic. I do know that
you have to let your computer "idle" for a period for it to initially get
organized, creating your special layout.ini, as well as doing a certain
amount of defragmenting. If you sort the Prefetch folder's files by Date
Modified, you'll see the chronological order of data it has collected, as
you use your computer, and what it has done while computer is on, but not
used (i.e., "idle")(it does redo the layout.ini during this time (pretty
much always), as well as a "miniature" defragmentation (not always). I
would try leaving your computer on for about a half hour, at least, without
it being used, to see if that helped your startup situation.

It seems to have a direct bearing on this key in the registry:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Dfrg\BootOpt imizeFunction

You might want to look at the values "OptimizeComplete" and "OptimizeError"
to see what your data is for those values, in the above key.

"Davide" <davide.benatti@gmail.com> wrote in message
news:CbOdnWAiasOIVJ7bRVnytQA@kpnqwest.it...

> Ok, i think i have found the guilt. I run Vista in italian, and the
> service is called "Ottimizzazione avvio" i suppose is translated into
> "Optimize boot" or something like this. The service name is SysMain. I
> disabled this one and now after the boot my system runs perfectly without
> degree of performance.
>
> Now: what does this service? Is essential?
>
> Davide
>
>
>
> "dean-dean" <dean-dean@discussions.microsoft.com> ha scritto nel messaggio
> news:4C09CC16-52DE-449F-9A3E-FECFFDF676F2@microsoft.com...

>> When you right-click on the svchost that you are interested in, choose
>> Properties. When that window pops up, click on the Threads tab, which
>> has a column for CPU. You may have to do a little detective work (like
>> clicking on the Module button on that page, to find out, under the Start
>> Address column, what file is in play, and what service might be using it.

>

Thanks, dean-dean, i'll try looking into those values. Anyway, disabling it
i do not experience heavy hard disk use and partial system block for high
CPU Utilization any more

Davide


"dean-dean" <dean-dean@discussions.microsoft.com> ha scritto nel messaggio
news:192076DD-11D9-4946-9057-22F9A3FC8A81@microsoft.com...

> Sysmain.dll is the Superfetch Service Host, and yes, it's supposed to
> optimize the opening of applications much like Prefetch did in Windows XP.
> Logically, it's the Superfetch service.
>
> "SuperFetch monitors which applications you use the most and preloads
> these into your system memory so they'll be ready when you need them."
> Quoted from:
>
> http://www.microsoft.com/windows/pro...uperfetch.mspx
>
> If you Google "Superfetch" you'll get a lot of information. Here's a
> pretty in depth article:
>
> Windows Vista's SuperFetch and ReadyBoost Analyzed
> http://www.tomshardware.com/2007/01/...boostanalyzed/
>
> On my computer, it's not causing much commotion. However, there are other
> posts in the Vista newsgroups by people experiencing what you are. The
> service is responsible for the folder C:\Windows\Prefetch, where it keeps
> its data. The service's default startup type is automatic. I do know
> that you have to let your computer "idle" for a period for it to initially
> get organized, creating your special layout.ini, as well as doing a
> certain amount of defragmenting. If you sort the Prefetch folder's files
> by Date Modified, you'll see the chronological order of data it has
> collected, as you use your computer, and what it has done while computer
> is on, but not used (i.e., "idle")(it does redo the layout.ini during this
> time (pretty much always), as well as a "miniature" defragmentation (not
> always). I would try leaving your computer on for about a half hour, at
> least, without it being used, to see if that helped your startup
> situation.
>
> It seems to have a direct bearing on this key in the registry:
>
> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Dfrg\BootOpt imizeFunction
>
> You might want to look at the values "OptimizeComplete" and
> "OptimizeError" to see what your data is for those values, in the above
> key.
>
> "Davide" <davide.benatti@gmail.com> wrote in message
> news:CbOdnWAiasOIVJ7bRVnytQA@kpnqwest.it...

>> Ok, i think i have found the guilt. I run Vista in italian, and the
>> service is called "Ottimizzazione avvio" i suppose is translated into
>> "Optimize boot" or something like this. The service name is SysMain. I
>> disabled this one and now after the boot my system runs perfectly without
>> degree of performance.
>>
>> Now: what does this service? Is essential?
>>
>> Davide
>>
>>
>>
>> "dean-dean" <dean-dean@discussions.microsoft.com> ha scritto nel
>> messaggio news:4C09CC16-52DE-449F-9A3E-FECFFDF676F2@microsoft.com...

>>> When you right-click on the svchost that you are interested in, choose
>>> Properties. When that window pops up, click on the Threads tab, which
>>> has a column for CPU. You may have to do a little detective work (like
>>> clicking on the Module button on that page, to find out, under the Start
>>> Address column, what file is in play, and what service might be using
>>> it.

>>

>

rundll32.exe advapi32.dll,ProcessIdleTasks

Still does something on Vista. My hard drive is now chattering away. In XP
it optimised the files for prefetch (and other unspecified things). However
it runs till it completes unlike automatic invocation.

"Davide" <davide.benatti@gmail.com> wrote in message
news:f62dnUDeKd8L6JjbRVnyhgA@kpnqwest.it...

> Thanks, dean-dean, i'll try looking into those values. Anyway, disabling
> it i do not experience heavy hard disk use and partial system block for
> high CPU Utilization any more
>
> Davide
>
>
> "dean-dean" <dean-dean@discussions.microsoft.com> ha scritto nel messaggio
> news:192076DD-11D9-4946-9057-22F9A3FC8A81@microsoft.com...

>> Sysmain.dll is the Superfetch Service Host, and yes, it's supposed to
>> optimize the opening of applications much like Prefetch did in Windows
>> XP. Logically, it's the Superfetch service.
>>
>> "SuperFetch monitors which applications you use the most and preloads
>> these into your system memory so they'll be ready when you need them."
>> Quoted from:
>>
>> http://www.microsoft.com/windows/pro...uperfetch.mspx
>>
>> If you Google "Superfetch" you'll get a lot of information. Here's a
>> pretty in depth article:
>>
>> Windows Vista's SuperFetch and ReadyBoost Analyzed
>> http://www.tomshardware.com/2007/01/...boostanalyzed/
>>
>> On my computer, it's not causing much commotion. However, there are
>> other posts in the Vista newsgroups by people experiencing what you are.
>> The service is responsible for the folder C:\Windows\Prefetch, where it
>> keeps its data. The service's default startup type is automatic. I do
>> know that you have to let your computer "idle" for a period for it to
>> initially get organized, creating your special layout.ini, as well as
>> doing a certain amount of defragmenting. If you sort the Prefetch
>> folder's files by Date Modified, you'll see the chronological order of
>> data it has collected, as you use your computer, and what it has done
>> while computer is on, but not used (i.e., "idle")(it does redo the
>> layout.ini during this time (pretty much always), as well as a
>> "miniature" defragmentation (not always). I would try leaving your
>> computer on for about a half hour, at least, without it being used, to
>> see if that helped your startup situation.
>>
>> It seems to have a direct bearing on this key in the registry:
>>
>> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Dfrg\BootOpt imizeFunction
>>
>> You might want to look at the values "OptimizeComplete" and
>> "OptimizeError" to see what your data is for those values, in the above
>> key.
>>
>> "Davide" <davide.benatti@gmail.com> wrote in message
>> news:CbOdnWAiasOIVJ7bRVnytQA@kpnqwest.it...

>>> Ok, i think i have found the guilt. I run Vista in italian, and the
>>> service is called "Ottimizzazione avvio" i suppose is translated into
>>> "Optimize boot" or something like this. The service name is SysMain. I
>>> disabled this one and now after the boot my system runs perfectly
>>> without degree of performance.
>>>
>>> Now: what does this service? Is essential?
>>>
>>> Davide
>>>
>>>
>>>
>>> "dean-dean" <dean-dean@discussions.microsoft.com> ha scritto nel
>>> messaggio news:4C09CC16-52DE-449F-9A3E-FECFFDF676F2@microsoft.com...
>>>> When you right-click on the svchost that you are interested in, choose
>>>> Properties. When that window pops up, click on the Threads tab, which
>>>> has a column for CPU. You may have to do a little detective work (like
>>>> clicking on the Module button on that page, to find out, under the
>>>> Start Address column, what file is in play, and what service might be
>>>> using it.
>>>

>>

>