Here are tools and methods to get the processes and CPU consumption to detect which process has caused 100% CPU (equivalent to the famous linux command “top”):

Using old Windows 2003 resource kit utility – it works also on latest Windows OS: pmon.exe  (but pmon.exe does not work through a psexec connection)

Other useful command lines: from sysinternals suite: pslist, pskill. Procexp is GUI only and cannot be started from the command line.

Get processes and percentage process time:

C:> wmic path Win32_PerfFormattedData_PerfProc_Process get Name,PercentProcessorTime,IDProcess

C:> wmic path win32_perfformatteddata_perfproc_process where (PercentProcessorTime ^> 80) get Name, Caption, PercentProcessorTime, IDProcess /format:list (or /format:table)

note: this command line above works well through a PSEXEC remote command

C:> wmic path win32_perfformatteddata_perfproc_process where (PercentProcessorTime ^> 80) get Name, Caption, PercentProcessorTime, IDProcess /every:5      ; every 5 sec

note: this command line abot works well through a PSEXEC remote command. But you cannot EXIT using ^C or ^Z. You are obliged to use remotely PSLIST -accepteula \\servername  to list the remote processes, then you must use PSKILL -accepteula \\servername psexesvc to kill the psexec service.

C:\>wmic path win32_perfformatteddata_perfproc_process where Name=”iexplore” get Name, Caption, PercentProcessorTime, IDProcess /format:list

C:\>wmic path win32_perfformatteddata_perfproc_process where (Name=’iexplore’) get Name, Caption, PercentProcessorTime, IDProcess /format:list

C:\>wmic path win32_perfformatteddata_perfproc_process get Name, Caption, PercentProcessorTime, IDProcess /format:list

Example of batch script with an infinite loop which checks and kills svchost and mcshield in case they go too high:

:BEGIN
@ECHO OFF &SETLOCAL
for /f %%a in (‘wmic path Win32_PerfFormattedData_PerfProc_Process where “Name = ‘svchost’ and PercentProcessorTime > 95” get IDProcess’) do (
   for /f %%b in (“%%~a”) do taskkill /F /pid %%~b
)
ping 127.0.0.1 -n 6 > nul
for /f %%a in (‘wmic path Win32_PerfFormattedData_PerfProc_Process where “Name = ‘mcshield’ and PercentProcessorTime > 95” get IDProcess’) do (
   for /f %%b in (“%%~a”) do taskkill /F /pid %%~b
)
ping 127.0.0.1 -n 6 > nul
GOTO BEGIN

 

Else other tips:

CPU load:
c:\>wmic cpu get loadpercentage
LoadPercentage

C:\>wmic cpu get loadpercentage /every:5
LoadPercentage
3
LoadPercentage
3
LoadPercentage
10

or

C:\>@for /f “skip=1″ %p in (‘wmic cpu get loadpercentage’) do @echo %p%
4%

on a remote machine: wmic /node:”servername or IP” /user:IP\username cpu get loadpercentage

Any Task running more than 10 sec: c:\>tasklist /FI “CPUTIME gt 00:00:10”

Image Name                     PID Session Name        Session#    Mem Usage
========================= ======== ================ =========== ============
System Idle Process              0 Services                   0         24 K
csrss.exe                      344 Services                   0      3,300 K
csrss.exe                      408 Console                    1     15,836 K
services.exe                   504 Services                   0     10,408 K

Tasklist usage:
TASKLIST [/S system [/U username [/P [password]]]]
[/M [module] | /SVC | /V] [/FI filter] [/FO format] [/NH]

 

Get CPU usage on server using Typeperf:

C:\Windows\system32>typeperf “\Processor(_Total)\% Processor Time”

“(PDH-CSV 4.0)”,”\\vm\Processor(_Total)\% Processor Time”
“02/01/2012 14:10:59.361″,”0.648721”
“02/01/2012 14:11:00.362″,”2.986384”

Typeperf :-Writes performance counter data to the command window, or to a supported log file format. To stop Typeperf, press CTRL+C.

current usage: typeperf -sc 1 “\processor(_total)\% processor time”

List of all process:
typeperf “\Process(*)\% Processor Time” -sc 1

If you want a specific process, “notepqd” for example: typeperf “\Process(notepad)\% Processor Time” -si 10 -sc 5

collecting 20 samples to a csv file:
Typeperf “\Processor(_Total)\% Processor Time” -sc 20 -o c:\users\win7\desktop\Report.csv

Save to a file:
typeperf “\Processor(_Total)\% Processor Time” -o CpuUsage.csv

OR

typeperf “\Processor(_Total)\% Processor Time” >> CpuUsage.csv

Processor Information:
wmic cpu get caption
Caption
x86 Family 6 Model 37 Stepping 2
x86 Family 6 Model 37 Stepping 2

Powershell command: Get-WmiObject Win32_Processor

We can get process information using system environment variables also. The environment variables related to CPU are listed below.

PROCESSOR_ARCHITECTURE
PROCESSOR_IDENTIFIER
PROCESSOR_LEVEL
PROCESSOR_REVISION

C:\>echo %PROCESSOR_ARCHITECTURE% %PROCESSOR_IDENTIFIER% %PROCESSOR_LEVEL% %PROCESSOR_REVISION%
x86 x86 Family 6 Model 37 Stepping 2, GenuineIntel 6 2502

Info about your system’s BIOS, current version and it’s serial number:

C:\>wmic bios get name,serialnumber,version
Name                                    SerialNumber  Version
Phoenix ROM BIOS PLUS Version 1.10 A04  5xyz6BS       DELL   – 15

Motherboard (that happen to be the name) and it’s UUID:

wmic csproduct get name,identifyingnumber,uuid

CPU clock speed:
wmic cpu get name,CurrentClockSpeed,MaxClockSpeed

Clock speed every 1 second:

wmic cpu get name,CurrentClockSpeed,MaxClockSpeed /every:1

Cache sizes of the CPU:

C:\>wmic cpu get L2CacheSize, L2CacheSpeed, L3CacheSize, L3
CacheSpeed
L2CacheSize  L2CacheSpeed  L3CacheSize  L3CacheSpeed
2048                       0            0

Monitor a process named test.exe using Perfmon:

Click on Start, Run, and enter “perfmon”
Click on Performance Logs and Alerts
Click on Counter Logs
Right-click Counter Logs
Click New Log Settings
Enter a log name that makes sense, e.g., Monitor Test.exe CPU
The Counter Log configuration dialog opens
On the General tabl, click Add Counters..
Click “Use local computer counters”
Choose Process for Performance Object
Select % Processor Time for Select counters from list
Select Test from Select instances from list
Click Add
Click Close
For Interval, choose something logical, such as 15 minutes
Click the Log Files tab
Choose a Log File Type of “Text File (Command delimited)”
Choose the file destination directory in Location
Click Ok
Determine whether (and how) you want the log file to rotate with “End file names with..”
Click Ok