Jump to content

Windows 10 extremely high thread/handles

Yekteniya
By Yekteniya
in Troubleshooting
 Share
Posted

So i run into this issue now for 2 months. After a while or sometimes even instantly after windows login the thread and handles count runs into oblivion. I see over 70k threads and 160k handles very regular even though i begin with a normal amount of 2k and 40k. Whenever the count rises more instances of the WMI Provider Host get started and draws somewhere from 20 to 100% cpu usage, which renders using the pc useless. Restarting solves the issue but also only for a brief time. I experience the problem since i updated to the latest windows 10 build of 21h2. I already did a clean reinstall of windows but the problem persist. Anyone knows a workaround/fix or the reason why this happens, maybe even run into similar problems? Cant seem to find anything useful 

Taskmanager.png

Link to comment
https://linustechtips.com/topic/1411366-windows-10-extremely-high-threadhandles/
Share on other sites
Link to post
Share on other sites
Posted
28 minutes ago, Yekteniya said:

So i run into this issue now for 2 months. After a while or sometimes even instantly after windows login the thread and handles count runs into oblivion. I see over 70k threads and 160k handles very regular even though i begin with a normal amount of 2k and 40k. Whenever the count rises more instances of the WMI Provider Host get started and draws somewhere from 20 to 100% cpu usage, which renders using the pc useless. Restarting solves the issue but also only for a brief time. I experience the problem since i updated to the latest windows 10 build of 21h2. I already did a clean reinstall of windows but the problem persist. Anyone knows a workaround/fix or the reason why this happens, maybe even run into similar problems? Cant seem to find anything useful

Personally, I'd go and see in the Windows event viewer if anything's going on when the CPU usage goes up. If that doesn't help, and you really want to get to the bottom of it, you should use procmon (Microsoft tool) to log all the calls for a while, until the "event" happens, then stop the logging, filter it and try to figure out what's going on. Based on the registry calls and disk files accesses it should give you a rough idea of what's happening.

DESKTOP PC - CPU-Z VALIDi5 4690K @ 4.70 GHz | 47 X 100.2 MHz | ASUS Z97 Pro Gamer | Enermax Liqmax II 240mm | EVGA GTX 1070Ti OC'd

HOME SERVER | HP ProLiant DL380 G7 | 2x Intel Xeon X5650 | 36GB DDR3 RDIMM | 5x 4TB LFF Seagate Constellation 7.2K | Curcial MX500 250GB | Ubuntu Server 20.04

Link to post
Share on other sites
Posted

Oh, boy. yeah thats a lot (obviously)

 

thrthndls1vaj8g.thumb.png.485d79c3e92a1881be05813571fcb583.png

 

Try to sort by cpu usage? (click on "cpu" tab) 

thrthndls273kl1.thumb.png.99bb0914d42216de1d4cf9fc67137473.png

 

Should reveal what's using the cpu. i have some suspicions, but yeah, its better to check than to guess.

 

 

Edit: oh i see… WMI... can you still post a screenshot, thats pretty weird.

 

Also, since its weird, run a full malwarebyte scan (recommended)

 

 

And in case its not malware (i dont think it is but better safe than sorry…) heres some more info and things to try.

https://docs.microsoft.com/en-us/troubleshoot/windows-server/system-management-components/high-cpu-usage-wmiprvse-process-regular-intervals

 

 

https://www.google.com/amp/s/www.howtogeek.com/332838/what-is-the-wmi-provider-host-wmiprvse.exe-and-why-is-it-using-so-much-cpu/amp/

The direction tells you... the direction

-Scott Manley, 2021

 

 

Link to post
Share on other sites
Posted
  • Author

First thanks for the fast replies. I did a scan using malewarebytes, but as expected without a hit. Going by the articles of microsoft and howtogeek, the cause of wmi utilization is the high amount of handles and runnning into this will create even more threads/handles. I can manage to pin PIDs of various processes that are using high amounts but they always lead me to PID 4 System as seen in the Screenshot. I can run anything that has a "high" demand on ram or cpu and over time i accumulate more and more. In the screenshots for example i just played rocket league for about half an hour and got from base 2k threads and 50k handles to nearly 10x threads and double the handles. This is also reproducible with every other game. While following both articles didnt help me solve the issue, i attached the eventviewer log in case someone might have more knowledge to find anything useful in it.

 

Taskmanager2.png

WMI Events.evtx

 

Taskmanager1.png

Link to post
Share on other sites
Posted
  • Author
On 2/14/2022 at 12:53 PM, John Reactor said:

hmm... WinReducer EX-100. Looks like trojan horse. Kill the process. Try to uninstall it. Maybe it`s just bitcoin miner hidden as usefull software.

No it isnt, it was actively running and is meant to use a lot. It is a tool i use to create windows isos and i were creating one at this time.

 

 

In the meantime i searched more but still couldnt figure out a solution. I got will try 21h1 and maybe it dosent have the same issue as for now it seems to have only occcured since i updated from 20h1. Although id still like to know the reason why this behaviour is a thing with the most up to date 21h2 build for me, i probably just go back if it works and wait out the next feature update and try again.

 

Im gonna update the thread as soon as i reinstalled windows

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing Troubleshooting

×