Solved

dredger.exe is maxing out CPU usage on Small Buisness Server 2000

Posted on 2006-06-16
8
9,643 Views
Last Modified: 2011-08-18
I am having a problem on a clients Dell SBS 2000 Server that after a recent restart to hopefully fix other performance counter problems the CPU is now maxed completly out by a process called dredger.exe. I know this process aslo has something to do with performance counters. The restart was because I manual rebuilt the performance monitors following this Microsoft article:

http://support.microsoft.com/?id=300956

The reason for the rebuild was because of other problems with the performance counters on this particular machine. Now it looks like it has caused this problem with the dredger.exe proccess however, the only article that I can find that seems to relate to this problem is the affore mentioned article which I can not actually complete now because the computer is running so slow it won't open up the C:/WINNT/system32 folder.

Any help or ideas as to what might be going on would be greatly appreaciated. Thanks in advance.
0
Comment
Question by:cioservices
  • 3
  • 3
8 Comments
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 16929277
Download Sysinternal's Process Explorer so you can get an idea of what's happening:  

http://www.sysinternals.com/Utilities/ProcessExplorer.html

To get things calmed down a bit before using that, though... you may want to open msconfig.exe and on the services tab, click the box to hide all microsoft processes and see if there are any 3rd party services that you can disable.

Jeff
TechSoEasy
0
 

Author Comment

by:cioservices
ID: 16937194
I Ran sysinternals for a few housr today but the process that was giving us the problem was not running I was able to kill the dredger.exe process that was taking up all of the CPU. THe process is actually a windows process and since its windows 2000 there is no msconfig. I was thinking of disabling the process but I am not sure completly of what it does and I would really like to get to the bottom of why this is happening so that it doesn't cause more problems later. Thanks for the response and bellow is the log for sysinternals:

Process      PID      CPU      Description      Company Name
System Idle Process      0      14.46            
 Interrupts      n/a            Hardware Interrupts      
 DPCs      n/a            Deferred Procedure Calls      
 System      8                  
  SMSS.EXE      212            Windows NT Session Manager      Microsoft Corporation
   CSRSS.EXE      236            Client Server Runtime Process      Microsoft Corporation
   WINLOGON.EXE      260            Windows NT Logon Application      Microsoft Corporation
    SERVICES.EXE      288            Services and Controller app      Microsoft Corporation
     termsrv.exe      416            Terminal Server Service      Microsoft Corporation
     svchost.exe      540            Generic Host Process for Win32 Services      Microsoft Corporation
      DEVICE~1.EXE      824            DeviceReferenceServer Module      PC-Doctor Inc.
      DLLHOST.EXE      1788            COM Surrogate      Microsoft Corporation
      mdm.exe      5288            Machine Debug Manager      Microsoft Corporation
     spoolsv.exe      576            Spooler SubSystem App      Microsoft Corporation
     ati2plxx.exe      924                  
     iomgr.exe      968            I/O Manager module      Adaptec, Inc.
     dcevt32.exe      996            Dell OpenManage Event Monitor      Dell Computer Corporation.
     dcstor32.exe      1012            Dell OpenManage Server Agent      Dell Computer Corporation.
     dfssvc.exe      1068            Windows NT Distributed File System Service      Microsoft Corporation
     svchost.exe      1084            Generic Host Process for Win32 Services      Microsoft Corporation
     svchost.exe      1100            Generic Host Process for Win32 Services      Microsoft Corporation
     pds.exe      1048            CBA -- Ping Discovery Service      Intel® Corporation
     LLSSRV.EXE      1152            Microsoft® License Server      Microsoft Corporation
     LxrJD31s.exe      1196                  
     mr2kserv.exe      1216            mr2kserv Module      
     sqlservr.exe      1232            SQL Server Windows NT      Microsoft Corporation
     portserv.exe      1256                  
     ntfrs.exe      1276            File Replication Service      Microsoft Corporation
     NTRtScan.exe      1300                  Trend Micro Inc.
      OfcDog.exe      2640                  Trend Micro Inc.
     OfcService.exe      1324            ofcservice.exe      Trend Micro Inc.
      DbServer.exe      1524            DbServer      Trend Micro Inc.
      NSAgent.exe      1536            NSAgent      Trend Micro Inc.
     regsvc.exe      1356            Remote Registry Service      Microsoft Corporation
     LOCATOR.EXE      1364            Rpc Locator      Microsoft Corporation
     mstask.exe      1388            Task Scheduler Engine      Microsoft Corporation
     omaws32.exe      1436            Internet Server NT Service      Dell Computer Corporation
      diagorb.exe      4608                  
       PcdrWDia.exe      5048            PcdrWDia      PC-Doctor, Inc.
        PCDr2D3DVideo.e      4924            2D3D Graphics Test Diagnostic Module      PC-Doctor Inc.
     SNMP.EXE      1456            SNMP Service      Microsoft Corporation
     spupdsvc.exe      1468            Update RunOnce Service      Microsoft Corporation
     svchost.exe      1492            Generic Host Process for Win32 Services      Microsoft Corporation
     TmListen.exe      1568                  Trend Micro Inc.
      PccNTUpd.exe      4996                  Trend Micro Inc.
     VxSvc.exe      1736            Volume Manager Service      VERITAS Software Corp.
     WinMgmt.exe      1864            Windows Management Instrumentation      Microsoft Corporation
     WINS.EXE      1896            WINS SERVER      Microsoft Corporation
     winvnc4.exe      1908      83.13      VNC Server Free Edition for Win32      RealVNC Ltd.
     svchost.exe      1948            Generic Host Process for Win32 Services      Microsoft Corporation
     iomrpccm.exe      1972                  
     cionotifier.exe      1988                  
     tcpsvcs.exe      2020            TCP/IP Services Application      Microsoft Corporation
     DNS.EXE      2032            Domain Name System (DNS) Server      Microsoft Corporation
     inetinfo.exe      2044            Internet Information Services      Microsoft Corporation
      aspnet_wp.exe      5400            aspnet_wp.exe      Microsoft Corporation
     HNDLRSVC.EXE      2124            AMS2 Handler Manager Service      Intel® Corporation
      MSGSYS.EXE      2248            CBA -- Message System      Intel® Corporation
     IAO.EXE      2344            Alert Originator Manager      Intel® Corporation
     XFR.EXE      2364            CBA - Message Resource      Intel® Corporation
     ismserv.exe      2456            Windows NT Intersite Messaging Service      Microsoft Corporation
     modemshr.exe      2516            Shared Modem Service      Microsoft Corporation
     msdtc.exe      2600            MS DTC console program      Microsoft Corporation
     EXMGMT.EXE      2872            Microsoft Exchange WMI Provider      Microsoft Corporation
     mad.exe      3196            Microsoft Exchange Server - System Attendant      Microsoft Corporation
     mssearch.exe      3304            Microsoft PKM Search Service      Microsoft Corporation
     FXSSVC.exe      3432            Microsoft Shared Fax Service      Microsoft Corporation
     iomrpcev.exe      3376                  
     MSPADMIN.EXE      3616            Microsoft ISA Server Control Service      Microsoft Corporation
     store.exe      3808            Microsoft MDB Store      Microsoft Corporation
     emsmta.exe      3828            Microsoft Exchange MTA      Microsoft Corporation
     W3PROXY.EXE      4160            Microsoft Web Proxy Server      Microsoft Corporation
     W3PREFCH.EXE      4252            Microsoft Web Proxy Cache Pre-fetch Service      Microsoft Corporation
     WSPSRV.EXE      4312            Microsoft Firewall Service      Microsoft Corporation
    LSASS.EXE      300            LSA Executable and Server DLL (Export Version)      Microsoft Corporation
explorer.exe      2756            Windows Explorer      Microsoft Corporation
 atiptaxx.exe      4856            ATI Task Icon      ATI Technologies, Inc.
 BCMSMMSG.exe      4884            Modem Messaging Applet      Broadcom Corporation
 hpnra.exe      4892            Hewlett-Packard Network Registry Agent      Hewlett-Packard
 StatusClient.ex      4912            Hewlett-Packard T-TR Status Client      Hewlett-Packard
 PccNTMon.exe      4936            I/O Monitor      Trend Micro Inc.
 qbdagent2002.ex      4976            QBDAgent Module      
 sqlmangr.exe      5012            SQL Server Service Manager      Microsoft Corporation
 DUC20.exe      5032            No-IP.com DUC      Vitalwerks LLC
 IEXPLORE.EXE      4220            Internet Explorer      Microsoft Corporation
javaw.exe      5024                  
procexp.exe      5420      2.41      Sysinternals Process Explorer      Sysinternals

0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 16937496
cioservices,

Dredger.exe is part of the health monitor, and here's the fix:  http://snipurl.com/rzu7


Jeff
TechSoEasy
0
Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

 

Author Comment

by:cioservices
ID: 16955206
From what I read in the link that you posted it basicly was saying that the problem with dredger.exe was resolved after a restart and that a few winmgmt errors were all that might be left. However, we have restarted the server multiple times and dredger.exe still will completly max out the CPU.
0
 

Author Comment

by:cioservices
ID: 16955219
Is there something that can be done to the health monitor that might cause this or might fix this problem the Server is a Dell and has alot of the Dell monitoring software on it. I have wondered if this might also attribute to the problem.
0
 
LVL 74

Accepted Solution

by:
Jeffrey Kane - TechSoEasy earned 500 total points
ID: 16955667
Well, the person who posted that they rebooted only said that they were able to do so instead of having to hold the power button when this happens.  But it's the command lines that he posted to clear this process that I felt would work... however, i fyou think it will come back again, perhaps you want to review everyone's conversations about this issue:  http://snipurl.com/s3j7

Jeff
TechSoEasy
0

Featured Post

6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

Join & Write a Comment

The articles for turning off the Client firewall policy on the internet are for SBS 2008 and don't really help for SBS 2011. They actually moved the Client firewall policy. In 2011, the client firewall policy has moved to the SBS computers conta…
I work for a company that primarily works with small businesses as their outsourced IT vendor. As such the majority of these customers utilize some version of Small Business Server. Due to the economics of running a small business, many of these cus…
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…
This video discusses moving either the default database or any database to a new volume.

757 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now