SBS 2003 server with too many processes, PF using 2.38 GB of RAM

I have a Dell Poweredge server running Small Business Server 2003. I noticed that the server seems very busy. There are 116 processes running and PF usage reports 2.38 GB. Additionally, I am running Symantec Endpoint Protection on the server, Blackberry Professional software with 3 blackberries, and a couple simple applications.

This server seems to respond OK but the higher CPU load and higher # of processes seems a bit troubling. How do I review the server activity to ensure I do not have uninvited guests running on the server? I do not have any benchmark data to compare against.
itplatoonAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Lee W, MVPTechnology and Business Process AdvisorCommented:
116 processes does seem excessively high.  You can post the process list here and we can review - In theory, you can use products like HiJackThis to analyze it - but I prefer learning and not just trusting, so I review the list manually and research any process I cannot specifically identify.
0
itplatoonAuthor Commented:
AADMIN50.EXE                  9832 RDP-Tcp#3                  1      2,920 K
AADMIN50.EXE                 10132 RDP-Tcp#3                  1         96 K
alert.exe                     1392 Console                    0      4,472 K
AsAlert.exe                   9088 Console                    0      9,212 K
ati2evxx.exe                   488 Console                    0      4,016 K
BBAttachServer.exe            2420 Console                    0      6,580 K
BBConvert.exe                 7652 Console                    0      5,104 K
BBConvert.exe                 8268 Console                    0      5,104 K
BBConvert.exe                 8664 Console                    0      5,104 K
BBConvert.exe                10112 Console                    0      5,104 K
BESAlert.exe                  2952 Console                    0      5,564 K
BlackBerryAgent.exe           6900 Console                    0     22,540 K
BlackBerryController.exe      2340 Console                    0      5,688 K
BlackBerryDispatcher.exe      4196 Console                    0     12,824 K
BlackberryRouter.exe          3692 Console                    0      6,696 K
BlackBerrySyncServer.exe      7056 Console                    0     23,676 K
bmds.exe                      2752 Console                    0     87,424 K
caauthd.exe                   3764 Console                    0      6,744 K
cadiscovd.exe                 2568 Console                    0      6,924 K
caloggerd.exe                 1648 Console                    0      6,480 K
casdscsvc.exe                 3752 Console                    0      7,336 K
CASERVED.EXE                  1672 Console                    0      6,876 K
casmrtbk.exe                  1668 Console                    0      6,116 K
Catirpc.exe                   3064 Console                    0      4,224 K
ccApp.exe                     6976 RDP-Tcp#3                  1        568 K
ccSvcHst.exe                  1320 Console                    0      2,312 K
cmd.exe                       8324 RDP-Tcp#3                  1      3,644 K
csrss.exe                     1256 Console                    0      4,260 K
csrss.exe                     4768                            3      2,360 K
csrss.exe                     7124 RDP-Tcp#3                  1      3,956 K
dbasqlr.exe                   3152 Console                    0      6,072 K
dbasvr.exe                    3136 Console                    0      4,456 K
DBENG.exe                     3188 Console                    0     10,812 K
dbsrv9.exe                    1420 Console                    0    228,516 K
dfssvc.exe                    3804 Console                    0      6,692 K
Directcd.exe                  9280 RDP-Tcp#3                  1      1,152 K
dns.exe                       3924 Console                    0     24,148 K
dsm_om_shrsvc32.exe           2600 Console                    0      6,844 K
dsm_sa_datamgr32.exe          3788 Console                    0     16,580 K
dsm_sa_eventmgr32.exe         3724 Console                    0      8,324 K
exmgmt.exe                    5400 Console                    0     10,880 K
explorer.exe                  9960 RDP-Tcp#3                  1      6,532 K
igateway.exe                  1592 Console                    0     11,208 K
imbservice.exe                6020 Console                    0      4,276 K
inetinfo.exe                  2696 Console                    0     34,200 K
ITAdminServer.exe             6244 Console                    0     17,652 K
jobeng.exe                    4004 Console                    0     11,064 K
jucheck.exe                   6500 RDP-Tcp#3                  1        276 K
jusched.exe                   8472 RDP-Tcp#3                  1        140 K
LDBserver.Exe                 9032 Console                    0     10,000 K
lic98rmt.exe                  3072 Console                    0      4,680 K
llssrv.exe                    2856 Console                    0      7,484 K
locator.exe                   8896 Console                    0      6,608 K
logon.scr                     7156 Console                    0      3,528 K
LQServer.exe                  2244 Console                    0      9,212 K
lsass.exe                     1864 Console                    0     30,784 K
mad.exe                       5928 Console                    0     29,992 K
MEDIASVR.EXE                  1088 Console                    0      6,040 K
mr2kserv.exe                  1284 Console                    0      3,780 K
msdtc.exe                     1328 Console                    0      5,796 K
msgeng.exe                     260 Console                    0     10,816 K
mssearch.exe                  4304 Console                    0      1,748 K
ntfrs.exe                     2324 Console                    0      2,268 K
ofant.exe                     2664 Console                    0      5,924 K
OWSTIMER.EXE                  3140 Console                    0     12,072 K
pbeagent.exe                  1024 Console                    0     22,896 K
PBESER~1.EXE                  1336 Console                    0     18,472 K
PRONoMgr.exe                  9940 RDP-Tcp#3                  1        196 K
racsvc.exe                    1264 Console                    0      3,988 K
rdpclip.exe                   8668 RDP-Tcp#3                  1        556 K
rds.exe                       3744 Console                    0      9,172 K
ReporterSvc.exe               5792 Console                    0     14,572 K
Rtvscan.exe                   8828 Console                    0      2,800 K
sbscrexe.exe                  6116 Console                    0      8,704 K
SemSvc.exe                    4520 Console                    0    156,292 K
services.exe                  1836 Console                    0    109,692 K
Smc.exe                       1012 Console                    0     12,368 K
SmcGui.exe                    3148 RDP-Tcp#3                  1      7,320 K
smss.exe                       776 Console                    0        500 K
spoolsv.exe                   1112 Console                    0     11,800 K
sqlbrowser.exe                4380 Console                    0      4,332 K
sqlmangr.exe                  7088 RDP-Tcp#3                  1      1,028 K
sqlservr.exe                  1048 Console                    0     50,292 K
sqlservr.exe                  2312 Console                    0     65,320 K
sqlwriter.exe                 4580 Console                    0     10,088 K
store.exe                     2308 Console                    0    576,900 K
svchost.exe                    504 Console                    0      4,764 K
svchost.exe                    940 Console                    0      5,684 K
svchost.exe                   1144 Console                    0      6,860 K
svchost.exe                   1184 Console                    0      8,848 K
svchost.exe                   1488 Console                    0     38,256 K
svchost.exe                   4012 Console                    0      3,900 K
svchost.exe                   5204 Console                    0      9,008 K
svchost.exe                   5612 Console                    0      3,864 K
svchost.exe                   8568 Console                    0      7,052 K
svchost.exe                   9036 Console                    0      5,744 K
System                           4 Console                    0      5,164 K
System Idle Process              0 Console                    0         28 K
TAPEENG.exe                   2132 Console                    0     16,776 K
tasklist.exe                  6844 RDP-Tcp#3                  1      5,368 K
taskmgr.exe                   9808 RDP-Tcp#3                  1      1,372 K
tcpsvcs.exe                   5240 Console                    0     14,164 K
UNIVAGENT.exe                 2680 Console                    0      8,936 K
VProSvc.exe                   2144 Console                    0     25,876 K
VProTray.exe                  6624 RDP-Tcp#3                  1      5,452 K
w3wp.exe                      5488 Console                    0     41,096 K
winlogon.exe                  1680 Console                    0     28,044 K
winlogon.exe                  8236 RDP-Tcp#3                  1      5,120 K
wins.exe                      5756 Console                    0      9,600 K
wmiprvse.exe                  4332 Console                    0     16,724 K
wmiprvse.exe                  6152 Console                    0     16,260 K
wuauclt.exe                   1984 RDP-Tcp#3                  1      5,468 K
0
Lee W, MVPTechnology and Business Process AdvisorCommented:
About 15% of those are because you have a terminal session open in addition to the console session.  Otherwise, I don't see anything that jumps out at me...  I wonder why you have 4 BBConvert.exe apps running on the console... but most of those appear normal to me.  Although, why do you have DirectCD (Roxio) installed on the server?
0
Exploring ASP.NET Core: Fundamentals

Learn to build web apps and services, IoT apps, and mobile backends by covering the fundamentals of ASP.NET Core and  exploring the core foundations for app libraries.

itplatoonAuthor Commented:
Roxio Easy CD Creator came with the server; not sure if came pre-installed or if I added. Is there a downside to having this software installed?

Found this thread on bbconvert.exe
http://www.blackberryforums.com/bes-admin-corner/137715-bbconvert-exe-using-30-cpu-week.html

One point of advice was to cycle the Blackberry Attachment Service, which I did, and that seems to helped a little.

There was also a note about upgrading to a newer version of BES.
0
Lee W, MVPTechnology and Business Process AdvisorCommented:
I haven't setup the blackberrry server before... it looks to me like it's using 6-8 processes (9-13 including the BBCONVERT.EXE process).

I know you can run it from an XP workstation as well.

It's a lot of processes... and the biggest concern is memory utilization because SBS is limited to 4 GB (assuming you have it maxed out).

I would disable DirectCD, especially if you don't use it.  I don't know that's it a real problem per se, but it's a process eating RAM and it's an attack vector for hackers (though to be fair and honest, it's likely never going to cause a problem).

For RAM utilization, you can also adjust the RAM the MSDE/SQLExpress instances use - See:
http://msmvps.com/blogs/bradley/archive/2005/02/04/allocated-memory-alert-revisited.aspx

I despise Symantec products... BackupExec may still be ok, but while the feature set LOOKS good in SEP, I've found instances where the product causes conflicts with other Windows software and/or updates and they have a tendency to update too slowly (I've been involved in 3 major virus cleanups... ALL used Symantec products - and once, it took them 3 days to get an update that a no-name AV product had 3 months earlier).  In short, I wouldn't be surprised if that was using high amounts of RAM.

To get a look at PageFile Utilization, check the box for Virtual Memory Size when on the Task Manager Processes tab (off the View menu, Select Columns... options).
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
itplatoonAuthor Commented:
Lee, thanks for the info/advice.  So far so good. I'll adjust the RAM on MSDE next weekend.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
SBS

From novice to tech pro — start learning today.