mikeabc27
asked on
Infected SBS 2003 server?
I am monitoring an SBS 2003 Premium server which in saying the CPU is 33% to 80% busy while System Idle Process is constantly 87% to 95%.
The Server is protected by Symantec Endpoint and if it wasn't a server I would run Combofix.
Any ideas?
The Server is protected by Symantec Endpoint and if it wasn't a server I would run Combofix.
Any ideas?
Hi,
Although it may appear to users that their CPU is being monopolized by the idle process, it is merely acting as a sort of placeholder during "free time" (therefore, whenever the idle process appears to be consuming most of the CPU, it is proof that no other process wants that CPU time)
In other words when this process is consuming the CPU there are no other processes looking to use the CPU, the CPU is Idle and free.
Is the Server Slow ?
Although it may appear to users that their CPU is being monopolized by the idle process, it is merely acting as a sort of placeholder during "free time" (therefore, whenever the idle process appears to be consuming most of the CPU, it is proof that no other process wants that CPU time)
In other words when this process is consuming the CPU there are no other processes looking to use the CPU, the CPU is Idle and free.
Is the Server Slow ?
ASKER
Yes, it feels like more than 60% of cpu being used. Slow to save and just got msg Disk is Full.
I was just surprised that CPU Usage doesn't equal System Idle minus running processes.
I was just surprised that CPU Usage doesn't equal System Idle minus running processes.
Clear out the disk to free up space with tresizer and atfcleaner this will improve speed as the page file is filling up
ASKER
101GB showing as free and available, so I checked the quotas and 2 were on 99.9% full but no warning received. I've increased these from 1GB to 5GB and the CPU is running at 1% to 4%
Last time I say something like that, the system was suffering from a high hardware interrupt rate - found this using Process Explorer. Is this a proper server or a home built system acting like a server?
Do cleanup the C: drive - for 20+ things you can do, see http://www.lwcomputing.com/tips/static/bootdrivesize.asp
Do cleanup the C: drive - for 20+ things you can do, see http://www.lwcomputing.com/tips/static/bootdrivesize.asp
ASKER
Checked remotely this and CPU usage still at 20% to 40% while System Idel around 2% to 10% - no indication of why the CPU is so busy.
I built the server myself around 7 years ago and it started life with an Adaptec 3920 and 2 x 53GB SCSIs, high end (workstation) motherboard and P4 cpu. When the Adaptec died I switched the disks for a 250GB SATA, They have to replace this in the next 6 months, I'm just trying to get it to last a little longer.
I'll check out the article.
I built the server myself around 7 years ago and it started life with an Adaptec 3920 and 2 x 53GB SCSIs, high end (workstation) motherboard and P4 cpu. When the Adaptec died I switched the disks for a 250GB SATA, They have to replace this in the next 6 months, I'm just trying to get it to last a little longer.
I'll check out the article.
Do you have a VirusScan or some sort of indexing software or Shadow Copy enabled
ASKER
I have had to stop the disk cleam up as no-one can connect to server. Will do over the weekend.
treetop -Using Symantec Enfdpoint on the server but cannot see any processes using excess CPU power. What I do not get is CPU usage - 40% I would expect = System Idle + running process = 60%. but I am getting - system idle = 92% and other processes 4%, as if CPU usage was only 96%.
When the CPU usage read 40% it feels like it.
treetop -Using Symantec Enfdpoint on the server but cannot see any processes using excess CPU power. What I do not get is CPU usage - 40% I would expect = System Idle + running process = 60%. but I am getting - system idle = 92% and other processes 4%, as if CPU usage was only 96%.
When the CPU usage read 40% it feels like it.
Do you have the relevant exclusions set for Symantec
System Idle is only run once nothing else is running and the CPU is Idle
System Idle is only run once nothing else is running and the CPU is Idle
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
resolved myself
ASKER