[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

High CPU System Process

Posted on 2011-09-30
4
Medium Priority
?
889 Views
Last Modified: 2012-05-12
I have 3 domain controllers that are all running between 85-95% CPU usage. This issue started over the weekend and nothing is showing up in the logs. I've used process explorer to narrow the issue to the system service. I would also like to note, this has not affected performance or availability of any services, critical or otherwise.

Details and what I've ruled out...

Two of the DC's are Server 03 and the third is 08.
The 03 servers use Symantec and the 08 uses Mcafee.
All 3 are virtualized on 3 different hosts using VMWare.

Due to the fact that they're different OS's and they have different AV's running, I do not think it has anything to do with AV. I've also run scans to check for viruses and turned up nothing.

When I look at the threads of the process, the culprit appears to be "srv.sys+0x1a602 "

Google hasn't turned up much beyond some Microsoft hotfixes revolving around AV patches, which I am inherently skeptical of.  

Any ideas would be great! Thanks!

0
Comment
Question by:THe_Revolver
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 29

Expert Comment

by:Dr. Klahn
ID: 36894599
I have never seen a system that ran correctly with the Norton/Symantec antivirus.  Recommend you uninstall Norton/Symantec, and all its associated addons, using the freeware Revo Uninstaller.  Then see if the CPU issue is alleviated.  If it is, well and good; choose a different antivirus.  If not, other avenues can be explored.
0
 
LVL 7

Expert Comment

by:D_Vante
ID: 36897274
I have seen this when a service is constantly accesing the DCs for permission.  Could be something as simple as a copier with a scan to network service,  Have you checked the event logs
0
 

Accepted Solution

by:
THe_Revolver earned 0 total points
ID: 36919084
Turns out one of our admins pushed a script without anyone knowing. Threw a wrench in the works. Thanks!
0
 

Author Closing Comment

by:THe_Revolver
ID: 36941249
Make sure everyone on your team documents their work.
0

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

While rebooting windows server 2003 server , it's showing "active directory rebuilding indices please wait" at startup. It took a little while for this process to complete and once we logged on not all the services were started so another reboot is …
Backups and Disaster RecoveryIn this post, we’ll look at strategies for backups and disaster recovery.
This tutorial will show how to configure a new Backup Exec 2012 server and move an existing database to that server with the use of the BEUtility. Install Backup Exec 2012 on the new server and apply all of the latest hotfixes and service packs. The…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Suggested Courses

649 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question