Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Tracerpt.exe consumed 60GB (!) of virtual memory

Posted on 2016-10-31
5
Medium Priority
?
210 Views
Last Modified: 2016-11-07
A PC froze and found this in the event logs.
Event ID 2004
Windows successfully diagnosed a low virtual memory condition. The following programs consumed the most virtual memory: tracerpt.exe (43376) consumed 60695384064 bytes...

I set up perfmon monitoring on a few PCs a few weeks ago. It is set to re-start everyday at 12AM. Have not had any issues with it until this.
This event also has not occurred at any other time other than when the PC froze.

I am only collecting these under Performance Counters
\Memory\% Committed Bytes in Use
\Memory\Available MBytes
\Process(*)\% Privileged Time
\Process(*)\% Processor Time
\Process(*)\% User Time

Any idea how tracerpt.exe grew so large and how I could stop it from happening again?

If I delete the 'NT Kernel' Trace monitor from collection, would it help?
0
Comment
Question by:SeeDk
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
5 Comments
 

Expert Comment

by:Arion Sejdia
ID: 41866904
Tracerpt.exe is a commonly used name for malicious pieces of code.

Boot into Safe Mode (Press F8 continuously on startup)
Use an Anti-Virus in safe mode, Malwarebytes is a good one.

If it keeps freezing, you might have to take it in for repairs.
0
 
LVL 71

Expert Comment

by:Qlemo
ID: 41866967
The genuine tracerpt.exe has to scan the event log. There might be an issue with the event log, but in any case it is a bug I would monitor further for.
On the other hand, if you are not aware of any event log monitoring, why should it run at first place?
0
 

Author Comment

by:SeeDk
ID: 41867066
@Arion
I set up Performance Monitoring (perfmon) on this PC, so it's likely to be related to that rather than a virus. I can check to make sure but perfmon seems to be the issue here. I have it paused now so if it runs again on its own, i'll know it is something else.
https://technet.microsoft.com/en-us/library/cc732700(WS.10).aspx

@Qlemo
I am aware of monitoring. That is why I mentioned in the first post that I enabled perfmon on this PC.
It is set to run at all hours of the day gathering the process info that I listed.
Its only been enabled since last Monday, but it gave me no issues until today.
0
 

Accepted Solution

by:
SeeDk earned 0 total points
ID: 41870479
I think this is resolved now.
The tracerpt.exe process is only started when perfmon has finished collecting data and compiles the information to generate a report. It must have encountered an error while compiling which led to that memory usage.
For my purposes, i don't need the report and can work with only the .blg file.

I disabled the reporting from the Data Manager tab and it has run smoothly the past few days.
No trace (ha!) of the tracerpt.exe process running on the PCs while perfmon is collecting data.
0
 

Author Closing Comment

by:SeeDk
ID: 41876878
found the solution on my own
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article is a collection of issues that people face from time to time and possible solutions to those issues. I hope you enjoy reading it.
In the absence of a fully-fledged GPO Management product like AGPM, the script in this article will provide you with a simple way to watch the domain (or a select OU) for GPOs changes and automatically take backups when policies are added, removed o…
The viewer will learn how to successfully create a multiboot device using the SARDU utility on Windows 7. Start the SARDU utility: Change the image directory to wherever you store your ISOs, this will prevent you from having 2 copies of an ISO wit…
The viewer will learn how to successfully download and install the SARDU utility on Windows 8, without downloading adware.

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question