Wspsrv.exe causing random high CPU utilization – how to catch it?

I was reading the Windows IT Pro Magazine of this month (September 2009) and there I found a nice article written by an Escalation Engineer here from Microsoft Texas (Michael Morales) where he describes how to use ProcDump to catch high CPU utilization. This is an amazing tool that can also help ISA Administrators, mainly for scenarios where we just can’t get the right data (most case dumps) because the issue is random and when it happens there is nobody available to execute a command (for example: launch DebugDiag and choose the option for manual dump the process).


For an ISA Server high CPU utilization scenario a simple example will be dump out the Firewall Service process two times when the CPU for wspsrv.exe is at or exceeds 90 percent for 5 seconds and store the dumps in the c:\dumps folder:


c:\procdump.exe -c 90 -s 5 -n 2 wspsrv.exe c:\dumps


Isn’t that cool?


Make sure to read the article from Michael Morales to fully understand how this tool works:


Comments (2)

  1. Hi Sunil, thanks for testing this on TMG!!

    BTW the -64 command is to allow procdump to work on 64 bits platform.

  2. Sunil says:

    Inorder to run this tool in 64 bit operating system, use following command.

    Example:- c:procdump.exe -64 -c 90 -s 5 -n 2 wmiprvse.exe c:dumps