Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

What causes msexcimc.exe to spike to 100% CPU processes

Status
Not open for further replies.
TranquilUncle

TranquilUncle

Technical User
Jan 24, 2003
21
US
I'm running Exchange 5.5 SP4 on WinNT Server 4.0 SP6a. When I start IMC it "hangs" on the starting IMC service. It never comes back with an error message. It(msexcimc.exe) spikes the CPU process to 100% and I can't receive/send email externally. I have to bring up task manager and "end" the process. Any help on what causes this to happen and how to stop it from happening is greatly appreciated.
 
Sort by date Sort by votes
could be corrupt mails in the IMCDATA IN/OUT directories. Stop the IMC, Clear out any files you see in there, move out the queue.dat, and restart the IMC.
 
Upvote 0 Downvote
I did that, now I have more spam mail in my out directory. Just not as much as before. But, I did not move the queue.dat file out. Seems like email is getting stuck in the out directory only. The in directory is clear. I'll follow your instructions step-by-step and tell you the results.
 
Upvote 0 Downvote
I am having the same problem. In the Event log, there was a message about the mail service having over 25000 messages queued so it would not start accepting messages for delivery again until the number dropped below 15000.

We only have 8 users so you are probably already thinking what I am and that is we have some type of virus.

We are running SP4 and should not be open for relaying. I checked this and we only allow "authenicated users" to send mail.

Our AV is Noton Corporate, but I cannot view Virus history becuase when I try to open the history logs all I get is an hour glass and eventually I have to kill it because it says it is "not responding".

Next, I took a look at mail box size and was shocked to see that the administrator mailbox had 1000s of messages in it. So I set up Outlook for the Administrator mailbox and there are 10s of thousands of messages from "Administrator" to the "Administrator" thousands of which are like the following:

A mail message was not sent because the maximum time for delivery has expired. The message was not delivered to the following addresses:

The message that caused this notification was:


To: <nmwanang@chickmail.com>
From: <acrimoniousbreadfruit@hanmail.net>
Subject:

Of course, no one in our organizaion has sent/received an email from any of the addresses that are showing up.

We are also getting non-delivery notices about messages where the subject is for something that is obviously SPAM, e.g., V_iagra.

Any ideas or help to get to the source of this problem would be appreciated.
 
Upvote 0 Downvote
Airforce1 - Did you ever find a resolution to this? I'm finding thousands of emails addressed to various hanmail.net email addresses. It looks like hanmail.net is some domain in China and I'm thinking I might have a trojan horse or something.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

T
  • Locked
  • Question
How to use third party mail security gateway to scan internal/inter-domain mails in Exchange On-Premise?
Replies
3
Views
1K
DrB0b
DrB0b
PatrickRoggers
  • Locked
  • Helpful tip
Safest Way to Import PST file into Exchange Online
Replies
0
Views
1K
PatrickRoggers
PatrickRoggers
Satishkumar007
  • Locked
  • Question
Help needed to recover after complete site failure
Replies
0
Views
1K
Satishkumar007
Satishkumar007
ComputersUnlimited
  • Locked
  • Question
Migrating to Exchange 2019
Replies
0
Views
1K
ComputersUnlimited
ComputersUnlimited
DrB0b
  • Locked
  • Question
Moved to 365 in cloud, cannot get iPhones default mail app to connect
Replies
2
Views
1K
Priyanka_Chauhan
Priyanka_Chauhan

Part and Inventory Search

Sponsor

Back
Top