System PID 4 read all files

Question

My Firebird database freezes several times a week because the system process with the PID 4 apparently reads in all files from all hard drives. The process takes 30 minutes to read the database. During this time, the database can only be used to a very limited extent. How can I find out what causes these files to be read or how can I prevent this database from being read?

I did not find a related event in the event log that was involved in all cases.
I have not found a task involved in all cases.

I have already done the following:
Virus scanner uninstalled
Windows Defender uninstalled
Disabled the SysMain service

In Registry:
Add Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management\PrefetchParameters\EnablePrefetcher = 0
Add Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management\PrefetchParameters\EnableSuperfetch = 0


Only the database and the associated application are installed on the server. 
The service provider of the application does not have this error with any of their other customers and recommends that I migrate the system to Linux ...

Answer 1

Hello there,

Is there anything in event viewer?

I would suggest you to use proc mon to identify if there is nothing on the event viewer.

Process Monitor is an advanced monitoring tool for Windows that shows real-time file

system, Registry and process/thread activity. You can get the tool from here

https://docs.microsoft.com/enus/sysinternals/downloads/procmon

System Monitor (Sysmon) is a Windows system service and device driver that, once installed on a system, remains resident across system reboots to monitor and log

system activity to the Windows event log.You can get the tool from here

https://docs.microsoft.com/enus/sysinternals/downloads/sysmon

Hope this resolves your Query !!

--If the reply is helpful, please Upvote and Accept it as an answer--