Solved

Blue screen of death -  Windows 2003 enterprise - main production server - hard nut to crack!

Posted on 2006-07-12
9
450 Views
Last Modified: 2012-08-13
Hi!

We have a critical bleu screen error on our main server which among things runs our first name server.

Could you guys interpreter this error for us - we do not know the cause yet, if its triggered by recently installed software.

the server has been running fine for a very long time and has NOT had any hardware upgrades since windows was installed in the first place.

The blue screen of death is as follows:

Plz note: The spaces between the numbers/characters is ONLY made for making reading easier!

*** Stop : 0 X 000 000 B8, (0 x 87 811 AC 0, 0 X 89 F3 B8 D0, 0 X B884 B 000, 0 X 0000 0000)
We would very much aprecate the help we can get on this hard nut to crack!

As for what I know the latest thing that has been added to the server is a backup software "Paragon 7.0" from  http://www.drive-backup.com

Thanks in advance guys!
 
0
Comment
Question by:whatisthesolution
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 3
9 Comments
 
LVL 29

Accepted Solution

by:
mass2612 earned 500 total points
ID: 17096957
Hi,

You can use the Windows Debugging Tools to analyse the memory.dmp file that should be in your C:\windows or c:\winnt folder. Copy this to a workstation and install the debugging tools and then use Windbg to analyse the dump file to try to help figure it out.

http://www.microsoft.com/whdc/devtools/debugging/installx86.mspx

You'll need to add the following setting to the symbol file path within the Windbg tool
SRV*c:\temp*http://msdl.microsoft.com/download/symbols

http://support.microsoft.com/?kbid=311503

What's you hardware details? Are you running the cluster service?
0
 
LVL 1

Author Comment

by:whatisthesolution
ID: 17097373
Its fujitsu siemens machine with AMD processor - mainboard? -  i dont know..  2 D-link gbs eathernet nics . 3 GB DRR RAM from a danish producer called dan-elect. the setup is nothing special, kind of standard. Cluster service? - No we are not running cluster service...

In the meantime - thanks - we look into the tools and have looks..

I'l return with an update on how it goes...

0
 
LVL 1

Author Comment

by:whatisthesolution
ID: 17097386
Oh da.. the second link you gave me is invalid....

Microsoft Internet Symbol Server
The data you requested cannot be retrieved.

You have reached this page because either you or an application that you are running has tried to retrieve debugging data from Microsoft.  The requested data is either not available or needs to be retrieved by using the latest Microsoft Symbol Server technology.

This internet debugging data storage site is provided by Microsoft ........................................

thanks in advance!


0
Free NetCrunch network monitor licenses!

Only on Experts-Exchange: Sign-up for a free-trial and we'll send you your permanent license!

Here is what you get: 30 Nodes | Unlimited Sensors | No Time Restrictions | Absolutely FREE!

Act now. This offer ends July 14, 2017.

 
LVL 29

Expert Comment

by:mass2612
ID: 17097435
That line is not a link for you to browse to its a setting that you add in the Windbg tool so that you have access to the symbol files for the OS.

"SRV*c:\temp*http://msdl.microsoft.com/download/symbols"
0
 
LVL 1

Author Comment

by:whatisthesolution
ID: 17097450
Ok - it seams that i was to fast there on my keyboard - all links are ok. :-)
0
 
LVL 1

Author Comment

by:whatisthesolution
ID: 17097641
Hi - i get an error:

................
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck B8, {87811ac0, 89f3b8d0, b884b000, 0}

*** ERROR: Module load completed but symbols could not be loaded for hotcore.sys
Probably caused by : hotcore.sys ( hotcore+1514 )

Followup: MachineOwner

 hotcore.sys -->so what do i do know?
0
 
LVL 1

Author Comment

by:whatisthesolution
ID: 17097708
Well in the meantime -  ive doen some googleing..  and found this:

http://www.file.net/process/hotcore.sys.html

 hotcore.sys file information
The process Hotbackup helper driver belongs to the software HotBackup by Paragon Software Group.

Description: hotcore.sys is located in the folder C:\Windows\System32\drivers. Known file sizes on Windows XP are 18208 bytes (69% of all occurrence), 30820 bytes.
The driver can be started or stopped from Services in the Control Panel or by other programs. The program has no visible window. The service has no detailed description. File hotcore.sys is not a Windows core file. Therefore the technical security rating is 40% dangerous.

So it looks like paragone has taken the server down on its knees.. - so the big million dollar question is on how to fix this.
0
 
LVL 29

Expert Comment

by:mass2612
ID: 17097777
I would disable the Paragon software and services  and contact their technical support for assistance as a first step as there is probably an update or fix that they can provide.
0
 
LVL 1

Author Comment

by:whatisthesolution
ID: 17097868
Sounds like a good advice! :-)

mass2612! thank you for your help!

Have a very nice day - you deserve it!

Cheers whatisthesolution
0

Featured Post

Free eBook: Backup on AWS

Everything you need to know about backup and disaster recovery with AWS, for FREE!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The HP utility "HP Lights-Out Online Configuration Utility for Windows Server 2003/2008" could be of great use when it comes to remotely configure a HP servers ILO WITHOUT rebooting the server. We would only need to create and run scripts using thi…
I've always wanted to allow a user to have a printer no matter where they login. The steps below will show you how to achieve just that. In this Article I'll show how to deploy printers automatically with group policy and then using security fil…
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…
If you’ve ever visited a web page and noticed a cool font that you really liked the look of, but couldn’t figure out which font it was so that you could use it for your own work, then this video is for you! In this Micro Tutorial, you'll learn yo…

690 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question