Solved

Corrupt files on Windows Server 2008...

Posted on 2009-05-04
8
588 Views
Last Modified: 2012-05-06
My company has recently been encountering an issue where files in shared directories on the Windows 2008 server are apparently becoming corrupt.  When this occurs, the XP workstation that is trying to open the shared directory will lock up for a couple of minutes and then return a message stating that the network location is inacessible.  When I open the directory locally from the server, I am able to view all of the files but there will be one file that cannot be opened, copied, or have it's properties displayed.  When I do attempt to perform one of these operations, it causes the server to lock up.  

This has happened to multiple different files types that have been accessed by several different employees, from different machines.  Further, we are running Symantec Endpoint 11 on the server and workstations, and run regular scans that all come back clean.  We have a regular backup schedule, so all is not lost when this happens, but it is causing lost productivity and duplicated work.

Any thoughts?

Thanks.
0
Comment
Question by:MrBookins
  • 4
  • 2
  • 2
8 Comments
 
LVL 58

Accepted Solution

by:
tigermatt earned 500 total points
ID: 24296011

Uninstall Symantec Endpoint from the server. If possible, call Symantec and ask for the CleanWipe tool, to ensure SEP is fully and properly removed from the server.

SEP is known to cause major issues with Server 2008 shares and the only solid solution at present is to remove it and move to another AV. What you are describing is normal for that AV product.

-Matt
0
 
LVL 58

Expert Comment

by:tigermatt
ID: 24296016

Also - I meant to add, go to the properties of the NIC on your server and disable all the various Checksum Offload features.

-Matt
0
 
LVL 12

Expert Comment

by:Gideon7
ID: 24296037
Open the Event Log and look under System and check for disk IDE errors, SCSI errors, or timeouts.  A bad disk sector can cause lockups as the disk tries to repeatedly read a bad spot.
0
 
LVL 1

Author Comment

by:MrBookins
ID: 24296529
Matt: I made the recommended changes to the NIC, but as we've already dropped some money into Symantec, I am pretty hesitant to uninstall and pay money for a different product.  Can you provide any documentation or reference stating issues or incompatibilites with SEP and WS2008?  I am using SEP 11.0 RP4 which is supposed to be compatible with Server 2008.

Gideon7: I can find no errors that seem related to the issue.

Thanks for the help, so far!
0
Comprehensive Backup Solutions for Microsoft

Acronis protects the complete Microsoft technology stack: Windows Server, Windows PC, laptop and Surface data; Microsoft business applications; Microsoft Hyper-V; Azure VMs; Microsoft Windows Server 2016; Microsoft Exchange 2016 and SQL Server 2016.

 
LVL 58

Expert Comment

by:tigermatt
ID: 24297072

I'm not aware of any documentation which states SEP has problems with Server 2008 shares; why would Symantec place documents on their site which would have a negative effect on their sales?

You only need to do a quick search of EE to see how much of a problem this is with SEP and Server 2008. Some people would say it has been 'fixed', but the problem is still very much apparent.

I'm not saying with 100% certainty that SEP is the cause, so you don't need to move right away from it. However, uninstall it fully from the server (to remove the hooks from the system) and then re-test for a few days. You will probably find that the problem goes away - in which case, it proves SEP is the cause.

-Matt
0
 
LVL 12

Expert Comment

by:Gideon7
ID: 24297464
Try temporarily turning off the realtime antivirus scans.
Is the same file always locking up, or does it vary?  The same folder, or does it vary?
Any clues in the Event Log at all?
0
 
LVL 1

Author Comment

by:MrBookins
ID: 24297549
So far it has never been the same file or folder.  No related events in the event log, and whereas this issue happens once every week or two, I don't want to have my antivirus disabled for an extended amount of time to wait to see if it happens again.  I am currently doing some further research into the Symantec-Server2008 issues.  I have found this hotfix that I will attempt overnight:

http://service1.symantec.com/support/ent-security.nsf/854fa02b4f5013678825731a007d06af/83c0c86ee25d3cd3802574d500432c6a?OpenDocument

Has anyone tried this hotfix?  Successes?  Failures?

Thanks.
0
 
LVL 58

Expert Comment

by:tigermatt
ID: 24299397

Simply disabling the anti-virus is *not* enough. You have to fully uninstall it to remove its hooks from the system and therefore stop it having an effect.

Whether you actually follow my advice to remove it and test is your decision. I can only advise you that based on my experience, I can predict with 99% certainty that the SEP in the situation is the root cause for this - and *removing* the AV is the only sure-fire way to test that is indeed the issue. If you do not remove the AV, you will never be able to prove that is actually the cause.

I have heard of hotfixes being used, but they do not fully patch the situation and there are still issues after any of the SEP hotfixes for this situation are applied. It may work, but I have not yet seen the hotfix solve all the issues SEP causes.

If I were you, I would be removing all Symantec AV products from your system and installing a more efficient, reliable and trustworthy product - either AVG, or McAfee with ePO for larger networks.

-Matt
0

Featured Post

Backup Your Microsoft Windows Server®

Backup all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Issue: Unstable cursor in Windows XP and Windows runs extremely slow in that any click will bring up the Hour glass (sometimes for several seconds before giving you what you want) . Troubleshooting Process and the FINAL FIX: This issue see…
For both online and offline retail, the cross-channel business is the most recent pattern in the B2C trade space.
This tutorial will walk an individual through locating and launching the BEUtility application and how to execute it on the appropriate database. Log onto the server running the Backup Exec database. In a larger environment, this would generally be …
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…

932 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

9 Experts available now in Live!

Get 1:1 Help Now