Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 598
  • Last Modified:

Corrupt files on Windows Server 2008...

My company has recently been encountering an issue where files in shared directories on the Windows 2008 server are apparently becoming corrupt.  When this occurs, the XP workstation that is trying to open the shared directory will lock up for a couple of minutes and then return a message stating that the network location is inacessible.  When I open the directory locally from the server, I am able to view all of the files but there will be one file that cannot be opened, copied, or have it's properties displayed.  When I do attempt to perform one of these operations, it causes the server to lock up.  

This has happened to multiple different files types that have been accessed by several different employees, from different machines.  Further, we are running Symantec Endpoint 11 on the server and workstations, and run regular scans that all come back clean.  We have a regular backup schedule, so all is not lost when this happens, but it is causing lost productivity and duplicated work.

Any thoughts?

Thanks.
0
MrBookins
Asked:
MrBookins
  • 4
  • 2
  • 2
1 Solution
 
tigermattCommented:

Uninstall Symantec Endpoint from the server. If possible, call Symantec and ask for the CleanWipe tool, to ensure SEP is fully and properly removed from the server.

SEP is known to cause major issues with Server 2008 shares and the only solid solution at present is to remove it and move to another AV. What you are describing is normal for that AV product.

-Matt
0
 
tigermattCommented:

Also - I meant to add, go to the properties of the NIC on your server and disable all the various Checksum Offload features.

-Matt
0
 
Gideon7Commented:
Open the Event Log and look under System and check for disk IDE errors, SCSI errors, or timeouts.  A bad disk sector can cause lockups as the disk tries to repeatedly read a bad spot.
0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

 
MrBookinsAuthor Commented:
Matt: I made the recommended changes to the NIC, but as we've already dropped some money into Symantec, I am pretty hesitant to uninstall and pay money for a different product.  Can you provide any documentation or reference stating issues or incompatibilites with SEP and WS2008?  I am using SEP 11.0 RP4 which is supposed to be compatible with Server 2008.

Gideon7: I can find no errors that seem related to the issue.

Thanks for the help, so far!
0
 
tigermattCommented:

I'm not aware of any documentation which states SEP has problems with Server 2008 shares; why would Symantec place documents on their site which would have a negative effect on their sales?

You only need to do a quick search of EE to see how much of a problem this is with SEP and Server 2008. Some people would say it has been 'fixed', but the problem is still very much apparent.

I'm not saying with 100% certainty that SEP is the cause, so you don't need to move right away from it. However, uninstall it fully from the server (to remove the hooks from the system) and then re-test for a few days. You will probably find that the problem goes away - in which case, it proves SEP is the cause.

-Matt
0
 
Gideon7Commented:
Try temporarily turning off the realtime antivirus scans.
Is the same file always locking up, or does it vary?  The same folder, or does it vary?
Any clues in the Event Log at all?
0
 
MrBookinsAuthor Commented:
So far it has never been the same file or folder.  No related events in the event log, and whereas this issue happens once every week or two, I don't want to have my antivirus disabled for an extended amount of time to wait to see if it happens again.  I am currently doing some further research into the Symantec-Server2008 issues.  I have found this hotfix that I will attempt overnight:

http://service1.symantec.com/support/ent-security.nsf/854fa02b4f5013678825731a007d06af/83c0c86ee25d3cd3802574d500432c6a?OpenDocument

Has anyone tried this hotfix?  Successes?  Failures?

Thanks.
0
 
tigermattCommented:

Simply disabling the anti-virus is *not* enough. You have to fully uninstall it to remove its hooks from the system and therefore stop it having an effect.

Whether you actually follow my advice to remove it and test is your decision. I can only advise you that based on my experience, I can predict with 99% certainty that the SEP in the situation is the root cause for this - and *removing* the AV is the only sure-fire way to test that is indeed the issue. If you do not remove the AV, you will never be able to prove that is actually the cause.

I have heard of hotfixes being used, but they do not fully patch the situation and there are still issues after any of the SEP hotfixes for this situation are applied. It may work, but I have not yet seen the hotfix solve all the issues SEP causes.

If I were you, I would be removing all Symantec AV products from your system and installing a more efficient, reliable and trustworthy product - either AVG, or McAfee with ePO for larger networks.

-Matt
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

  • 4
  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now