Solved

Corrupt files on Windows Server 2008...

Posted on 2009-05-04
8
587 Views
Last Modified: 2012-05-06
My company has recently been encountering an issue where files in shared directories on the Windows 2008 server are apparently becoming corrupt.  When this occurs, the XP workstation that is trying to open the shared directory will lock up for a couple of minutes and then return a message stating that the network location is inacessible.  When I open the directory locally from the server, I am able to view all of the files but there will be one file that cannot be opened, copied, or have it's properties displayed.  When I do attempt to perform one of these operations, it causes the server to lock up.  

This has happened to multiple different files types that have been accessed by several different employees, from different machines.  Further, we are running Symantec Endpoint 11 on the server and workstations, and run regular scans that all come back clean.  We have a regular backup schedule, so all is not lost when this happens, but it is causing lost productivity and duplicated work.

Any thoughts?

Thanks.
0
Comment
Question by:MrBookins
  • 4
  • 2
  • 2
8 Comments
 
LVL 58

Accepted Solution

by:
tigermatt earned 500 total points
ID: 24296011

Uninstall Symantec Endpoint from the server. If possible, call Symantec and ask for the CleanWipe tool, to ensure SEP is fully and properly removed from the server.

SEP is known to cause major issues with Server 2008 shares and the only solid solution at present is to remove it and move to another AV. What you are describing is normal for that AV product.

-Matt
0
 
LVL 58

Expert Comment

by:tigermatt
ID: 24296016

Also - I meant to add, go to the properties of the NIC on your server and disable all the various Checksum Offload features.

-Matt
0
 
LVL 12

Expert Comment

by:Gideon7
ID: 24296037
Open the Event Log and look under System and check for disk IDE errors, SCSI errors, or timeouts.  A bad disk sector can cause lockups as the disk tries to repeatedly read a bad spot.
0
 
LVL 1

Author Comment

by:MrBookins
ID: 24296529
Matt: I made the recommended changes to the NIC, but as we've already dropped some money into Symantec, I am pretty hesitant to uninstall and pay money for a different product.  Can you provide any documentation or reference stating issues or incompatibilites with SEP and WS2008?  I am using SEP 11.0 RP4 which is supposed to be compatible with Server 2008.

Gideon7: I can find no errors that seem related to the issue.

Thanks for the help, so far!
0
Do email signature updates give you a headache?

Do you feel like all of your time is spent managing email signatures? Too busy to visit every user’s desk to make updates? Want high-quality HTML signatures on all devices, including on mobiles and Macs? Then, let Exclaimer solve all your email signature problems today!

 
LVL 58

Expert Comment

by:tigermatt
ID: 24297072

I'm not aware of any documentation which states SEP has problems with Server 2008 shares; why would Symantec place documents on their site which would have a negative effect on their sales?

You only need to do a quick search of EE to see how much of a problem this is with SEP and Server 2008. Some people would say it has been 'fixed', but the problem is still very much apparent.

I'm not saying with 100% certainty that SEP is the cause, so you don't need to move right away from it. However, uninstall it fully from the server (to remove the hooks from the system) and then re-test for a few days. You will probably find that the problem goes away - in which case, it proves SEP is the cause.

-Matt
0
 
LVL 12

Expert Comment

by:Gideon7
ID: 24297464
Try temporarily turning off the realtime antivirus scans.
Is the same file always locking up, or does it vary?  The same folder, or does it vary?
Any clues in the Event Log at all?
0
 
LVL 1

Author Comment

by:MrBookins
ID: 24297549
So far it has never been the same file or folder.  No related events in the event log, and whereas this issue happens once every week or two, I don't want to have my antivirus disabled for an extended amount of time to wait to see if it happens again.  I am currently doing some further research into the Symantec-Server2008 issues.  I have found this hotfix that I will attempt overnight:

http://service1.symantec.com/support/ent-security.nsf/854fa02b4f5013678825731a007d06af/83c0c86ee25d3cd3802574d500432c6a?OpenDocument

Has anyone tried this hotfix?  Successes?  Failures?

Thanks.
0
 
LVL 58

Expert Comment

by:tigermatt
ID: 24299397

Simply disabling the anti-virus is *not* enough. You have to fully uninstall it to remove its hooks from the system and therefore stop it having an effect.

Whether you actually follow my advice to remove it and test is your decision. I can only advise you that based on my experience, I can predict with 99% certainty that the SEP in the situation is the root cause for this - and *removing* the AV is the only sure-fire way to test that is indeed the issue. If you do not remove the AV, you will never be able to prove that is actually the cause.

I have heard of hotfixes being used, but they do not fully patch the situation and there are still issues after any of the SEP hotfixes for this situation are applied. It may work, but I have not yet seen the hotfix solve all the issues SEP causes.

If I were you, I would be removing all Symantec AV products from your system and installing a more efficient, reliable and trustworthy product - either AVG, or McAfee with ePO for larger networks.

-Matt
0

Featured Post

Free Gift Card with Acronis Backup Purchase!

Backup any data in any location: local and remote systems, physical and virtual servers, private and public clouds, Macs and PCs, tablets and mobile devices, & more! For limited time only, buy any Acronis backup products and get a FREE Amazon/Best Buy gift card worth up to $200!

Join & Write a Comment

I had a question today where the user wanted to know how to delete an SSL Certificate, so I thought that I would quickly add this How to! Article for your reference. WHY WOULD YOU WANT TO DELETE A CERTIFICATE? 1. If an incorrect certificate was …
If you have done a reformat of your hard drive and proceeded to do a successful Windows XP installation, you may notice that a choice between two operating systems when you start up the machine. Here is how to get rid of this: Click Start Clic…
This tutorial will walk an individual through locating and launching the BEUtility application to properly change the service account username and\or password in situation where it may be necessary or where the password has been inadvertently change…
This tutorial will walk an individual through the steps necessary to enable the VMware\Hyper-V licensed feature of Backup Exec 2012. In addition, how to add a VMware server and configure a backup job. The first step is to acquire the necessary licen…

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now