Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Corrupt files on Windows Server 2008...

Posted on 2009-05-04
8
Medium Priority
?
595 Views
Last Modified: 2012-05-06
My company has recently been encountering an issue where files in shared directories on the Windows 2008 server are apparently becoming corrupt.  When this occurs, the XP workstation that is trying to open the shared directory will lock up for a couple of minutes and then return a message stating that the network location is inacessible.  When I open the directory locally from the server, I am able to view all of the files but there will be one file that cannot be opened, copied, or have it's properties displayed.  When I do attempt to perform one of these operations, it causes the server to lock up.  

This has happened to multiple different files types that have been accessed by several different employees, from different machines.  Further, we are running Symantec Endpoint 11 on the server and workstations, and run regular scans that all come back clean.  We have a regular backup schedule, so all is not lost when this happens, but it is causing lost productivity and duplicated work.

Any thoughts?

Thanks.
0
Comment
Question by:MrBookins
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
  • 2
8 Comments
 
LVL 58

Accepted Solution

by:
tigermatt earned 2000 total points
ID: 24296011

Uninstall Symantec Endpoint from the server. If possible, call Symantec and ask for the CleanWipe tool, to ensure SEP is fully and properly removed from the server.

SEP is known to cause major issues with Server 2008 shares and the only solid solution at present is to remove it and move to another AV. What you are describing is normal for that AV product.

-Matt
0
 
LVL 58

Expert Comment

by:tigermatt
ID: 24296016

Also - I meant to add, go to the properties of the NIC on your server and disable all the various Checksum Offload features.

-Matt
0
 
LVL 12

Expert Comment

by:Gideon7
ID: 24296037
Open the Event Log and look under System and check for disk IDE errors, SCSI errors, or timeouts.  A bad disk sector can cause lockups as the disk tries to repeatedly read a bad spot.
0
Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

 
LVL 1

Author Comment

by:MrBookins
ID: 24296529
Matt: I made the recommended changes to the NIC, but as we've already dropped some money into Symantec, I am pretty hesitant to uninstall and pay money for a different product.  Can you provide any documentation or reference stating issues or incompatibilites with SEP and WS2008?  I am using SEP 11.0 RP4 which is supposed to be compatible with Server 2008.

Gideon7: I can find no errors that seem related to the issue.

Thanks for the help, so far!
0
 
LVL 58

Expert Comment

by:tigermatt
ID: 24297072

I'm not aware of any documentation which states SEP has problems with Server 2008 shares; why would Symantec place documents on their site which would have a negative effect on their sales?

You only need to do a quick search of EE to see how much of a problem this is with SEP and Server 2008. Some people would say it has been 'fixed', but the problem is still very much apparent.

I'm not saying with 100% certainty that SEP is the cause, so you don't need to move right away from it. However, uninstall it fully from the server (to remove the hooks from the system) and then re-test for a few days. You will probably find that the problem goes away - in which case, it proves SEP is the cause.

-Matt
0
 
LVL 12

Expert Comment

by:Gideon7
ID: 24297464
Try temporarily turning off the realtime antivirus scans.
Is the same file always locking up, or does it vary?  The same folder, or does it vary?
Any clues in the Event Log at all?
0
 
LVL 1

Author Comment

by:MrBookins
ID: 24297549
So far it has never been the same file or folder.  No related events in the event log, and whereas this issue happens once every week or two, I don't want to have my antivirus disabled for an extended amount of time to wait to see if it happens again.  I am currently doing some further research into the Symantec-Server2008 issues.  I have found this hotfix that I will attempt overnight:

http://service1.symantec.com/support/ent-security.nsf/854fa02b4f5013678825731a007d06af/83c0c86ee25d3cd3802574d500432c6a?OpenDocument

Has anyone tried this hotfix?  Successes?  Failures?

Thanks.
0
 
LVL 58

Expert Comment

by:tigermatt
ID: 24299397

Simply disabling the anti-virus is *not* enough. You have to fully uninstall it to remove its hooks from the system and therefore stop it having an effect.

Whether you actually follow my advice to remove it and test is your decision. I can only advise you that based on my experience, I can predict with 99% certainty that the SEP in the situation is the root cause for this - and *removing* the AV is the only sure-fire way to test that is indeed the issue. If you do not remove the AV, you will never be able to prove that is actually the cause.

I have heard of hotfixes being used, but they do not fully patch the situation and there are still issues after any of the SEP hotfixes for this situation are applied. It may work, but I have not yet seen the hotfix solve all the issues SEP causes.

If I were you, I would be removing all Symantec AV products from your system and installing a more efficient, reliable and trustworthy product - either AVG, or McAfee with ePO for larger networks.

-Matt
0

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you have done a reformat of your hard drive and proceeded to do a successful Windows XP installation, you may notice that a choice between two operating systems when you start up the machine. Here is how to get rid of this: Click Start Clic…
You might have come across a situation when you have Exchange 2013 server in two different sites (Production and DR). After adding the Database copy in ECP console it displays Database copy status unknown for the DR exchange server. Issue is strange…
This tutorial will walk an individual through configuring a drive on a Windows Server 2008 to perform shadow copies in order to quickly recover deleted files and folders. Click on Start and then select Computer to view the available drives on the se…
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…

722 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question