[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 685
  • Last Modified:

Server 2008 R2 Crash Help

I am having Problems with Server 2008 R2 Crashing on a Dell T410 Server.

Almost everytime the server is rebooted I get the bluescreen error in the attached screen shots and it boots into recovery mode which I cancel and reboot for a second time the it boots normal. When I login after this has happened I get the error notifications in the attched screenshot.

This server is in a small office and is the file server, DNS, DHCP, AD DC, for 18 workstations.

It is 2 images of the same window as i scroll. Is there a way to make these error open in a full screen fashion when this happens. The maximize box is grayed out thats why I had to do 3 seperate screenshots.

I just need a point in the right direction


. Part 1 Part 2 Part 3
0
ATL74
Asked:
ATL74
  • 6
  • 4
  • 3
9 Solutions
 
d_nedelchevCommented:
In C:\WINDOWS\Minidump there should be some *.dmp files. Post the latest created dump here will be most helpfull.
0
 
Michael OrtegaSales & Systems EngineerCommented:
Most likely some kind of driver issue. As d_nedelchev recommended zip up the minidump and post it or use bluescreenview (http://www.nirsoft.net/utils/bluescreenview.zip) to open the dump files and view them yourself.

Any USB peripherals attached to the server aside from keyboard/mouse? External USB drive perhaps? You may try and remove anything like a USB mass storage device and test.

MO
0
 
ATL74Author Commented:
This system has been running with no issues for about 8 months . This is a fiarly new system it has a io safe external hard  drive that is connected via usb but is always conected and has been since day 1. This problem only started in the last 2-3 weeks.

The io safe is used with windows backup for a dialy incremental and is locked to windows backup so it does not show up as a drive. I also have a seagate go flex that I plug in for a monthly backup but once I do the backup the drive is removed.

Could this seagate cause the issue even after it has been removed. The problem did appear after I started doing this monthly backup with the saegate.
0
Get your Conversational Ransomware Defense e‑book

This e-book gives you an insight into the ransomware threat and reviews the fundamentals of top-notch ransomware preparedness and recovery. To help you protect yourself and your organization. The initial infection may be inevitable, so the best protection is to be fully prepared.

 
Michael OrtegaSales & Systems EngineerCommented:
Take a look at the dump log.

MO
0
 
ATL74Author Commented:
Here are the Dump Files
dumpfiles.zip
0
 
ATL74Author Commented:
What do you use to Open and View these Dump Files?
0
 
Michael OrtegaSales & Systems EngineerCommented:
Look at my first note above. There is a download link there for a viewer.

MO
0
 
Michael OrtegaSales & Systems EngineerCommented:
NDIS.sys driver issue. I believe that's a NIC drive issue. It could be a bad onboard NIC or the driver itself just needs to be updated. I would download DELL Repository Manager and build an SUU (Software Update Utility) package for your T410. Patch the NIC drivers and the board at least.

MO
0
 
d_nedelchevCommented:
Looks like an issue with teefer.sys which is part of some Symantec product (most likely some version of Symantec Endpoint Security).

Here is the debug result:
 BAD-POOL-CALLER--c2-.txt

I suggest checking if any Symantec products are installed and if so, uninstalling them. If no such software is found in "appwiz.cpl" you must use "Norton Removal Tool" (https://www-secure.symantec.com/norton-support/jsp/help-solutions.jsp?docid=20091202133639EN&lg=english&ct=united+states&product=home&version=1&pvid=f-home) to get rid of any improperly uninstalled services and drivers associated with Symantec products.

Here is a link to a possible solution of the same problem http://www.symantec.com/connect/forums/sep-v12-crashes-windows-7-teefer2sys-bsod (I suggest you use that procedure as a last resort).

I don't mean to be rude, but I must emphasize - Even if you don't see any regular uninstall of the Symantec products that doesn't mean that there are no services or drivers left over. So my advice is to run the cleaner tool anyway.
0
 
ATL74Author Commented:
The server and all workstations do run symantec endpoint Security for AV. This was installed when the server was brand new so there has never been another version on it.

Should I install a newer build. I think there is 1 build higher than what I have.
0
 
Michael OrtegaSales & Systems EngineerCommented:
Think the latest is maintenance release 6 (or some variant, e.g. 6A MP1, etc.). I definitely recommend updating the build for all server/client systems. You stand to benefit from other enhancements since the original build, e.g. smaller memory demand, etc.

If you have problems removing SEP on the server use the seprep utility. I don't think the Norton Removal Tool will remove endpoint protection. I've never been successful with the NRT removing SEP anyway.

MO
0
 
Michael OrtegaSales & Systems EngineerCommented:
0
 
d_nedelchevCommented:
Update is always a good idea, but I will only have to guess if that would fix the problem.

By the way  I have never used SEP so I unintentionaly misled you - mgortega: is right about the removal tool.
0

Featured Post

When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.

  • 6
  • 4
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now