No announcement yet.

Mystery Windows 2008 Server freeze without error messages to go on

  • Filter
  • Time
  • Show
Clear All
new posts

  • Mystery Windows 2008 Server freeze without error messages to go on

    I'm having a time of it trying to back track an error that is causing my Windows 2008 Server (x64) to hang. Here is what happens:

    1. ESET NOD32 AV looses connection with their update server (icon in system tray goes orange instead of the usual green).
    2. Network printers start to get lost, people can't access their home folders off the server.
    3. People can either not log in or it takes an extremely long time to log in (over 10 minutes).
    4. I load up the server in VMware Infrastructure Client however EXPLORER seems to be hung up because I can't click on the start button, run task manager, etc. I can manipulate the desktop and use programs in the foreground, and use ALT-TAB.
    5. I have to do a hard reset of the server which brings everything back online until the process repeats itself randomly over several hours.

    During this entire process there is never any error message on the server, and event manager shows nothing except a few EVENT 6006 messages stating that "The winlogon notification subscriber <GPClient> took 76 second(s) to handle the notification event (CreateSession)." That would be the part where my users can't log on in any sane amount of time.

    The server has AD, DNS (this is the network primary DNS, the secondary is on a separate computer), and File Services roles installed. Other running applications include Acronis True Image Server, ESET NOD32 Anti Virus 4, Fortres Grand Central Control, and nightly jkDefrag runs. I also have several Group Policies and run custom KIXtart scripts for users.

    Other notes:

    - I have run chkdsk /r which cleared up some free space allocation errors.
    - When the server hangs I can still ping it (and it responds quickly), and work with it via VMware Infrastructure Client (albeit with the EXPLORER hang up as noted above). I can also access shares and send/receive files just fine.
    - It runs on top of VMware ESXi, all updated with the latest patches from VMware.
    - It takes awhile for Windows to boot, just under 5 minutes from start to finish.
    - I have devoted two processor cores and 8GB of RAM to Windows. Underlying hardware is RAID and I checked for degraded arrays but everything is just fine.
    - This started about three weeks ago but there are only two things I've done to the network since then, 1) replaced a faulty proxy/firewall/dhcp/content filter server appliance and 2) took out all of our old network printers in the building and added new ones. Before the last three weeks this server was bullet proof for over a year.
    - Running perfmon shows no spike in CPU or memory usage prior or during the hang (it still runs in real-time while the system EXPLORER is hung up). VMware also reports no abnormal system resource usage.

    Since I don't have any error messages to go on this really has me scratching my head. Has anyone else experienced anything similar? Should I be looking at hardware failures (RAM going bad)? This only appears to be affecting my Windows 2008 Server, I have two other VMs running (both Windows 2003 Server, one a print server and the other a library server) without problems. I am also just barely skimming the surface as far as overall system resources (16GB RAM, two four core XEON 2.4GHz processors, etc.).

    Any ideas on how to narrow the issue down would be appreciated!

  • #2
    Re: Mystery Windows 2008 Server freeze without error messages to go on

    I have exactly the same scenario, the only difference is that we are running Windows 2003.

    After router / firewall died it all started.

    I suspect problem with NOD32 v4...