none
Server 2008 r2 Unexplained Reboot Investigation

    Question

  • Hello chaps,

                     I've been tasked with investigating why one of our servers has rebooted itself improperly. The server has 2 power supplies, 1 directly into the mains and 1 into a UPS. We do not think it is down to power loss/spike. After looking through the System Log I have found the following:

    11/02/2013 09:14:21 - Kernel Power - Event ID 41 - The system has rebooted without cleanly shutting down first.

    then at

    11/02/2013 09:14:42 - Bug Check - Event ID 1001 - The computer has rebooted from a bugcheck. The bugcheck was:

    0x0000000a (0xfffff8800ad11900, 0x0000000000000002, 0x0000000000000000, 0xfffff800016e9040). A dump was saved in: C:\Windows\Minidump\021113-31343-01.dmp. Report Id: 021113-31343-01.

    Argh! pasted that line has changed my font/size!

    Anyhow...

    I don't know how to read these dump files, Would it be possible for somebody to explain how I can read this and make sense of it so I could find out the cause of the BSOD.

    Monday, February 11, 2013 10:23 AM

Answers

  • download bluescreenview. This tool will analyse the dump.
    • Marked as answer by Ben Newall Thursday, February 14, 2013 9:41 AM
    Monday, February 11, 2013 10:40 AM
  • Thanks guys, after analysing the dump file it seems AgileVPN.sys caused the BSOD. I'm just trying to google now and see exactly what this process does and if it can be patched/fixed/removed.
    Monday, February 11, 2013 11:57 AM
  • agilevpn.sys is a DLL file which is responsible for component RAS Agile Vpn Miniport Call Manager in Windows systems like Windows 7 Professional Edition 64-bit.

    if infected by virus it can create issue or some time Av can delete it as well 


    http://www.arabitpro.com

    Monday, February 11, 2013 12:04 PM

All replies