I have a problem with my MS Windows Server 2008 R2 - every one-two days server causes BSOD with error 0x0000001d with tcpip.sys driver. There is abnormal huge amount of nonpaged pool bytes in poolmon.
I tried to troubleshoot this strange behavior - poolmon said me that there is a lot of memory used by netio.sys (tag - Nnnn), and when I tried to trace it using xperf - there was a really unclear details for me - most of memory used by n/a stack of Nnnn. Can you help me with resolving this issue?
Answer
From the trace I can see 3rd party drivers (E1G6032E.sys
- Intel Ethernet driver and fweng.sys
- Microsoft Forefront driver) involved:
Here are some steps that you can try:
- uninstall/Update Forefront
- update VMware (in the ETL I see that you run 2008 R2 in VMware: VMware Virtual Platform) and the guest tools to get a newer
E1G6032E.sys
driver. - Install the Convenience rollup update for Windows 7 SP1 and Windows Server 2008 R2 SP1 (because the
netio.sys
is a bit old (6.1.7601.18327 (win7sp1_gdr.131125-2337)
) because the rollup includes a lot of perf/memory related fixes that may also fix the leak if the 2 other steps haven't fixed it.
No comments:
Post a Comment