Windows Server SystemPost your Windows Server System question here. Besides Windows Server 2003, Windows Server System also includes other Microsoft Server software (such as BizTalk Server, Exchange Server, ISA Server & others).
Mission Statement
WindowsBBS is an online community dedicated to easily accessible technical support for those using Microsoft operating systems and other Windows software.
Our goal is to become the leading resource for computer users that require assistance with their day-to-day computer usage, including full support for networking PC's, virus & malware removal, system upgrades and general support questions.
Below is a dump file from our server that keeps crashing indicating that mfehidk.sys is responsible. I researched this and found that McAfee could be conflicting with daemon tools relating to cd imaging etc. We uninstalled Magic ISO as it's never used and also a program with ISO/imaging called Paragon. We also took McAfee off. (Yes, I know...) The server crashed again after that saying mfetdik.sys is but the file does not exist in System32/drivers anymore.
Can anyone help me with what is going on on this server? It's about a year old - Dell Intel Xeon. I just started working at this place in Nov and was told the person before me used to play games on the server - would anything be left over from that conflicting with McAfee? My boss thinks that maybe a problem with a user logon or client pc is causing the crashes but I can't see that.
I don't know if I've attached all I can from the dump file as I'm a newbie on anything like this.
Thanks.....
Microsoft (R) Windows Debugger Version 6.6.0007.5
Copyright (c) Microsoft Corporation. All rights reserved.
Loading Dump File [C:\minidump\Mini013107-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available
Symbol search path is: c:\windows\symbols
Executable search path is: c:\windows\symbols
Unable to load image \WINDOWS\system32\ntkrnlpa.exe, Win32 error 2
*** WARNING: Unable to verify timestamp for ntkrnlpa.exe
Windows Server 2003 Kernel Version 3790 (Service Pack 1) MP (2 procs) Free x86 compatible
Product: LanManNt, suite: TerminalServer SingleUserTS
Kernel base = 0x80800000 PsLoadedModuleList = 0x808a6ea8
Debug session time: Wed Jan 31 12:42:53.390 2007 (GMT+0)
System Uptime: 0 days 20:58:35.005
Unable to load image \WINDOWS\system32\ntkrnlpa.exe, Win32 error 2
*** WARNING: Unable to verify timestamp for ntkrnlpa.exe
Loading Kernel Symbols
........................................................................... ..................................................
Loading User Symbols
Loading unloaded module list
........
ERROR: FindPlugIns 8007007b
*************************************************************************** ****
* *
* Bugcheck Analysis *
* *
*************************************************************************** ****
Use !analyze -v to get detailed debugging information.
BugCheck D1, {0, 2, 8, 0}
Unable to load image \SystemRoot\system32\drivers\mfehidk.sys, Win32 error 2
*** WARNING: Unable to verify timestamp for mfehidk.sys
*** ERROR: Module load completed but symbols could not be loaded for mfehidk.sys
Probably caused by : mfehidk.sys ( mfehidk+24f2 )
DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)
An attempt was made to access a pageable (or completely invalid) address at an
interrupt request level (IRQL) that is too high. This is usually
caused by drivers using improper addresses.
If kernel debugger is available get stack backtrace.
Arguments:
Arg1: 00000000, memory referenced
Arg2: 00000002, IRQL
Arg3: 00000008, value 0 = read operation, 1 = write operation
Arg4: 00000000, address which referenced memory
