Server Hung issue fix

 

My Assessment :

  • No dump was collected hence RCA is slim 
  • other details indicate the RDP to server event 2 reboots didn't work
  • This suggest that VM may have been in no-boot state 
  • Customer has issue VM Disk 
  • Informed customer mount the issue Disk in rescue VM for us to check 

 

Troubleshooting:

  • We ran in Multiple issue while trying to create and run rescue VM 
  • For rescue VM we were unable to RDP
  • After login customer unable to Login 
  • The issue machine disk is encrypted hence co and cx will try to decrypt the disk 
  • Joined call again 
  • The VM was in in recovery 
  • Enabled the commmand 
  • Bcdedit /set {default} advancedoptions on
  • Bcdedit /set {default} recoveryenabled off
  • The server gave an error in normal boot


  • We got the above error
  • This Symantec driver (which could be either corrupted or missing)
  • We were able to launch the machine disable early launch anti-malware mode
  • After booting we checked if file and folder was present in above path ,however the file was not present 
  • Since update was not possible 
  • We decide to uninstall the Symantec 
  • After uninstallation the machine booted up 

 

Root cause of issue :

Missing or corrupted SymELAM.sys driver 

Comments

Post a Comment

Popular posts from this blog

NetSH collection commands

  create below content on one notepad file file name start-auth.txt set KerbDebugFlags=0x7ffffff set KdcDebugFlags=0x23083 set KpsDebugFlags=0xff set NtlmDebugFlags=0x15003 set NegoExtsDebugFlags=0xFFFF set Pku2uDebugFlags=0xFFFF set SslDebugFlags=0x0000FDFF set DigestDebugFlags=0x000003FF set CredsspDebugFlags=0x0000FFFF set DpapiSrvDebugFlags=0xFF set WebAuthDebugFlags=0xFFFF set IdstoreDebugFlags=0x2FF set IdcommonDebugFlags=0x2FF set LivesspDebugFlags=0x3FF set WlidsvcDebugFlags=0x7 set IdlistenDebugFlags=0x7FFFFFFF set BaseCspDebugFlags=0xFFFFFFFF set VaultDebugFlags=0xFFF set BcryptDebugFlags=0xFFFFFFFF set NcryptDebugFlags=0xFFFFFFFF set CryptspDebugFlags=0xFFFFFFFF set WinHttpDebugFlags=0x7FFFFF set WininetDebugFlags=0x7FFFFF set CloudAPFlags=0xfff set HttpSysDebugFlags=0xFFFFFFFF mkdir .\logs del /f /q .\logs\*.* logman.exe start LsaTrace -p {D0B639E0-E650-4D1D-8F39-1580ADE72784} 0x40141F -o .\logs\LsaTrace__%computername%.etl -ets logman.exe start LsaAudit -p {DAA76F6A...
Read more

Script for Host entry in remote servers

#Host entry script by Suresh ## Input the server list in below path $servers= Get-Content "C:\Users\u-07-adm-ad-08\Desktop\Servers.txt" foreach ($server in $servers) {      $adminpath = Test-Path " \\$Server\admin$ "     If ($adminpath -eq "True")         {          $hostfile = " \\$Server\c$\Windows\System32\drivers\etc\hosts "          Write-Host –NoNewLine "Updating $Server..."          #Add host entries below that need to be added on remote servers          "104.108.176.95  www.identityiq.philips.com " | Out-File $hostfile -encoding ASCII -append          "23.38.37.249  www.egrc.philips.com " | Out-File $hostfile -encoding ASCII -append          Write-Host "Done!"...
Read more