This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(291.2, 18%, 38%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EH%3C/text%3E%3C/svg%3E)
Hello,
So we have a somewhat new (1 yo) server running windows server 2019. The server (hardware) is a Hyper-V host, and there are a few VMs doing various things within the host.
I noticed that some of the processes it normally runs at night were missed so I went and checked on the server.. What I found was a bit disconcerting...
What happened was the server rebooted from a bugcheck. Not just once, but 22 times between the dates of 6/15/2021 6:21pm, and 6/16/2021 3:40am.. It rebooted approximately once every half hour until the early morning on 6/16 and then it mysteriously stopped doing that and continued running until I checked on it later in the afternoon of 6/16..
What I find strange is that it started to do this without any changes on my part whatsoever (I never touch the thing).. What I find even more strange is that it STOPPED doing this, on its own, on the morning of 6/16..
The fact that it stopped on its own has me a bit worried, and in a way I sort of wish this didn't just stop on its own... It makes me wonder if there was some intent behind what was going on (perhaps some sort of hacking attempt), because typically computers don't just fix themselves. Perhaps whatever was going on just stopped because someone was behind all of this and stopped (or succeeded?!). I know that is still not very probable, but it has me worried a bit... This is an internal server on our internal network, and while it can communicate with the outside, there are no port forwards from the outside into that server (not even to the VMs on that server)..
Anyhow, I was able to collect some data, and I was wondering if someone at MSFT can help me out with this (perhaps this is the wrong forum to post this in, I do not usually use these forums)...
Here is what I have:
1) A MEMORY.DMP file from the last time the server rebooted from the bugcheck (I guess it kept overwriting the same file over and over again). I compressed this to a ~2GB zip file.
2) A dump of the system windows log, filtered for the bug check events (although I can go back and include a lot more from windows log if requested).
With these things, is there a way to determine what was happening to this server on that date??
Here is what I did in the aftermath:
1) I stopped the VMs and rebooted the machine manually.
2) I checked the HP integrated lights out (ILO) for any reports of system hardware, drive, or RAM failures, and found none (this is a HP DL380 Gen9 server). The ILO only reported on the server reboots.
3) I ran all windows updates on the machine, so the server is up to date, and rebooted and restarted the VMs..
Anyhow, can someone help me with this and try to determine what happened on that night??
Thanks so much ..
.... Howard
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 8%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
I'd start by checking the host hardware supports the operating system installed. Also check the manufacturer's site for the latest ROM bios, firmware, chipset and driver support packs.
--please don't forget to upvote and Accept as answer if the reply is helpful--
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(60.8, 61%, 15%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EM%3C/text%3E%3C/svg%3E)
Hi
Debugging windows log is beyong scope of forum support.
So if further assiatance were needed you could open a request ticket with Microsoft Support.
https://support.serviceshub.microsoft.com/supportforbusiness
Thank you for your understanding and corpoeration.
Best Regards