Abnormally high memory usage Windows 2008 R2

0

I have a problem with my MS Windows Server 2008 R2 - every one-two days server causes BSOD with error 0x0000001d with tcpip.sys driver. There is abnormal huge amount of nonpaged pool bytes in poolmon.

I tried to troubleshoot this strange behavior - poolmon said me that there is a lot of memory used by netio.sys (tag - Nnnn), and when I tried to trace it using xperf - there was a really unclear details for me - most of memory used by n/a stack of Nnnn. Can you help me with resolving this issue?

poolmon screenshot

xperf screenshot

windows
memory
bsod
windows-server-2008-r2
asked on Super User Oct 31, 2016 by user2102277 • edited Oct 31, 2016 by magicandre1981

1 Answer

0

From the trace I can see 3rd party drivers (E1G6032E.sys - Intel Ethernet driver and fweng.sys - Microsoft Forefront driver) involved:

enter image description here

Here are some steps that you can try:

  • uninstall/Update Forefront
  • update VMware (in the ETL I see that you run 2008 R2 in VMware: VMware Virtual Platform) and the guest tools to get a newer E1G6032E.sys driver.
  • Install the Convenience rollup update for Windows 7 SP1 and Windows Server 2008 R2 SP1 (because the netio.sys is a bit old (6.1.7601.18327 (win7sp1_gdr.131125-2337)) because the rollup includes a lot of perf/memory related fixes that may also fix the leak if the 2 other steps haven't fixed it.
answered on Super User Nov 2, 2016 by magicandre1981

User contributions licensed under CC BY-SA 3.0