Microsoft-Kernel-Power error ID=41 on Windows Server 2012 R2 Data Center.
My server went down twice yesterday due to this error happening, causing the server to restart on its own. This is an Azure VM.
I checked the Device Manager and found nothing to be out of place or needing an update. Also found print drivers for random printers that I did not install. Any insight to this would be greatly appreciated.
I don't currently have any more info than that.
This indicates an ungraceful shutdown. i.e. the node was shot in the head using a software power switch. Something to contact MS about.
Log Name: System
Source: Microsoft-Windows-Kernel-Power
Event ID: 41
Level: Critical
Description:
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
An event 41 can occur in the following scenarios.
Scenario 1: The computer restarts, and there is a Stop error BugcheckCode in the event data
When a Stop error occurs, the Stop error data is written in Event ID 41 as part of the additional event data. There may be the instances in which the Stop error code information cannot be written before the computer restarts or shuts down. Such instances are covered in scenario 3.
Scenario 2: The computer is shut down By Azure (there was no outage listed in Azure Service Dashboard)
http://azure.microsoft.com/en-us/support/service-dashboard/
Scenario 3: The system randomly restarts and no Stop error BugcheckCode is listed, or the computer is completely unresponsive (hard hang)
You're saying that you saw print drivers for random printers - those drivers are usually installed by the server itself if you are connecting with RDP and have print redirection enabled (and Remote Desktop Easy Print fails to map the printer).
If you are the only one who use RDP to this server and you don't recognize any of the print drivers then I'm pretty sure that someone you don't know has logged on, probably through a brute-force attack using well known username/password combinations.
I was informed that Azure had to replace some hardware and the error went away. One of the cons of the cloud...
