Recently I was presented with an issue where sporadically a customer’s server would simply restart itself without user intervention. This article will look into the issue and the stages I took to resolve the issue,

Firstly, I checked whether someone had been powering down the server accidently, along with whether Windows Updates was doing some scheduled updates, but neither of these were the case. After looking through the Event Logs I was able to see a an Error stating: "The computer rebooted from a bugcheck.." (see below):

From this information I knew to next look at the .DMP files that had been created by the two unscheduled restarts. After analysing them I was able to identify that the root cause of this issue was pointing towards NTFS.sys file.

My train of thought led me to check the status of the drives presented through to the server. After running the Get-Volume command in PowerShell I was able to identify an issue with drive letter (F:).

Next I ran the following command: chkdsk f: /spotfix. This has since put the (F:) in a healthy state. I was able to confirm this by re-running the Get-Volume command in PowerShell.

I cannot guarantee this was the root cause of the issue, but there have been no recurrences since the above work was carried out.