Could any body help i am new to technet and wondered if there was anywhere or anyone that could look at a mini memory dump for me see if they can find the casue of a recuring restart many thanks i have uploaded the dump file to my skydrive link below any other suggestions welcomed https://skydrive.live.com/#!/?cid=12dfecb54f69ff16&sc=documents&uc=0&id=12DFECB54F69FF16%21105!cid=12DFECB54F69FF16&id=12DFECB54F69FF16%21105&sc=documents

Maybe processor overheating. Have you monitored the temp?MCTS...

Hi, Generally, you may update BIOS and other hardware drivers first. If it does not work, you may analyze them with Debugging Tools by yourself. You can install it and it’s Symbol Packages from the following link: http://www.microsoft.com/whdc/Devtools/Debugging/default.mspx WinDbg will tell you the possible cause. For more information, please read Microsoft KB Article: How to read the small memory dump files that Windows creates for debugging http://support.microsoft.com/kb/315263 If no clue can be found, you may contact Microsoft Customer Service and Support (CSS) via telephone so that a dedicated Support Professional can assist with your request. To troubleshoot this kind of kernel crash issue, we need to debug the crashed system dump. Unfortunately, debugging is beyond what we can do in the forum. Please be advised that contacting phone support will be a charged call. To obtain the phone numbers for specific technology request please take a look at the web site listed below: http://support.microsoft.com/default.aspx?scid=fh;EN-US;OfferProPhone#faq607 Regards, Please remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

cheers for that. well its on a dl380G4 hp proliant server. the system home page reports processors @255 degrees but 3rd party reports them as normal. I have searched HP web site for answers and see that a few others have same issue however an option given was replace the systemboard which is not good. The server stays up and running most the time but them crashes. I did think it was a result of the systemboard telling the OS that the processors where overhealting but don't really have a fix for the problem any ideas welcomed Baz

******************************************************************************* * * * Bugcheck Analysis * * * ******************************************************************************* IRQL_NOT_LESS_OR_EQUAL (a) An attempt was made to access a pageable (or completely invalid) address at an interrupt request level (IRQL) that is too high. This is usually caused by drivers using improper addresses. If a kernel debugger is available get the stack backtrace. Arguments: Arg1: 00000000, memory referenced Arg2: d0000002, IRQL Arg3: 00000001, bitfield : bit 0 : value 0 = read operation, 1 = write operation bit 3 : value 0 = not an execute operation, 1 = execute operation (only on chips which support this level of status) Arg4: e0860797, address which referenced memory Debugging Details: ------------------ Unable to load image \SystemRoot\system32\drivers\amon.sys, Win32 error 0n2 *** WARNING: Unable to verify timestamp for amon.sys *** ERROR: Module load completed but symbols could not be loaded for amon.sys WRITE_ADDRESS: 00000000 CURRENT_IRQL: 2 FAULTING_IP: nt!MiCheckForControlAreaDeletion+39 e0860797 8938 mov dword ptr [eax],edi CUSTOMER_CRASH_COUNT: 1 DEFAULT_BUCKET_ID: DRIVER_FAULT_SERVER_MINIDUMP BUGCHECK_STR: 0xA PROCESS_NAME: nod32krn.exe TRAP_FRAME: ee1b8778 -- (.trap 0xffffffffee1b8778) ErrCode = 00000002 eax=00000000 ebx=01ffffff ecx=f8b37738 edx=07046890 esi=f8b37738 edi=00000000 eip=e0860797 esp=ee1b87ec ebp=ee1b87f4 iopl=0 nv up ei pl zr na pe nc cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00010246 nt!MiCheckForControlAreaDeletion+0x39: e0860797 8938 mov dword ptr [eax],edi ds:0023:00000000=???????? Resetting default scope LAST_CONTROL_TRANSFER: from e0860797 to e0836e17 STACK_TEXT: ee1b8778 e0860797 badb0d00 07046890 01ffff02 nt!KiTrap0E+0x2a7 ee1b87f4 e080148a f8b37738 e08b43b0 f7122e30 nt!MiCheckForControlAreaDeletion+0x39 ee1b8810 e08885f1 fd592008 ffffffff f7d81008 nt!MiRestoreTransitionPte+0xf5 ee1b8828 e086b6f5 e6768bc0 e08277dc 000fffff nt!MiRemovePageFromList+0xd1 ee1b8830 e08277dc 000fffff 7dfcfcd0 d9c70000 nt!MiRemoveAnyPage+0x68 ee1b8868 e08264f4 ffdff120 00010000 00000000 nt!MiResolveMappedFileFault+0x5cd ee1b889c e0847d0e 00000000 d9c70000 c03671c0 nt!MiResolveProtoPteFault+0x1a6 ee1b8934 e084790e 00000001 d9c70000 c03671c0 nt!MiDispatchFault+0x87e ee1b8990 e082671d 00000000 d9c70000 00000000 nt!MmAccessFault+0x64a ee1b89c0 e091ca44 d9c70000 00000000 f864c438 nt!MmCheckCachedPageState+0x48e ee1b8a4c f5e33f03 f8338c08 ee1b8b10 00a9eb7d nt!CcCopyRead+0x391 ee1b8b34 f5e34079 f81a7288 f864c420 00000001 Ntfs!NtfsCommonRead+0xc14 ee1b8bd8 e0840153 fd5d3718 f864c420 f864c420 Ntfs!NtfsFsdRead+0x113 ee1b8bec f5f50d28 fd5bb008 fdfa3810 f929c5b8 nt!IofCallDriver+0x45 ee1b8c18 e0840153 fdf44d98 f864c420 f4ff12b4 fltmgr!FltpDispatch+0x152 ee1b8c2c f4fad6b6 f929c5b8 fd486758 e0840153 nt!IofCallDriver+0x45 WARNING: Stack unwind information not available. Following frames may be wrong. ee1b8c4c f5f50d28 f8338c08 fdfa3810 f864c420 amon+0x46b6 ee1b8c78 e0840153 f929c5b8 f864c420 f864c420 fltmgr!FltpDispatch+0x152 ee1b8c8c e092b4ff f864c5d4 f864c420 f8338c08 nt!IofCallDriver+0x45 ee1b8ca0 e0939067 f929c5b8 f864c420 f8338c08 nt!IopSynchronousServiceTail+0x10b ee1b8d38 e0833bef 000003e0 00000000 00000000 nt!NtReadFile+0x5d5 ee1b8d38 7c82847c 000003e0 00000000 00000000 nt!KiFastCallEntry+0xfc 00b6aae0 00000000 00000000 00000000 00000000 0x7c82847c STACK_COMMAND: kb FOLLOWUP_IP: amon+46b6 f4fad6b6 ?? ??? SYMBOL_STACK_INDEX: 10 SYMBOL_NAME: amon+46b6 FOLLOWUP_NAME: MachineOwner MODULE_NAME: amon IMAGE_NAME: amon.sys DEBUG_FLR_IMAGE_TIMESTAMP: 45cc413d FAILURE_BUCKET_ID: 0xA_amon+46b6 BUCKET_ID: 0xA_amon+46b6 Followup: MachineOwner --------- 0: kd> lmvm amon start end module name f4fa9000 f50238c0 amon T (no symbols) Loaded symbol image file: amon.sys Image path: \SystemRoot\system32\drivers\amon.sys Image name: amon.sys Timestamp: Fri Feb 09 10:39:09 2007 (45CC413D) CheckSum: 0008B673 ImageSize: 0007A8C0 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 ----------------------------------------------------------- Your BSOD was caused by amon.sys driver. More about it: http://www.file.net/process/amon.sys.html I see that it have not been updated since 2007. Please update your antivirus or contact its manufacturer Technical Support. This posting is provided "AS IS" with no warranties or guarantees , and confers no rights. Microsoft Student Partner 2010 / 2011 Microsoft Certified Professional Microsoft Certified Systems Administrator: Security Microsoft Certified Systems Engineer: Security Microsoft Certified Technology Specialist: Windows Server 2008 Active Directory, Configuration Microsoft Certified Technology Specialist: Windows Server 2008 Network Infrastructure, Configuration Microsoft Certified Technology Specialist: Windows Server 2008 Applications Infrastructure, Configuration Microsoft Certified Technology Specialist: Windows 7, Configuring Microsoft Certified IT Professional: Enterprise Administrator Microsoft Certified IT Professional: Server Administrator Microsoft Certified Trainer

Hi, Generally, you may update BIOS and other hardware drivers first. If it does not work, you may analyze them with Debugging Tools by yourself. You can install it and it’s Symbol Packages from the following link: http://www.microsoft.com/whdc/Devtools/Debugging/default.mspx WinDbg will tell you the possible cause. For more information, please read Microsoft KB Article: How to read the small memory dump files that Windows creates for debugging http://support.microsoft.com/kb/315263 If no clue can be found, you may contact Microsoft Customer Service and Support (CSS) via telephone so that a dedicated Support Professional can assist with your request. To troubleshoot this kind of kernel crash issue, we need to debug the crashed system dump. Unfortunately, debugging is beyond what we can do in the forum. Please be advised that contacting phone support will be a charged call. To obtain the phone numbers for specific technology request please take a look at the web site listed below: http://support.microsoft.com/default.aspx?scid=fh;EN-US;OfferProPhone#faq607 Regards, Please remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

******************************************************************************* * * * Bugcheck Analysis * * * ******************************************************************************* IRQL_NOT_LESS_OR_EQUAL (a) An attempt was made to access a pageable (or completely invalid) address at an interrupt request level (IRQL) that is too high. This is usually caused by drivers using improper addresses. If a kernel debugger is available get the stack backtrace. Arguments: Arg1: 00000000, memory referenced Arg2: d0000002, IRQL Arg3: 00000001, bitfield : bit 0 : value 0 = read operation, 1 = write operation bit 3 : value 0 = not an execute operation, 1 = execute operation (only on chips which support this level of status) Arg4: e0860797, address which referenced memory Debugging Details: ------------------ Unable to load image \SystemRoot\system32\drivers\amon.sys, Win32 error 0n2 *** WARNING: Unable to verify timestamp for amon.sys *** ERROR: Module load completed but symbols could not be loaded for amon.sys WRITE_ADDRESS: 00000000 CURRENT_IRQL: 2 FAULTING_IP: nt!MiCheckForControlAreaDeletion+39 e0860797 8938 mov dword ptr [eax],edi CUSTOMER_CRASH_COUNT: 1 DEFAULT_BUCKET_ID: DRIVER_FAULT_SERVER_MINIDUMP BUGCHECK_STR: 0xA PROCESS_NAME: nod32krn.exe TRAP_FRAME: ee1b8778 -- (.trap 0xffffffffee1b8778) ErrCode = 00000002 eax=00000000 ebx=01ffffff ecx=f8b37738 edx=07046890 esi=f8b37738 edi=00000000 eip=e0860797 esp=ee1b87ec ebp=ee1b87f4 iopl=0 nv up ei pl zr na pe nc cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00010246 nt!MiCheckForControlAreaDeletion+0x39: e0860797 8938 mov dword ptr [eax],edi ds:0023:00000000=???????? Resetting default scope LAST_CONTROL_TRANSFER: from e0860797 to e0836e17 STACK_TEXT: ee1b8778 e0860797 badb0d00 07046890 01ffff02 nt!KiTrap0E+0x2a7 ee1b87f4 e080148a f8b37738 e08b43b0 f7122e30 nt!MiCheckForControlAreaDeletion+0x39 ee1b8810 e08885f1 fd592008 ffffffff f7d81008 nt!MiRestoreTransitionPte+0xf5 ee1b8828 e086b6f5 e6768bc0 e08277dc 000fffff nt!MiRemovePageFromList+0xd1 ee1b8830 e08277dc 000fffff 7dfcfcd0 d9c70000 nt!MiRemoveAnyPage+0x68 ee1b8868 e08264f4 ffdff120 00010000 00000000 nt!MiResolveMappedFileFault+0x5cd ee1b889c e0847d0e 00000000 d9c70000 c03671c0 nt!MiResolveProtoPteFault+0x1a6 ee1b8934 e084790e 00000001 d9c70000 c03671c0 nt!MiDispatchFault+0x87e ee1b8990 e082671d 00000000 d9c70000 00000000 nt!MmAccessFault+0x64a ee1b89c0 e091ca44 d9c70000 00000000 f864c438 nt!MmCheckCachedPageState+0x48e ee1b8a4c f5e33f03 f8338c08 ee1b8b10 00a9eb7d nt!CcCopyRead+0x391 ee1b8b34 f5e34079 f81a7288 f864c420 00000001 Ntfs!NtfsCommonRead+0xc14 ee1b8bd8 e0840153 fd5d3718 f864c420 f864c420 Ntfs!NtfsFsdRead+0x113 ee1b8bec f5f50d28 fd5bb008 fdfa3810 f929c5b8 nt!IofCallDriver+0x45 ee1b8c18 e0840153 fdf44d98 f864c420 f4ff12b4 fltmgr!FltpDispatch+0x152 ee1b8c2c f4fad6b6 f929c5b8 fd486758 e0840153 nt!IofCallDriver+0x45 WARNING: Stack unwind information not available. Following frames may be wrong. ee1b8c4c f5f50d28 f8338c08 fdfa3810 f864c420 amon+0x46b6 ee1b8c78 e0840153 f929c5b8 f864c420 f864c420 fltmgr!FltpDispatch+0x152 ee1b8c8c e092b4ff f864c5d4 f864c420 f8338c08 nt!IofCallDriver+0x45 ee1b8ca0 e0939067 f929c5b8 f864c420 f8338c08 nt!IopSynchronousServiceTail+0x10b ee1b8d38 e0833bef 000003e0 00000000 00000000 nt!NtReadFile+0x5d5 ee1b8d38 7c82847c 000003e0 00000000 00000000 nt!KiFastCallEntry+0xfc 00b6aae0 00000000 00000000 00000000 00000000 0x7c82847c STACK_COMMAND: kb FOLLOWUP_IP: amon+46b6 f4fad6b6 ?? ??? SYMBOL_STACK_INDEX: 10 SYMBOL_NAME: amon+46b6 FOLLOWUP_NAME: MachineOwner MODULE_NAME: amon IMAGE_NAME: amon.sys DEBUG_FLR_IMAGE_TIMESTAMP: 45cc413d FAILURE_BUCKET_ID: 0xA_amon+46b6 BUCKET_ID: 0xA_amon+46b6 Followup: MachineOwner --------- 0: kd> lmvm amon start end module name f4fa9000 f50238c0 amon T (no symbols) Loaded symbol image file: amon.sys Image path: \SystemRoot\system32\drivers\amon.sys Image name: amon.sys Timestamp: Fri Feb 09 10:39:09 2007 (45CC413D) CheckSum: 0008B673 ImageSize: 0007A8C0 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 ----------------------------------------------------------- Your BSOD was caused by amon.sys driver. More about it: http://www.file.net/process/amon.sys.html I see that it have not been updated since 2007. Please update your antivirus or contact its manufacturer Technical Support. This posting is provided "AS IS" with no warranties or guarantees , and confers no rights. Microsoft Student Partner 2010 / 2011 Microsoft Certified Professional Microsoft Certified Systems Administrator: Security Microsoft Certified Systems Engineer: Security Microsoft Certified Technology Specialist: Windows Server 2008 Active Directory, Configuration Microsoft Certified Technology Specialist: Windows Server 2008 Network Infrastructure, Configuration Microsoft Certified Technology Specialist: Windows Server 2008 Applications Infrastructure, Configuration Microsoft Certified Technology Specialist: Windows 7, Configuring Microsoft Certified IT Professional: Enterprise Administrator Microsoft Certified IT Professional: Server Administrator Microsoft Certified Trainer