I have an SBS 2003 SP2 server that has started having constant crashing issues, more than twice a day. After analyzing the crash dumps, I am puzzled as to what could be causing the server to crash. The crashes are either 0xA or 0xDE bugcheck errors. Server is completely up-to-date and drivers are up-to-date. Server also passes a MemTest86 test and Microsoft's memory test utility. Maintenance was performed on the server a few weeks ago prior to crashes (BIOS updates, drivers updates, etc), but the crashes started occurring a few weeks after. The server is a Dell PowerEdge 830 server. I have linked to the mini-dumps below, but I can provide full kernel dumps as well. Perhaps someone with a better understanding of kernel dumps could help pinpoint the root cause of the crashes, since I'm about to throw up my hands in defeat. Thanks so much! :) Link to Dumps: http://sdrv.ms/T3lnMz

About to run Driver Verifier on the server, as I've exhausted other probable causes including DEP, RAM, and applications. Will update this thread of results.

Can you place the dumps in a location that doesn't require registration? (e.g. SkyDrive)Doug Kentner

Can you place the dumps in a location that doesn't require registration? (e.g. SkyDrive) Doug Kentner So sorry about that; didn't realize 4Shared changed their policies. Anyways, I did put them up onto my SkyDrive here: http://sdrv.ms/T3lnMz Thanks!

Please configure the machine for kernel dump. Minidumps are not helpful.Dave Guenthner [MSFT] This posting is provided "AS IS" with no warranties, and confers no rights. http://blogs.technet.com/b/davguents_blog

Please configure the machine for kernel dump. Minidumps are not helpful. Dave Guenthner [MSFT] This posting is provided "AS IS" with no warranties, and confers no rights. http://blogs.technet.com/b/davguents_blog Alrighty, I placed three full kernel dumps into the same SkyDrive folder under "MEMORY" file names. Go ahead of have a look. Thanks again for the help! :)

(not a kernel debugger) However all three dumps show pool or memory corruption. By definition: The POOL_CORRUPTION_IN_FILE_AREA bug check has a value of 0x000000DE. This indicates that a driver has corrupted pool memory that is used for holding pages destined for disk. If you want to upload a set of MPS reports I can tell you what 3rd party drivers you have installed and may help you target updates. http://www.microsoft.com/en-us/download/details.aspx?displaylang=en&id=24745 Run the 32 bit one.Dave Guenthner [MSFT] This posting is provided "AS IS" with no warranties, and confers no rights. http://blogs.technet.com/b/davguents_blog

Uploaded MPS Report (CAB) to my SkyDrive. Thanks! :)

The system event log only goes back 07/25/2012 09:28:20 AM so we can't see *when* this problem started happening. What you can see is that its occuring several times a day at random times. Since server is Windows 2003 and likely has been in service for a long time you may have a hardware problem with RAM. Since memory is cheap and you only have 4 GB, I would replace it. I would also review what drivers can be safely removed and which ones 3rd party vendor have proided updates. OS Name Microsoft(R) Windows(R) Server 2003 for Small Business Server Version 5.2.3790 Service Pack 2 Build 3790 Total Physical Memory 4,095.08 MB --Name-- |--Company-- |--Version-- |--Date-- |--DESCRIPTION-- PstatVer3 AFAMGT.SYS |Adaptec, Inc. |4.1:1.7043 |May 03 2007 |Dell Management Driver CERCSR6.SYS |Adaptec, Inc. |4.1:1.7043 |May 03 2007 |DELL CERC SATA1.5/6ch Miniport Driver ATMFD.DLL |Adobe Systems |5.2:2.232 |Feb 15 2011 |Windows NT OpenType/Type 1 Font Driver B57XP32.SYS |Broadcom Corpo|12.4:1.1 |Dec 11 2009 |Broadcom NetXtreme Gigabit Ethernet NDIS5.1 Driver. ACFSDK32.SYS |Conexant |1.0:2.14 |Mar 15 2007 |Diagnostic Interface x86 Driver DCDBAS32.SYS |Dell Inc. |5.8:0.4952 |Jan 04 2008 |Dell BASE Device Driver IMDRVFSF.SYS |Iomega Corpora|1.0:3.5 |Jul 13 2004 |Iomega Filter Driver REVFS.SYS |Iomega Corpora|2.0:0.21 |Nov 17 2004 |Iomega REV System Software KAPFA.SYS |Kaseya |6.1:0.0 |Nov 15 2010 |Kaseya Agent Protected File Access Driver HOTCORE3.SYS |Paragon Softwa|9.0:99.9293 |Mar 24 2009 |A part of Paragon System Utilities PTILINK.SYS |Parallel Techn|1.1:0.0 |Feb 17 2007 |Parallel Technologies DirectParallel IO Library SER2PL.SYS |Prolific Techn|2.0:0.24 |Nov 27 2003 |USB-to-Serial Cable Driver XG20GRP.SYS |XGI Technology|6.14:10.1130 |Jul 23 2009 |XGI Compatible Super VGA Driver XG20GRV.DLL |XGI Technology|6.14:10.1130 |Jul 23 2009 |XGI Compatible Super VGA DriverDave Guenthner [MSFT] This posting is provided "AS IS" with no warranties, and confers no rights. http://blogs.technet.com/b/davguents_blog

It's been quite a while, but I wanted to update on what's going on. The server is still having issues crashing with 0xA and 0xDE bugcheck errors. I have been running Driver Verifier on all drivers for the past couple of days, and a few drivers (hotcore3.sys, ser2pl.sys) seem to have caused Driver Verifier to trip and BSOD, but I have since removed/updated those drivers and no new BSODs have stemmed from them. After fixing those drivers, I have pretty much limited the BSODs to the following logs. What can anyone deduct from these BSODs? Keep in mind that the server has passed two different memory tests on several passes, and all possible third-party drivers that could have been the probable cause have been fixed. I'll link mini and full dumps in a bit. On Sun 8/19/2012 5:11:32 PM GMT your computer crashed crash dump file: C:\WINDOWS\Minidump\Mini081912-01.dmp uptime: 00:02:34 This was probably caused by the following module: ntkrpamp.exe (nt!KeBugCheckEx+0x1B) Bugcheck code: 0xDE (0x2, 0xFFFFFFFFEB1181B8, 0xFFFFFFFFFB1181B8, 0xFFFFFFFFE413B8C0) Error: POOL_CORRUPTION_IN_FILE_AREA Bug check description: This indicates that a driver has corrupted pool memory that is used for holding pages destined for disk. A third party driver was identified as the probable root cause of this system error. It is suggested you look for an update for the following driver: ntkrpamp.exe . Google query: ntkrpamp.exe POOL_CORRUPTION_IN_FILE_AREA On Sun 8/19/2012 5:11:32 PM GMT your computer crashed crash dump file: C:\WINDOWS\memory.dmp uptime: 00:02:34 This was probably caused by the following module: ntkrpamp.exe (nt+0x27E33) Bugcheck code: 0xDE (0x2, 0xFFFFFFFFEB1181B8, 0xFFFFFFFFFB1181B8, 0xFFFFFFFFE413B8C0) Error: POOL_CORRUPTION_IN_FILE_AREA Bug check description: This indicates that a driver has corrupted pool memory that is used for holding pages destined for disk. A third party driver was identified as the probable root cause of this system error. It is suggested you look for an update for the following driver: ntkrpamp.exe . Google query: ntkrpamp.exe POOL_CORRUPTION_IN_FILE_AREA On Fri 8/17/2012 5:04:25 PM GMT your computer crashed crash dump file: C:\WINDOWS\Minidump\Mini081712-03.dmp uptime: 01:48:51 This was probably caused by the following module: ntfs.sys (Ntfs+0x4BCC8) Bugcheck code: 0xA (0xFFFFFFFFC07888A8, 0xFFFFFFFFD0000002, 0x0, 0xFFFFFFFF80867159) Error: IRQL_NOT_LESS_OR_EQUAL file path: C:\WINDOWS\system32\drivers\ntfs.sys product: Microsoft Windows Operating System company: Microsoft Corporation description: NT File System Driver Bug check description: This indicates that Microsoft Windows or a kernel-mode driver accessed paged memory at DISPATCH_LEVEL or above. This appears to be a typical software driver bug and is not likely to be caused by a hardware problem. The crash took place in a standard Microsoft module. Your system configuration may be incorrect. Possibly this problem is caused by another driver on your system which cannot be identified at this time. On Fri 8/17/2012 3:11:16 PM GMT your computer crashed crash dump file: C:\WINDOWS\Minidump\Mini081712-02.dmp uptime: 01:01:40 This was probably caused by the following module: ntkrpamp.exe (nt!Kei386EoiHelper+0x28F3) Bugcheck code: 0xA (0xFFFFFFFF83331EE3, 0xFFFFFFFFD0000002, 0x0, 0xFFFFFFFF80850B18) Error: IRQL_NOT_LESS_OR_EQUAL Bug check description: This indicates that Microsoft Windows or a kernel-mode driver accessed paged memory at DISPATCH_LEVEL or above. This appears to be a typical software driver bug and is not likely to be caused by a hardware problem. A third party driver was identified as the probable root cause of this system error. It is suggested you look for an update for the following driver: ntkrpamp.exe . Google query: ntkrpamp.exe IRQL_NOT_LESS_OR_EQUAL On Fri 8/17/2012 2:05:24 PM GMT your computer crashed crash dump file: C:\WINDOWS\Minidump\Mini081712-01.dmp uptime: 10:12:50 This was probably caused by the following module: ntfs.sys (Ntfs+0x907D) Bugcheck code: 0xDE (0x2, 0xFFFFFFFFE9A4BE68, 0xFFFFFFFFF9A4BE68, 0xFFFFFFFFE350B8C0) Error: POOL_CORRUPTION_IN_FILE_AREA file path: C:\WINDOWS\system32\drivers\ntfs.sys product: Microsoft Windows Operating System company: Microsoft Corporation description: NT File System Driver Bug check description: This indicates that a driver has corrupted pool memory that is used for holding pages destined for disk. The crash took place in a standard Microsoft module. Your system configuration may be incorrect. Possibly this problem is caused by another driver on your system which cannot be identified at this time. On Fri 8/17/2012 3:02:30 AM GMT your computer crashed crash dump file: C:\WINDOWS\Minidump\Mini081612-05.dmp uptime: 05:03:27 This was probably caused by the following module: ntkrpamp.exe (nt!Kei386EoiHelper+0x28F3) Bugcheck code: 0xC5 (0x782E81CC, 0xFFFFFFFFD0000002, 0x1, 0xFFFFFFFF808953B7) Error: DRIVER_CORRUPTED_EXPOOL Bug check description: This indicates that the system attempted to access invalid memory at a process IRQL that was too high. This appears to be a typical software driver bug and is not likely to be caused by a hardware problem. This might be a case of memory corruption. More often memory corruption happens because of software errors in buggy drivers, not because of faulty RAM modules. A third party driver was identified as the probable root cause of this system error. It is suggested you look for an update for the following driver: ntkrpamp.exe . Google query: ntkrpamp.exe DRIVER_CORRUPTED_EXPOOL