Having never previously crashed our SBS 2008 server blue screened on Monday afternoon. The stop condition was
STOP: 0x0000007f (0x0000000000000008, 0x0000000080050031, 0x00000000000006f8,
*** ntoskrnl.exe - Address 0xfffff80003c6f490 base at 0xfffff80003c15000
On each subsequent restart the same BSOD and error was repeated.
The minidumps are attached along with the windows debugging of the memory.dmp file.
It seems that the system starts to shut itself down (various services stopping messages appear) before the BSOD.
The system is stable in Safe Mode.
Steps taken so far:
All removable cards have been reseated.
Manufacturer hardware diagnostics run and indicates all hardware functioning correctly.
Memory from a working machine swapped in - no change.
Full av scan run (Kaspersky) - nothing detected.
Rootkit scan run (TDSKiller) - nothing detected.
April 2012 Windows updates had been installed the previous evening. Having uninstalled these updates we no longer get the BSOD. However, when attempting to run in normal mode, the system still shuts itself down - logs out the user and then stops services without any user interaction. Again the system seems to be stable in safe mode.
I'm no expert in dump file analysis and would appreciate any help in diagnosing / fixing the error.
The full kernel mode crash dump file is too big to post here but I can make it available if needed.