aahmad
Content Type
Profiles
Forums
Events
Posts posted by aahmad
-
-
Ok, I believe I have found two resolutions. One is to turn Windows Data Execution Prevention off, the other is to scrap the Olympus and use a Philips handheld both seem to have resolved my blue screen issues. Given the Philips is quite expensive, my question is what are the negative effects if any to turning Windows DEP off? Or to avoid turning DEP completly off is there a way to determine how to turn DEP off for a particular driver or service?
0 -
Hey all,
Just thought I would bring this post back to life as my problems have persisted since last year. One of my users has had 14 blue screens since the start of the year. Here is a minidump analysis of the past 3 using WhoCrashed:
Analysis
--------------------------------------------------------------------------------
Crash dump directory: C:\WINDOWS\Minidump
Crash dumps are enabled on your computer.
On Thu 6/11/2009 6:29:52 PM your computer crashed
This was likely caused by the following module: usbport.sys
Bugcheck code: 0x1000000A (0xFFFFFFE0, 0x2, 0x1, 0x80514565)
Error: Unknown
file path: C:\WINDOWS\system32\drivers\usbport.sys
product: Microsoft® Windows® Operating System
company: Microsoft Corporation
description: USB 1.1 & 2.0 Port Driver
The crash took place in a standard Microsoft module. Likely the culprit is another driver on your system which cannot be identified.
On Thu 6/11/2009 6:29:52 PM your computer crashed
This was likely caused by the following module: usbport.sys
Bugcheck code: 0x44 (0x85C11E00, 0xD63, 0x0, 0x0)
Error: MULTIPLE_IRP_COMPLETE_REQUESTS
file path: C:\WINDOWS\system32\drivers\usbport.sys
product: Microsoft® Windows® Operating System
company: Microsoft Corporation
description: USB 1.1 & 2.0 Port Driver
The crash took place in a standard Microsoft module. Likely the culprit is another driver on your system which cannot be identified.
On Thu 6/11/2009 6:29:52 PM your computer crashed
This was likely caused by the following module: usbport.sys
Bugcheck code: 0x1000000A (0xFFFFFFE0, 0x2, 0x1, 0x80514565)
Error: Unknown
file path: C:\WINDOWS\system32\drivers\usbport.sys
product: Microsoft® Windows® Operating System
company: Microsoft Corporation
description: USB 1.1 & 2.0 Port Driver
The crash took place in a standard Microsoft module. Likely the culprit is another driver on your system which cannot be identified.
One thing is that the flash drive is considered as a generic volume in Windows XP if that means anything. The idea of using the safely remove hardware option is not well embraced. I just do not know why this issue occurs when unplugging a usb flash drive(Olympus DS-4000) randomly and getting blue screens. Also this happens on both laptops and desktops.
Thanks all for the help, I need a miracle.
0 -
I found only one KB article with your symptoms and cause, however it only applied to Server 2003 w/o any service packs.
Here's something you can try: the latest usb files. KB949033 has the latest usbport.sys and other usb drivers for XP SP2: http://support.microsoft.com/kb/949033
The particular article doesn't describe your problem, but it is a QFE update, MS is always fixing bugs and releasing cumulative fixes for them under the "QFE" (non-security updates) branch, so this particular one has that fix and many more. However they get less testing, but it's worth a try; it probably can't get any worse when your users already getting a STOP error and potentially losing their work. There is a link at the top, "View and request hotfix downloads", they'll send it to your email. It's free.
Unfortunately we are having these issues in both SP3 and SP2. Time to upgrade to Vista maybe???
0 -
902973 You occasionally receive a "STOP 0x000000D1" error message when you start or shut down a Windows XP-based computer or a Windows Server 2003-based computer
http://support.microsoft.com/default.aspx?...kb;EN-US;902973
In debugging it, you're seeing a crash on USBPORT!USBPORT_RemoveBadReqIrp+0x6b:
0: kd> !thread 80560ca0
THREAD 80560ca0 Cid 0000.0000 Teb: 00000000 Win32Thread: 00000000 RUNNING on processor 0
Not impersonating
Owning Process 0 Image: <Unknown>
Attached Process 80560f00 Image: Idle
Wait Start TickCount 84691 Ticks: 96 (0:00:00:01.500)
Context Switch Count 317428
UserTime 00:00:00.000
KernelTime 00:20:35.984
Stack Init 80556700 Current 8055644c Base 80556700 Limit 80553700 Call 0
Priority 16 BasePriority 0 PriorityDecrement 0 DecrementCount 0
ChildEBP RetAddr Args to Child
8055620c f81a02b5 badb0d00 00000004 8234f028 nt!_KiTrap0E+0x238 (FPO: [0,0] TrapFrame @ 8055620c)
80556284 80514574 41426d72 806228bb 8234f0e0 USBPORT!USBPORT_RemoveBadReqIrp+0x6b (FPO: [Non-Fpo]) (CONV: stdcall)
8055629c f81a0085 8234f102 00000000 8234f0e0 nt!IoCsqRemoveNextIrp+0x3d (FPO: [Non-Fpo]) (CONV: stdcall)
805562bc f81a0650 8234f028 00000000 f81a04ec USBPORT!USBPORT_BadRequestFlush+0x3b (FPO: [Non-Fpo]) (CONV: stdcall)
805562e0 804e2b4e 8234f70c 8234f028 87b967e9 USBPORT!USBPORT_DM_TimerDpc+0x164 (FPO: [Non-Fpo]) (CONV: stdcall)
805563fc 804e207d 80560f00 ffdff9c0 ffdff000 nt!KiTimerListExpire+0x14b (FPO: [Non-Fpo]) (CONV: fastcall)
80556428 804dcd22 80561300 00000000 00014b32 nt!KiTimerExpiration+0xb1 (FPO: [Non-Fpo]) (CONV: stdcall)
80556450 804dcc07 00000000 0000000e 00000000 nt!KiRetireDpcList+0x61 (FPO: [0,1,0])
80556454 00000000 0000000e 00000000 00000000 nt!KiIdleLoop+0x28 (FPO: [0,0,0])
0: kd> !irp 806228bb 1
Irp is active with 3 stacks 3 is current (= 0x858bf640)
No Mdl Thread 00000000: Irp stack trace.
Flags = 00000000
ThreadListEntry.Flink = 806228bb
ThreadListEntry.Blink = 806228bb
IoStatus.Status = 00000103
IoStatus.Information = 00000000
RequestorMode = 00000000
Cancel = 00
CancelIrql = 0
ApcEnvironment = 00
UserIosb = 00000000
UserEvent = 00000000
Overlay.AsynchronousParameters.UserApcRoutine = 00000000
Overlay.AsynchronousParameters.UserApcContext = 00000000
Overlay.AllocationSize = 00000000 - 00000000
CancelRoutine = 00000000
UserBuffer = 00000000
&Tail.Overlay.DeviceQueueEntry = 00cfcf6c
Tail.Overlay.Thread = 00000000
Tail.Overlay.AuxiliaryBuffer = 00000000
Tail.Overlay.ListEntry.Flink = 00000000
Tail.Overlay.ListEntry.Blink = 00000000
Tail.Overlay.CurrentStackLocation = 858bf640
Tail.Overlay.OriginalFileObject = 00000000
Tail.Apc = 00000000
Tail.CompletionKey = 00000000
cmd flg cl Device File Completion-Context
[ 0, 0] 0 0 00000000 00000000 00000000-00000000
Args: 00000000 00000000 00000000 00000000
[ 0, 0] 0 0 00000000 00000000 00000000-00000000
Args: 00000000 00000000 00000000 00000000
>[ f, 0] 0 e1 857d4030 00000000 f6bed854-857d5d30 Success Error Cancel pending
\Driver\usbuhci usbhub!USBH_ChangeIndication
Args: 857d5e84 00000000 00220003 00000000
0: kd> !devext 857d5d30 USBHUB
Dump Hub Device Extension: 857d5d30 1
HUB HUB
FDO 857d5c78 PDO 857d4030 TOS 857d4030 RootHub 857d4030 HcdTos 857d4030
FLG: HUBFLAG_NEED_CLEANUP HUBFLAG_SUPPORT_WAKEUP
Status:
HubChange 0
IRP 806228bb Buffer 85bc5660 len 8 Desc 858b5e80
PowerIrp 0 PendingWake 0 #PortWake 0
PortData 858cd3e0 size 2
Port 0 change 0 Status 100
PORT_STATUS_POWER
Port 0 change 0 Status 0
Config Handle 859aeaf0 ConfigDesc 857db838
PowerTable 0 1 3 4 4 4 4 Current 1
Pending Req 2 ErrorCount 2
DeviceDesc 50005 PipInfo 1 Urb 857d5e50This is indeed a bug in the XP usbport.sys driver, but it's not fixed. You can avoid this by disabling the ability for XP to put any devices on the USB bus to sleep in the device manager under USB controllers, under each USB hub, properties, power management - uncheck "allow the computer to turn off this device to save power".
Unfortunately, today was the day of bluescreen, all the users with the fix or without bluescreened when they removed their devices from the cradle. Any help is much appreciated, thanks!
0 -
Well, I wish it was the network however the same machine with IE7 if I downgrade it to IE6 the problem disappears. Same goes for the other machine and throughtout the office. This issue that we have been encountering also does not occur in a single office, all of our 256k link offices. However anyone of those machines if you uninstall IE7 the problem disappears regardless of where the machine is in any of those offices.
You're assuming the developer of the app even tested his/her code on a slow link. Wininet doesn't control buffer size or whether or not it waits for a server ACK response, those are all handled at the winsock level (below wininet and outside the purview of Internet Explorer). Since upgrading to IE7 causes this behavior, this likely means your app vendor didn't write a winsock app, but an app that uses IE components. The networking component is wininet.dll, and there are no changes in wininet.dll with regards to network behavior between 6 and 7, so that leaves the developer's code - again, I'd wait for them to respond. What is happening would have little to do with the IE component themselves, and more to do with how the vendor is using them.
Also, if you install IE8 beta 2, does the problem show up there?
Yes, I tried IE8 Beta 2 the other day and ran into the same problem. I was hoping it was something we could resolve as the developer unfortunately does not have an answer so far. Otherwise we will just have to work with a workaround such having the jobs from user pc's copied to a machine in our local office then uploaded from there.
Thanks again!!
0 -
It seems like a couple things combined:
The server's TCP window seems to behave somewhat normally. Perhaps it should scale down quicker (overloaded server perhaps), as the ACKs very quickly start to lag behind the packets being sent. That would likely prevent it from running into 0-sized window (as in, it can't process any more data right now), but it should still work despite of that, as you've noticed using the other box. Its size is probably kept to 0 that longer in the first capture because of all the network problems i.e. dupe ACKs (over 150!) and retransmits (tons of them too) -- those are definitely NOT normal. In the 2nd capture, there are exactly 0 dupe ACKs and no fast retransmits (that's what you expect to see normally, not 10%+ of "bad" packets like in the first capture)
If anything, I'd blame the connection going to the box that runs IE7. Try swapping around both boxes, and then try again. The box with IE7 just might now work, and the IE6 box fail.
Might be your network card, might be the wiring/patch cable, might be the switch port, ... Something's dropping packets somewhere, and a lot of them. Even the very first packet being sent (#8 in the capture), gets ACK'ed 3 times (packets #11, 14 and 16) -- the server probably "thinking" your box didn't receive them, as it didn't get the following packets, and then your box proceeds to retransmit the next 3 packets. And then it fails to ACK like 8 packets altogether (likely didn't receive them).... And the list goes on and on, until it ultimately fails. You can already tell this transfer is NEVER going to work. It's perfectly normal that your browser eventually gives up trying after all this.
So check your network. It's not the web browser at fault here. And it's most likely not the server either, seeing how it works alright with the other box (not scaling down the TCP window size as quickly as I'd like it to still isn't a big problem). Poking around the registry won't fix this either.
Edit: that barely looked like english, hopefully it's understandable now...
Well, I wish it was the network however the same machine with IE7 if I downgrade it to IE6 the problem disappears. Same goes for the other machine and throughtout the office. This issue that we have been encountering also does not occur in a single office, all of our 256k link offices. However anyone of those machines if you uninstall IE7 the problem disappears regardless of where the machine is in any of those offices.
0 -
You could always just use GOM player to view your files as it would obtain the codecs needed itself.
0 -
I will look around for registry fixes on the server to apply for the windows size fix.
Thanks!
0 -
Here is a link from a capture of a machine that has IE6 and the transfer works.
http://www.mediafire.com/?sharekey=a38e625...2db6fb9a8902bda
0 -
I have been working with them however so far have not found out the reason why this problem is happening. They are aware of that when IE6 is installed it is working fine. I know I am reaching here, but anyone aware of any settings in IIS to adjust?
Thanks!!
0 -
I will try on a user's machine at lunch today. You are a lifesaver if that fixes it!!
Thank you!!!!
0 -
Here is the link for the packet capture file, I used WireShark....10.2.120.35 is our dictation server and 10.1.107.143 is the computer in an outer office.
http://www.mediafire.com/?sharekey=c50ce43...2db6fb9a8902bda
Thanks!
0 -
No wireless...
If a user in an outer office sends a dictation though it goes through the Dictation App then through the wan to our server here which is a completely seperate location. Those "slow links" are 256k burst while the "fast ones" are 512k.
It boggles my mind how IE7 is associated with this, I guess it has to in a way since Windows integrates with it in many ways.
As always, thanks!
0 -
Did you try setting them as "optimize for quick removal". We had some POS laptops and a mass of POS thumbdrives that would take turns failing when optimized for performance, especially on those with minimal RAM.
I will try that today and see what happens. Thanks!
0 -
Tried both of your suggestions, no luck so far however I'm getting excited at the fact that maybe we are getting close!
Thank you all!!
0 -
I know it has been a while, sorry for the delays but I have posted the dump file and compressed it in rar format under:
http://www.filefactory.com/file/9522be/n/MEMORY_rar
Also I have tried Windows SP 3 and found the same issues.
Thanks again!
0 -
I know I'm looking for a needle in a haystack, of course I am also trying to work with the vendor regarding this issue. Another item to note is IE in no way whatsoever is running when sending these jobs.
The App converts the file to vox as we use DSS format to record in, then attempts to stream via http. On our slower links it fails, on your faster it works, however once I downgraded to IE6 those problems vanished. I was hoping maybe IE7 changes/adjusts some kind of settings, programs, or codecs in hopes to pinpoint the issue.
Again, thank you all kindly for your assistance.
PS. The Dictation app uploads to a server that is within the network at the central office. Of course IIS is also installed on the server.
0 -
I figured out how to resolve this issue I believe, so far the issue has not persisted when I perform the following registry edit.
HKLM>SYSTEM>CurrentControlSet>USB>
add dword value "DisableSelectiveSuspend"
set the value to "1".
That should "resolve" it, I found this in a kb article on Micrsoft's site but do not have the article number handy. Just FYI for you all.
0 -
We employ a dictation system in our firm which utilizes http to send files. Certain offices with slower links have been encountering errors on larger files basically it seems the transfer was timing out. I uninstalled IE7 and reverted back to IE6 and the problem no longer persists.
Of course nobody wants to jump back to IE6 or use Firefox, any ideas if it could be a particular setting or something in IE7 causing this. I am assuming the program we use to perform send dictation jobs somehow uses something related to IE.
Thanks in advance for any advice.
0 -
We are giving a VP a new machine with a new image. Windows XP SP 3 image, he currently is on Windows 2000. His computer is locked down and very secure (permissions). Is there anyway to migrate those settings (permissions) to the new PC without doing it again?
Thanks!
0 -
Hi all we are a Windows XP SP2 workshop ( working on moving to SP3 in the image). However in our SP2 images we have one slight issue, randomly when we log a user in Windows Media Player shows in the systray and start menu, also icons disappear and the themes are different. However after logging off and then back on it goes back to normal ( the way we had default user profile setup ). Any ideas?
Thanks!
P.S. Also the start menu would change to the XP one ( the bigger one ) from the classic randomly as this happens. For that I added a registry entry that forces the classic start menu however only fixes half of my issue. Still the Media Player icons and media player icon in systray.
0 -
This is a snippet of what a user gets when they remove the device I will post a full dump of one of the machines tomorrow.
Thank you all for your help we are baffled!
Driver: IRQL_Not_Less_or_Equal
Stop: 0x00000D1 0x08458BEC
0x00000002, 0x00000001,
USBPORT.SYS Address F81A02B5
base at F819B000
Some of this is his hand writing and can not read hope that points to something...
** Another quick note this usb flash drive is an Olympus DS-4000 which has a 32 mb flash card in it and is the only item detected when connected to our pc's
0 -
Any ideas on why randomly our users unplug their flash drives and get blue screens. In the crash dumps it is pointing towards usbport.sys, we operate on Windows XP Sp2 and are up to date. Our desktops are HP DC 5100 MT, and laptops are IBM T61's. These blue screens occur on both systems. The bios is update in both systems. Thanks for any input!
0 -
After I sysprep I get random things happen...
User logs in gets xp style start menu not classic and the desktop icons are all changed to standard ones ( most items we placed in default user are missing ).
User then logs out and back in and its back to normal ( odd isnt it? ).
I do not have my sysprep inf with me right now..but I know for a fact I have an item in there to prevent this ( updateserverprofiledirectory=0 )
also all the patches that were recommended to be installed to stop sysprep from copying the admin profile over the default user.
I am at a loss.
0
Windows XP USB question
in Windows XP
Posted
Thank you as always!