cluberti

Also note that it can be disk corruption (chkdsk /r to fix if you can boot in safe mode) or hardware problems that can cause this, and if you do a step-by-step boot and the hang happens in the same place with no other driver prompt, you don't have many options short of making sure the hardware is ok - you may end up having to do a repair installation of Windows to get the machine working well if the above steps don't help.

According to the dump, this is a LGA 775 Pentium D at 3GHz, but the reported error contained *no* data - not to mention it used the wrong bugcheck code (0x9c instead of 0x124, which is what it's supposed to do under Vista and Win7): 1: kd> !cpuid Unable to get information for processor 0 CP F/M/S Manufacturer MHz 1 15,6,4 GenuineIntel 2999 Bit Mask: MA Model Specific MCA O ID Other Information Error Code Error Code VV SDP ___________|____________ _______|_______ _______|______ AEUECRC| | | | LRCNVVC| | | | ^^^^^^^| | | | 6 5 4 3 2 1 3210987654321098765432109876543210987654321098765432109876543210 ---------------------------------------------------------------- 0000000000000000000000000000000000000000000000000000000000000000 This means that whatever hardware error occurred, it's probably NOT the CPU at fault. However, there's no specific error information, so I would do the following: 1. Make sure your motherboard has the very latest BIOS on it that you can 2. Make sure it's compatible with at least Windows Vista 3. Run a memory test against the RAM in the machine using something like memtest86+ or similar to make sure there's no bad RAM causing the bugcheck Assuming that all tests fine and you're running at least a Vista-compatible BIOS, I'd consider contacting Intel support about getting advanced diagnostics from the CPU and BIOS.

Yes, those are build 16385, aka RTM, aka the "gold" version, aka the release version of Windows 7.

To cover all bases, it should be stated for the other folks in the future who come across this thread and may not understand the legalese - a Volume Licensing key can only be used to activate (well, prior to Vista, *pre*activate) a machine that has a Volume License copy of Windows installed (XP Professional VL for XP licenses, Enterprise for Vista/7 which can be activated with a MAK or a KMS key). However, the machine you install it on MUST already have at least attached to the machine (you don't actually *have* to preinstall the FPP or OEM Windows license before installing your VL image) a qualifying, pre-existing license for Windows. There is no "clean install" VL license for Windows, so there's no way to request said licenses. You can read about the preinstall requirements, restrictions on license movement, and upgrade/replacement stipulations regarding VL Windows licenses here, although your software licensing agreement (if you already have one) should have come with this either in hard copy or online. However, it's available at the link above, and the relevant section contains this blurb: And from the FAQ, a bit more info about the subject:

The MACHINE_CHECK_EXCEPTION dump (0x9c) actually has meaning if we can take a look at the resulting .dmp file. If you can get to it, upload it and we'll analyze it for you.

As always, make the choices that work for you - Firefox is a good browser and if it works for you and you're able to secure it enough for your (and I guess others') use of that PC, that's what you should do. However (and this is a general statement, not a response to any post in this thread), choosing not to use IE for security reasons might have been wise on IE6 and XP/2000/9x, but at this point most malware uses the user, not the software, to cause havoc, because the browser is quite secure (especially on Vista and 7). It also stands to reason that IE's flaws get pretty big coverage while other browser's flaws (again, for the most part) do not, even though Firefox as of v3 and IE as of v7 (and now v8) have basically the same numbers of critical and non-critical flaws. Choosing not to use IE for functional reasons is a perfectly valid choice, or choosing FF because it adheres to draft standards better (or, in some cases, at all) and IE doesn't is also a good reason, and even making an emotional choice as to "I like browser <x> more than IE" is as logical and reasonable as an emotional choice can be, as it's a personal decision on a piece of software a lot of us use the most (I suppose it's like choosing which car to drive - choose the one you like, other things being equal). The only thing that I get bothered with are people who choose a browser simply because IE is "insecure", to which anyone can easily see that all browsers are insecure, as is any code, eventually, and IE's track record since 2006 is pretty darned good (if only they'd patch as fast as the FF devs, I'd be with nothing to complain about there). At least people choosing FF over IE for this reason are choosing a good alternative browser. It honestly doesn't matter either way, and I use FF myself at home and IE8 at work, because they both meet a need I have at each location. If more people would just use the tool that works for them without all the huff and puff and flaming the Internet would be a nicer place .

Well, considering VL licenses are technically upgrade licenses, the machines have to have a qualifying license on them beforehand (OEM or retail), so whitebox or not the scenario holds true if the original license you're installing the OEM one over is VL. It wouldn't apply if the previously qualifying license was retail, of course, in which case you don't have to reinstall it once the VL install is removed, and at that point the retail license is freed up and can either be reinstalled on that machine or used for another. It would depend on the image. If these are XPSP3 installs that don't get a product key until after imaging, sure. However, if the image contains the VL key and is pre-activated then technically the initial install would be of a non-legal copy of Windows. As to whether or not you should or shouldn't do it is up to you, just like doing anything, but it would be better if you had two images long-term. Again, choices can be made (and I personally wouldn't have a problem with either decision), but if we're looking for the technical answer it would be no, doing such would not be following the volume licensing agreement.

Until he gives the man his rightful copy of Vista that came with the lappy and stops using false advertising, no we don't .

Out of alpha and into beta, pinned.

If they've acquired VLs in their agreement to cover the PCs in their organization that you plan on doing this for, then absolutely (assuming the licenses currently on the machines qualify for VL upgrades). If they don't have the VLs in their agreement to cover the machines, then no, technically you can't do this on those PCs. To answer the question you posed later in this thread about moving licenses: You cannot move a VL license once it's applied to a system, nor can you move VL upgrade licenses. If you were to sell, transfer, or dispose of a machine that has a VL license installed, you must reinstall the original OS that came with the PC (in the case of sell or charity gift) or dispose of the OEM media and license in the case of disposal/recycle), but you *do not* get that VL back when a machine is removed from your organization, and if you get new PCs you must acquire new VLs to install over OEM or FPP that is installed on the new PCs (again, you can't use a VL license install on a machine that doesn't already have a qualifying Windows license).

The two tests don't really stress the same features of your graphics card - this is most obvious with onboard chips like the Intel video family, but it can be seen with the scaled-down versions of discrete cards as well.

Actually, they're live on my system for some apps, not for others. For example, my IE download windows and any video playing in IE or WMP seems to be live, but not Firefox. I think this is more app-specific than Windows-specific, because I can play a video in IE and get "live" updates in the taskbar, but when the same video is running in Firefox I do not (same with IE download windows versus Firefox download windows).

You could always open the registry, browse to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\msiserver, and change the "Start" value to 4 and reboot. It's not a "fix", but it'll keep the service from starting so you can clean up whatever mess you have. Once you're sure you've cleaned up the broken install, you can set Start back to 3 and reboot to put things back to normal.

By the way, you are supposed to transfer the original Windows disc (or recovery CD/DVD), and any and all documents relating to the OS and any other OEM software installed on the machine from Microsoft with the sale of the machine as per the licensing agreement that the seller agreed to when using the product. If you didn't get the Vista DVD or a recovery DVD, or any other documentation, that copy of Windows is most likely not legit (and considering the COA is for Vista, you can be certain it's not). Never trust online auction sellers, and not because there aren't honest ones out there - the problem is there are just so many more who are out to screw you. To get a legitimate install on that laptop, you're going to have to contact Dell and have them ship you (at your cost for shipping, likely) a new Vista DVD or a recovery DVD for the laptop. If you want Win7 on it, you'll have to purchase it.

By the way, assuming you are buying a legitimate copy (or copies) of Windows. with the purchase you should get an install disc, the COA sticker, and any documentation and packaging that comes with the product when you purchase it. If you're just getting a key and nothing else, I sincerely doubt these are either retail or OEM keys, and selling keys without the requisite software makes the installation you would make from the key illegal (install of Windows without a COA proving your purchase makes that install illegal in most countries). What appears to be happening (yes, these are being investigated, it's all over the internet) is that these are either mass MSDN and Technet keys that will end up blacklisted shortly (they're MAK keys with limited activation), or even worse, some of them have been found to be perfectly legitimate retail keys that are being resold over and over (meaning eventually it's going to be blacklisted as well). The only time you can *ever* buy just a product key is when you have a volume license agreement, and even with that when you purchase a mass of licenses you *still* get at least one product CD from the clearinghouse. This is very, very fishy, and not very legal either. I'd steer way clear of anyone selling just keys on ebay. Especially considering a quick google search can turn up hits about the fallout from this, like this thread in the sevenforums site about it.

That's a rather odd error: # for hex 0x800f0203 / decimal -2146500093 : SPAPI_E_NO_DRIVER_SELECTED winerror.h # There is no driver selected for the device information set # or element. # 1 matches found for "0x800f0203"

Correct - if the default firewall is enabled, all ports should be blocked. You can run tcpview from sysinternals if you want to see what ports/protocols have endpoints on the machine (doesn't mean the firewall is allowing the connections to said port, but at least it would show the open ports and what protocols they're running).

Can you show a screenshot and/or describe which port and protocol, and what state it's in?

True - as far as I know, only IE and Google Chrome actually uses the process model yet to run in low integrity/protected mode. It would be really great if they did, but they don't without using a bit of hackery to launch them as such.

IE cannot be removed entirely, as certain OS components rely on it (desktop gadgets that use wininet, html help in the OS, etc) but you can keep it from loading by simply removing it as an installed windows feature. It'll remove all entry points for IE, and only leave behind the files necessary to run webbrowser control apps, apps that require wininet, html help, etc - but no IE will be able to actually run and execute in any way. Just uncheck the feature from the Program's control panel for "Turn Windows Features on or off" or use DISM to enable or disable the feature.

I dumped the CMarkup pointer for html - I'm not really going into it here, as it'll clutter the thread. Suffice it to say there were over 1,000 lines of HTML markup on the page loaded in the tab, and these appeared to be being run over by the heap pointers in the Kaspersky thread. Without symbols I can't say what they're doing with it, but given the program's nature it's probably a well-educated guess.

OK, I've had a look, and it does appear that both tab processes have ended up in sysfader, in an attempt to dim something on screen due to a hang. In looking at tab 2, it appears that it's browsing to a page that appears to have a GIGANTIC markup that is currently being run through the kaspersky web add-in: 0:015> kn # ChildEBP RetAddr 00 0b97fc00 77a957ec ntdll!KiFastSystemCallRet 01 0b97fc04 75c8f18b ntdll!NtRemoveIoCompletion+0xc 02 0b97fc30 021e409f KERNELBASE!GetQueuedCompletionStatus+0x29 WARNING: Stack unwind information not available. Following frames may be wrong. 03 0b97fcb0 021e35eb klwtbbho!DllInstall+0x24af 04 0b97fcb8 021eb8ca klwtbbho!DllInstall+0x19fb 05 0b97fcf0 021eb96f klwtbbho!DllInstall+0x9cda 06 0b97fd04 77aab3f5 klwtbbho!DllInstall+0x9d7f 07 0b97fd44 77aab3c8 ntdll!__RtlUserThreadStart+0x70 08 0b97fd5c 00000000 ntdll!_RtlUserThreadStart+0x1b 0:015> lmvm klwtbbho start end module name 021d0000 02212000 klwtbbho (export symbols) klwtbbho.dll Loaded symbol image file: klwtbbho.dll Image path: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll Image name: klwtbbho.dll Timestamp: Tue Oct 20 12:34:35 2009 (4ADDE69B) CheckSum: 00050CE8 ImageSize: 00042000 File version: 9.0.0.736 Product version: 9.0.0.736 File flags: 0 (Mask 3F) File OS: 40004 NT Win32 File type: 1.0 App File date: 00000000.00000000 Translations: 0409.04b0 CompanyName: Kaspersky Lab ProductName: Kaspersky Anti-Virus InternalName: klwtbbho OriginalFilename: klwtbbho.dll ProductVersion: 9.0.0.736 FileVersion: 9.0.0.736 FileDescription: WebToolBar component LegalCopyright: Copyright © Kaspersky Lab 1997-2009. LegalTrademarks: Kaspersky™ Anti-Virus ® is registered trademark of Kaspersky Lab. All of the CPU time not allocated to the tabproc thread 0 (the UI thread - expected to have the bulk of user-time in rendering hangs) is allocated to this thread, and literally nowhere else. Given that the design of the Kaspersky Internet Security 2010 web add-in is to scan markup for malicious intent before allowing render, I'd say removal of this component (even as just a test) should resolve the issue.

I managed to download the file with wget - seems that site doesn't do a good job of protecting the URL outside of all of the web popups .

I sent you another PM - seems I had the username/pass backwards. I'm having trouble downloading from the site still, so if you could try the FTP one more time I'd appreciate it.

It's saying the device driver for that device has a queued instruction depth that isn't clearing fast enough. Are you running the latest driver for that card?