For Programmers: Free Programming Magazines  


Home > Archive > ASP > March 2004 > DLLHOST.exe process 100% CPU iisstate attached









You are viewing an archived Text-only version of the thread. To view this thread in it's original format and/or if you want to reply to this thread please [click here]

 

Author DLLHOST.exe process 100% CPU iisstate attached
Aliisurf

2004-03-28, 9:57 pm

Hello All:
Im not sure if my attachments made it to my last post.
Would like help deciphering log (log file is below) and dmp file from
IISSTATE tool I ran on a W2Ksp3 Exchange OWA server.
It appears I may have run this tool prior to placing the .dll's in the
proper place, in the synbols directory, but Im not sure. I will run it
agian when this happens again.. probably soon. Hopefully this tells us
something?

Any information or advice is appreciated!!!

How do i open a .dmp file? errr.



Opened log file 'C:\iisstate\output\IISState-1780.log'

***********************
Starting new log output
IISState version 3.3.1

Tue Mar 02 10:00:52 2004

OS = Windows 2000
Executable: dllhost.exe
PID = 1780

Note: Thread times are formatted as HH:MM:SS.ms

***********************


IIS has crashed...
Beginning Analysis
*** ERROR: Symbol file could not be found. Defaulted to export
symbols for C:\WINNT\system32\vbscript.dll -
DLL (!FunctionName) that failed: vbscript!DllGetClassObject




Thread ID: 27
System Thread ID: 7c0
Kernel Time: 0:0:0.671
User Time: 0:0:0.890
Thread Type: ASP
Executing Page: *** ERROR: Symbol file could not be found. Defaulted
to export symbols for C:\WINNT\System32\inetsrv\asp.dll -
ASP.dll symbols not found. Unable to locate ASP page.
Continuing with other analysis.

# ChildEBP RetAddr
00 1acff958 00000002 vbscript!DllGetClassObject+0x109d
Closing open log file C:\iisstate\output\IISState-1780.log
Opened log file 'C:\iisstate\output\IISState-1780.log'

***********************
Starting new log output
IISState version 3.3.1

Tue Mar 02 10:01:11 2004

OS = Windows 2000
Executable: dllhost.exe
PID = 1780

Note: Thread times are formatted as HH:MM:SS.ms

***********************




Thread ID: 0
System Thread ID: 6f0
Kernel Time: 0:0:0.62
User Time: 0:0:0.0
*** ERROR: Symbol file could not be found. Defaulted to export
symbols for C:\WINNT\System32\ntdll.dll -
*** ERROR: Symbol file could not be found. Defaulted to export
symbols for C:\WINNT\system32\KERNEL32.dll -
Thread Status: Thread is in a WAIT state.
Thread Type: Other
# ChildEBP RetAddr
WARNING: Stack unwind information not available. Following frames may
be wrong.
00 0006fd50 77e8b32b ntdll!NtWaitForSingleObject+0xb
01 00000000 00000000 KERNEL32!WaitForSingleObject+0xf




Thread ID: 1
System Thread ID: 700
Kernel Time: 0:0:0.0
User Time: 0:0:0.0
*** ERROR: Symbol file could not be found. Defaulted to export
symbols for C:\WINNT\system32\USER32.dll -
*** ERROR: Symbol file could not be found. Defaulted to export
symbols for C:\WINNT\system32\ole32.dll -
Thread Type: Other
# ChildEBP RetAddr
WARNING: Stack unwind information not available. Following frames may
be wrong.
00 008fff30 77abaf4d USER32!GetMenuItemRect+0x19
01 008fff70 77abae9b ole32!CoInstall+0x7cd
02 008fff8c 77abadd6 ole32!CoInstall+0x71b
03 00007530 00000000 ole32!CoInstall+0x656




Thread ID: 2
System Thread ID: 72c
Kernel Time: 0:0:0.31
User Time: 0:0:0.0
*** ERROR: Symbol file could not be found. Defaulted to export
symbols for C:\WINNT\System32\TxfAux.Dll -
Thread Type: Other
# ChildEBP RetAddr
WARNING: Stack unwind information not available. Following frames may
be wrong.
00 00a0fc98 6de8b953 ntdll!NtRemoveIoCompletion+0xb
01 00a0fd94 6de8b8a8 TxfAux!Log+0x5e3
02 00a0ffb4 77e8b2d8 TxfAux!Log+0x538
03 00a0ffec 00000000 KERNEL32!lstrcmpiW+0xb7




Thread ID: 3
System Thread ID: 704
Kernel Time: 0:0:0.78
User Time: 0:0:0.62
*** ERROR: Symbol file could not be found. Defaulted to export
symbols for C:\WINNT\system32\RPCRT4.dll -
Thread Type: Possible ASP page. Possible DCOM activity
Executing Page: ASP.dll symbols not found. Unable to locate ASP page.
Continuing with other analysis.

OLE32.dll Symbols not found. Unable to proceed with DCOM check.
Continuing other analysis.

# ChildEBP RetAddr
WARNING: Stack unwind information not available. Following frames may
be wrong.
00 00befee4 77d809da ntdll!NtRemoveIoCompletion+0xb
01 00beff20 77d50ede RPCRT4!I_RpcTransGetAddressList+0x304c
02 00beff74 77d50d17 RPCRT4!TowerConstruct+0x4abd
03 00beffa8 77d41c6c RPCRT4!TowerConstruct+0x48f6
04 00beffb4 77e8b2d8 RPCRT4!I_RpcServerInqTransportType+0x1a0

05 00beffec 00000000 KERNEL32!lstrcmpiW+0xb7




Thread ID: 4
System Thread ID: 77c
Kernel Time: 0:0:0.15
User Time: 0:0:0.0
Thread Status: Thread is in a WAIT state.
Thread Type: Other
# ChildEBP RetAddr
WARNING: Stack unwind information not available. Following frames may
be wrong.
00 00c2ff58 77ea9c13 ntdll!NtWaitForMultipleObjects+0xb
01 00c2ffec 00000000 KERNEL32!WaitForMultipleObjects+0x17




Thread ID: 5
System Thread ID: 780
Kernel Time: 0:0:0.0
User Time: 0:0:0.0
*** ERROR: Symbol file could not be found. Defaulted to export
symbols for C:\WINNT\System32\COMSVCS.DLL -
*** ERROR: Symbol file could not be found. Defaulted to export
symbols for C:\WINNT\System32\NETAPI32.dll -
Thread Type: Possible ASP page. Possible DCOM activity
Executing Page: ASP.dll symbols not found. Unable to locate ASP page.
Continuing with other analysis.

OLE32.dll Symbols not found. Unable to proceed with DCOM check.
Continuing other analysis.

# ChildEBP RetAddr
WARNING: Stack unwind information not available. Following frames may
be wrong.
00 00c6fb94 77d3a2c7 ntdll!ZwRequestWaitReplyPort+0xb
01 00c6fba0 77b23b2c RPCRT4!I_RpcSendReceive+0x2c
02 00c6fbc0 77b239f7 ole32!DllDebugObjectRPCHook+0x12a
03 00c6fbd8 77b20aa5 ole32!WdtpInterfacePointer_UserSize+0x1b
54
04 00c6fc18 77b23870 ole32!StgGetIFillLockBytesOnFile+0x19f30

05 00c6fc88 77ab6ac3 ole32!WdtpInterfacePointer_UserSize+0x19
cd
06 00c6fce0 77d90328 ole32!UpdateDCOMSettings+0xad78
07 00c6fcfc 77d92b3f RPCRT4!NdrProxySendReceive+0x4c
08 00c6ff44 77d95f85 RPCRT4!NdrClientCall2+0x4f5
09 00c6ff60 77d77fcb RPCRT4!NdrStubCall2+0xb03
0a 00c6ff70 787f212e RPCRT4!NdrServerMarshall+0x1311
0b 78866e84 ffffffff COMSVCS!RegisterComEvents+0x6758
0c 0008a650 78866e84 0xffffffff
0d 00000000 00000000 COMSVCS!RegisterComEvents+0x7b4ae




Thread ID: 6
System Thread ID: 784
Kernel Time: 0:0:0.0
User Time: 0:0:0.31
Thread Type: Other
# ChildEBP RetAddr
WARNING: Stack unwind information not available. Following frames may
be wrong.
00 00caff04 77ea9d5f ntdll!ZwDelayExecution+0xb
01 77f8316d 4affc033 KERNEL32!Sleep+0xb
02 0424548b 00000000 0x4affc033




Thread ID: 7
System Thread ID: 79c
Kernel Time: 0:0:51.578
User Time: 0:0:20.46
*** ERROR: Symbol file could not be found. Defaulted to export
symbols for C:\WINNT\system32\IisRTL.DLL -
Thread Status: Thread is in a WAIT state.
Thread Type: Other
# ChildEBP RetAddr
WARNING: Stack unwind information not available. Following frames may
be wrong.
00 00f2feb0 77e1e93b ntdll!NtWaitForMultipleObjects+0xb
01 00f2ff0c 77e1e988 USER32!MsgWaitForMultipleObjectsEx+0x153

02 00f2ff28 6e5abc1d USER32!MsgWaitForMultipleObjects+0x1d
03 00406cd0 000003e9 IisRTL!ScheduleAdjustTime+0x1dd




Thread ID: 8
System Thread ID: 7a0
Kernel Time: 0:0:34.531
User Time: 0:0:15.484
Thread Status: Thread is in a WAIT state.
Thread Type: Other
# ChildEBP RetAddr
WARNING: Stack unwind information not available. Following frames may
be wrong.
00 00f6feb0 77e1e93b ntdll!NtWaitForMultipleObjects+0xb
01 00f6ff0c 77e1e988 USER32!MsgWaitForMultipleObjectsEx+0x153

02 00f6ff28 6e5abc1d USER32!MsgWaitForMultipleObjects+0x1d
03 00406d80 000003ea IisRTL!ScheduleAdjustTime+0x1dd




Thread ID: 9
System Thread ID: 7a4
Kernel Time: 0:0:0.0
User Time: 0:0:0.0
*** ERROR: Symbol file could not be found. Defaulted to export
symbols for C:\WINNT\System32\inetsrv\ISATQ.DLL -
Thread Type: HTTP Listener
# ChildEBP RetAddr
WARNING: Stack unwind information not available. Following frames may
be wrong.
00 0108ff7c 6d7088db ntdll!NtRemoveIoCompletion+0xb
01 77de5761 922868ff ISATQ!AtqGetCapTraceInfo+0x7d0
02 6aec8b55 00000000 0x922868ff




Thread ID: 10
System Thread ID: 7a8
Kernel Time: 0:0:0.0
User Time: 0:0:0.0
Thread Type: HTTP Listener
# ChildEBP RetAddr
WARNING: Stack unwind information not available. Following frames may
be wrong.
00 010cff7c 6d7088db ntdll!NtRemoveIoCompletion+0xb
01 77de5761 922868ff ISATQ!AtqGetCapTraceInfo+0x7d0
02 6aec8b55 00000000 0x922868ff




Thread ID: 11
System Thread ID: 718
Kernel Time: 0:0:0.0
User Time: 0:0:0.0
*** ERROR: Symbol file could not be found. Defaulted to export
symbols for C:\WINNT\system32\MSVCRT.dll -
Thread Status: Thread is in a WAIT state.
Thread Type: ASP
Executing Page: ASP.dll symbols not found. Unable to locate ASP page.
Continuing with other analysis.

# ChildEBP RetAddr
WARNING: Stack unwind information not available. Following frames may
be wrong.
00 01defec4 77e1e93b ntdll!NtWaitForMultipleObjects+0xb
01 01deff20 77e1e988 USER32!MsgWaitForMultipleObjectsEx+0x153

02 01deff3c 74a11086 USER32!MsgWaitForMultipleObjects+0x1d
03 01deff80 7800c9eb asp!AspStatusHtmlDump+0x2f69
04 01deffb4 77e8b2d8 MSVCRT!beginthread+0xce
05 01deffec 00000000 KERNEL32!lstrcmpiW+0xb7




Thread ID: 12
System Thread ID: 670
Kernel Time: 0:0:0.15
User Time: 0:0:0.46
*** WARNING: Unable to verify checksum for C:\WINNT\System32\pdm.dll
*** ERROR: Symbol file could not be found. Defaulted to export
symbols for C:\WINNT\System32\pdm.dll -
Thread Status: Thread is in a WAIT state.
Thread Type: PDM (Debugger) Thread.
# ChildEBP RetAddr
WARNING: Stack unwind information not available. Following frames may
be wrong.
00 01e6fe2c 77e1e93b ntdll!NtWaitForMultipleObjects+0xb
01 01e6fe88 77e1e988 USER32!MsgWaitForMultipleObjectsEx+0x153

02 01e6fea4 4a00886c USER32!MsgWaitForMultipleObjects+0x1d
03 01e6ff7c 77ea9872 pdm+0x886c
04 01e6ffb0 4a008a09 KERNEL32!ReleaseSemaphore+0x12
05 01e6ffb4 77e8b2d8 pdm+0x8a09
06 01e6ffc0 00000000 KERNEL32!lstrcmpiW+0xb7




Thread ID: 13
System Thread ID: 768
Kernel Time: 0:0:0.828
User Time: 0:0:1.765
Thread Status: Thread is in a WAIT state.
Thread Type: Other
# ChildEBP RetAddr
WARNING: Stack unwind information not available. Following frames may
be wrong.
00 01eaf7b0 77e8b2eb ntdll!NtWaitForSingleObject+0xb
01 01eaffec 00000000 KERNEL32!lstrcmpiW+0xca




Thread ID: 14
System Thread ID: 760
Kernel Time: 0:0:1.281
User Time: 0:0:2.921
*** ERROR: Symbol file could not be found. Defaulted to export
symbols for C:\WINNT\system32\MAPI32.dll -
Thread Status: Thread is in a WAIT state.
Thread Type: Other
# ChildEBP RetAddr
WARNING: Stack unwind information not available. Following frames may
be wrong.
00 01f6ef30 77f85bd1 ntdll!NtWaitForSingleObject+0xb
01 01f6f0dc 6facfb15 ntdll!RtlIntegerToUnicodeString+0x51
02 000004e4 00000000 MAPI32!cmc_send_documents+0x27f5




Thread ID: 15
System Thread ID: 7d0
Kernel Time: 0:0:0.15
User Time: 0:0:0.0
Thread Type: Other
# ChildEBP RetAddr
WARNING: Stack unwind information not available. Following frames may
be wrong.
00 0210ffb4 77e8b2d8 ntdll!ZwDelayExecution+0xb
01 0210ffec 00000000 KERNEL32!lstrcmpiW+0xb7




Thread ID: 16
System Thread ID: 70c
Kernel Time: 0:0:0.15
User Time: 0:0:0.0
Thread Type: Other
# ChildEBP RetAddr
WARNING: Stack unwind information not available. Following frames may
be wrong.
00 0268ffb4 77e8b2d8 ntdll!NtRemoveIoCompletion+0xb
01 0268ffec 00000000 KERNEL32!lstrcmpiW+0xb7




Thread ID: 17
System Thread ID: 9fc
Kernel Time: 0:0:0.0
User Time: 0:0:0.0
Thread Status: Thread is in a WAIT state.
Thread Type: Other
# ChildEBP RetAddr
WARNING: Stack unwind information not available. Following frames may
be wrong.
00 02ddfef4 77e1e93b ntdll!NtWaitForMultipleObjects+0xb
01 02ddff50 77e1e988 USER32!MsgWaitForMultipleObjectsEx+0x153

02 02ddff6c 6fad7316 USER32!MsgWaitForMultipleObjects+0x1d
03 77f8313c 8b000000 MAPI32!BMAPIResolveName+0x3b16
04 180d8b64 00000000 0x8b000000




Thread ID: 18
System Thread ID: ba4
Kernel Time: 0:0:0.0
User Time: 0:0:0.31
Thread Type: Possible ASP page. Possible DCOM activity
Executing Page: ASP.dll symbols not found. Unable to locate ASP page.
Continuing with other analysis.

OLE32.dll Symbols not found. Unable to proceed with DCOM check.
Continuing other analysis.

# ChildEBP RetAddr
WARNING: Stack unwind information not available. Following frames may
be wrong.
00 038bfee4 77d809da ntdll!NtRemoveIoCompletion+0xb
01 038bff20 77d50ede RPCRT4!I_RpcTransGetAddressList+0x304c
02 038bff74 77d50d17 RPCRT4!TowerConstruct+0x4abd
03 038bffa8 77d41c6c RPCRT4!TowerConstruct+0x48f6
04 038bffb4 77e8b2d8 RPCRT4!I_RpcServerInqTransportType+0x1a0

05 038bffec 00000000 KERNEL32!lstrcmpiW+0xb7




Thread ID: 19
System Thread ID: 324
Kernel Time: 0:0:0.937
User Time: 0:0:2.296
*** ERROR: Symbol file could not be found. Defaulted to export
symbols for C:\WINNT\system32\OLEAUT32.dll -
Thread Status: Thread is in a WAIT state.
Thread Type: ASP
Executing Page: ASP.dll symbols not found. Unable to locate ASP page.
Continuing with other analysis.

# ChildEBP RetAddr
WARNING: Stack unwind information not available. Following frames may
be wrong.
00 05aeef08 77f85bd1 ntdll!NtWaitForSingleObject+0xb
01 05aeef98 74a008e6 ntdll!RtlIntegerToUnicodeString+0x51
02 05aeefbc 74a0d447 asp!TS_RESOURCE::Unlock+0x71ed
03 05aef00c 779d7b9d asp!TerminateExtension+0x8261
04 05aef02c 77a22c42 OLEAUT32!DispCallFunc+0x15d
05 05aef0bc 74a212a3 OLEAUT32!ClearCustData+0x588
06 05aef0e4 6b62ee42 asp!DllUnregisterServer+0xf0fc
07 05aef14c 6b630f39 vbscript!DllRegisterServer+0x52d9
08 05aef36c 0226f008 vbscript!DllRegisterServer+0x73d0
09 00000000 00000000 0x226f008




Thread ID: 20
System Thread ID: 97c
Kernel Time: 0:0:0.0
User Time: 0:0:0.0
Thread Status: Thread is in a WAIT state.
Thread Type: Other
# ChildEBP RetAddr
WARNING: Stack unwind information not available. Following frames may
be wrong.
00 0906fea0 77e1e93b ntdll!NtWaitForMultipleObjects+0xb
01 0906fefc 77e1e988 USER32!MsgWaitForMultipleObjectsEx+0x153

02 0906ff18 6fae5c18 USER32!MsgWaitForMultipleObjects+0x1d
03 77f8313c 8b000000 MAPI32!GetAttribIMsgOnIStg+0x5718
04 180d8b64 00000000 0x8b000000




Thread ID: 21
System Thread ID: ab8
Kernel Time: 0:0:0.0
User Time: 0:0:0.0
Thread Status: Thread is in a WAIT state.
Thread Type: Other
# ChildEBP RetAddr
WARNING: Stack unwind information not available. Following frames may
be wrong.
00 0984fea0 77e1e93b ntdll!NtWaitForMultipleObjects+0xb
01 0984fefc 77e1e988 USER32!MsgWaitForMultipleObjectsEx+0x153

02 0984ff18 6fae5c18 USER32!MsgWaitForMultipleObjects+0x1d
03 77f8313c 8b000000 MAPI32!GetAttribIMsgOnIStg+0x5718
04 180d8b64 00000000 0x8b000000




Thread ID: 22
System Thread ID: a78
Kernel Time: 0:0:0.0
User Time: 0:0:0.0
Thread Status: Thread is in a WAIT state.
Thread Type: Other
# ChildEBP RetAddr
WARNING: Stack unwind information not available. Following frames may
be wrong.
00 0c2efea0 77e1e93b ntdll!NtWaitForMultipleObjects+0xb
01 0c2efefc 77e1e988 USER32!MsgWaitForMultipleObjectsEx+0x153

02 0c2eff18 6fae5c18 USER32!MsgWaitForMultipleObjects+0x1d
03 77f8313c 8b000000 MAPI32!GetAttribIMsgOnIStg+0x5718
04 180d8b64 00000000 0x8b000000




Thread ID: 23
System Thread ID: 7d8
Kernel Time: 0:0:0.703
User Time: 0:0:0.859
Thread Status: Thread is in a WAIT state.
Thread Type: Other
# ChildEBP RetAddr
WARNING: Stack unwind information not available. Following frames may
be wrong.
00 143defb8 77f85bd1 ntdll!NtWaitForSingleObject+0xb
01 143df164 6facfb15 ntdll!RtlIntegerToUnicodeString+0x51
02 77ec85d3 56085d8b MAPI32!cmc_send_documents+0x27f5
03 53ec8b55 00000000 0x56085d8b




Thread ID: 24
System Thread ID: 4e4
Kernel Time: 0:0:0.0
User Time: 0:0:0.46
Thread Status: Thread is in a WAIT state.
Thread Type: Other
# ChildEBP RetAddr
WARNING: Stack unwind information not available. Following frames may
be wrong.
00 16aaefb8 77f85bd1 ntdll!NtWaitForSingleObject+0xb
01 16aaf164 6facfb15 ntdll!RtlIntegerToUnicodeString+0x51
02 77ec85d3 56085d8b MAPI32!cmc_send_documents+0x27f5
03 53ec8b55 00000000 0x56085d8b




Thread ID: 25
System Thread ID: cc4
Kernel Time: 0:0:0.0
User Time: 0:0:0.0
Thread Status: Thread is in a WAIT state.
Thread Type: Other
# ChildEBP RetAddr
WARNING: Stack unwind information not available. Following frames may
be wrong.
00 18b0fea0 77e1e93b ntdll!NtWaitForMultipleObjects+0xb
01 18b0fefc 77e1e988 USER32!MsgWaitForMultipleObjectsEx+0x153

02 18b0ff18 6fae5c18 USER32!MsgWaitForMultipleObjects+0x1d
03 77f8313c 8b000000 MAPI32!GetAttribIMsgOnIStg+0x5718
04 180d8b64 00000000 0x8b000000




Thread ID: 26
System Thread ID: ce4
Kernel Time: 0:0:0.0
User Time: 0:0:0.0
Thread Status: Thread is in a WAIT state.
Thread Type: Other
# ChildEBP RetAddr
WARNING: Stack unwind information not available. Following frames may
be wrong.
00 18defea0 77e1e93b ntdll!NtWaitForMultipleObjects+0xb
01 18defefc 77e1e988 USER32!MsgWaitForMultipleObjectsEx+0x153

02 18deff18 6fae5c18 USER32!MsgWaitForMultipleObjects+0x1d
03 77f8313c 8b000000 MAPI32!GetAttribIMsgOnIStg+0x5718
04 180d8b64 00000000 0x8b000000




Thread ID: 27
System Thread ID: 7c0
Kernel Time: 0:0:0.671
User Time: 0:0:0.890
Thread Type: ASP
Executing Page: ASP.dll symbols not found. Unable to locate ASP page.
Continuing with other analysis.

# ChildEBP RetAddr
00 1acff958 00000002 vbscript!DllGetClassObject+0x109d




Thread ID: 28
System Thread ID: 6dc
Kernel Time: 0:0:0.0
User Time: 0:0:0.0
Thread Status: Thread is in a WAIT state.
Thread Type: Other
# ChildEBP RetAddr
WARNING: Stack unwind information not available. Following frames may
be wrong.
00 1b9bfea0 77e1e93b ntdll!NtWaitForMultipleObjects+0xb
01 1b9bfefc 77e1e988 USER32!MsgWaitForMultipleObjectsEx+0x153

02 1b9bff18 6fae5c18 USER32!MsgWaitForMultipleObjects+0x1d
03 77f8313c 8b000000 MAPI32!GetAttribIMsgOnIStg+0x5718
04 180d8b64 00000000 0x8b000000




Thread ID: 29
System Thread ID: 430
Kernel Time: 0:0:1.421
User Time: 11:22:49.187
*** ERROR: Symbol file could not be found. Defaulted to export
symbols for C:\WINNT\system32\cdo.dll -
Thread Type: ASP
Executing Page: ASP.dll symbols not found. Unable to locate ASP page.
Continuing with other analysis.

# ChildEBP RetAddr
WARNING: Stack unwind information not available. Following frames may
be wrong.
00 1c09f6a4 6b630f39 cdo+0xc9d4
01 00000000 00000000 vbscript!DllRegisterServer+0x73d0




Thread ID: 30
System Thread ID: 734
Kernel Time: 0:0:0.0
User Time: 0:0:0.0
Thread Status: Thread is in a WAIT state.
Thread Type: Other
# ChildEBP RetAddr
WARNING: Stack unwind information not available. Following frames may
be wrong.
00 1e7cfea0 77e1e93b ntdll!NtWaitForMultipleObjects+0xb
01 1e7cfefc 77e1e988 USER32!MsgWaitForMultipleObjectsEx+0x153

02 1e7cff18 6fae5c18 USER32!MsgWaitForMultipleObjects+0x1d
03 77f8313c 8b000000 MAPI32!GetAttribIMsgOnIStg+0x5718
04 180d8b64 00000000 0x8b000000




Thread ID: 31
System Thread ID: 1f0
Kernel Time: 0:0:0.968
User Time: 0:0:1.921
Thread Status: Thread is in a WAIT state.
Thread Type: Idle ASP thread
# ChildEBP RetAddr
WARNING: Stack unwind information not available. Following frames may
be wrong.
00 009cfe78 77e1e93b ntdll!NtWaitForMultipleObjects+0xb
01 009cfed4 77e1e988 USER32!MsgWaitForMultipleObjectsEx+0x153

02 009cfef0 787c1e23 USER32!MsgWaitForMultipleObjects+0x1d
03 77e1e96b 104539c0 COMSVCS!Ordinal7+0x2b13
04 33ec8b55 00000000 0x104539c0




Thread ID: 32
System Thread ID: 7c4
Kernel Time: 0:0:0.281
User Time: 0:0:0.343
Thread Type: Possible ASP page. Possible DCOM activity
Executing Page: ASP.dll symbols not found. Unable to locate ASP page.
Continuing with other analysis.

OLE32.dll Symbols not found. Unable to proceed with DCOM check.
Continuing other analysis.

# ChildEBP RetAddr
WARNING: Stack unwind information not available. Following frames may
be wrong.
00 0087ff74 77d56d9e ntdll!NtReplyWaitReceivePortEx+0xb
01 0087ffa8 77d41c6c RPCRT4!TowerConstruct+0xa97d
02 0087ffb4 77e8b2d8 RPCRT4!I_RpcServerInqTransportType+0x1a0

03 0087ffec 00000000 KERNEL32!lstrcmpiW+0xb7




Thread ID: 33
System Thread ID: 5c0
Kernel Time: 0:0:0.718
User Time: 2:25:10.968
Thread Type: ASP
Executing Page: ASP.dll symbols not found. Unable to locate ASP page.
Continuing with other analysis.

# ChildEBP RetAddr
WARNING: Stack unwind information not available. Following frames may
be wrong.
00 01e2f6a4 6b630f39 cdo+0xc9ec
01 00000000 00000000 vbscript!DllRegisterServer+0x73d0




Thread ID: 34
System Thread ID: bbc
Kernel Time: 0:0:0.0
User Time: 0:0:0.0
Thread Status: Thread is in a WAIT state.
Thread Type: Other
# ChildEBP RetAddr
WARNING: Stack unwind information not available. Following frames may
be wrong.
00 0447fea0 77e1e93b ntdll!NtWaitForMultipleObjects+0xb
01 0447fefc 77e1e988 USER32!MsgWaitForMultipleObjectsEx+0x153

02 0447ff18 6fae5c18 USER32!MsgWaitForMultipleObjects+0x1d
03 77f8313c 8b000000 MAPI32!GetAttribIMsgOnIStg+0x5718
04 180d8b64 00000000 0x8b000000




Thread ID: 35
System Thread ID: 274
Kernel Time: 0:0:2.640
User Time: 0:0:5.93
Thread Status: Thread is in a WAIT state.
Thread Type: Idle ASP thread
# ChildEBP RetAddr
WARNING: Stack unwind information not available. Following frames may
be wrong.
00 02c5fe78 77e1e93b ntdll!NtWaitForMultipleObjects+0xb
01 02c5fed4 77e1e988 USER32!MsgWaitForMultipleObjectsEx+0x153

02 02c5fef0 787c1e23 USER32!MsgWaitForMultipleObjects+0x1d
03 77e1e96b 104539c0 COMSVCS!Ordinal7+0x2b13
04 33ec8b55 00000000 0x104539c0




Thread ID: 36
System Thread ID: 264
Kernel Time: 0:0:0.109
User Time: 0:0:0.421
Thread Type: Possible ASP page. Possible DCOM activity
Executing Page: ASP.dll symbols not found. Unable to locate ASP page.
Continuing with other analysis.

OLE32.dll Symbols not found. Unable to proceed with DCOM check.
Continuing other analysis.

# ChildEBP RetAddr
WARNING: Stack unwind information not available. Following frames may
be wrong.
00 04cfff74 77d56d9e ntdll!NtReplyWaitReceivePortEx+0xb
01 04cfffa8 77d41c6c RPCRT4!TowerConstruct+0xa97d
02 04cfffb4 77e8b2d8 RPCRT4!I_RpcServerInqTransportType+0x1a0

03 04cfffec 00000000 KERNEL32!lstrcmpiW+0xb7




Thread ID: 37
System Thread ID: 350
Kernel Time: 0:0:1.156
User Time: 0:0:1.890
Thread Status: Thread is in a WAIT state.
Thread Type: Idle ASP thread
# ChildEBP RetAddr
WARNING: Stack unwind information not available. Following frames may
be wrong.
00 055cfe78 77e1e93b ntdll!NtWaitForMultipleObjects+0xb
01 055cfed4 77e1e988 USER32!MsgWaitForMultipleObjectsEx+0x153

02 055cfef0 787c1e23 USER32!MsgWaitForMultipleObjects+0x1d
03 77e1e96b 104539c0 COMSVCS!Ordinal7+0x2b13
04 33ec8b55 00000000 0x104539c0




Thread ID: 38
System Thread ID: abc
Kernel Time: 0:0:1.593
User Time: 0:0:2.390
Thread Status: Thread is in a WAIT state.
Thread Type: Idle ASP thread
# ChildEBP RetAddr
WARNING: Stack unwind information not available. Following frames may
be wrong.
00 05a4fe78 77e1e93b ntdll!NtWaitForMultipleObjects+0xb
01 05a4fed4 77e1e988 USER32!MsgWaitForMultipleObjectsEx+0x153

02 05a4fef0 787c1e23 USER32!MsgWaitForMultipleObjects+0x1d
03 77e1e96b 104539c0 COMSVCS!Ordinal7+0x2b13
04 33ec8b55 00000000 0x104539c0




Thread ID: 39
System Thread ID: acc
Kernel Time: 0:0:0.0
User Time: 0:0:0.0
Thread Status: Thread is in a WAIT state.
Thread Type: Other
# ChildEBP RetAddr
WARNING: Stack unwind information not available. Following frames may
be wrong.
00 0393fea0 77e1e93b ntdll!NtWaitForMultipleObjects+0xb
01 0393fefc 77e1e988 USER32!MsgWaitForMultipleObjectsEx+0x153

02 0393ff18 6fae5c18 USER32!MsgWaitForMultipleObjects+0x1d
03 77f8313c 8b000000 MAPI32!GetAttribIMsgOnIStg+0x5718
04 180d8b64 00000000 0x8b000000




Thread ID: 40
System Thread ID: 418
Kernel Time: 0:0:0.0
User Time: 0:0:0.0
Thread Status: Thread is in a WAIT state.
Thread Type: Other
# ChildEBP RetAddr
WARNING: Stack unwind information not available. Following frames may
be wrong.
00 07fcfea0 77e1e93b ntdll!NtWaitForMultipleObjects+0xb
01 07fcfefc 77e1e988 USER32!MsgWaitForMultipleObjectsEx+0x153

02 07fcff18 6fae5c18 USER32!MsgWaitForMultipleObjects+0x1d
03 77f8313c 8b000000 MAPI32!GetAttribIMsgOnIStg+0x5718
04 180d8b64 00000000 0x8b000000




Thread ID: 41
System Thread ID: 748
Kernel Time: 0:0:5.406
User Time: 0:0:9.265
Thread Status: Thread is in a WAIT state.
Thread Type: Idle ASP thread
# ChildEBP RetAddr
WARNING: Stack unwind information not available. Following frames may
be wrong.
00 092efe78 77e1e93b ntdll!NtWaitForMultipleObjects+0xb
01 092efed4 77e1e988 USER32!MsgWaitForMultipleObjectsEx+0x153

02 092efef0 787c1e23 USER32!MsgWaitForMultipleObjects+0x1d
03 77e1e96b 104539c0 COMSVCS!Ordinal7+0x2b13
04 33ec8b55 00000000 0x104539c0




Thread ID: 42
System Thread ID: 5bc
Kernel Time: 0:0:0.0
User Time: 0:0:0.0
Thread Status: Thread is in a WAIT state.
Thread Type: Other
# ChildEBP RetAddr
WARNING: Stack unwind information not available. Following frames may
be wrong.
00 02d3fea0 77e1e93b ntdll!NtWaitForMultipleObjects+0xb
01 02d3fefc 77e1e988 USER32!MsgWaitForMultipleObjectsEx+0x153

02 02d3ff18 6fae5c18 USER32!MsgWaitForMultipleObjects+0x1d
03 77f8313c 8b000000 MAPI32!GetAttribIMsgOnIStg+0x5718
04 180d8b64 00000000 0x8b000000




Thread ID: 43
System Thread ID: 558
Kernel Time: 0:0:0.0
User Time: 0:0:0.0
Thread Status: Thread is in a WAIT state.
Thread Type: Other
# ChildEBP RetAddr
WARNING: Stack unwind information not available. Following frames may
be wrong.
00 03eafea0 77e1e93b ntdll!NtWaitForMultipleObjects+0xb
01 03eafefc 77e1e988 USER32!MsgWaitForMultipleObjectsEx+0x153

02 03eaff18 6fae5c18 USER32!MsgWaitForMultipleObjects+0x1d
03 77f8313c 8b000000 MAPI32!GetAttribIMsgOnIStg+0x5718
04 180d8b64 00000000 0x8b000000




Thread ID: 44
System Thread ID: b7c
Kernel Time: 0:0:1.203
User Time: 0:0:1.593
Thread Status: Thread is in a WAIT state.
Thread Type: Idle ASP thread
# ChildEBP RetAddr
WARNING: Stack unwind information not available. Following frames may
be wrong.
00 0b06fe78 77e1e93b ntdll!NtWaitForMultipleObjects+0xb
01 0b06fed4 77e1e988 USER32!MsgWaitForMultipleObjectsEx+0x153

02 0b06fef0 787c1e23 USER32!MsgWaitForMultipleObjects+0x1d
03 77e1e96b 104539c0 COMSVCS!Ordinal7+0x2b13
04 33ec8b55 00000000 0x104539c0




Thread ID: 45
System Thread ID: bb4
Kernel Time: 0:0:1.765
User Time: 0:0:2.328
Thread Status: Thread is in a WAIT state.
Thread Type: Idle ASP thread
# ChildEBP RetAddr
WARNING: Stack unwind information not available. Following frames may
be wrong.
00 012cfe78 77e1e93b ntdll!NtWaitForMultipleObjects+0xb
01 012cfed4 77e1e988 USER32!MsgWaitForMultipleObjectsEx+0x153

02 012cfef0 787c1e23 USER32!MsgWaitForMultipleObjects+0x1d
03 77e1e96b 104539c0 COMSVCS!Ordinal7+0x2b13
04 33ec8b55 00000000 0x104539c0




Thread ID: 46
System Thread ID: 5e4
Kernel Time: 0:0:1.421
User Time: 0:0:2.906
Thread Status: Thread is in a WAIT state.
Thread Type: Idle ASP thread
# ChildEBP RetAddr
WARNING: Stack unwind information not available. Following frames may
be wrong.
00 07bcfe78 77e1e93b ntdll!NtWaitForMultipleObjects+0xb
01 07bcfed4 77e1e988 USER32!MsgWaitForMultipleObjectsEx+0x153

02 07bcfef0 787c1e23 USER32!MsgWaitForMultipleObjects+0x1d
03 77e1e96b 104539c0 COMSVCS!Ordinal7+0x2b13
04 33ec8b55 00000000 0x104539c0




Thread ID: 47
System Thread ID: 7e4
Kernel Time: 0:0:0.0
User Time: 0:0:0.0
Thread Status: Thread is in a WAIT state.
Thread Type: Other
# ChildEBP RetAddr
WARNING: Stack unwind information not available. Following frames may
be wrong.
00 0408fea0 77e1e93b ntdll!NtWaitForMultipleObjects+0xb
01 0408fefc 77e1e988 USER32!MsgWaitForMultipleObjectsEx+0x153

02 0408ff18 6fae5c18 USER32!MsgWaitForMultipleObjects+0x1d
03 77f8313c 8b000000 MAPI32!GetAttribIMsgOnIStg+0x5718
04 180d8b64 00000000 0x8b000000




Thread ID: 48
System Thread ID: c88
Kernel Time: 0:0:0.0
User Time: 0:0:0.0
Thread Status: Thread is in a WAIT state.
Thread Type: Other
# ChildEBP RetAddr
WARNING: Stack unwind information not available. Following frames may
be wrong.
00 00a4fea0 77e1e93b ntdll!NtWaitForMultipleObjects+0xb
01 00a4fefc 77e1e988 USER32!MsgWaitForMultipleObjectsEx+0x153

02 00a4ff18 6fae5c18 USER32!MsgWaitForMultipleObjects+0x1d
03 77f8313c 8b000000 MAPI32!GetAttribIMsgOnIStg+0x5718
04 180d8b64 00000000 0x8b000000




Thread ID: 49
System Thread ID: 770
Kernel Time: 0:0:0.687
User Time: 0:0:1.312
Thread Status: Thread is in a WAIT state.
Thread Type: Idle ASP thread
# ChildEBP RetAddr
WARNING: Stack unwind information not available. Following frames may
be wrong.
00 0b1cfe78 77e1e93b ntdll!NtWaitForMultipleObjects+0xb
01 0b1cfed4 77e1e988 USER32!MsgWaitForMultipleObjectsEx+0x153

02 0b1cfef0 787c1e23 USER32!MsgWaitForMultipleObjects+0x1d
03 77e1e96b 104539c0 COMSVCS!Ordinal7+0x2b13
04 33ec8b55 00000000 0x104539c0




Thread ID: 50
System Thread ID: c48
Kernel Time: 0:0:0.343
User Time: 0:0:0.265
Thread Status: Thread is in a WAIT state.
Thread Type: Idle ASP thread
# ChildEBP RetAddr
WARNING: Stack unwind information not available. Following frames may
be wrong.
00 0b20fe78 77e1e93b ntdll!NtWaitForMultipleObjects+0xb
01 0b20fed4 77e1e988 USER32!MsgWaitForMultipleObjectsEx+0x153

02 0b20fef0 787c1e23 USER32!MsgWaitForMultipleObjects+0x1d
03 77e1e96b 104539c0 COMSVCS!Ordinal7+0x2b13
04 33ec8b55 00000000 0x104539c0




Thread ID: 51
System Thread ID: 7bc
Kernel Time: 0:0:0.0
User Time: 0:0:0.0
Thread Type: Other
# ChildEBP RetAddr
WARNING: Stack unwind information not available. Following frames may
be wrong.
00 07d0ff7c 77ea9d5f ntdll!ZwDelayExecution+0xb
01 00007530 00000000 KERNEL32!Sleep+0xb




Thread ID: 52
System Thread ID: 788
Kernel Time: 0:0:1.156
User Time: 0:0:2.46
Thread Status: Thread is in a WAIT state.
Thread Type: Idle ASP thread
# ChildEBP RetAddr
WARNING: Stack unwind information not available. Following frames may
be wrong.
00 0aa3fe78 77e1e93b ntdll!NtWaitForMultipleObjects+0xb
01 0aa3fed4 77e1e988 USER32!MsgWaitForMultipleObjectsEx+0x153

02 0aa3fef0 787c1e23 USER32!MsgWaitForMultipleObjects+0x1d
03 77e1e96b 104539c0 COMSVCS!Ordinal7+0x2b13
04 33ec8b55 00000000 0x104539c0




Thread ID: 53
System Thread ID: 2f4
Kernel Time: 0:0:0.62
User Time: 0:0:0.46
Thread Type: Possible ASP page. Possible DCOM activity
Executing Page: ASP.dll symbols not found. Unable to locate ASP page.
Continuing with other analysis.

OLE32.dll Symbols not found. Unable to proceed with DCOM check.
Continuing other analysis.

# ChildEBP RetAddr
WARNING: Stack unwind information not available. Following frames may
be wrong.
00 0abfff74 77d56d9e ntdll!NtReplyWaitReceivePortEx+0xb
01 0abfffa8 77d41c6c RPCRT4!TowerConstruct+0xa97d
02 0abfffb4 77e8b2d8 RPCRT4!I_RpcServerInqTransportType+0x1a0

03 0abfffec 00000000 KERNEL32!lstrcmpiW+0xb7




Thread ID: 54
System Thread ID: c9c
Kernel Time: 0:0:0.0
User Time: 0:0:0.0
Thread Status: Thread is in a WAIT state.
Thread Type: Other
# ChildEBP RetAddr
WARNING: Stack unwind information not available. Following frames may
be wrong.
00 0b6efea0 77e1e93b ntdll!NtWaitForMultipleObjects+0xb
01 0b6efefc 77e1e988 USER32!MsgWaitForMultipleObjectsEx+0x153

02 0b6eff18 6fae5c18 USER32!MsgWaitForMultipleObjects+0x1d
03 77f8313c 8b000000 MAPI32!GetAttribIMsgOnIStg+0x5718
04 180d8b64 00000000 0x8b000000




Thread ID: 55
System Thread ID: ca4
Kernel Time: 0:0:0.359
User Time: 0:0:0.875
Thread Status: Thread is in a WAIT state.
Thread Type: Idle ASP thread
# ChildEBP RetAddr
WARNING: Stack unwind information not available. Following frames may
be wrong.
00 0bb8fe78 77e1e93b ntdll!NtWaitForMultipleObjects+0xb
01 0bb8fed4 77e1e988 USER32!MsgWaitForMultipleObjectsEx+0x153

02 0bb8fef0 787c1e23 USER32!MsgWaitForMultipleObjects+0x1d
03 77e1e96b 104539c0 COMSVCS!Ordinal7+0x2b13
04 33ec8b55 00000000 0x104539c0




Thread ID: 56
System Thread ID: 574
Kernel Time: 0:0:0.0
User Time: 0:0:0.0
Thread Status: Thread is in a WAIT state.
Thread Type: Other
# ChildEBP RetAddr
WARNING: Stack unwind information not available. Following frames may
be wrong.
00 0bd8fea0 77e1e93b ntdll!NtWaitForMultipleObjects+0xb
01 0bd8fefc 77e1e988 USER32!MsgWaitForMultipleObjectsEx+0x153

02 0bd8ff18 6fae5c18 USER32!MsgWaitForMultipleObjects+0x1d
03 77f8313c 8b000000 MAPI32!GetAttribIMsgOnIStg+0x5718
04 180d8b64 00000000 0x8b000000




Thread ID: 57
System Thread ID: c94
Kernel Time: 0:0:0.0
User Time: 0:0:0.0
Thread Status: Thread is in a WAIT state.
Thread Type: Other
# ChildEBP RetAddr
WARNING: Stack unwind information not available. Following frames may
be wrong.
00 02e1fea0 77e1e93b ntdll!NtWaitForMultipleObjects+0xb
01 02e1fefc 77e1e988 USER32!MsgWaitForMultipleObjectsEx+0x153

02 02e1ff18 6fae5c18 USER32!MsgWaitForMultipleObjects+0x1d
03 77f8313c 8b000000 MAPI32!GetAttribIMsgOnIStg+0x5718
04 180d8b64 00000000 0x8b000000




Thread ID: 58
System Thread ID: a44
Kernel Time: 0:0:0.906
User Time: 0:0:1.609
Thread Status: Thread is in a WAIT state.
Thread Type: Idle ASP thread
# ChildEBP RetAddr
WARNING: Stack unwind information not available. Following frames may
be wrong.
00 0202fe78 77e1e93b ntdll!NtWaitForMultipleObjects+0xb
01 0202fed4 77e1e988 USER32!MsgWaitForMultipleObjectsEx+0x153

02 0202fef0 787c1e23 USER32!MsgWaitForMultipleObjects+0x1d
03 77e1e96b 104539c0 COMSVCS!Ordinal7+0x2b13
04 33ec8b55 00000000 0x104539c0




Thread ID: 59
System Thread ID: c60
Kernel Time: 0:0:0.359
User Time: 0:0:0.343
Thread Status: Thread is in a WAIT state.
Thread Type: Idle ASP thread
# ChildEBP RetAddr
WARNING: Stack unwind information not available. Following frames may
be wrong.
00 0c44fe78 77e1e93b ntdll!NtWaitForMultipleObjects+0xb
01 0c44fed4 77e1e988 USER32!MsgWaitForMultipleObjectsEx+0x153

02 0c44fef0 787c1e23 USER32!MsgWaitForMultipleObjects+0x1d
03 77e1e96b 104539c0 COMSVCS!Ordinal7+0x2b13
04 33ec8b55 00000000 0x104539c0




Thread ID: 60
System Thread ID: 244
Kernel Time: 0:0:0.0
User Time: 0:0:0.0
Thread Status: Thread is in a WAIT state.
Thread Type: Other
# ChildEBP RetAddr
WARNING: Stack unwind information not available. Following frames may
be wrong.
00 0c64fea0 77e1e93b ntdll!NtWaitForMultipleObjects+0xb
01 0c64fefc 77e1e988 USER32!MsgWaitForMultipleObjectsEx+0x153

02 0c64ff18 6fae5c18 USER32!MsgWaitForMultipleObjects+0x1d
03 77f8313c 8b000000 MAPI32!GetAttribIMsgOnIStg+0x5718
04 180d8b64 00000000 0x8b000000




Thread ID: 61
System Thread ID: 8c0
Kernel Time: 0:0:0.171
User Time: 0:0:0.156
Thread Status: Thread is in a WAIT state.
Thread Type: Idle ASP thread
# ChildEBP RetAddr
WARNING: Stack unwind information not available. Following frames may
be wrong.
00 0c76fe78 77e1e93b ntdll!NtWaitForMultipleObjects+0xb
01 0c76fed4 77e1e988 USER32!MsgWaitForMultipleObjectsEx+0x153

02 0c76fef0 787c1e23 USER32!MsgWaitForMultipleObjects+0x1d
03 77e1e96b 104539c0 COMSVCS!Ordinal7+0x2b13
04 33ec8b55 00000000 0x104539c0




Thread ID: 62
System Thread ID: 9f4
Kernel Time: 0:0:0.0
User Time: 0:0:0.0
Thread Status: Thread is in a WAIT state.
Thread Type: Other
# ChildEBP RetAddr
WARNING: Stack unwind information not available. Following frames may
be wrong.
00 0c92fea0 77e1e93b ntdll!NtWaitForMultipleObjects+0xb
01 0c92fefc 77e1e988 USER32!MsgWaitForMultipleObjectsEx+0x153

02 0c92ff18 6fae5c18 USER32!MsgWaitForMultipleObjects+0x1d
03 77f8313c 8b000000 MAPI32!GetAttribIMsgOnIStg+0x5718
04 180d8b64 00000000 0x8b000000




Thread ID: 63
System Thread ID: cd0
Kernel Time: 0:0:0.0
User Time: 0:0:0.0
Thread Status: Thread is in a WAIT state.
Thread Type: Other
# ChildEBP RetAddr
WARNING: Stack unwind information not available. Following frames may
be wrong.
00 0cbcfea0 77e1e93b ntdll!NtWaitForMultipleObjects+0xb
01 0cbcfefc 77e1e988 USER32!MsgWaitForMultipleObjectsEx+0x153

02 0cbcff18 6fae5c18 USER32!MsgWaitForMultipleObjects+0x1d
03 77f8313c 8b000000 MAPI32!GetAttribIMsgOnIStg+0x5718
04 180d8b64 00000000 0x8b000000




Thread ID: 64
System Thread ID: c3c
Kernel Time: 0:0:1.15
User Time: 0:0:1.828
Thread Status: Thread is in a WAIT state.
Thread Type: Idle ASP thread
# ChildEBP RetAddr
WARNING: Stack unwind information not available. Following frames may
be wrong.
00 0cd6fe78 77e1e93b ntdll!NtWaitForMultipleObjects+0xb
01 0cd6fed4 77e1e988 USER32!MsgWaitForMultipleObjectsEx+0x153

02 0cd6fef0 787c1e23 USER32!MsgWaitForMultipleObjects+0x1d
03 77e1e96b 104539c0 COMSVCS!Ordinal7+0x2b13
04 33ec8b55 00000000 0x104539c0




Thread ID: 65
System Thread ID: cb8
Kernel Time: 0:0:0.15
User Time: 0:0:0.0
Thread Status: Thread is in a WAIT state.
Thread Type: Idle ASP thread
# ChildEBP RetAddr
WARNING: Stack unwind information not available. Following frames may
be wrong.
00 0cdafe78 77e1e93b ntdll!NtWaitForMultipleObjects+0xb
01 0cdafed4 77e1e988 USER32!MsgWaitForMultipleObjectsEx+0x153

02 0cdafef0 787c1e23 USER32!MsgWaitForMultipleObjects+0x1d
03 77e1e96b 104539c0 COMSVCS!Ordinal7+0x2b13
04 33ec8b55 00000000 0x104539c0




Thread ID: 66
System Thread ID: 710
Kernel Time: 0:0:0.0
User Time: 0:0:0.0
Thread Status: Thread is in a WAIT state.
Thread Type: Other
# ChildEBP RetAddr
WARNING: Stack unwind information not available. Following frames may
be wrong.
00 02f9fea0 77e1e93b ntdll!NtWaitForMultipleObjects+0xb
01 02f9fefc 77e1e988 USER32!MsgWaitForMultipleObjectsEx+0x153

02 02f9ff18 6fae5c18 USER32!MsgWaitForMultipleObjects+0x1d
03 77f8313c 8b000000 MAPI32!GetAttribIMsgOnIStg+0x5718
04 180d8b64 00000000 0x8b000000




Thread ID: 67
System Thread ID: 908
Kernel Time: 0:0:0.62
User Time: 0:0:0.109
Thread Status: Thread is in a WAIT state.
Thread Type: Idle ASP thread
# ChildEBP RetAddr
WARNING: Stack unwind information not available. Following frames may
be wrong.
00 03e0fe78 77e1e93b ntdll!NtWaitForMultipleObjects+0xb
01 03e0fed4 77e1e988 USER32!MsgWaitForMultipleObjectsEx+0x153

02 03e0fef0 787c1e23 USER32!MsgWaitForMultipleObjects+0x1d
03 77e1e96b 104539c0 COMSVCS!Ordinal7+0x2b13
04 33ec8b55 00000000 0x104539c0




Thread ID: 68
System Thread ID: 7fc
Kernel Time: 0:0:0.0
User Time: 0:0:0.0
Thread Status: Thread is in a WAIT state.
Thread Type: Other
# ChildEBP RetAddr
WARNING: Stack unwind information not available. Following frames may
be wrong.
00 03fefea0 77e1e93b ntdll!NtWaitForMultipleObjects+0xb
01 03fefefc 77e1e988 USER32!MsgWaitForMultipleObjectsEx+0x153

02 03feff18 6fae5c18 USER32!MsgWaitForMultipleObjects+0x1d
03 77f8313c 8b000000 MAPI32!GetAttribIMsgOnIStg+0x5718
04 180d8b64 00000000 0x8b000000




Thread ID: 69
System Thread ID: a04
Kernel Time: 0:0:0.0
User Time: 0:0:0.0
Thread Status: Thread is in a WAIT state.
Thread Type: Other
# ChildEBP RetAddr
WARNING: Stack unwind information not available. Following frames may
be wrong.
00 044ffea0 77e1e93b ntdll!NtWaitForMultipleObjects+0xb
01 044ffefc 77e1e988 USER32!MsgWaitForMultipleObjectsEx+0x153

02 044fff18 6fae5c18 USER32!MsgWaitForMultipleObjects+0x1d
03 77f8313c 8b000000 MAPI32!GetAttribIMsgOnIStg+0x5718
04 180d8b64 00000000 0x8b000000




Thread ID: 70
System Thread ID: c4c
Kernel Time: 0:0:1.218
User Time: 0:0:1.625
Thread Status: Thread is in a WAIT state.
Thread Type: Idle ASP thread
# ChildEBP RetAddr
WARNING: Stack unwind information not available. Following frames may
be wrong.
00 0465fe78 77e1e93b ntdll!NtWaitForMultipleObjects+0xb
01 0465fed4 77e1e988 USER32!MsgWaitForMultipleObjectsEx+0x153

02 0465fef0 787c1e23 USER32!MsgWaitForMultipleObjects+0x1d
03 77e1e96b 104539c0 COMSVCS!Ordinal7+0x2b13
04 33ec8b55 00000000 0x104539c0




Thread ID: 71
System Thread ID: ac0
Kernel Time: 0:0:0.0
User Time: 0:0:0.0
Thread Status: Thread is in a WAIT state.
Thread Type: Other
# ChildEBP RetAddr
WARNING: Stack unwind information not available. Following frames may
be wrong.
00 0b94fea0 77e1e93b ntdll!NtWaitForMultipleObjects+0xb
01 0b94fefc 77e1e988 USER32!MsgWaitForMultipleObjectsEx+0x153

02 0b94ff18 6fae5c18 USER32!MsgWaitForMultipleObjects+0x1d
03 77f8313c 8b000000 MAPI32!GetAttribIMsgOnIStg+0x5718
04 180d8b64 00000000 0x8b000000




Thread ID: 72
System Thread ID: c44
Kernel Time: 0:0:0.0
User Time: 0:0:0.0
Thread Status: Thread is in a WAIT state.
Thread Type: Idle ASP thread
# ChildEBP RetAddr
WARNING: Stack unwind information not available. Following frames may
be wrong.
00 0d48fe78 77e1e93b ntdll!NtWaitForMultipleObjects+0xb
01 0d48fed4 77e1e988 USER32!MsgWaitForMultipleObjectsEx+0x153

02 0d48fef0 787c1e23 USER32!MsgWaitForMultipleObjects+0x1d
03 77e1e96b 104539c0 COMSVCS!Ordinal7+0x2b13
04 33ec8b55 00000000 0x104539c0




Thread ID: 73
System Thread ID: ad8
Kernel Time: 0:0:0.0
User Time: 0:0:0.0
Thread Status: Thread is in a WAIT state.
Thread Type: Other
# ChildEBP RetAddr
WARNING: Stack unwind information not available. Following frames may
be wrong.
00 01feff88 77ab4719 ntdll!NtWaitForSingleObject+0xb
01 00007530 00000000 ole32!UpdateDCOMSettings+0x89ce




Thread ID: 74
System Thread ID: 918
Kernel Time: 0:0:0.328
User Time: 0:0:0.406
Thread Status: Thread is in a WAIT state.
Thread Type: Idle ASP thread
# ChildEBP RetAddr
WARNING: Stack unwind information not available. Following frames may
be wrong.
00 0d54fe78 77e1e93b ntdll!NtWaitForMultipleObjects+0xb
01 0d54fed4 77e1e988 USER32!MsgWaitForMultipleObjectsEx+0x153

02 0d54fef0 787c1e23 USER32!MsgWaitForMultipleObjects+0x1d
03 77e1e96b 104539c0 COMSVCS!Ordinal7+0x2b13
04 33ec8b55 00000000 0x104539c0




Thread ID: 75
System Thread ID: a0c
Kernel Time: 0:0:0.31
User Time: 0:0:0.78
Thread Type: Possible ASP page. Possible DCOM activity
Executing Page: ASP.dll symbols not found. Unable to locate ASP page.
Continuing with other analysis.

OLE32.dll Symbols not found. Unable to proceed with DCOM check.
Continuing other analysis.

# ChildEBP RetAddr
WARNING: Stack unwind information not available. Following frames may
be wrong.
00 0110ff74 77d56d9e ntdll!NtReplyWaitReceivePortEx+0xb
01 0110ffa8 77d41c6c RPCRT4!TowerConstruct+0xa97d
02 0110ffb4 77e8b2d8 RPCRT4!I_RpcServerInqTransportType+0x1a0

03 0110ffec 00000000 KERNEL32!lstrcmpiW+0xb7




Thread ID: 76
System Thread ID: 960
Kernel Time: 0:0:0.0
User Time: 0:0:0.0
Thread Status: Thread is in a WAIT state.
Thread Type: Other
# ChildEBP RetAddr
WARNING: Stack unwind information not available. Following frames may
be wrong.
00 0ae8fea0 77e1e93b ntdll!NtWaitForMultipleObjects+0xb
01 0ae8fefc 77e1e988 USER32!MsgWaitForMultipleObjectsEx+0x153

02 0ae8ff18 6fae5c18 USER32!MsgWaitForMultipleObjects+0x1d
03 77f8313c 8b000000 MAPI32!GetAttribIMsgOnIStg+0x5718
04 180d8b64 00000000 0x8b000000




Thread ID: 77
System Thread ID: c8c
Kernel Time: 0:0:0.0
User Time: 0:0:0.0
Thread Status: Thread is in a WAIT state.
Thread Type: Idle ASP thread
# ChildEBP RetAddr
WARNING: Stack unwind information not available. Following frames may
be wrong.
00 030ffe78 77e1e93b ntdll!NtWaitForMultipleObjects+0xb
01 030ffed4 77e1e988 USER32!MsgWaitForMultipleObjectsEx+0x153

02 030ffef0 787c1e23 USER32!MsgWaitForMultipleObjects+0x1d
03 77e1e96b 104539c0 COMSVCS!Ordinal7+0x2b13
04 33ec8b55 00000000 0x104539c0




Thread ID: 78
System Thread ID: 950
Kernel Time: 0:0:0.0
User Time: 0:0:0.0
Thread Status: Thread is in a WAIT state.
Thread Type: Idle ASP thread
# ChildEBP RetAddr
WARNING: Stack unwind information not available. Following frames may
be wrong.
00 030bfe78 77e1e93b ntdll!NtWaitForMultipleObjects+0xb
01 030bfed4 77e1e988 USER32!MsgWaitForMultipleObjectsEx+0x153

02 030bfef0 787c1e23 USER32!MsgWaitForMultipleObjects+0x1d
03 77e1e96b 104539c0 COMSVCS!Ordinal7+0x2b13
04 33ec8b55 00000000 0x104539c0

*****

Dump name is formatted as: PID-Timestamp.dmp

Creating C:\iisstate\output\1780-1078250502.dmp - mini user dump

*****

Closing open log file C:\iisstate\output\IISState-1780.log
Sponsored Links







Also available: Server administration forum archive | Web Design forum archive | Software forum archive | Hardware reviews archive

Copyright 2008 codecomments.com