Pat,
Thanks for taking the time to reply to my message. Regarding ASP, none
of the thread seems to resolve to any particular ASP page at all. Anyway
I am posting the entire log here, hopefully you might be able to see
what's wrong or teach me how to identify the problematic thread.
Opened log file 'C:\iisstate\output\IISState-1444.log'
***********************
Starting new log output
IISState version 3.2
Fri Nov 14 06:02:42 2003
OS = Windows 2003 Server
Executable: inetinfo.exe
PID = 1444
Note: Thread times are formatted as HH:MM:SS.ms
***********************
Thread ID: 0
System Thread ID: 5a8
Kernel Time: 0:0:0.10
User Time: 0:0:0.0
Thread Type: Other
# ChildEBP RetAddr
00 0006f9a8 77f4303b SharedUserData!SystemCallStub+0x4
01 0006f9ac 77e4905d ntdll!NtReadFile+0xc
02 0006fa14 77db51f1 kernel32!ReadFile+0x16c
03 0006fa40 77db5297 ADVAPI32!ScGetPipeInput+0x28
04 0006fab0 77dfa7f1 ADVAPI32!ScDispatcherLoop+0x4c
05 0006fcec 01002655 ADVAPI32!StartServiceCtrlDispatcherA+0x91
06 0006fe1c 010027ea inetinfo!StartDispatchTable+0x214
07 0006ff44 01003160 inetinfo!main+0x104
08 0006ffc0 77e4f38c inetinfo!mainCRTStartup+0x12f
09 0006fff0 00000000 kernel32!BaseProcessStart+0x23
Thread ID: 1
System Thread ID: 5ac
Kernel Time: 0:0:0.0
User Time: 0:0:0.30
Thread Type: HTTP Compression Thread
# ChildEBP RetAddr
00 007ffd8c 77f43741 SharedUserData!SystemCallStub+0x4
01 007ffd90 77e41817 ntdll!ZwWaitForSingleObject+0xc
02 007ffe00 77e4168f kernel32!WaitForSingleObjectEx+0xac
03 007ffe10 5a3635ae kernel32!WaitForSingleObject+0xf
04 007ffe20 5a364d7d w3dt!WP_CONTEXT::RunMainThreadLoop+0xe
05 007ffe28 5a3a1d98 w3dt!UlAtqStartListen+0x2d
06 007ffe34 5a3a5d54 w3core!W3_SERVER::StartListen+0x8e
07 007ffe38 5a390000 w3core!UlW3Start+0xea
08 007ffea4 01002d11 w3core!_imp__LsaFreeMemory <PERF> (w3core+0x0)
09 007fffb8 77e4a990 inetinfo!W3SVCThreadEntry+0x53
0a 007fffec 00000000 kernel32!BaseThreadStart+0x34
Thread ID: 2
System Thread ID: 5b0
Kernel Time: 0:0:0.60
User Time: 0:0:0.751
Thread Type: Other
# ChildEBP RetAddr
00 0083fcc4 77f43741 SharedUserData!SystemCallStub+0x4
01 0083fcc8 77e41817 ntdll!ZwWaitForSingleObject+0xc
02 0083fd38 77e4168f kernel32!WaitForSingleObjectEx+0xac
03 0083fd48 649f24ac kernel32!WaitForSingleObject+0xf
04 0083fd70 010023b6 iisadmin!ServiceEntry+0x214
05 0083ffa8 77db571b inetinfo!InetinfoStartService+0x2a6
06 0083ffb8 77e4a990 ADVAPI32!ScSvcctrlThreadA+0xe
07 0083ffec 00000000 kernel32!BaseThreadStart+0x34
Thread ID: 3
System Thread ID: 5c0
Kernel Time: 0:0:0.100
User Time: 0:0:0.130
Thread Type: Other
# ChildEBP RetAddr
00 00a3ff9c 77f4262b SharedUserData!SystemCallStub+0x4
01 00a3ffa0 77f6b5b2 ntdll!NtDelayExecution+0xc
02 00a3ffb8 77e4a990 ntdll!RtlpTimerThread+0x45
03 00a3ffec 00000000 kernel32!BaseThreadStart+0x34
Thread ID: 4
System Thread ID: 5dc
Kernel Time: 0:0:0.40
User Time: 0:0:0.300
Thread Status: Thread is in a WAIT state.
Thread Type: Other
# ChildEBP RetAddr
00 00b4feb0 77f4372d SharedUserData!SystemCallStub+0x4
01 00b4feb4 77e41bfa ntdll!NtWaitForMultipleObjects+0xc
02 00b4ff5c 77e4b0e4 kernel32!WaitForMultipleObjectsEx+0x11a
03 00b4ff74 6e0b377a kernel32!WaitForMultipleObjects+0x17
04 00b4ffa0 6e0b6012 COADMIN!NOTIFY_CONTEXT::GetNextContext+0x68
05 00b4ffb8 77e4a990 COADMIN!NOTIFY_CONTEXT::NotifyThreadProc+0x62
06 00b4ffec 00000000 kernel32!BaseThreadStart+0x34
Thread ID: 5
System Thread ID: 12c
Kernel Time: 0:0:0.60
User Time: 0:0:0.130
Thread Status: Thread is in a WAIT state.
Thread Type: Other
# ChildEBP RetAddr
00 00f6feac 77f4372d SharedUserData!SystemCallStub+0x4
01 00f6feb0 77e41bfa ntdll!NtWaitForMultipleObjects+0xc
02 00f6ff58 77e4b0e4 kernel32!WaitForMultipleObjectsEx+0x11a
03 00f6ff70 620b401a kernel32!WaitForMultipleObjects+0x17
04 00f6ffb0 620b4390 metadata!CListenerController::Listen+0x27
05 00f6ffb8 77e4a990 metadata!StartListenerThread+0x16
06 00f6ffec 00000000 kernel32!BaseThreadStart+0x34
Thread ID: 6
System Thread ID: 130
Kernel Time: 0:0:4.546
User Time: 0:0:6.829
Thread Type: Possible ASP page. Possible DCOM activity
Executing Page: ASP.dll symbols not found. Unable to locate ASP page.
Continuing with other analysis.
No remote call being made
# ChildEBP RetAddr
00 00fafe20 77f4313f SharedUserData!SystemCallStub+0x4
01 00fafe24 77c57b25 ntdll!NtReplyWaitReceivePortEx+0xc
02 00faff8c 77c696a9 RPCRT4!LRPC_ADDRESS::ReceiveLotsaCalls+0x193
03 00faff90 77c695f1 RPCRT4!RecvLotsaCallsWrapper+0x9
04 00faffb0 77c696d7 RPCRT4!BaseCachedThreadRoutine+0x9c
05 00faffb8 77e4a990 RPCRT4!ThreadStartRoutine+0x17
06 00faffec 00000000 kernel32!BaseThreadStart+0x34
Thread ID: 7
System Thread ID: 138
Kernel Time: 0:0:0.30
User Time: 0:0:0.10
Thread Status: Thread is in a WAIT state.
Thread Type: Other
# ChildEBP RetAddr
00 0164feac 77f4372d SharedUserData!SystemCallStub+0x4
01 0164feb0 77e41bfa ntdll!NtWaitForMultipleObjects+0xc
02 0164ff58 77e4b0e4 kernel32!WaitForMultipleObjectsEx+0x11a
03 0164ff70 648c95a4 kernel32!WaitForMultipleObjects+0x17
04 0164ffac 648c983d IISCFG!CListener::Listen+0x21
05 0164ffb8 77e4a990 IISCFG!CListener::ListenerThreadStart+0x35
06 0164ffec 00000000 kernel32!BaseThreadStart+0x34
Thread ID: 8
System Thread ID: 148
Kernel Time: 0:0:0.0
User Time: 0:0:0.0
Thread Type: Other
# ChildEBP RetAddr
00 0168fcc0 77f43741 SharedUserData!SystemCallStub+0x4
01 0168fcc4 77e41817 ntdll!ZwWaitForSingleObject+0xc
02 0168fd34 77e4168f kernel32!WaitForSingleObjectEx+0xac
03 0168fd44 5a31201a kernel32!WaitForSingleObject+0xf
04 0168fd64 5a3120eb w3ssl!HTTPFilterServiceMain+0x8a
05 0168fd70 010023b6 w3ssl!ServiceEntry+0x9
06 0168ffa8 77db571b inetinfo!InetinfoStartService+0x2a6
07 0168ffb8 77e4a990 ADVAPI32!ScSvcctrlThreadA+0xe
08 0168ffec 00000000 kernel32!BaseThreadStart+0x34
Thread ID: 9
System Thread ID: 14c
Kernel Time: 0:0:0.20
User Time: 0:0:0.40
Thread Status: Thread is in a WAIT state.
Thread Type: Other
# ChildEBP RetAddr
00 0170fbc0 77f4372d SharedUserData!SystemCallStub+0x4
01 0170fbc4 77e41bfa ntdll!NtWaitForMultipleObjects+0xc
02 0170fc6c 77d076f5 kernel32!WaitForMultipleObjectsEx+0x11a
03 0170fcc8 77d077f5 USER32!RealMsgWaitForMultipleObjectsEx+0x13f
04 0170fce4 643f5723 USER32!MsgWaitForMultipleObjects+0x1d
05 0170fd30 6930d973 INFOCOMM!IIS_SERVICE::StartServiceOperation+0x22f
06 0170fd70 010023b6 ftpsvc2!ServiceEntry+0xac
07 0170ffa8 77db571b inetinfo!InetinfoStartService+0x2a6
08 0170ffb8 77e4a990 ADVAPI32!ScSvcctrlThreadA+0xe
09 0170ffec 00000000 kernel32!BaseThreadStart+0x34
Thread ID: 10
System Thread ID: 150
Kernel Time: 0:0:0.40
User Time: 0:0:0.110
Thread Status: Thread is in a WAIT state.
Thread Type: SMTP Service Worker Thread
# ChildEBP RetAddr
00 0174fbc0 77f4372d SharedUserData!SystemCallStub+0x4
01 0174fbc4 77e41bfa ntdll!NtWaitForMultipleObjects+0xc
02 0174fc6c 77d076f5 kernel32!WaitForMultipleObjectsEx+0x11a
03 0174fcc8 77d077f5 USER32!RealMsgWaitForMultipleObjectsEx+0x13f
04 0174fce4 643f5723 USER32!MsgWaitForMultipleObjects+0x1d
05 0174fd30 6b77305d INFOCOMM!IIS_SERVICE::StartServiceOperation+0x22f
06 0174fd70 010023b6 SMTPSVC!ServiceEntry+0x129
07 0174ffa8 77db571b inetinfo!InetinfoStartService+0x2a6
08 0174ffb8 77e4a990 ADVAPI32!ScSvcctrlThreadA+0xe
09 0174ffec 00000000 kernel32!BaseThreadStart+0x34
Thread ID: 11
System Thread ID: 154
Kernel Time: 0:0:0.0
User Time: 0:0:0.0
Thread Status: Thread is in a WAIT state.
Thread Type: Other
# ChildEBP RetAddr
00 0178fec0 77f4372d SharedUserData!SystemCallStub+0x4
01 0178fec4 77e41bfa ntdll!NtWaitForMultipleObjects+0xc
02 0178ff6c 77e4b0e4 kernel32!WaitForMultipleObjectsEx+0x11a
03 0178ff84 5a312964 kernel32!WaitForMultipleObjects+0x17
04 0178ffb0 5a311f82 w3ssl!SCM_MANAGER::RunService+0xc4
05 0178ffb8 77e4a990 w3ssl!HTTPFilterServiceThreadProc+0x39
06 0178ffc4 00000000 kernel32!BaseThreadStart+0x34
Thread ID: 12
System Thread ID: 15c
Kernel Time: 0:0:0.0
User Time: 0:0:0.0
Thread Type: Other
# ChildEBP RetAddr
00 01ebff24 77f43741 SharedUserData!SystemCallStub+0x4
01 01ebff28 77e41817 ntdll!ZwWaitForSingleObject+0xc
02 01ebff98 77e4168f kernel32!WaitForSingleObjectEx+0xac
03 01ebffa8 5b6492b2 kernel32!WaitForSingleObject+0xf
04 01ebffb8 77e4a990 strmfilt!CERT_STORE::DeletionWorkerThread+0x18
05 01ebffec 00000000 kernel32!BaseThreadStart+0x34
Thread ID: 13
System Thread ID: 160
Kernel Time: 0:0:0.50
User Time: 0:0:0.10
Thread Status: Thread is in a WAIT state.
Thread Type: Other
# ChildEBP RetAddr
00 01effcec 77f4372d SharedUserData!SystemCallStub+0x4
01 01effcf0 77f75297 ntdll!NtWaitForMultipleObjects+0xc
02 01efffb8 77e4a990 ntdll!RtlpWaitThread+0x158
03 01efffec 00000000 kernel32!BaseThreadStart+0x34
Thread ID: 14
System Thread ID: 168
Kernel Time: 0:0:0.290
User Time: 0:0:0.690
*** WARNING: Unable to verify checksum for C:\WINDOWS\system32\imon.dll
*** ERROR: Symbol file could not be found. Defaulted to export symbols
for C:\WINDOWS\system32\imon.dll -
Thread Type: Other
# ChildEBP RetAddr
00 0203ff5c 77f430c7 SharedUserData!SystemCallStub+0x4
01 0203ff60 77e430bc ntdll!ZwRemoveIoCompletion+0xc
02 0203ff8c 20b06846 kernel32!GetQueuedCompletionStatus+0x27
WARNING: Stack unwind information not available. Following frames may be
wrong.
03 0203ffec 00000000 imon!NOD32Ioctl+0x4aa6
Thread ID: 15
System Thread ID: 16c
Kernel Time: 0:7:50.877
User Time: 0:4:18.401
Thread Type: Other
# ChildEBP RetAddr
00 0207fe84 77f4262b SharedUserData!SystemCallStub+0x4
01 0207fe88 71bf2a79 ntdll!NtDelayExecution+0xc
02 0207ffb8 77e4a990 WS2HELP!ApcThread+0x6a
03 0207ffec 00000000 kernel32!BaseThreadStart+0x34
Thread ID: 16
System Thread ID: 170
Kernel Time: 0:8:1.472
User Time: 0:6:43.740
Thread Type: Other
# ChildEBP RetAddr
00 020feab8 77f426cb SharedUserData!SystemCallStub+0x4
01 020feabc 71b2387d ntdll!NtDeviceIoControlFile+0xc
02 020feb98 20b08f11 mswsock!WSPSelect+0x204
WARNING: Stack unwind information not available. Following frames may be
wrong.
03 020ff664 00000000 imon!NOD32Ioctl+0x7171
Thread ID: 17
System Thread ID: 174
Kernel Time: 0:5:34.480
User Time: 0:4:47.62
Thread Type: HTTP Listener
# ChildEBP RetAddr
00 0213ff50 77f430c7 SharedUserData!SystemCallStub+0x4
01 0213ff54 77e430bc ntdll!ZwRemoveIoCompletion+0xc
02 0213ff80 63ec7235 kernel32!GetQueuedCompletionStatus+0x27
03 0213ffb8 77e4a990 ISATQ!AtqPoolThread+0x40
04 0213ffec 00000000 kernel32!BaseThreadStart+0x34
Thread ID: 18
System Thread ID: 180
Kernel Time: 0:0:0.731
User Time: 0:0:1.91
Thread Type: Other
# ChildEBP RetAddr
00 023bff28 77f430c7 SharedUserData!SystemCallStub+0x4
01 023bff2c 77e430bc ntdll!ZwRemoveIoCompletion+0xc
02 023bff58 5b64f22d kernel32!GetQueuedCompletionStatus+0x27
03 023bff90 5b64f3fe strmfilt!THREAD_POOL_DATA::ThreadPoolThread+0x31
04 023bffa4 5b64ebfa strmfilt!THREAD_POOL_DATA::ThreadPoolThread+0x21
05 023bffb8 77e4a990 strmfilt!THREAD_MANAGER::ThreadManagerThread+0x35
06 023bffec 00000000 kernel32!BaseThreadStart+0x34
Thread ID: 19
System Thread ID: 18c
Kernel Time: 0:0:0.0
User Time: 0:0:0.0
Thread Type: Possible ASP page. Possible DCOM activity
Executing Page: ASP.dll symbols not found. Unable to locate ASP page.
Continuing with other analysis.
No remote call being made
# ChildEBP RetAddr
00 023ffeb4 77f430c7 SharedUserData!SystemCallStub+0x4
01 023ffeb8 77e430bc ntdll!ZwRemoveIoCompletion+0xc
02 023ffee4 77c5df31 kernel32!GetQueuedCompletionStatus+0x27
03 023fff20 77c5ddd8 RPCRT4!COMMON_ProcessCalls+0x9f
04 023fff8c 77c580f9 RPCRT4!LOADABLE_TRANSPORT::ProcessIOEvents+0x115
05 023fff90 77c695f1 RPCRT4!ProcessIOEventsWrapper+0x9
06 023fffb0 77c696d7 RPCRT4!BaseCachedThreadRoutine+0x9c
07 023fffb8 77e4a990 RPCRT4!ThreadStartRoutine+0x17
08 023fffec 00000000 kernel32!BaseThreadStart+0x34
Thread ID: 20
System Thread ID: 190
Kernel Time: 0:0:0.0
User Time: 0:0:0.0
Thread Status: Thread is in a WAIT state.
Thread Type: Other
# ChildEBP RetAddr
00 0243fec8 77f4372d SharedUserData!SystemCallStub+0x4
01 0243fecc 77e41bfa ntdll!NtWaitForMultipleObjects+0xc
02 0243ff74 77e4b0e4 kernel32!WaitForMultipleObjectsEx+0x11a
03 0243ff8c 69532430 kernel32!WaitForMultipleObjects+0x17
04 0243ffb8 77e4a990 exstrace!RegNotifyThread+0x68
05 0243ffec 00000000 kernel32!BaseThreadStart+0x34
Thread ID: 21
System Thread ID: 194
Kernel Time: 0:0:0.0
User Time: 0:0:0.0
Thread Status: Thread is in a WAIT state.
Thread Type: Other
# ChildEBP RetAddr
00 0247fecc 77f4372d SharedUserData!SystemCallStub+0x4
01 0247fed0 77e41bfa ntdll!NtWaitForMultipleObjects+0xc
02 0247ff78 77e4b0e4 kernel32!WaitForMultipleObjectsEx+0x11a
03 0247ff90 695319c0 kernel32!WaitForMultipleObjects+0x17
04 0247ffb8 77e4a990 exstrace!WriteTraceThread+0x2f
05 0247ffec 00000000 kernel32!BaseThreadStart+0x34
Thread ID: 22
System Thread ID: 198
Kernel Time: 0:0:0.100
User Time: 0:0:1.331
Thread Type: Other
# ChildEBP RetAddr
00 025bff18 77f43741 SharedUserData!SystemCallStub+0x4
01 025bff1c 77e41817 ntdll!ZwWaitForSingleObject+0xc
02 025bff8c 77e4168f kernel32!WaitForSingleObjectEx+0xac
03 025bff9c 01a78673 kernel32!WaitForSingleObject+0xf
04 025bffb8 77e4a990 FCACHDLL!CScheduleThread::ScheduleThread+0x60
05 025bffec 00000000 kernel32!BaseThreadStart+0x34
Thread ID: 23
System Thread ID: 19c
Kernel Time: 0:0:0.10
User Time: 0:0:0.10
Thread Status: Thread is in a WAIT state.
Thread Type: SMTP Service Worker Thread
# ChildEBP RetAddr
00 026ffec0 77f4372d SharedUserData!SystemCallStub+0x4
01 026ffec4 77e41bfa ntdll!NtWaitForMultipleObjects+0xc
02 026fff6c 77e4b0e4 kernel32!WaitForMultipleObjectsEx+0x11a
03 026fff84 6b78b2d6 kernel32!WaitForMultipleObjects+0x17
04 026fffb8 77e4a990 SMTPSVC!TcpRegNotifyThread+0xdc
05 026fffec 00000000 kernel32!BaseThreadStart+0x34
Thread ID: 24
System Thread ID: 1a0
Kernel Time: 0:0:0.0
User Time: 0:0:0.0
Thread Type: SMTP Service Worker Thread
# ChildEBP RetAddr
00 0273ff20 77f43741 SharedUserData!SystemCallStub+0x4
01 0273ff24 77e41817 ntdll!ZwWaitForSingleObject+0xc
02 0273ff94 77e4168f kernel32!WaitForSingleObjectEx+0xac
03 0273ffa4 6b78b17a kernel32!WaitForSingleObject+0xf
04 0273ffb8 77e4a990 SMTPSVC!FreeLibThread+0x2c
05 0273ffec 00000000 kernel32!BaseThreadStart+0x34
Thread ID: 25
System Thread ID: 1a4
Kernel Time: 0:0:0.30
User Time: 0:0:0.90
Thread Status: Thread is in a WAIT state.
Thread Type: Other
# ChildEBP RetAddr
00 0277fecc 77f4372d SharedUserData!SystemCallStub+0x4
01 0277fed0 77e41bfa ntdll!NtWaitForMultipleObjects+0xc
02 0277ff78 6930882e kernel32!WaitForMultipleObjectsEx+0x11a
03 0277ffb8 77e4a990 ftpsvc2!PASV_ACCEPT_CONTEXT::AcceptThreadFunc+0x32
04 0277ffec 00000000 kernel32!BaseThreadStart+0x34
Thread ID: 26
System Thread ID: 1dc
Kernel Time: 0:0:5.7
User Time: 0:0:7.330
Thread Type: Possible ASP page. Possible DCOM activity
Executing Page: ASP.dll symbols not found. Unable to locate ASP page.
Continuing with other analysis.
No remote call being made
# ChildEBP RetAddr
00 0284fe20 77f4313f SharedUserData!SystemCallStub+0x4
01 0284fe24 77c57b25 ntdll!NtReplyWaitReceivePortEx+0xc
02 0284ff8c 77c696a9 RPCRT4!LRPC_ADDRESS::ReceiveLotsaCalls+0x193
03 0284ff90 77c695f1 RPCRT4!RecvLotsaCallsWrapper+0x9
04 0284ffb0 77c696d7 RPCRT4!BaseCachedThreadRoutine+0x9c
05 0284ffb8 77e4a990 RPCRT4!ThreadStartRoutine+0x17
06 0284ffec 00000000 kernel32!BaseThreadStart+0x34
Thread ID: 27
System Thread ID: 128
Kernel Time: 0:0:0.0
User Time: 0:0:0.0
Thread Type: Other
# ChildEBP RetAddr
00 02b8f4e8 77f43741 SharedUserData!SystemCallStub+0x4
01 02b8f4ec 71b23ac3 ntdll!ZwWaitForSingleObject+0xc
02 02b8f528 71b239d1 mswsock!SockWaitForSingleObject+0x19b
03 02b8f5ec 20b08f11 mswsock!WSPSelect+0x229
WARNING: Stack unwind information not available. Following frames may be
wrong.
04 00ba2dbc 000007cc imon!NOD32Ioctl+0x7171
Thread ID: 28
System Thread ID: 114
Kernel Time: 0:0:0.0
User Time: 0:0:0.0
Thread Type: Possible ASP page. Possible DCOM activity
Executing Page: ASP.dll symbols not found. Unable to locate ASP page.
Continuing with other analysis.
No remote call being made
# ChildEBP RetAddr
00 02c5fe20 77f4313f SharedUserData!SystemCallStub+0x4
01 02c5fe24 77c57b25 ntdll!NtReplyWaitReceivePortEx+0xc
02 02c5ff8c 77c696a9 RPCRT4!LRPC_ADDRESS::ReceiveLotsaCalls+0x193
03 02c5ff90 77c695f1 RPCRT4!RecvLotsaCallsWrapper+0x9
04 02c5ffb0 77c696d7 RPCRT4!BaseCachedThreadRoutine+0x9c
05 02c5ffb8 77e4a990 RPCRT4!ThreadStartRoutine+0x17
06 02c5ffec 00000000 kernel32!BaseThreadStart+0x34
Thread ID: 29
System Thread ID: 44c
Kernel Time: 0:0:4.576
User Time: 0:0:7.380
Thread Type: Possible ASP page. Possible DCOM activity
Executing Page: ASP.dll symbols not found. Unable to locate ASP page.
Continuing with other analysis.
No remote call being made
# ChildEBP RetAddr
00 02cafe20 77f4313f SharedUserData!SystemCallStub+0x4
01 02cafe24 77c57b25 ntdll!NtReplyWaitReceivePortEx+0xc
02 02caff8c 77c696a9 RPCRT4!LRPC_ADDRESS::ReceiveLotsaCalls+0x193
03 02caff90 77c695f1 RPCRT4!RecvLotsaCallsWrapper+0x9
04 02caffb0 77c696d7 RPCRT4!BaseCachedThreadRoutine+0x9c
05 02caffb8 77e4a990 RPCRT4!ThreadStartRoutine+0x17
06 02caffec 00000000 kernel32!BaseThreadStart+0x34
Thread ID: 30
System Thread ID: 464
Kernel Time: 0:0:0.0
User Time: 0:0:0.0
Thread Type: Possible ASP page. Possible DCOM activity
Executing Page: ASP.dll symbols not found. Unable to locate ASP page.
Continuing with other analysis.
No remote call being made
# ChildEBP RetAddr
00 02cefe20 77f4313f SharedUserData!SystemCallStub+0x4
01 02cefe24 77c57b25 ntdll!NtReplyWaitReceivePortEx+0xc
02 02ceff8c 77c696a9 RPCRT4!LRPC_ADDRESS::ReceiveLotsaCalls+0x193
03 02ceff90 77c695f1 RPCRT4!RecvLotsaCallsWrapper+0x9
04 02ceffb0 77c696d7 RPCRT4!BaseCachedThreadRoutine+0x9c
05 02ceffb8 77e4a990 RPCRT4!ThreadStartRoutine+0x17
06 02ceffec 00000000 kernel32!BaseThreadStart+0x34
Thread ID: 31
System Thread ID: 474
Kernel Time: 0:0:0.0
User Time: 0:0:0.0
Thread Type: Other
# ChildEBP RetAddr
00 02d2ff10 77f43741 SharedUserData!SystemCallStub+0x4
01 02d2ff14 77e41817 ntdll!ZwWaitForSingleObject+0xc
02 02d2ff84 77e4168f kernel32!WaitForSingleObjectEx+0xac
03 02d2ff94 02bdd064 kernel32!WaitForSingleObject+0xf
04 02d2ffb8 77e4a990 aqueue!CSMTP_RETRY_HANDLER::RetryThreadRoutine+0xc1
05 02d2ffec 00000000 kernel32!BaseThreadStart+0x34
Thread ID: 32
System Thread ID: 48c
Kernel Time: 0:0:0.10
User Time: 0:0:0.30
Thread Status: Thread is in a WAIT state.
Thread Type: SMTP Service Worker Thread
# ChildEBP RetAddr
00 02dafe84 77f4372d SharedUserData!SystemCallStub+0x4
01 02dafe88 77e41bfa ntdll!NtWaitForMultipleObjects+0xc
02 02daff30 77e4b0e4 kernel32!WaitForMultipleObjectsEx+0x11a
03 02daff48 02bbc648 kernel32!WaitForMultipleObjects+0x17
04 02daffa4 6b77e8ae aqueue!CConnMgr::GetNextConnection+0x1e1
05 02daffb8 77e4a990 SMTPSVC!PERSIST_QUEUE::QueueThreadRoutine+0x21
06 02daffec 00000000 kernel32!BaseThreadStart+0x34
Thread ID: 33
System Thread ID: 54c
Kernel Time: 0:0:6.609
User Time: 0:0:6.579
Thread Type: HTTP Listener
# ChildEBP RetAddr
00 02e5ff28 77f430c7 SharedUserData!SystemCallStub+0x4
01 02e5ff2c 77e430bc ntdll!ZwRemoveIoCompletion+0xc
02 02e5ff58 5a302360 kernel32!GetQueuedCompletionStatus+0x27
03 02e5ff90 5a302531 W3TP!THREAD_POOL_DATA::ThreadPoolThread+0x31
04 02e5ffa4 5a301d27 W3TP!THREAD_POOL_DATA::ThreadPoolThread+0x21
05 02e5ffb8 77e4a990 W3TP!THREAD_MANAGER::ThreadManagerThread+0x35
06 02e5ffec 00000000 kernel32!BaseThreadStart+0x34
Thread ID: 34
System Thread ID: 53c
Kernel Time: 0:0:20.469
User Time: 0:0:21.90
Thread Type: HTTP Listener
# ChildEBP RetAddr
00 02e9ff28 77f430c7 SharedUserData!SystemCallStub+0x4
01 02e9ff2c 77e430bc ntdll!ZwRemoveIoCompletion+0xc
02 02e9ff58 5a302360 kernel32!GetQueuedCompletionStatus+0x27
03 02e9ff90 5a302531 W3TP!THREAD_POOL_DATA::ThreadPoolThread+0x31
04 02e9ffa4 5a301d27 W3TP!THREAD_POOL_DATA::ThreadPoolThread+0x21
05 02e9ffb8 77e4a990 W3TP!THREAD_MANAGER::ThreadManagerThread+0x35
06 02e9ffec 00000000 kernel32!BaseThreadStart+0x34
Thread ID: 35
System Thread ID: 570
Kernel Time: 0:0:6.299
User Time: 0:0:8.331
Thread Type: HTTP Listener
# ChildEBP RetAddr
00 02edff28 77f430c7 SharedUserData!SystemCallStub+0x4
01 02edff2c 77e430bc ntdll!ZwRemoveIoCompletion+0xc
02 02edff58 5a302360 kernel32!GetQueuedCompletionStatus+0x27
03 02edff90 5a302531 W3TP!THREAD_POOL_DATA::ThreadPoolThread+0x31
04 02edffa4 5a301d27 W3TP!THREAD_POOL_DATA::ThreadPoolThread+0x21
05 02edffb8 77e4a990 W3TP!THREAD_MANAGER::ThreadManagerThread+0x35
06 02edffec 00000000 kernel32!BaseThreadStart+0x34
Thread ID: 36
System Thread ID: 5c4
Kernel Time: 0:0:13.178
User Time: 0:0:14.611
Thread Type: HTTP Listener
# ChildEBP RetAddr
00 02f1ff28 77f430c7 SharedUserData!SystemCallStub+0x4
01 02f1ff2c 77e430bc ntdll!ZwRemoveIoCompletion+0xc
02 02f1ff58 5a302360 kernel32!GetQueuedCompletionStatus+0x27
03 02f1ff90 5a302531 W3TP!THREAD_POOL_DATA::ThreadPoolThread+0x31
04 02f1ffa4 5a301d27 W3TP!THREAD_POOL_DATA::ThreadPoolThread+0x21
05 02f1ffb8 77e4a990 W3TP!THREAD_MANAGER::ThreadManagerThread+0x35
06 02f1ffec 00000000 kernel32!BaseThreadStart+0x34
Thread ID: 37
System Thread ID: 564
Kernel Time: 0:0:0.0
User Time: 0:0:0.0
Thread Type: HTTP Compression Thread
# ChildEBP RetAddr
00 036dff14 77f43741 SharedUserData!SystemCallStub+0x4
01 036dff18 77e41817 ntdll!ZwWaitForSingleObject+0xc
02 036dff88 77e4168f kernel32!WaitForSingleObjectEx+0xac
03 036dff98 5a3a51f7 kernel32!WaitForSingleObject+0xf
04 036dffb8 77e4a990 w3core!HTTP_COMPRESSION::CompressionThread+0x85
05 036dffc4 00000000 kernel32!BaseThreadStart+0x34
Thread ID: 38
System Thread ID: 6a4
Kernel Time: 0:0:0.821
User Time: 0:0:1.1
Thread Type: Other
# ChildEBP RetAddr
00 0376ff28 77f430c7 SharedUserData!SystemCallStub+0x4
01 0376ff2c 77e430bc ntdll!ZwRemoveIoCompletion+0xc
02 0376ff58 5b64f22d kernel32!GetQueuedCompletionStatus+0x27
03 0376ff90 5b64f3fe strmfilt!THREAD_POOL_DATA::ThreadPoolThread+0x31
04 0376ffa4 5b64ebfa strmfilt!THREAD_POOL_DATA::ThreadPoolThread+0x21
05 0376ffb8 77e4a990 strmfilt!THREAD_MANAGER::ThreadManagerThread+0x35
06 0376ffec 00000000 kernel32!BaseThreadStart+0x34
Thread ID: 39
System Thread ID: bbc
Kernel Time: 0:0:0.0
User Time: 0:0:0.0
Thread Type: Possible ASP page. Possible DCOM activity
Executing Page: ASP.dll symbols not found. Unable to locate ASP page.
Continuing with other analysis.
No remote call being made
# ChildEBP RetAddr
00 039ffe20 77f4313f SharedUserData!SystemCallStub+0x4
01 039ffe24 77c57b25 ntdll!NtReplyWaitReceivePortEx+0xc
02 039fff8c 77c696a9 RPCRT4!LRPC_ADDRESS::ReceiveLotsaCalls+0x193
03 039fff90 77c695f1 RPCRT4!RecvLotsaCallsWrapper+0x9
04 039fffb0 77c696d7 RPCRT4!BaseCachedThreadRoutine+0x9c
05 039fffb8 77e4a990 RPCRT4!ThreadStartRoutine+0x17
06 039fffec 00000000 kernel32!BaseThreadStart+0x34
Thread ID: 40
System Thread ID: 1388
Kernel Time: 0:0:0.10
User Time: 0:0:0.10
Thread Type: ASP
Executing Page: ASP.dll symbols not found. Unable to locate ASP page.
Continuing with other analysis.
# ChildEBP RetAddr
00 03c1fef0 77f4262b SharedUserData!SystemCallStub+0x4
01 03c1fef4 77e418ea ntdll!NtDelayExecution+0xc
02 03c1ff5c 77e416ee kernel32!SleepEx+0x68
03 03c1ff68 79e8c932 kernel32!Sleep+0xb
04 03c1ffb8 77e4a990 aspnet_isapi!ThreadGateThreadProc+0x6a
05 03c1ffec 00000000 kernel32!BaseThreadStart+0x34
Thread ID: 41
System Thread ID: 138c
Kernel Time: 0:0:0.80
User Time: 0:0:0.120
Thread Type: ASP
Executing Page: ASP.dll symbols not found. Unable to locate ASP page.
Continuing with other analysis.
# ChildEBP RetAddr
00 03c5ff34 77f430c7 SharedUserData!SystemCallStub+0x4
01 03c5ff38 77e430bc ntdll!ZwRemoveIoCompletion+0xc
02 03c5ff64 79e8c820 kernel32!GetQueuedCompletionStatus+0x27
03 03c5ffb8 77e4a990 aspnet_isapi!ThreadPoolThreadProc+0x64
04 03c5ffec 00000000 kernel32!BaseThreadStart+0x34
Thread ID: 42
System Thread ID: 13ac
Kernel Time: 0:0:4.746
User Time: 0:0:0.600
Thread Type: ASP
Executing Page: ASP.dll symbols not found. Unable to locate ASP page.
Continuing with other analysis.
# ChildEBP RetAddr
00 03c9fefc 77f4262b SharedUserData!SystemCallStub+0x4
01 03c9ff00 77e418ea ntdll!NtDelayExecution+0xc
02 03c9ff68 77e416ee kernel32!SleepEx+0x68
03 03c9ff74 79e7dd5b kernel32!Sleep+0xb
04 03c9ff84 7c34940f aspnet_isapi!MonitorHealth+0x40
05 03c9ffb8 77e4a990 MSVCR71!_endthread+0xaa
06 03c9ffec 00000000 kernel32!BaseThreadStart+0x34
Thread ID: 43
System Thread ID: 13bc
Kernel Time: 0:0:1.552
User Time: 0:0:1.572
Thread Type: ASP
Executing Page: ASP.dll symbols not found. Unable to locate ASP page.
Continuing with other analysis.
# ChildEBP RetAddr
00 03cdff34 77f430c7 SharedUserData!SystemCallStub+0x4
01 03cdff38 77e430bc ntdll!ZwRemoveIoCompletion+0xc
02 03cdff64 79e8c820 kernel32!GetQueuedCompletionStatus+0x27
03 03cdffb8 77e4a990 aspnet_isapi!ThreadPoolThreadProc+0x64
04 03cdffec 00000000 kernel32!BaseThreadStart+0x34
Thread ID: 44
System Thread ID: 167c
Kernel Time: 0:0:0.360
User Time: 0:0:2.303
Thread Type: Other
# ChildEBP RetAddr
00 00ecff70 77f430c7 SharedUserData!SystemCallStub+0x4
01 00ecff74 77f7e6ae ntdll!ZwRemoveIoCompletion+0xc
02 00ecffb8 77e4a990 ntdll!RtlpWorkerThread+0x3b
03 00ecffec 00000000 kernel32!BaseThreadStart+0x34
Thread ID: 45
System Thread ID: 1228
Kernel Time: 0:0:0.0
User Time: 0:0:0.0
Thread Type: WebDav Worker Thread
# ChildEBP RetAddr
00 010cff30 77f430c7 SharedUserData!SystemCallStub+0x4
01 010cff34 77e430bc ntdll!ZwRemoveIoCompletion+0xc
02 010cff60 67136578 kernel32!GetQueuedCompletionStatus+0x27
03 010cff90 67136613 httpext!CDavWorkerThread::GetWorkCompletion+0x27
04 010cffb8 77e4a990 httpext!CDavWorkerThread::ThreadDispatcher+0x30
05 010cffec 00000000 kernel32!BaseThreadStart+0x34
Thread ID: 46
System Thread ID: 1298
Kernel Time: 0:0:0.0
User Time: 0:0:0.0
Thread Type: WebDav Worker Thread
# ChildEBP RetAddr
00 0110ff30 77f430c7 SharedUserData!SystemCallStub+0x4
01 0110ff34 77e430bc ntdll!ZwRemoveIoCompletion+0xc
02 0110ff60 67136578 kernel32!GetQueuedCompletionStatus+0x27
03 0110ff90 67136613 httpext!CDavWorkerThread::GetWorkCompletion+0x27
04 0110ffb8 77e4a990 httpext!CDavWorkerThread::ThreadDispatcher+0x30
05 0110ffec 00000000 kernel32!BaseThreadStart+0x34
Thread ID: 47
System Thread ID: 1048
Kernel Time: 0:0:0.0
User Time: 0:0:0.0
Thread Type: WebDav Worker Thread
# ChildEBP RetAddr
00 0114ff30 77f430c7 SharedUserData!SystemCallStub+0x4
01 0114ff34 77e430bc ntdll!ZwRemoveIoCompletion+0xc
02 0114ff60 67136578 kernel32!GetQueuedCompletionStatus+0x27
03 0114ff90 67136613 httpext!CDavWorkerThread::GetWorkCompletion+0x27
04 0114ffb8 77e4a990 httpext!CDavWorkerThread::ThreadDispatcher+0x30
05 0114ffec 00000000 kernel32!BaseThreadStart+0x34
Thread ID: 48
System Thread ID: de4
Kernel Time: 0:0:0.0
User Time: 0:0:0.0
Thread Type: WebDav Worker Thread
# ChildEBP RetAddr
00 0118ff30 77f430c7 SharedUserData!SystemCallStub+0x4
01 0118ff34 77e430bc ntdll!ZwRemoveIoCompletion+0xc
02 0118ff60 67136578 kernel32!GetQueuedCompletionStatus+0x27
03 0118ff90 67136613 httpext!CDavWorkerThread::GetWorkCompletion+0x27
04 0118ffb8 77e4a990 httpext!CDavWorkerThread::ThreadDispatcher+0x30
05 0118ffec 00000000 kernel32!BaseThreadStart+0x34
Thread ID: 49
System Thread ID: fec
Kernel Time: 0:0:0.0
User Time: 0:0:0.0
Thread Type: WebDav Worker Thread
# ChildEBP RetAddr
00 016cff30 77f430c7 SharedUserData!SystemCallStub+0x4
01 016cff34 77e430bc ntdll!ZwRemoveIoCompletion+0xc
02 016cff60 67136578 kernel32!GetQueuedCompletionStatus+0x27
03 016cff90 67136613 httpext!CDavWorkerThread::GetWorkCompletion+0x27
04 016cffb8 77e4a990 httpext!CDavWorkerThread::ThreadDispatcher+0x30
05 016cffec 00000000 kernel32!BaseThreadStart+0x34
Thread ID: 50
System Thread ID: 1100
Kernel Time: 0:0:3.655
User Time: 0:0:4.396
Thread Status: Thread is in a WAIT state.
Thread Type: Front Page Authoring.
# ChildEBP RetAddr
00 01d3fc74 77f4372d SharedUserData!SystemCallStub+0x4
01 01d3fc78 77e41bfa ntdll!NtWaitForMultipleObjects+0xc
02 01d3fd20 77d076f5 kernel32!WaitForMultipleObjectsEx+0x11a
03 01d3fd7c 77161d84 USER32!RealMsgWaitForMultipleObjectsEx+0x13f
04 01d3fda4 771b1cd3 ole32!CCliModalLoop::BlockFn+0x7e
05 01d3fe0c 32e5a235 ole32!CoWaitForMultipleHandles+0xc5
06 01d3fe40 32e5e13b fp5Autl!VwaitForMultipleObjects+0xa0
07 01d3ff80 32e2380b fp5Autl!COWSThreadPool::ThreadHandlerProc+0x97
08 01d3ff84 77bc91ed fp5Autl!COWSThread::CallThreadProc+0x9
09 01d3ffb8 77e4a990 msvcrt!_endthreadex+0x95
0a 01d3ffec 00000000 kernel32!BaseThreadStart+0x34
Thread ID: 51
System Thread ID: 10cc
Kernel Time: 0:0:1.91
User Time: 0:0:2.353
Thread Status: Thread is in a WAIT state.
Thread Type: Front Page Authoring.
# ChildEBP RetAddr
00 03abfc74 77f4372d SharedUserData!SystemCallStub+0x4
01 03abfc78 77e41bfa ntdll!NtWaitForMultipleObjects+0xc
02 03abfd20 77d076f5 kernel32!WaitForMultipleObjectsEx+0x11a
03 03abfd7c 77161d84 USER32!RealMsgWaitForMultipleObjectsEx+0x13f
04 03abfda4 771b1cd3 ole32!CCliModalLoop::BlockFn+0x7e
05 03abfe0c 32e5a235 ole32!CoWaitForMultipleHandles+0xc5
06 03abfe40 32e5e13b fp5Autl!VwaitForMultipleObjects+0xa0
07 03abff80 32e2380b fp5Autl!COWSThreadPool::ThreadHandlerProc+0x97
08 03abff84 77bc91ed fp5Autl!COWSThread::CallThreadProc+0x9
09 03abffb8 77e4a990 msvcrt!_endthreadex+0x95
0a 03abffec 00000000 kernel32!BaseThreadStart+0x34
Thread ID: 52
System Thread ID: b28
Kernel Time: 0:0:0.0
User Time: 0:0:0.0
Thread Type: Front Page Authoring.
# ChildEBP RetAddr
00 0421feb4 77f43741 SharedUserData!SystemCallStub+0x4
01 0421feb8 77e41817 ntdll!ZwWaitForSingleObject+0xc
02 0421ff28 77e4168f kernel32!WaitForSingleObjectEx+0xac
03 0421ff38 32d496c6 kernel32!WaitForSingleObject+0xf
04 0421ff78 32ddebf5 fp5amsft!VmetabaseSinkThread::t_main+0x167
05 0421ff84 77bc91ed fp5Autl!Vthread::top+0xd
06 0421ffb8 77e4a990 msvcrt!_endthreadex+0x95
07 0421ffec 00000000 kernel32!BaseThreadStart+0x34
Thread ID: 53
System Thread ID: 29c
Kernel Time: 0:8:43.542
User Time: 0:7:27.693
Thread Type: HTTP Listener
# ChildEBP RetAddr
00 03f5ff50 77f430c7 SharedUserData!SystemCallStub+0x4
01 03f5ff54 77e430bc ntdll!ZwRemoveIoCompletion+0xc
02 03f5ff80 63ec7235 kernel32!GetQueuedCompletionStatus+0x27
03 03f5ffb8 77e4a990 ISATQ!AtqPoolThread+0x40
04 03f5ffec 00000000 kernel32!BaseThreadStart+0x34
Thread ID: 54
System Thread ID: 804
Kernel Time: 0:0:9.874
User Time: 0:0:12.377
Thread Type: HTTP Listener
# ChildEBP RetAddr
00 0371ff28 77f430c7 SharedUserData!SystemCallStub+0x4
01 0371ff2c 77e430bc ntdll!ZwRemoveIoCompletion+0xc
02 0371ff58 5a302360 kernel32!GetQueuedCompletionStatus+0x27
03 0371ff90 5a302531 W3TP!THREAD_POOL_DATA::ThreadPoolThread+0x31
04 0371ffa4 5a301d27 W3TP!THREAD_POOL_DATA::ThreadPoolThread+0x21
05 0371ffb8 77e4a990 W3TP!THREAD_MANAGER::ThreadManagerThread+0x35
06 0371ffec 00000000 kernel32!BaseThreadStart+0x34
Thread ID: 55
System Thread ID: 11a3c
Kernel Time: 0:5:32.347
User Time: 0:4:48.124
Thread Type: HTTP Listener
# ChildEBP RetAddr
00 03f9ff50 77f430c7 SharedUserData!SystemCallStub+0x4
01 03f9ff54 77e430bc ntdll!ZwRemoveIoCompletion+0xc
02 03f9ff80 63ec7235 kernel32!GetQueuedCompletionStatus+0x27
03 03f9ffb8 77e4a990 ISATQ!AtqPoolThread+0x40
04 03f9ffec 00000000 kernel32!BaseThreadStart+0x34
Thread ID: 56
System Thread ID: 11f7c
Kernel Time: 0:6:5.145
User Time: 0:5:13.530
Thread Type: HTTP Listener
# ChildEBP RetAddr
00 040dff50 77f430c7 SharedUserData!SystemCallStub+0x4
01 040dff54 77e430bc ntdll!ZwRemoveIoCompletion+0xc
02 040dff80 63ec7235 kernel32!GetQueuedCompletionStatus+0x27
03 040dffb8 77e4a990 ISATQ!AtqPoolThread+0x40
04 040dffec 00000000 kernel32!BaseThreadStart+0x34
Thread ID: 57
System Thread ID: 128a8
Kernel Time: 0:5:35.802
User Time: 0:4:52.29
Thread Type: HTTP Listener
# ChildEBP RetAddr
00 03efff50 77f430c7 SharedUserData!SystemCallStub+0x4
01 03efff54 77e430bc ntdll!ZwRemoveIoCompletion+0xc
02 03efff80 63ec7235 kernel32!GetQueuedCompletionStatus+0x27
03 03efffb8 77e4a990 ISATQ!AtqPoolThread+0x40
04 03efffec 00000000 kernel32!BaseThreadStart+0x34
Thread ID: 58
System Thread ID: 128a4
Kernel Time: 0:3:15.20
User Time: 0:2:46.980
Thread Type: HTTP Listener
# ChildEBP RetAddr
00 0411f900 63eb2067
iscomlog!CInetLogInformation::CanonicalizeLogRecord+0xdf
01 0411fa14 63eb1cf6 iscomlog!COMLOG_CONTEXT::LogInformation+0x5a
02 0411fa1c 64409241 iscomlog!ComLogLogInformation+0x11
03 0411fa30 6930f682 INFOCOMM!LOGGING::LogInformation+0x26
04 0411fc10 6930abfd ftpsvc2!USER_DATA::WriteLogRecord+0x15d
05 0411fc30 693153bb ftpsvc2!MainSTOR+0xbb
06 0411fc54 69311864 ftpsvc2!ParseCommand+0x22e
07 0411fe7c 6930ebf6 ftpsvc2!USER_DATA::ParseAndProcessRequest+0x23a
08 0411fe8c 69311a1a ftpsvc2!StopControlRead+0x4d
09 0411feb0 69311f32 ftpsvc2!USER_DATA::ProcessAsyncIoCompletion+0x6b
0a 0411ff34 6930839f ftpsvc2!ProcessUserAsyncIoCompletion+0x60
0b 0411ff58 63ec71d3 ftpsvc2!ProcessAtqCompletion+0x7b
0c 0411ff84 63ec73c6 ISATQ!AtqpProcessContext+0x1db
0d 0411ffb8 77e4a990 ISATQ!AtqPoolThread+0x1d1
0e 0411ffec 00000000 kernel32!BaseThreadStart+0x34
Thread ID: 59
System Thread ID: 4954
Kernel Time: 0:0:0.230
User Time: 0:0:0.250
Thread Type: HTTP Listener
# ChildEBP RetAddr
00 043eff28 77f430c7 SharedUserData!SystemCallStub+0x4
01 043eff2c 77e430bc ntdll!ZwRemoveIoCompletion+0xc
02 043eff58 5a302360 kernel32!GetQueuedCompletionStatus+0x27
03 043eff90 5a302531 W3TP!THREAD_POOL_DATA::ThreadPoolThread+0x31
04 043effa4 5a301d27 W3TP!THREAD_POOL_DATA::ThreadPoolThread+0x21
05 043effb8 77e4a990 W3TP!THREAD_MANAGER::ThreadManagerThread+0x35
06 043effec 00000000 kernel32!BaseThreadStart+0x34
Thread ID: 60
System Thread ID: 4b08
Kernel Time: 0:5:56.522
User Time: 0:5:2.775
Thread Type: HTTP Listener
# ChildEBP RetAddr
00 0566ff50 77f430c7 SharedUserData!SystemCallStub+0x4
01 0566ff54 77e430bc ntdll!ZwRemoveIoCompletion+0xc
02 0566ff80 63ec7235 kernel32!GetQueuedCompletionStatus+0x27
03 0566ffb8 77e4a990 ISATQ!AtqPoolThread+0x40
04 0566ffec 00000000 kernel32!BaseThreadStart+0x34
Thread ID: 61
System Thread ID: 339c
Kernel Time: 0:0:41.800
User Time: 0:0:36.762
Thread Type: HTTP Listener
# ChildEBP RetAddr
00 0442ff50 77f430c7 SharedUserData!SystemCallStub+0x4
01 0442ff54 77e430bc ntdll!ZwRemoveIoCompletion+0xc
02 0442ff80 63ec7235 kernel32!GetQueuedCompletionStatus+0x27
03 0442ffb8 77e4a990 ISATQ!AtqPoolThread+0x40
04 0442ffec 00000000 kernel32!BaseThreadStart+0x34
Thread ID: 62
System Thread ID: 3360
Kernel Time: 0:1:33.484
User Time: 0:1:18.142
Thread Type: HTTP Listener
# ChildEBP RetAddr
00 056aff50 77f430c7 SharedUserData!SystemCallStub+0x4
01 056aff54 77e430bc ntdll!ZwRemoveIoCompletion+0xc
02 056aff80 63ec7235 kernel32!GetQueuedCompletionStatus+0x27
03 056affb8 77e4a990 ISATQ!AtqPoolThread+0x40
04 056affec 00000000 kernel32!BaseThreadStart+0x34
Thread ID: 63
System Thread ID: f7c
Kernel Time: 0:0:0.10
User Time: 0:0:0.10
Thread Type: HTTP Listener
# ChildEBP RetAddr
00 0592ff28 77f430c7 SharedUserData!SystemCallStub+0x4
01 0592ff2c 77e430bc ntdll!ZwRemoveIoCompletion+0xc
02 0592ff58 5a302360 kernel32!GetQueuedCompletionStatus+0x27
03 0592ff90 5a302531 W3TP!THREAD_POOL_DATA::ThreadPoolThread+0x31
04 0592ffa4 5a301d27 W3TP!THREAD_POOL_DATA::ThreadPoolThread+0x21
05 0592ffb8 77e4a990 W3TP!THREAD_MANAGER::ThreadManagerThread+0x35
06 0592ffec 00000000 kernel32!BaseThreadStart+0x34
Thread ID: 64
System Thread ID: 8638
Kernel Time: 0:0:0.0
User Time: 0:0:0.0
Thread Type: Other
# ChildEBP RetAddr
00 058eff70 77f430c7 SharedUserData!SystemCallStub+0x4
01 058eff74 77f7e6ae ntdll!ZwRemoveIoCompletion+0xc
02 058effb8 77e4a990 ntdll!RtlpWorkerThread+0x3b
03 058effec 00000000 kernel32!BaseThreadStart+0x34
Thread ID: 65
System Thread ID: 863c
Kernel Time: 0:0:0.0
User Time: 0:0:0.0
Thread Type: Other
# ChildEBP RetAddr
00 0596ff70 77f430c7 SharedUserData!SystemCallStub+0x4
01 0596ff74 77f7e6ae ntdll!ZwRemoveIoCompletion+0xc
02 0596ffb8 77e4a990 ntdll!RtlpWorkerThread+0x3b
03 0596ffec 00000000 kernel32!BaseThreadStart+0x34
Closing open log file C:\iisstate\output\IISState-1444.log
Pat [MSFT] wrote, On 15/11/2003 2:35 AM:
> That doesn't necessarily mean that there is an ASP page on that thread.
> IISState looks for 'hints' that a page may (or may not) be running on a
> thread. One of the hints is if RPCRT4.dll is on the thread stack. That DLL
> is used for DCOM calls and can mean that there is an ASP page making the
> DCOM call. But the DLL can also be there w/out an ASP page. So, what the
> message is telling you is that the DCOM dll is there (Possible DCOM
> activity) and that this may indicate an ASP page (Possible ASP page) but
> that as it turns out there wasn't either going on (No remote call being
> made, Unable to locate ASP page).
>
> As to the 99% CPU, you can use Perfmon in conjunction w/IISState to identify
> the thread number that is using the CPU or (what I do) is look at the thread
> times (Kernel and User). The threads with the highest times are your most
> likely suspects. Sometimes it is not a single thread that is the problem,
> so I look at the top three or four.
>
> If you want me to take a look at the log, post it to the group.
>
>
> Pat
>
> "Jim" <jim RemoveThis @nowhere.com> wrote in message
> news:ObBc2fqqDHA.1872@TK2MSFTNGP09.phx.gbl...
>
>>Hello,
>>
>>I have installed the Windows debugging toolkit and iisstate 3.2 from
>>iisfaq.com but in my log file I see this:
>>
>>Thread Type: Possible ASP page. Possible DCOM activity
>>Executing Page: ASP.dll symbols not found. Unable to locate ASP page.
>>Continuing with other analysis.
>>
>>No remote call being made
>>
>>======
>>
>>How do I get the asp page name?
>>
>>Also how do I know which thread is using the most CPU? I'm having 99%
>>CPU problem and trying to troubleshoot it.
>>
>>Thanks in advance.
>>
>>Jim
>
>
><!-- ~MESSAGE_AFTER~ -->
>> Stay informed about: iisstate.exe Executing Page: ASP.dll symbols not found. Un.. 
FAQ
Profile
Private Messages
Log in
