Web Server Version Revealed (IIS)

TheMSsForum.com: The Microsoft Software Forum

The MSS Forum ‹ IIS
- Archive
  - Biz
  - MCSE
  - CRM
  - Drivers
  - Framework
  - ADO
  - ASP
  - Compact
  - Forms
  - Dotnet
  - C#
  - VB
  - FontpageGen
  - Excel
  - WorkSheet
  - Exchange
  - Setup
  - Fox
  - Fontpage
  - ASP
  - IIS
  - Entourage
  - Money
  - Messanger
  - PocketPC
  - Powerpoint
  - Project
  - Publisher
  - Excel
  - VB
  - Security
  - Portal
  - Services
  - SQLServerDev
  - SVCS
  - SQLServer
  - VB
  - VC
  - MFC
  - ExcelGen

- Previous
  - 1
    - 304 + .ASP in IIS 6 Hello, how can I send a 304 back to the browser for an .asp in IIS 6.0? Images are getting cached without any trouble - but the .asp - even though it does not change still returns a 200. Tag: Web Server Version Revealed (IIS) Tag: 389848
  - 2
    - IIS virtual directory local path is greyed out I have an application that installs a virtual directory under the default webserver. In the local path it displays /peopleupdate and it is greyed out so i cannot change it. I know i can create a new vdir that doesnt have this behavior but why is it greyed out? Why can I not change it? This seems to be the default behavior of the installer... Tag: Web Server Version Revealed (IIS) Tag: 389841
  - 3
    - COM+ Base Service I had a service running on my Windows 2003 server - COM+ Base Service - path to executable C:\WINNT\system32\csrsrv.exe Anyone know what this is please? Tag: Web Server Version Revealed (IIS) Tag: 389840
  - 4
    - Metabase replication for multiple sites Hi, I am looking for a solution that will provide IIS metabase replication among 3 servers at seperate locations. The requirement is that the metabase could be updated on any of the three servers and then the changes would need to be automatically replicated to the other two. I am not worried about content replication as the files are stored on AFS which is already being replicated among the 3 sites. Is it possible to do this with IISCNFG? Commercial solutions are also acceptable. thanks, Hugh Tag: Web Server Version Revealed (IIS) Tag: 389836
  - 5
    - http request for *.dll files returns server error code 500 hi im using IIS/PWS 5.1 on WinXP Pro. i have a page that loads a java applet in it, in order for the applet to work properly, a dll files is sent back to the Windows/IE client along with the requested URL.But when the page is requested i get "Server returned HTTP response code: 500 for URL: http://localhost/sign/admin/dl_admin.dll " error . I checked the IIS log for this and i also found a 401 unauthorized access error just before the 500' line ! the page loads smoothly when using file:// protocol.So i guess its an IIS permissions issue right ? any ideas on how to resolve this ? Tag: Web Server Version Revealed (IIS) Tag: 389831
  - 6
    - global.asa Problem Hi! I have a problem, while migration an older webapplication from Windows 2000 to Windows 2003. This software is a webfrontend of an helpdesk system. The user database is an sql server which is defined in the odbc drivers. So everybody has to log on to this webpage. But on the new server the following error ist displayed when someone wants to log on: Active Server Pages error '00000000' Create object failed ? An error occurred while creating object 'LicMan'. Microsoft VBScript runtime error '800a01ae' Class doesn't support Automation: 'LicMan' /LM/W3SVC/XXXXXXX/Root/in2desk/global.asa, line 34 I doen't have found any useful hint to solv this problem. Can someone help? So long Peter Tag: Web Server Version Revealed (IIS) Tag: 389828
  - 7
    - Web application works very well on IIS 6, with 'Integrated Windows Authentication'. But user is not authenticated on IIS5. Hi All, We have implemented single sign-on in our web application. The application works well on IIS6 with 'Integrated Windows Authentication'. The user is very well authenticated on IIS6. But when this application runs on IIS5 with the same 'Integrated Windows Authentication', the user is not authenticated. Is anybody having the solution to make my application workion IIS5? Thanks Banty Nigam Tag: Web Server Version Revealed (IIS) Tag: 389826
  - 8
    - 'Integrated Windows Authentication' does not work on IIS5, but it very well works on IIS6. Hi All, My application is working fine on IIS6 W2K3, with 'integrated windows authentication'. We have implemented single sign-on functionality in our web-application. But it does'nt authenticate the user when application runs on IIS5 W2K. Can anybody tell me what is the problem, and what all things I will need to put in place, to make this application working. Thanks in advance. Banty Nigam Tag: Web Server Version Revealed (IIS) Tag: 389825
  - 9
    - IIS Admin Service service terminated Hi, anybody can advise at this issue. Error message â??IIS Admin Service service terminated with service-specific error 2148073478 (0x80090006)â?? Appreciate anybody can help me. Regards. Victor.. Tag: Web Server Version Revealed (IIS) Tag: 389823
  - 10
    - asking again - how do I tell if SMTP is installed/enabled Hi; 1) How can I tell if the IIS SMTP server is installed? 2) If not installed, how can I start the Add/Remove applet in the Windows mode with the SMTP server selected? 3) If not enabled, how do I enable it? Yes, to test if it's live I can connect on port 25 and see if I get a HELO. But I still need the above to get everything configured. -- thanks - dave david_at_windward_dot_net http://www.windwardreports.com Cubicle Wars - http://www.windwardreports.com/film.htm Tag: Web Server Version Revealed (IIS) Tag: 389821
  - 11
    - Asking again - how do I tell if IIS is installed & enabled Hi; Note: I looked at http://www.microsoft.com/technet/scriptcenter/scripts/iis/default.mspx?mfr=true and I could not find solutions to any of the below: I know this can be done because the pre-install for SqlServer does all this. 1) How can I tell if IIS is installed? 2) If not installed, how can I kick off the installation - I know this uses the Add/Remove applet but how do I kick this off so it starts with install IIS selected? Note: I do NOT want to do an unattended install as most users want to know what is being installed and may want to change the location of c:\inetpub\wwwroot. I need to just start the install. 3) If installed, how do I tell if IIS is enabled and if not enabled, how do I enable it? -- thanks - dave david_at_windward_dot_net http://www.windwardreports.com Cubicle Wars - http://www.windwardreports.com/film.htm Tag: Web Server Version Revealed (IIS) Tag: 389820
  - 12
    - Not all images loading on localhost IIS 5 / XP development machine - too many connections? There's two of us developers, each with a different laptop, both running XP Pro / IIS 5 / VS 2005 with the same problem. We have a web page on localhost that repeatedly calls a localhost ASPX to pull in images (approx 100-200 calls per page), and many of the images will not load. If we refresh the browser, a few more images will come down the line, and so on. The same code works perfectly when running on Windows 2003 / IIS 6. I suspect that the limited connection count (10?) in IIS 5 on XP is killing the extra image loads but don't know how to diagnose this or fix it.... -- Paul Tag: Web Server Version Revealed (IIS) Tag: 389809
  - 13
    - Making IIS use only one netcard of two I have a server with to netcard . One with intern ip number 192.168.1.101 and the other with ip 192.168.1.102. If i set the default web site in IIS to listen to ip adress 192.168.1.101 (not all unassigned) and tcp port 80 , i would exspect port 80 of 192.168.1.102 to be avaliable for me to listen on with my own service program. But it seems not to work out that way, instead it seems like IIS is occupiend both ports when I try to start the tcp service listening to 192.168.1.102:80 . How can I make the IIS not have any acces at all to one of the netcards ? Tag: Web Server Version Revealed (IIS) Tag: 389807
  - 14
    - NLB SSL RPC HTTP !!!!!!!!! Hello I need some advice, I am trying to set up the following test environment, I have the following Single DC (with GC, DNS, WINS) - Functioning fine 4-node backend exchange 2003 - Functioning fine Backend Firewall (PIX) - totally open to inbound and outbound traffic (will be locked down after everything is working) - firewall is between the front end and back end servers 2 Front end Servers running Exchange 2003 - for OWA access Front end Firewall (PIX) to be implemented - only allowing 443 inbound - will be placed to protect from Internet All my servers are running Windows 2003 Sp1 (all critical updates), all my exchange builds include SP2 plus 4 post updates since SP2 I followed this article below to deploy RPC over HTTP - only steps 1-3 How to Deploy RPC over HTTP for the First Time on Exchange Server 2003 SP1 (Front-End/Back-End Scenario) http://www.microsoft.com/technet/prodtechnol/exchange/guides/E2k3RPCHTTPDep/7215c4c3-e465-4000-817b-17f20706fbed.mspx?mfr=true What I need to do is how to implement SSL on my Exchange front-end servers for RPC over HTTP to work. Also want to have the front end setup in NLB I need advise on how to do this, I seen many articles about doing it for a single front end server with either a 3rd party certificates or implementing your own CA. I intend to use certificate from a 3rd Party which is free!! (Remember this is a test environment!!) http://www.msexchange.org/tutorials/SSL-Enabling-OWA-2003-Using-Free-3rdParty-Certificate.html# from these guys at Startcom mentioned in this article I need know the best practice to implement in the setup I am trying to configure 1) Shall I setup the NLB first - good articles for this please? Any catches etc I need to be aware of? 2) How do I implement SSL in NLB Or 1) Do I implement SSL on each front node first and how? Other option is shall I implement my own CA for this test environment? How do I do this? And then setup NLB and SSL I at a crossroads on how to purse this and there is so much information out there that I have read that I am now confused!!! ( two much reading is a bad thing!! ) Confused Tony Tag: Web Server Version Revealed (IIS) Tag: 389805
  - 15
    - IIS 5.1 - users cannot access site ?I set up a simple website on my WinXP Pro system to enable access to a commonly used database file that is in an ASPX format... I can view the website from the computer is it was created on, but anyone outside the computer on the same network cannot. Where am I missing permission issues.. ? I have the default Allow Anonymous users, the IUSR_WGM172 account has proper permissions... I can enter: Http://WGM172/BizTabs/Default.html on my system, and can access the files.... (WGM172 is my computer name). Any suggestions? Jill -- jilltre Tag: Web Server Version Revealed (IIS) Tag: 389804
  - 16
    - How many IP address support IIS 5 I have a problems with IIS 5, I need to know how many Ip address support IIS 5, becasue the services cannot start when I have more the 25 IP, If someone know the solution please send me the fix. Thanks. Tag: Web Server Version Revealed (IIS) Tag: 389803
  - 17
    - IIS InetServ Crashing when Password Change trying to be called. Below is the message that is showing in my event logs. I am running IIS 6.0 Windows 2003 Service Pak 1. When I try and log in with an account that has the must change password flag set IIS disconnects the web site and the password change never comes up. I've registed the password change dll and the metabase looks ok to me. But here is the event log error. Event Type: Error Event Source: Application Error Event Category: (100) Event ID: 1000 Date: 11/21/2006 Time: 2:37:02 PM User: N/A Computer: MDWS1 Description: Faulting application inetinfo.exe, version 6.0.3790.1830, faulting module w3core.dll, version 6.0.3790.1830, fault address 0x000082a0. For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp. Data: 0000: 41 70 70 6c 69 63 61 74 Applicat 0008: 69 6f 6e 20 46 61 69 6c ion Fail 0010: 75 72 65 20 20 69 6e 65 ure ine 0018: 74 69 6e 66 6f 2e 65 78 tinfo.ex 0020: 65 20 36 2e 30 2e 33 37 e 6.0.37 0028: 39 30 2e 31 38 33 30 20 90.1830 0030: 69 6e 20 77 33 63 6f 72 in w3cor 0038: 65 2e 64 6c 6c 20 36 2e e.dll 6. 0040: 30 2e 33 37 39 30 2e 31 0.3790.1 0048: 38 33 30 20 61 74 20 6f 830 at o 0050: 66 66 73 65 74 20 30 30 ffset 00 0058: 30 30 38 32 61 30 0082a0 Tag: Web Server Version Revealed (IIS) Tag: 389794
  - 18
    - SSL on a hosting Web server.... hi all... i have 2 servers, a web one and an exchange one. the exchange server has an SSL cert that i bought. but now i have some web hosting clients that want to use the SSL key so i would like to share the SSL for them. so i'm assuming that i need to have the SSL on the exchange and then have a Virtual Directory pointing to a share on the other computer for the domains that i would like to have under SSL. but when i try that, i get that the page cannot be displayed when i try to access any page under the SSL machine and the virtual directory in IE. can someone suggest a good way of doing this set up? should it all be on one machine? any help would be great! thanks Tag: Web Server Version Revealed (IIS) Tag: 389793
  - 19
    - IIS 7: How to determine which version of .NET? I would like to run an ASP.NET v1.1 app on IIS7. I have other ASP.NET apps that are .NET v2 so I can't just run aspnet_regiis.exe for v1.1 again. How do I toggle the switch for this? Unlike in IIS6, there is no Properties window with an "ASP.NET" tab where you can switch the version. It seems I am a little overwhelmed by the multitude of options available now via control panel-like icons and I don't know where to find what I'm looking for. Jon Tag: Web Server Version Revealed (IIS) Tag: 389789
  - 20
    - IIS Worker Crashing In my event logs on my 3 identical web servers, I keep getting this error message: Faulting application w3wp.exe, version 6.0.3790.1830, faulting module ntdll. dll, version 5.2.3790.1830, fault address 0x0002f585. When I run IISState on that worker process, the dump file looks like this: Opened log file 'E:\wbapps\iisstate\output\IISState-3868.log' *********************** Starting new log output IISState version 3.3.1 Tue Nov 21 11:28:13 2006 OS = Windows 2003 Server Executable: w3wp.exe PID = 3868 Note: Thread times are formatted as HH:MM:SS.ms *********************** IIS has crashed... Beginning Analysis DLL (!FunctionName) that failed: ntdll!RtlpCoalesceFreeBlocks Thread ID: 0 System Thread ID: c8 Kernel Time: 0:0:0.46 User Time: 0:0:0.78 *** WARNING: Unable to verify checksum for \\?\E:\wbdata\jrun-prod03\wsconfig\ 1\jrun_iis6_wildcard.dll *** ERROR: Symbol file could not be found. Defaulted to export symbols for \\ ?\E:\wbdata\jrun-prod03\wsconfig\1\jrun_iis6_wildcard.dll - Thread Type: Other # ChildEBP RetAddr 00 0006f73c 7c82ff8a ntdll!RtlpCoalesceFreeBlocks+0x36e 01 0006f824 77bbcef6 ntdll!RtlFreeHeap+0x38e 02 0006f86c 01e2aa93 msvcrt!free+0xc3 WARNING: Stack unwind information not available. Following frames may be wrong. 03 01692560 0169af10 jrun_iis6_wildcard_1e20000!TerminateExtension+0x8e33 04 01646d10 0169dec0 0x169af10 05 01a6e028 01646d10 0x169dec0 06 002501a0 01a6e028 0x1646d10 07 01a63678 002501a0 0x1a6e028 08 0169f6a8 01a63678 0x2501a0 09 016c4a20 0169f6a8 0x1a63678 0a 0169dec0 016c4a20 0x169f6a8 0b 01646d10 0169dec0 0x16c4a20 0c 01a6e028 01646d10 0x169dec0 0d 002501a0 01a6e028 0x1646d10 0e 01a63678 002501a0 0x1a6e028 0f 0169f6a8 01a63678 0x2501a0 10 016c4a20 0169f6a8 0x1a63678 11 0169dec0 016c4a20 0x169f6a8 12 01646d10 0169dec0 0x16c4a20 13 01a6e028 01646d10 0x169dec0 14 002501a0 01a6e028 0x1646d10 15 01a63678 002501a0 0x1a6e028 16 0169f6a8 01a63678 0x2501a0 17 016c4a20 0169f6a8 0x1a63678 18 0169dec0 016c4a20 0x169f6a8 19 01646d10 0169dec0 0x16c4a20 1a 01a6e028 01646d10 0x169dec0 1b 002501a0 01a6e028 0x1646d10 1c 01a63678 002501a0 0x1a6e028 1d 0169f6a8 01a63678 0x2501a0 1e 016c4a20 0169f6a8 0x1a63678 1f 0169dec0 016c4a20 0x169f6a8 20 01646d10 0169dec0 0x16c4a20 21 01a6e028 01646d10 0x169dec0 22 002501a0 01a6e028 0x1646d10 23 01a63678 002501a0 0x1a6e028 24 0169f6a8 01a63678 0x2501a0 25 016c4a20 0169f6a8 0x1a63678 26 0169dec0 016c4a20 0x169f6a8 27 01646d10 0169dec0 0x16c4a20 28 01a6e028 01646d10 0x169dec0 29 002501a0 01a6e028 0x1646d10 2a 01a63678 002501a0 0x1a6e028 2b 0169f6a8 01a63678 0x2501a0 2c 016c4a20 0169f6a8 0x1a63678 2d 0169dec0 016c4a20 0x169f6a8 2e 01646d10 0169dec0 0x16c4a20 2f 01a6e028 01646d10 0x169dec0 30 002501a0 01a6e028 0x1646d10 31 01a63678 002501a0 0x1a6e028 Closing open log file E:\wbapps\iisstate\output\IISState-3868.log Opened log file 'E:\wbapps\iisstate\output\IISState-3868.log' *********************** Starting new log output IISState version 3.3.1 Tue Nov 21 11:28:15 2006 OS = Windows 2003 Server Executable: w3wp.exe PID = 3868 Note: Thread times are formatted as HH:MM:SS.ms *********************** Thread ID: 0 System Thread ID: c8 Kernel Time: 0:0:0.46 User Time: 0:0:0.78 Thread Type: Other # ChildEBP RetAddr 00 0006f73c 7c82ff8a ntdll!RtlpCoalesceFreeBlocks+0x36e 01 0006f824 77bbcef6 ntdll!RtlFreeHeap+0x38e 02 0006f86c 01e2aa93 msvcrt!free+0xc3 WARNING: Stack unwind information not available. Following frames may be wrong. 03 01692560 0169af10 jrun_iis6_wildcard_1e20000!TerminateExtension+0x8e33 04 01646d10 0169dec0 0x169af10 05 01a6e028 01646d10 0x169dec0 06 002501a0 01a6e028 0x1646d10 07 01a63678 002501a0 0x1a6e028 08 0169f6a8 01a63678 0x2501a0 09 016c4a20 0169f6a8 0x1a63678 0a 0169dec0 016c4a20 0x169f6a8 0b 01646d10 0169dec0 0x16c4a20 0c 01a6e028 01646d10 0x169dec0 0d 002501a0 01a6e028 0x1646d10 0e 01a63678 002501a0 0x1a6e028 0f 0169f6a8 01a63678 0x2501a0 10 016c4a20 0169f6a8 0x1a63678 11 0169dec0 016c4a20 0x169f6a8 12 01646d10 0169dec0 0x16c4a20 13 01a6e028 01646d10 0x169dec0 14 002501a0 01a6e028 0x1646d10 15 01a63678 002501a0 0x1a6e028 16 0169f6a8 01a63678 0x2501a0 17 016c4a20 0169f6a8 0x1a63678 18 0169dec0 016c4a20 0x169f6a8 19 01646d10 0169dec0 0x16c4a20 1a 01a6e028 01646d10 0x169dec0 1b 002501a0 01a6e028 0x1646d10 1c 01a63678 002501a0 0x1a6e028 1d 0169f6a8 01a63678 0x2501a0 1e 016c4a20 0169f6a8 0x1a63678 1f 0169dec0 016c4a20 0x169f6a8 20 01646d10 0169dec0 0x16c4a20 21 01a6e028 01646d10 0x169dec0 22 002501a0 01a6e028 0x1646d10 23 01a63678 002501a0 0x1a6e028 24 0169f6a8 01a63678 0x2501a0 25 016c4a20 0169f6a8 0x1a63678 26 0169dec0 016c4a20 0x169f6a8 27 01646d10 0169dec0 0x16c4a20 28 01a6e028 01646d10 0x169dec0 29 002501a0 01a6e028 0x1646d10 2a 01a63678 002501a0 0x1a6e028 2b 0169f6a8 01a63678 0x2501a0 2c 016c4a20 0169f6a8 0x1a63678 2d 0169dec0 016c4a20 0x169f6a8 2e 01646d10 0169dec0 0x16c4a20 2f 01a6e028 01646d10 0x169dec0 30 002501a0 01a6e028 0x1646d10 31 01a63678 002501a0 0x1a6e028 Thread ID: 1 System Thread ID: 1a4 Kernel Time: 0:0:0.0 User Time: 0:0:0.0 Thread Type: Other # ChildEBP RetAddr 00 009eff9c 7c821364 ntdll!KiFastSystemCallRet 01 009effa0 7c81fe26 ntdll!NtDelayExecution+0xc 02 009effb8 77e6608b ntdll!RtlpTimerThread+0x47 03 009effec 00000000 kernel32!BaseThreadStart+0x34 Thread ID: 2 System Thread ID: c84 Kernel Time: 0:0:0.0 User Time: 0:0:0.0 Thread Type: Other # ChildEBP RetAddr 00 00a2ff70 7c821bf4 ntdll!KiFastSystemCallRet 01 00a2ff74 7c83ad75 ntdll!NtRemoveIoCompletion+0xc 02 00a2ffb8 77e6608b ntdll!RtlpWorkerThread+0x3d 03 00a2ffec 00000000 kernel32!BaseThreadStart+0x34 Thread ID: 3 System Thread ID: db4 Kernel Time: 0:0:0.0 User Time: 0:0:0.0 Thread Type: Possible ASP page. Possible DCOM activity Executing Page: ASP.dll symbols not found. Unable to locate ASP page. Continuing with other analysis. No remote call being made # ChildEBP RetAddr 00 00a8fe18 7c821c54 ntdll!KiFastSystemCallRet 01 00a8fe1c 77c7538c ntdll!ZwReplyWaitReceivePortEx+0xc 02 00a8ff84 77c5778f RPCRT4!LRPC_ADDRESS::ReceiveLotsaCalls+0x198 03 00a8ff8c 77c5f7dd RPCRT4!RecvLotsaCallsWrapper+0xd 04 00a8ffac 77c5de88 RPCRT4!BaseCachedThreadRoutine+0x9d 05 00a8ffb8 77e6608b RPCRT4!ThreadStartRoutine+0x1b 06 00a8ffec 00000000 kernel32!BaseThreadStart+0x34 Thread ID: 4 System Thread ID: 7f0 Kernel Time: 0:0:6.187 User Time: 0:0:1.296 Thread Type: HTTP Listener # ChildEBP RetAddr 00 00c8ff24 7c821bf4 ntdll!KiFastSystemCallRet 01 00c8ff28 77e66142 ntdll!NtRemoveIoCompletion+0xc 02 00c8ff54 5a30249e kernel32!GetQueuedCompletionStatus+0x29 03 00c8ff8c 5a3026bc W3TP!THREAD_POOL_DATA::ThreadPoolThread+0x33 04 00c8ffa0 5a301db9 W3TP!THREAD_POOL_DATA::ThreadPoolThread+0x24 05 00c8ffb8 77e6608b W3TP!THREAD_MANAGER::ThreadManagerThread+0x39 06 00c8ffec 00000000 kernel32!BaseThreadStart+0x34 Thread ID: 5 System Thread ID: 378 Kernel Time: 0:0:13.468 User Time: 0:0:3.687 Thread Type: HTTP Listener # ChildEBP RetAddr 00 00ccff24 7c821bf4 ntdll!KiFastSystemCallRet 01 00ccff28 77e66142 ntdll!NtRemoveIoCompletion+0xc 02 00ccff54 5a30249e kernel32!GetQueuedCompletionStatus+0x29 03 00ccff8c 5a3026bc W3TP!THREAD_POOL_DATA::ThreadPoolThread+0x33 04 00ccffa0 5a301db9 W3TP!THREAD_POOL_DATA::ThreadPoolThread+0x24 05 00ccffb8 77e6608b W3TP!THREAD_MANAGER::ThreadManagerThread+0x39 06 00ccffec 00000000 kernel32!BaseThreadStart+0x34 Thread ID: 6 System Thread ID: ea4 Kernel Time: 0:0:4.296 User Time: 0:0:1.125 Thread Type: HTTP Listener # ChildEBP RetAddr 00 00d0ff24 7c821bf4 ntdll!KiFastSystemCallRet 01 00d0ff28 77e66142 ntdll!NtRemoveIoCompletion+0xc 02 00d0ff54 5a30249e kernel32!GetQueuedCompletionStatus+0x29 03 00d0ff8c 5a3026bc W3TP!THREAD_POOL_DATA::ThreadPoolThread+0x33 04 00d0ffa0 5a301db9 W3TP!THREAD_POOL_DATA::ThreadPoolThread+0x24 05 00d0ffb8 77e6608b W3TP!THREAD_MANAGER::ThreadManagerThread+0x39 06 00d0ffec 00000000 kernel32!BaseThreadStart+0x34 Thread ID: 7 System Thread ID: f9c Kernel Time: 0:0:10.359 User Time: 0:0:3.156 Thread Type: HTTP Listener # ChildEBP RetAddr 00 00d4ff24 7c821bf4 ntdll!KiFastSystemCallRet 01 00d4ff28 77e66142 ntdll!NtRemoveIoCompletion+0xc 02 00d4ff54 5a30249e kernel32!GetQueuedCompletionStatus+0x29 03 00d4ff8c 5a3026bc W3TP!THREAD_POOL_DATA::ThreadPoolThread+0x33 04 00d4ffa0 5a301db9 W3TP!THREAD_POOL_DATA::ThreadPoolThread+0x24 05 00d4ffb8 77e6608b W3TP!THREAD_MANAGER::ThreadManagerThread+0x39 06 00d4ffec 00000000 kernel32!BaseThreadStart+0x34 Thread ID: 8 System Thread ID: da0 Kernel Time: 0:0:0.0 User Time: 0:0:0.0 Thread Status: Thread is in a WAIT state. Thread Type: Other # ChildEBP RetAddr 00 00e0fcec 7c822114 ntdll!KiFastSystemCallRet 01 00e0fcf0 7c83acfd ntdll!NtWaitForMultipleObjects+0xc 02 00e0ffb8 77e6608b ntdll!RtlpWaitThread+0x161 03 00e0ffec 00000000 kernel32!BaseThreadStart+0x34 Thread ID: 9 System Thread ID: da0 Kernel Time: 0:0:0.0 User Time: 0:0:0.0 Thread Status: Thread is in a WAIT state. Thread Type: Other # ChildEBP RetAddr 00 00e0fcec 7c822114 ntdll!KiFastSystemCallRet 01 00e0fcf0 7c83acfd ntdll!NtWaitForMultipleObjects+0xc 02 00e0ffb8 77e6608b ntdll!RtlpWaitThread+0x161 03 00e0ffec 00000000 kernel32!BaseThreadStart+0x34 Thread ID: 10 System Thread ID: f44 Kernel Time: 0:0:0.0 User Time: 0:0:0.0 Thread Type: Other # ChildEBP RetAddr 00 0186ff8c 7c821364 ntdll!KiFastSystemCallRet 01 0186ff90 7c815267 ntdll!NtDelayExecution+0xc 02 0186ffb8 77e6608b ntdll!RtlpIOWorkerThread+0x3f 03 0186ffec 00000000 kernel32!BaseThreadStart+0x34 Thread ID: 11 System Thread ID: 2f4 Kernel Time: 0:0:5.843 User Time: 0:0:1.468 Thread Type: HTTP Listener # ChildEBP RetAddr 00 0199ff24 7c821bf4 ntdll!KiFastSystemCallRet 01 0199ff28 77e66142 ntdll!NtRemoveIoCompletion+0xc 02 0199ff54 5a30249e kernel32!GetQueuedCompletionStatus+0x29 03 0199ff8c 5a3026bc W3TP!THREAD_POOL_DATA::ThreadPoolThread+0x33 04 0199ffa0 5a301db9 W3TP!THREAD_POOL_DATA::ThreadPoolThread+0x24 05 0199ffb8 77e6608b W3TP!THREAD_MANAGER::ThreadManagerThread+0x39 06 0199ffec 00000000 kernel32!BaseThreadStart+0x34 Thread ID: 12 System Thread ID: d78 Kernel Time: 0:0:13.31 User Time: 0:0:3.109 Thread Type: HTTP Listener # ChildEBP RetAddr 00 019eff24 7c821bf4 ntdll!KiFastSystemCallRet 01 019eff28 77e66142 ntdll!NtRemoveIoCompletion+0xc 02 019eff54 5a30249e kernel32!GetQueuedCompletionStatus+0x29 03 019eff8c 5a3026bc W3TP!THREAD_POOL_DATA::ThreadPoolThread+0x33 04 019effa0 5a301db9 W3TP!THREAD_POOL_DATA::ThreadPoolThread+0x24 05 019effb8 77e6608b W3TP!THREAD_MANAGER::ThreadManagerThread+0x39 06 019effec 00000000 kernel32!BaseThreadStart+0x34 Thread ID: 13 System Thread ID: 98c Kernel Time: 0:0:5.187 User Time: 0:0:1.156 Thread Type: HTTP Listener # ChildEBP RetAddr 00 01a5ff24 7c821bf4 ntdll!KiFastSystemCallRet 01 01a5ff28 77e66142 ntdll!NtRemoveIoCompletion+0xc 02 01a5ff54 5a30249e kernel32!GetQueuedCompletionStatus+0x29 03 01a5ff8c 5a3026bc W3TP!THREAD_POOL_DATA::ThreadPoolThread+0x33 04 01a5ffa0 5a301db9 W3TP!THREAD_POOL_DATA::ThreadPoolThread+0x24 05 01a5ffb8 77e6608b W3TP!THREAD_MANAGER::ThreadManagerThread+0x39 06 01a5ffec 00000000 kernel32!BaseThreadStart+0x34 Thread ID: 14 System Thread ID: e9c Kernel Time: 0:0:7.437 User Time: 0:0:2.203 Thread Type: HTTP Listener # ChildEBP RetAddr 00 01c9ff24 7c821bf4 ntdll!KiFastSystemCallRet 01 01c9ff28 77e66142 ntdll!NtRemoveIoCompletion+0xc 02 01c9ff54 5a30249e kernel32!GetQueuedCompletionStatus+0x29 03 01c9ff8c 5a3026bc W3TP!THREAD_POOL_DATA::ThreadPoolThread+0x33 04 01c9ffa0 5a301db9 W3TP!THREAD_POOL_DATA::ThreadPoolThread+0x24 05 01c9ffb8 77e6608b W3TP!THREAD_MANAGER::ThreadManagerThread+0x39 06 01c9ffec 00000000 kernel32!BaseThreadStart+0x34 Thread ID: 15 System Thread ID: 50c Kernel Time: 0:0:7.609 User Time: 0:0:2.343 Thread Type: HTTP Listener # ChildEBP RetAddr 00 01efff24 7c821bf4 ntdll!KiFastSystemCallRet 01 01efff28 77e66142 ntdll!NtRemoveIoCompletion+0xc 02 01efff54 5a30249e kernel32!GetQueuedCompletionStatus+0x29 03 01efff8c 5a3026bc W3TP!THREAD_POOL_DATA::ThreadPoolThread+0x33 04 01efffa0 5a301db9 W3TP!THREAD_POOL_DATA::ThreadPoolThread+0x24 05 01efffb8 77e6608b W3TP!THREAD_MANAGER::ThreadManagerThread+0x39 06 01efffec 00000000 kernel32!BaseThreadStart+0x34 Thread ID: 16 System Thread ID: b10 Kernel Time: 0:0:10.78 User Time: 0:0:2.687 Thread Type: HTTP Listener # ChildEBP RetAddr 00 01ebff24 7c821bf4 ntdll!KiFastSystemCallRet 01 01ebff28 77e66142 ntdll!NtRemoveIoCompletion+0xc 02 01ebff54 5a30249e kernel32!GetQueuedCompletionStatus+0x29 03 01ebff8c 5a3026bc W3TP!THREAD_POOL_DATA::ThreadPoolThread+0x33 04 01ebffa0 5a301db9 W3TP!THREAD_POOL_DATA::ThreadPoolThread+0x24 05 01ebffb8 77e6608b W3TP!THREAD_MANAGER::ThreadManagerThread+0x39 06 01ebffec 00000000 kernel32!BaseThreadStart+0x34 Thread ID: 17 System Thread ID: ea0 Kernel Time: 0:0:4.921 User Time: 0:0:1.218 Thread Type: HTTP Listener # ChildEBP RetAddr 00 01cdff24 7c821bf4 ntdll!KiFastSystemCallRet 01 01cdff28 77e66142 ntdll!NtRemoveIoCompletion+0xc 02 01cdff54 5a30249e kernel32!GetQueuedCompletionStatus+0x29 03 01cdff8c 5a3026bc W3TP!THREAD_POOL_DATA::ThreadPoolThread+0x33 04 01cdffa0 5a301db9 W3TP!THREAD_POOL_DATA::ThreadPoolThread+0x24 05 01cdffb8 77e6608b W3TP!THREAD_MANAGER::ThreadManagerThread+0x39 06 01cdffec 00000000 kernel32!BaseThreadStart+0x34 Thread ID: 18 System Thread ID: f84 Kernel Time: 0:0:2.859 User Time: 0:0:0.734 Thread Type: HTTP Listener # ChildEBP RetAddr 00 01e7ff24 7c821bf4 ntdll!KiFastSystemCallRet 01 01e7ff28 77e66142 ntdll!NtRemoveIoCompletion+0xc 02 01e7ff54 5a30249e kernel32!GetQueuedCompletionStatus+0x29 03 01e7ff8c 5a3026bc W3TP!THREAD_POOL_DATA::ThreadPoolThread+0x33 04 01e7ffa0 5a301db9 W3TP!THREAD_POOL_DATA::ThreadPoolThread+0x24 05 01e7ffb8 77e6608b W3TP!THREAD_MANAGER::ThreadManagerThread+0x39 06 01e7ffec 00000000 kernel32!BaseThreadStart+0x34 Thread ID: 19 System Thread ID: be4 Kernel Time: 0:0:1.531 User Time: 0:0:0.328 Thread Type: HTTP Listener # ChildEBP RetAddr 00 0207ff24 7c821bf4 ntdll!KiFastSystemCallRet 01 0207ff28 77e66142 ntdll!NtRemoveIoCompletion+0xc 02 0207ff54 5a30249e kernel32!GetQueuedCompletionStatus+0x29 03 0207ff8c 5a3026bc W3TP!THREAD_POOL_DATA::ThreadPoolThread+0x33 04 0207ffa0 5a301db9 W3TP!THREAD_POOL_DATA::ThreadPoolThread+0x24 05 0207ffb8 77e6608b W3TP!THREAD_MANAGER::ThreadManagerThread+0x39 06 0207ffec 00000000 kernel32!BaseThreadStart+0x34 Thread ID: 20 System Thread ID: 318 Kernel Time: 0:0:7.750 User Time: 0:0:2.234 Thread Type: HTTP Listener # ChildEBP RetAddr 00 020fff24 7c821bf4 ntdll!KiFastSystemCallRet 01 020fff28 77e66142 ntdll!NtRemoveIoCompletion+0xc 02 020fff54 5a30249e kernel32!GetQueuedCompletionStatus+0x29 03 020fff8c 5a3026bc W3TP!THREAD_POOL_DATA::ThreadPoolThread+0x33 04 020fffa0 5a301db9 W3TP!THREAD_POOL_DATA::ThreadPoolThread+0x24 05 020fffb8 77e6608b W3TP!THREAD_MANAGER::ThreadManagerThread+0x39 06 020fffec 00000000 kernel32!BaseThreadStart+0x34 Thread ID: 21 System Thread ID: e74 Kernel Time: 0:0:4.625 User Time: 0:0:1.421 Thread Type: HTTP Listener # ChildEBP RetAddr 00 0213ff24 7c821bf4 ntdll!KiFastSystemCallRet 01 0213ff28 77e66142 ntdll!NtRemoveIoCompletion+0xc 02 0213ff54 5a30249e kernel32!GetQueuedCompletionStatus+0x29 03 0213ff8c 5a3026bc W3TP!THREAD_POOL_DATA::ThreadPoolThread+0x33 04 0213ffa0 5a301db9 W3TP!THREAD_POOL_DATA::ThreadPoolThread+0x24 05 0213ffb8 77e6608b W3TP!THREAD_MANAGER::ThreadManagerThread+0x39 06 0213ffec 00000000 kernel32!BaseThreadStart+0x34 Thread ID: 22 System Thread ID: 904 Kernel Time: 0:0:0.609 User Time: 0:0:0.187 Thread Type: HTTP Listener # ChildEBP RetAddr 00 0217ff24 7c821bf4 ntdll!KiFastSystemCallRet 01 0217ff28 77e66142 ntdll!NtRemoveIoCompletion+0xc 02 0217ff54 5a30249e kernel32!GetQueuedCompletionStatus+0x29 03 0217ff8c 5a3026bc W3TP!THREAD_POOL_DATA::ThreadPoolThread+0x33 04 0217ffa0 5a301db9 W3TP!THREAD_POOL_DATA::ThreadPoolThread+0x24 05 0217ffb8 77e6608b W3TP!THREAD_MANAGER::ThreadManagerThread+0x39 06 0217ffec 00000000 kernel32!BaseThreadStart+0x34 Thread ID: 23 System Thread ID: 330 Kernel Time: 0:0:0.0 User Time: 0:0:0.0 Thread Type: Other # ChildEBP RetAddr 00 009aff7c 7c821bf4 ntdll!KiFastSystemCallRet 01 009aff80 71b23eb4 ntdll!NtRemoveIoCompletion+0xc 02 009affb8 77e6608b mswsock!SockAsyncThread+0x69 03 009affec 00000000 kernel32!BaseThreadStart+0x34 Thread ID: 24 System Thread ID: ad0 Kernel Time: 0:0:0.0 User Time: 0:0:0.62 Thread Type: HTTP Listener # ChildEBP RetAddr 00 0233ff24 7c821bf4 ntdll!KiFastSystemCallRet 01 0233ff28 77e66142 ntdll!NtRemoveIoCompletion+0xc 02 0233ff54 5a30249e kernel32!GetQueuedCompletionStatus+0x29 03 0233ff8c 5a3026bc W3TP!THREAD_POOL_DATA::ThreadPoolThread+0x33 04 0233ffa0 5a301db9 W3TP!THREAD_POOL_DATA::ThreadPoolThread+0x24 05 0233ffb8 77e6608b W3TP!THREAD_MANAGER::ThreadManagerThread+0x39 06 0233ffec 00000000 kernel32!BaseThreadStart+0x34 Thread ID: 25 System Thread ID: af0 Kernel Time: 0:0:0.0 User Time: 0:0:0.0 Thread Type: Other # ChildEBP RetAddr 00 0203ff70 7c821bf4 ntdll!KiFastSystemCallRet 01 0203ff74 7c83ad75 ntdll!NtRemoveIoCompletion+0xc 02 0203ffb8 77e6608b ntdll!RtlpWorkerThread+0x3d 03 0203ffec 00000000 kernel32!BaseThreadStart+0x34 Thread ID: 26 System Thread ID: 9b0 Kernel Time: 0:0:0.0 User Time: 0:0:0.0 Thread Type: Other # ChildEBP RetAddr 00 0182ff70 7c821bf4 ntdll!KiFastSystemCallRet 01 0182ff74 7c83ad75 ntdll!NtRemoveIoCompletion+0xc 02 0182ffb8 77e6608b ntdll!RtlpWorkerThread+0x3d 03 0182ffec 00000000 kernel32!BaseThreadStart+0x34 Thread ID: 27 System Thread ID: f28 Kernel Time: 0:0:0.0 User Time: 0:0:0.0 Thread Type: Other # ChildEBP RetAddr 00 0190ff70 7c821bf4 ntdll!KiFastSystemCallRet 01 0190ff74 7c83ad75 ntdll!NtRemoveIoCompletion+0xc 02 0190ffb8 77e6608b ntdll!RtlpWorkerThread+0x3d 03 0190ffec 00000000 kernel32!BaseThreadStart+0x34 Closing open log file E:\wbapps\iisstate\output\IISState-3868.log ==================== Anyone got any ideas? It looks to me like the JRun connectors could be the cause of the problem, but I'm not sure what would cause all three to start acting the same way all of a sudden. Thanks in advance for any help. -Dan Tag: Web Server Version Revealed (IIS) Tag: 389784
  - 21
    - SOAP Monitor I don't know if this is the right newsgroup, but I don't know a better one. I've got a client-software and a web service. And now I need to read the SOAP-messages transmitted. I couldn't find something with Google etc. but a friend had shown me the SOAPmonitor for TOMCAT/axis. Does anyone know something similar to this for IIS? Thanks in advance. Sebastian Tag: Web Server Version Revealed (IIS) Tag: 389783
  - 22
    - AWStats and plugin I don't know the best place to ask a question such as this, but this group seemed like a fitting place. I set up my log files in AWStats to what was specified, but also included cs(Cookie). The point of this is that I am intending to write a extra functionality, perhaps in the way of a plugin, to parse the cookie value of web requests, and if they belong in some database/file, to do something specific. Anyway, in the .conf file, I set the following: LogFormat="date time c-ip cs-username cs-method cs-uri-stem cs-uri-query sc-status sc-bytes cs-version cs(User-Agent) cs(Cookie) cs(Referer)" This is everything that's there, plus the cookie field. Now... how to I read in the cookie information in a plugin file? Or does AWStats just ignore the cookie section, and I'll have to end up reparsing the the log files for this information? Tag: Web Server Version Revealed (IIS) Tag: 389782
  - 23
    - get metabase info via Active Directory API hi, I'm using ADsGetObject from isapi filter to get virtual folders and web sites data. It is working ok but there are errors in the event viewer - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {61738644-F196-11D0-9953-00C04FD919C1} to the user NT AUTHORITY\NETWORK SERVICE SID (S-1-5-20). This security permission can be modified using the Component Services administrative tool. how come there are messages if the code works fine? what should I do to avoid these errors? in the component services I wanted to add permissions to NT AUTHORITY\NETWORK SERVICE but it doesn't know this user. please help. Thanks. Tag: Web Server Version Revealed (IIS) Tag: 389781
  - 24
    - Remove "Domain\" when logging on Hello, Is there a way for me to remove having to put the "Domain\" in the username field when logging on? My users would rather just put their usernames instead of domain\username. Thanks in Advance. Tag: Web Server Version Revealed (IIS) Tag: 389779
  - 25
    - Sql Server & IIS problem dear guys, I have Windows Vista Ultimate, i installed IIS (default configuration) from Control Panel -> Programs & Features -> Windows Features dialog, and tested that http://localhost opens regularly ! everything is OK ! everything in the IIS console is STARTED ! I'm now trying to run Sql Server 2005 Standard Edition setup, when it reaches to the system check dialog (prior to the installation itself) it showes a warning beside IIS in the list of system features ! i read the warning message, in brief it says: "... IIS is either not installed or not turned on from Services..." !!! I got shocked, 'coz : 1) IIS is installed and running 2) there is no service called IIS or anything like this in Services console ! what's going on guys ?? how can i get rid of this warning ?? by the way, i can continue with installation of Sql Server 2005, but i won't be able to install any feature in Sql Server that requires IIS Server's functionality !! Help me please and thank you a million in advance ! Tag: Web Server Version Revealed (IIS) Tag: 389777
- Next
  - 1
    - Application pool equivalent of low (iis process)? Hello I'm trying to use an ODBC connection to NotesSQL in an ASP page hosted on IIS. I've been having a pig of a time connecting to the database in ASP, getting the error below, even the same code works e.g. in a vbs script ran on the server. Microsoft OLE DB Provider for ODBC Drivers error '80004005' [Microsoft][ODBC Driver Manager] Driver's SQLAllocHandle on SQL_HANDLE_DBC failed Having banged my head against this for a while and fought my way through the abysmally poor NotesSQL documentation, I have come to thinking that the problem is that the NotesSQL executable isn't being run in the expeceted process. In this IBM technote (http://www-1.ibm.com/support/docview.wss?uid=swg21095390) it is suggested that one should "... change your Application Protection to Low (IIS Process)...". However in IIS Manager on this server, I don't have this option; instead I must choose an application pool. Hence I'm thinking that the application pool is executing as the NETWORK SERVICE but the page is accessed as IUSR_SERVER and this may be the problem... So I've too questions: * Am I on the right track here? * What might I do about it? Many thanks in anticipation of any help on this. Tag: Web Server Version Revealed (IIS) Tag: 389772
  - 2
    - Access of Host Header websites Internally I have a Windows Server 2003 R2 (IP 192.168.1.1) connected directly to a router (IP 192.168.1.138). I have multiple websites setup to one static IP. Accessing the websites externally works perfectly. The issue is that I cant access the websites internally, so if I go to www.website.com from the server browser, it brings up the interface for the router - which is understandable. If I also set the websites up as Virtual Directories under Default Website, then I could access the sites via http://192.168.1.1/website - but I would rather not do this as I am sure there is a better way around this. I also have a SBS server (IP 192.168.1.2) connected to the router and if I type www.website.com I get the router interface again so would like to resolve this as well. I assume this is either an issue with DNS or host files, and not necessarily an IIS issue but was hoping that someone may point in the right direction I need to head. Thanks. Tag: Web Server Version Revealed (IIS) Tag: 389769
  - 3
    - IIS -> WMI -> WBem and Authentication Hi, I'm trying to use an WbemScripting.SWbemLocator object's "ConnectServer" method to connect to a PC and perform various duties. I am logging in to the IIS6 web server using integrated authentication. I get an access denied when I try to connect to various PCs, unless I specifically provide a username and password (in the script or through a login form). What I really want to do is allow the script to take the credentials of the currently logged in user to IIS, and use that to connect to the PCs. Obviously this isn't working. Would anyone be able to point me in the right direction on this? Thanks, me Tag: Web Server Version Revealed (IIS) Tag: 389760
  - 4
    - SMTP delivery retry on IIS 6.0 hi all, due to increased greylisting on remote MTAs i am seeing more and more of my outbound SMTP messages ending up in the "badmail" directory. it seems that if the remote MTA replies with "452 Too many recipients received this hour,", IIS will either never retry at all, or will retry 2-3 times and then send it to badmail. as far as i know, error 452 is temporary and IIS should continue to retry until the Expiration Timeout is reached (2 days). the problem seems to be triggered specifically by the "452" error (which i have discovered is typical of Ironport anti-spam appliances). other greylisting codes like 451 are properly queued and retried by IIS 6.0 until the message goes through. anybody got any ideas on this? best, alex Tag: Web Server Version Revealed (IIS) Tag: 389755
  - 5
    - Where to find the site about vulnerability database ? Where to find the site about vulnerability database ? Tag: Web Server Version Revealed (IIS) Tag: 389750
  - 6
    - Under 2003 and IIS, default.asp is viewed but any other pages are NOT viewed. Error was this; you are not authorized to view this page 401 error. http://mydomain/board/default.asp it was okay. but http://mydomain/board/test.asp, test.htm, and so on... any other pages are not viewed due to 401 error above. How come did it happen? Of course, for just in case, I put IUSR_, IWAM_, and even everyone with full control into "board" folder. However, the error still occurred. please give me your idea. Tag: Web Server Version Revealed (IIS) Tag: 389749
  - 7
    - Re: iis fur Thanks. <mailto:nig.nig@ntlworld.com> Tag: Web Server Version Revealed (IIS) Tag: 389748
  - 8
    - httpcfg with IIS6 stop single website HI, this is my configuration. IIS6 with multiple website in port 80. Each website have a different ip address assigned. With httpcfg i've insert all my ip in the iplisten table. In netstat i've not 0.0.0.0:80 but x.x.x.x:80, y.y.y.y:80, z.z.z.z:80 etc etc... BUT, when i stop only a single website, the assigned ip it's still in listen in my netstat and the browser say "bad request, invalid host name". So, i can't really stop a single web site! any idea? thanks in advance, Fabio Tag: Web Server Version Revealed (IIS) Tag: 389747
  - 9
    - Re: iis fur Thanks. <mailto:nig.nig@ntlworld.com> Tag: Web Server Version Revealed (IIS) Tag: 389746
  - 10
    - How to create a web application on SBS2003 server ? Hello. I'm trying to do create a VB ASP.NET web application on a SBS2003 server with IIS6.0, .NET Framework 1.1.4322, ASP.NET 1.1.4322 using Visual Studio.NET 2003 on an XP Pro, SP2 machine. When i attempt this, i get this "Web Access Failed" message: The default web access mode for this project is set to file share, but the project folder at http://lakeside/TestLakeside cannot be opened with the path \\lakeside\wwwroot$\TestLakeside. The error returned was: Unable to create Web project 'TestLakeside'. The file path '\\lakeside\wwwroot$\TestLakeside' does not correspond to the URL 'http://lakeside/TestLakeside'. The two need to map to the same server location. HTTP Error 404: Not Found I know this can be done because of this and numerous other articles from Microsoft that indicate the same thing: Configuring the Server Computer If you are developing on one computer with Visual Studio .NET 2003 and want to deploy your Web applications to a remote Web server computer, you must configure the server computer properly. Doing so requires installation of some Visual Studio .NET 2003 components on the Web server computer. Note If you are using your development computer as the Web server, you do not need to follow this procedure; installing Visual Studio .NET 2003 on your computer configures it properly. To configure a separate Web server computer for Visual Studio .NET 2003 1.. Run Visual Studio .NET 2003 setup on the Web server computer and perform Step 1 to install the Visual Studio .NET 2003 Prerequisites. This installs the .NET Framework on the server computer. When this step is complete, the setup process returns to Step 2 of the Visual Studio .NET 2003 installation. 2.. Start Step 2 of the setup process. In the left pane of the setup window are a number of options for the installation. You should: 1.. Clear the selection of all options except Server Components. 2.. Expand the Server Components node and select Web Development and Remote Debugger. 3.. Then click Install Now to proceed with installation. 3.. Verify that FrontPage® Server Extensions are configured. For details, see Setup\WebServer.htm on Visual Studio .NET 2003 CD1. 4.. Add users who will be creating Web projects to the VS Developers group. I tried the suggestions from these web sites: http://msdn.microsoft.com/library/default.asp?url=/library/en-us/vbcon/html/vxurfwebaccessfailuredialog.asp http://www.iisfaq.com/?View=A538 http://support.microsoft.com/kb/329473 http://geekswithblogs.net/timh/archive/2005/09/08/53132.aspx and many more. Any help that anybody can provide to resolve this problem would be gratefully appreciated. Thanks, Tony Tag: Web Server Version Revealed (IIS) Tag: 389744
  - 11
    - FormMail.PHP I would like to use FromMail.php on a IIS server. Posting results through a Exchange server. Is there any white paper showing How to's? Or will it not work? Tag: Web Server Version Revealed (IIS) Tag: 389742
  - 12
    - cache - missmatch Hello, our Intranet server has 3 network cards (3 ip addresses). The Web Site with the problem has 2 DNS Alias, which is http://department.company.com and http://department.site.company.com. The client suffixes are: company.com and site.company com What works for showing the latest updates. http://department http://department/index.htm http://department.company.com http://department.company.com/index.htm http://department.site.company.com but http://department.site.company.com/index.htm <<= does not show the latest updates. I have to make a IIS reset to get this URL uptodate. The Web site identification is set to Description: department - IP address (all unassigned) - Advanced: host header value: top: department - 2nd: department.company.com 3rd: department.site.company.com port for all: 80 all IP address for all: default. The problem cannot be caused by browser settings (IE 6 and 7) because I tested all "Check for newer versions of stored pages" and I faced every time the same result. the URL http://department.site.company.com/index.htm is not updated. Thank you for any hint - Donald Tag: Web Server Version Revealed (IIS) Tag: 389741
  - 13
    - Localhost does not works I installed ISS ver5.1 on my laptop running on XP Pro SP 2. No error encountered during installation. But when type http://local host in IE6 get this error mesage:- HTTP 500 - Internal server error Internet Explorer Try other htm files and they work fine but not .asp files. Please help. Thank you. Tag: Web Server Version Revealed (IIS) Tag: 389738
  - 14
    - Smtp server repeatedly crashing Hi, I'm experiencing exactly this problem: http://support.microsoft.com/?id=885264 However, I installed SP1 on the server which is having the problem, so the fix should be included. Non the less, I tried to install it without success: "Setup has detected that the service pack version of this system is newer than the update you are applying". However, smtpsvc.dll has file version 6.0.3790.1830, while the updated version should be 6.0.3790.211. I tried reinstalling the bunch (smtp server, sp1, exchange server), three times, without succes. Is there any way to force the install or fix this in any way? Thanks Tag: Web Server Version Revealed (IIS) Tag: 389736
  - 15
    - Problem of IIS Dear All Sometime when I using my web applications, they prompt following error Microsoft OLE DB Provider for SQL Server error '8007000e' Not enough storage is available to complete this operation. After I type "iisreset /restart" in the command prompt Then everything running smooth Do you know what's the problem? Tag: Web Server Version Revealed (IIS) Tag: 389732
  - 16
    - Get certificate expiry date. I'm looking for a command-line tool or script that'll provide a Certificate expiry date if I pass it the URL. Eg. c:\>certexpiry https://www.example.com returns ==> 09:00:00 20/8/2008 This is the date advertised in IE as the 'valid to' date seen if you view the certificate details when browsing to a secure page. Any help/leads greatly appreciated. Tag: Web Server Version Revealed (IIS) Tag: 389731
  - 17
    - IIS 6 ASP Compiled Templates directory is blank I have been trying to get my site to cache ASP files to disk. When I look in the ASP Compiled Templates directory, there is a folder for the process, but the folder is blank. I have made sure that the IIS_WSG has full permissions... that the Network Service also has permissions. I have checked the registry to make sure caching isn't overridden somewhere. Everything is set in the Properties of the site group... Caching 500 to memory and the rest to disk. I have over 50,000 pages so I don't think it is possible that they are all in memory and therefore the writing to disk is not needed. I have done quite a bit of searching but haven't found anything that seems to help. Anyone have an idea of where to start? Tag: Web Server Version Revealed (IIS) Tag: 389722
  - 18
    - add a new DNS domain hi, i need your help to setting a new domain (example: www.test.com) on my win server 2003 i just need to register the DNS domain as a server using command prompt but i dont know how to do it. thanks Tag: Web Server Version Revealed (IIS) Tag: 389714
  - 19
    - IE7 shows entire roof of ftp site, no logon screen. I run IS 6 and FTP in isolation mode. Now if someone uses IE7 and goes to our FTP site then instead of being prompted for a username/password they get a list a of our entire ftp directory like below: FTP root at local-ftp 08/22/2006 01:03PM Directory Folder1 10/24/2006 02:38PM Directory Folder2 11/16/2006 03:35PM Directory Folder3 etc etc etc .... Tag: Web Server Version Revealed (IIS) Tag: 389707
  - 20
    - Weird web url from Google search Hello everyone, I tried search my company homepage in google and I found that Google show me a long and strange additional URL in the link. I tried in my localhost also and the IIS seesm do nothing about this "additional part" This is how the "additional part" looks like (A(YQyCZbzIwv0oAap-aE2RTtt7Bl8P1MQ9gI3ODnpH3KO6XO_4CMhyDugWR-14IZRCj2JOcpzCoT9JSBgxIjK7Rp0dRAXf7U9M6Yl2kXLjxCQ1))/ if I append this at the end of my page , i found it can go to my page normally. for example, http://localhost/<virtual path>/(A(YQyCZbzIwv0oAap-aE2RTtt7Bl8P1MQ9gI3ODnpH3KO6XO_4CMhyDugWR-14IZRCj2JOcpzCoT9JSBgxIjK7Rp0dRAXf7U9M6Yl2kXLjxCQ1))/ is the same as http://localhost/<virtual path>/ this is also work on other web page using web server can any expert tell me what's happening on this weird thing? Tag: Web Server Version Revealed (IIS) Tag: 389705
  - 21
    - Basic IIS Port Forwarding I just setup IIS for the first time. For this post I'll use examples. My internal webserver address is: http://server/ (port 80) That works just fine from all computers inside the LAN. I configured a dynamic IP service like no-ip.com Lets say the no-ip.com address is jack.no-ip.com which resolves to my external WAN IP. I setup Port Forwarding Port 80 to my internal server IP 192.168.1.10. (192.168.1.10 = Server) From the outside I go to http://jack.no-ip.com and I do not get the internal webpage to show. I use jack.no-ip.com to terminal into my server on 3389, that works just fine, so I know the dynamic DNS service is working just fine. Why? What am I forgetting or missing? If I setup multiple IIS hosting names like http://server100/ and http://server200/ How do I direct the outside to inside? Do I have to change the ports they all listen on? Thanks.... Tag: Web Server Version Revealed (IIS) Tag: 389704
  - 22
    - many random files in c:\ root, when running IIS 5.1 Hi, I'm running xp pro sp 2 with all possible patches. Yep I'm having following problem for months. When I surf my localhost on IIS, many small files are generated on the c:\ root. I'm also experiencing a lot of caching problems, images not shown, but shown when I refresh, ... The files are unaccessable while IIS runs and they are removed when I stop IIS admin, still I managed to get a hold on a few. HTTP/1.1 200 OK Server: Microsoft-IIS/5.1 Date: Fri, 17 Nov 2006 16:06:41 GMT Content-Type: application/x-javascript Accept-Ranges: bytes Last-Modified: Sat, 08 Apr 2006 08:46:52 GMT ETag: "e8d3afbe85ac61:905" Content-Length: 34004 ==> following with a entire content of a javascript file that is requesting while surfing. For each gif, javascript, css, html, ... a file is created. It looks like my IIS is dumping cached files in the c-root. I tried uninstalling/re-installing iis many times, but no change. Does anyone have a solution. I can't find the time to fully re-install my machine, but as a web developer, I really need a flawless working IIS. Thanks ! Tag: Web Server Version Revealed (IIS) Tag: 389699
  - 23
    - IIS restart attempt failed... Hi, Win2K3. Sometimes, when loading some ASPs into a browser, something hangs. It is happening more and more. When this happens and "iisreset" is attempted, this is the result: Attempting stop... Restart attempt failed. The system cannot find the file specified. (2147942402, 80070002) Sometimes I can get around it, by going to the individual Website in IIS Admin, right click on it and select "Stop". Then "iisreset" may work. On occasion, we have decided to restart the Win2K3 machine, but the problem persists. Is anyone familiar with this issue and know what may cause it? Thanks, Jim Tag: Web Server Version Revealed (IIS) Tag: 389697
  - 24
    - Webdav change one instance of recurring appointment I have an outlook calendar, in which I am successfully inserting recurring appointments. What I have not been able to do thus far is to change programmatically the time in one instance of the recurring appointment. So for example, I have a sequence on mondays and wednesdays 1-1:30, and I need to programmatically change the time on one of the days to 4-4:30. I have searched numerous groups and have not been able to find anything. How should this be done? Please help. Tag: Web Server Version Revealed (IIS) Tag: 389696
  - 25
    - High CPU in Inetinfo Our client's IIS always has high CPU around 10:00am. Sometimes the process is even dead with error 11/16/2006 11:06:22 AM Service Control Manager Error None 7031 N/A MMAAPP02 The World Wide Web Publishing Service service terminated unexpectedly. It has done this 3 time(s). The following corrective action will be taken in 0 milliseconds: No action. 11/16/2006 11:06:22 AM Service Control Manager Error None 7031 N/A MMAAPP02 The IIS Admin Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 1 milliseconds: No action. 11/16/2006 11:06:17 AM Application Popup Information None 26 N/A MMAAPP02 "Application popup: inetinfo.exe - Application Error : The instruction at ""0x77f856a3"" referenced memory at ""0x00310038"". The memory could not be ""read"". The following is the log of IISState: Opened log file 'Y:\app\iisstate\output\IISState-2320.log' *********************** Starting new log output IISState version 3.2 Thu Nov 16 10:59:53 2006 OS = Windows 2000 Executable: inetinfo.exe PID = 2320 Note: Thread times are formatted as HH:MM:SS.ms *********************** Thread ID: 0 System Thread ID: 19c Kernel Time: 0:0:0.0 User Time: 0:0:0.0 *** ERROR: Module load completed but symbols could not be loaded for C:\WINNT\System32\inetsrv\inetinfo.exe Thread Type: Other # ChildEBP RetAddr 00 0006f89c 7c5785d1 ntdll!ZwReadFile+0xb 01 0006f910 7c2e4cd9 KERNEL32!ReadFile+0x181 02 0006f93c 7c2e4b5f ADVAPI32!ScGetPipeInput+0x28 03 0006f9b8 7c2e6632 ADVAPI32!ScDispatcherLoop+0x4a 04 0006fbf4 01002884 ADVAPI32!StartServiceCtrlDispatcherA+0x7d WARNING: Stack unwind information not available. Following frames may be wrong. 05 0006fd30 01001e94 inetinfo+0x2884 06 77e2b495 2474ff50 inetinfo+0x1e94 07 0c24448d 61747441 0x2474ff50 08 22287261 00000000 0x61747441 Thread ID: 1 System Thread ID: 8b8 Kernel Time: 0:0:0.46 User Time: 0:0:0.125 *** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINNT\System32\inetsrv\iisadmin.dll - Thread Type: Other # ChildEBP RetAddr 00 0067fd1c 7c573b28 ntdll!ZwWaitForSingleObject+0xb 01 0067fd44 7c573b50 KERNEL32!WaitForSingleObjectEx+0x71 02 0067fd54 6e6f1685 KERNEL32!WaitForSingleObject+0xf WARNING: Stack unwind information not available. Following frames may be wrong. 03 0067fd70 01002440 iisadmin!ServiceEntry+0x155 04 77e2b495 2474ff50 inetinfo+0x2440 05 0c24448d 61747441 0x2474ff50 06 22287261 00000000 0x61747441 Thread ID: 2 System Thread ID: 7bc Kernel Time: 0:2:37.109 User Time: 0:1:13.781 *** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINNT\system32\IisRTL.DLL - Thread Type: Other # ChildEBP RetAddr 00 007bfe5c 7c573c23 ntdll!ZwWaitForMultipleObjects+0xb 01 007bfeac 77e119e6 KERNEL32!WaitForMultipleObjectsEx+0xea 02 007bff08 77e11ace USER32!MsgWaitForMultipleObjectsEx+0x153 03 007bff24 6e5a5a7c USER32!MsgWaitForMultipleObjects+0x1d WARNING: Stack unwind information not available. Following frames may be wrong. 04 00283c78 000003e9 IisRTL!ALLOC_CACHE_HANDLER::SetLookasideCleanupInterval+0xe4 Thread ID: 3 System Thread ID: 90c Kernel Time: 0:3:6.140 User Time: 0:1:2.453 Thread Type: Other # ChildEBP RetAddr 00 007ffe5c 7c573c23 ntdll!ZwWaitForMultipleObjects+0xb 01 007ffeac 77e119e6 KERNEL32!WaitForMultipleObjectsEx+0xea 02 007fff08 77e11ace USER32!MsgWaitForMultipleObjectsEx+0x153 03 007fff24 6e5a5a7c USER32!MsgWaitForMultipleObjects+0x1d WARNING: Stack unwind information not available. Following frames may be wrong. 04 00283d28 000003ea IisRTL!ALLOC_CACHE_HANDLER::SetLookasideCleanupInterval+0xe4 Thread ID: 4 System Thread ID: 850 Kernel Time: 0:0:0.187 User Time: 0:0:0.62 *** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINNT\System32\inetsrv\INFOCOMM.dll - Thread Type: Other # ChildEBP RetAddr 00 00eefc1c 7c573c23 ntdll!ZwWaitForMultipleObjects+0xb 01 00eefc6c 77e119e6 KERNEL32!WaitForMultipleObjectsEx+0xea 02 00eefcc8 77e11ace USER32!MsgWaitForMultipleObjectsEx+0x153 03 00eefce4 769c4e3f USER32!MsgWaitForMultipleObjects+0x1d WARNING: Stack unwind information not available. Following frames may be wrong. 04 00cec1fc 00000000 INFOCOMM!IIS_SERVICE::StartServiceOperation+0x209 Thread ID: 5 System Thread ID: 2a8 Kernel Time: 0:0:0.0 User Time: 0:0:0.0 *** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINNT\System32\inetsrv\ISATQ.dll - Thread Type: HTTP Listener # ChildEBP RetAddr 00 0104ff5c 7c573c73 ntdll!ZwRemoveIoCompletion+0xb 01 0104ff88 6d70b2fa KERNEL32!GetQueuedCompletionStatus+0x27 WARNING: Stack unwind information not available. Following frames may be wrong. 02 0104ffb4 7c57438b ISATQ!AtqStopAndCloseEndpoint+0x147a 03 0104ffec 00000000 KERNEL32!BaseThreadStart+0x52 Thread ID: 6 System Thread ID: 98c Kernel Time: 0:0:10.390 User Time: 0:0:17.281 *** ERROR: Symbol file could not be found. Defaulted to export symbols for y:\app\filenet\idm\IDMLogon.dll - Thread Type: HTTP Listener # ChildEBP RetAddr 00 0108ff50 7c573c73 ntdll!ZwRemoveIoCompletion+0xb 01 0108ff7c 6d7088db KERNEL32!GetQueuedCompletionStatus+0x27 WARNING: Stack unwind information not available. Following frames may be wrong. 02 7c310dd6 f76868ff ISATQ!AtqGetCapTraceInfo+0x7d0 03 6aec8b55 20007300 0xf76868ff 04 69002000 0048005c 0x20007300 05 0054004e 00500054 0x48005c 06 0050ffff 66263531 0x500054 07 31333632 00000000 IDMLogon!NPPasswordChangeNotify+0x451 Thread ID: 7 System Thread ID: 6e4 Kernel Time: 0:0:10.31 User Time: 0:0:14.828 Thread Type: HTTP Listener # ChildEBP RetAddr 00 010cff50 7c573c73 ntdll!ZwRemoveIoCompletion+0xb 01 010cff7c 6d7088db KERNEL32!GetQueuedCompletionStatus+0x27 WARNING: Stack unwind information not available. Following frames may be wrong. 02 7c310dd6 f76868ff ISATQ!AtqGetCapTraceInfo+0x7d0 03 6aec8b55 20007300 0xf76868ff 04 69002000 0048005c 0x20007300 05 0054004e 00500054 0x48005c 06 0050ffff 66263531 0x500054 07 31333632 00000000 IDMLogon!NPPasswordChangeNotify+0x451 Thread ID: 8 System Thread ID: 4d0 Kernel Time: 0:0:0.0 User Time: 0:0:0.0 Thread Type: Possible ASP page. Possible DCOM activity Executing Page: *** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINNT\System32\inetsrv\asp.dll - ASP.dll symbols not found. Unable to locate ASP page. Continuing with other analysis. No remote call being made # ChildEBP RetAddr 00 0124feb8 7c573c73 ntdll!ZwRemoveIoCompletion+0xb 01 0124fee4 77d31394 KERNEL32!GetQueuedCompletionStatus+0x27 02 0124ff20 77d3e93f RPCRT4!COMMON_ProcessCalls+0x9e 03 0124ff74 77d3e8c2 RPCRT4!LOADABLE_TRANSPORT::ProcessIOEvents+0x99 04 0124ff78 77d35924 RPCRT4!ProcessIOEventsWrapper+0x9 05 0124ffa8 77d358d6 RPCRT4!BaseCachedThreadRoutine+0x4f 06 0124ffb4 7c57438b RPCRT4!ThreadStartRoutine+0x18 07 0124ffec 00000000 KERNEL32!BaseThreadStart+0x52 Thread ID: 9 System Thread ID: 960 Kernel Time: 0:0:0.0 User Time: 0:0:0.0 Thread Type: Possible ASP page. Possible DCOM activity Executing Page: ASP.dll symbols not found. Unable to locate ASP page. Continuing with other analysis. No remote call being made # ChildEBP RetAddr 00 0144fe24 77d37ba7 ntdll!ZwReplyWaitReceivePortEx+0xb 01 0144ff74 77d37b4c RPCRT4!LRPC_ADDRESS::ReceiveLotsaCalls+0x74 02 0144ff78 77d35924 RPCRT4!RecvLotsaCallsWrapper+0x9 03 0144ffa8 77d358d6 RPCRT4!BaseCachedThreadRoutine+0x4f 04 0144ffb4 7c57438b RPCRT4!ThreadStartRoutine+0x18 05 0144ffec 00000000 KERNEL32!BaseThreadStart+0x52 Thread ID: 10 System Thread ID: 5c0 Kernel Time: 0:0:0.0 User Time: 0:0:0.0 Thread Type: Other # ChildEBP RetAddr 00 014cfd20 7c573c23 ntdll!ZwWaitForMultipleObjects+0xb 01 014cfd70 7c578f0d KERNEL32!WaitForMultipleObjectsEx+0xea 02 014cfd88 778322b2 KERNEL32!WaitForMultipleObjects+0x17 03 014cffb4 7c57438b RTUTILS!TraceServerThread+0xde 04 014cffec 00000000 KERNEL32!BaseThreadStart+0x52 Thread ID: 11 System Thread ID: 618 Kernel Time: 0:0:0.0 User Time: 0:0:0.0 *** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINNT\System32\inetsrv\compfilt.dll - Thread Type: HTTP Compression Thread # ChildEBP RetAddr 00 0151ff5c 7c573b28 ntdll!ZwWaitForSingleObject+0xb 01 0151ff84 7c573b50 KERNEL32!WaitForSingleObjectEx+0x71 02 0151ff94 732c3366 KERNEL32!WaitForSingleObject+0xf WARNING: Stack unwind information not available. Following frames may be wrong. 03 0151ffb4 7c57438b compfilt!HttpFilterProc+0xe3 04 00000000 00000000 KERNEL32!BaseThreadStart+0x52 Thread ID: 12 System Thread ID: 7cc Kernel Time: 0:0:0.15 User Time: 0:0:0.15 *** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINNT\System32\inetsrv\w3svc.dll - *** ERROR: Symbol file could not be found. Defaulted to export symbols for - Thread Type: Other # ChildEBP RetAddr 00 0158fe70 7c573c23 ntdll!ZwWaitForMultipleObjects+0xb 01 0158fec0 77e119e6 KERNEL32!WaitForMultipleObjectsEx+0xea 02 0158ff1c 77e11ace USER32!MsgWaitForMultipleObjectsEx+0x153 03 0158ff38 65f38b7d USER32!MsgWaitForMultipleObjects+0x1d WARNING: Stack unwind information not available. Following frames may be wrong. 04 0158ff7c 78008454 w3svc!WamDictatorDumpInfo+0x655a 05 0158ffb4 7c57438b MSVCRT!endthread+0xc1 06 0158ffec 00000000 KERNEL32!BaseThreadStart+0x52 Thread ID: 13 System Thread ID: 62c Kernel Time: 0:0:0.0 User Time: 0:0:0.0 Thread Type: Other # ChildEBP RetAddr 00 015cfea8 7c573c23 ntdll!ZwWaitForMultipleObjects+0xb 01 015cfef8 77e119e6 KERNEL32!WaitForMultipleObjectsEx+0xea 02 015cff54 77e11ace USER32!MsgWaitForMultipleObjectsEx+0x153 03 015cff70 65f2e76c USER32!MsgWaitForMultipleObjects+0x1d WARNING: Stack unwind information not available. Following frames may be wrong. 04 015cffb4 7c57438b w3svc!ServiceEntry+0xf6f 05 015cffec 00000000 KERNEL32!BaseThreadStart+0x52 Thread ID: 14 System Thread ID: 10c Kernel Time: 0:0:0.0 User Time: 0:0:0.0 *** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINNT\system32\msafd.dll - *** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINNT\system32\WS2_32.DLL - *** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINNT\system32\inetsloc.dll - Thread Type: Other # ChildEBP RetAddr 00 0164fce0 74fd1394 ntdll!ZwWaitForSingleObject+0xb WARNING: Stack unwind information not available. Following frames may be wrong. 01 0164fd1c 74fd3c59 msafd+0x1394 02 0164fe08 750312f5 msafd!WSPSetSockOpt+0xdaa 03 0164fe6c 6e2b3b6e WS2_32!select+0xcb 04 0164ffb4 7c57438b inetsloc!TerminateSvcLocator+0xbe8 05 0164ffec 00000000 KERNEL32!BaseThreadStart+0x52 Thread ID: 15 System Thread ID: 868 Kernel Time: 0:0:0.0 User Time: 0:0:0.0 Thread Type: HTTP Listener # ChildEBP RetAddr 00 0178fdfc 74fd1394 ntdll!ZwWaitForSingleObject+0xb WARNING: Stack unwind information not available. Following frames may be wrong. 01 0178fe38 74fd3c59 msafd+0x1394 02 0178ff24 750312f5 msafd!WSPSetSockOpt+0xdaa 03 0178ff88 6d7062b4 WS2_32!select+0xcb 04 00d0ac34 00000838 ISATQ!SetIISCapTraceFlag+0x1cdb Thread ID: 16 System Thread ID: 504 Kernel Time: 0:0:13.750 User Time: 0:0:19.656 Thread Type: HTTP Listener # ChildEBP RetAddr 00 017cff50 7c573c73 ntdll!ZwRemoveIoCompletion+0xb 01 017cff7c 6d7088db KERNEL32!GetQueuedCompletionStatus+0x27 WARNING: Stack unwind information not available. Following frames may be wrong. 02 7c310dd6 f76868ff ISATQ!AtqGetCapTraceInfo+0x7d0 03 6aec8b55 20007300 0xf76868ff 04 69002000 0048005c 0x20007300 05 0054004e 00500054 0x48005c 06 0050ffff 66263531 0x500054 07 31333632 00000000 IDMLogon!NPPasswordChangeNotify+0x451 Thread ID: 17 System Thread ID: 674 Kernel Time: 0:0:0.0 User Time: 0:0:0.0 Thread Type: Idle ASP thread # ChildEBP RetAddr 00 01c8ff08 7c573c23 ntdll!ZwWaitForMultipleObjects+0xb 01 01c8ff58 7c578f0d KERNEL32!WaitForMultipleObjectsEx+0xea 02 01c8ff70 787f58ce KERNEL32!WaitForMultipleObjects+0x17 03 01c8ffb4 7c57438b comsvcs!CEventDispatcher::PushEvents+0x4e 04 01c8ffc0 00000000 KERNEL32!BaseThreadStart+0x52 Thread ID: 18 System Thread ID: 7b0 Kernel Time: 0:0:0.0 User Time: 0:0:0.0 Thread Type: Possible ASP page. Possible DCOM activity Executing Page: ASP.dll symbols not found. Unable to locate ASP page. Continuing with other analysis. Remote call is either to a MTA object or object not initialized. Also, possible utility thread. DCOM call being made to Process ID: 1296 Waiting on thread id: ffffffff # ChildEBP RetAddr 00 01ccfb68 77d4256d ntdll!ZwRequestWaitReplyPort+0xb 01 01ccfb94 77d3ac56 RPCRT4!LRPC_CCALL::SendReceive+0x11e 02 01ccfba0 77b25b87 RPCRT4!I_RpcSendReceive+0x2c 03 01ccfbc0 77b25a52 ole32!ThreadSendReceive+0xef 04 01ccfbd8 77b22ab6 ole32!CRpcChannelBuffer::SwitchAptAndDispatchCall+0x14f 05 01ccfc18 77b258c6 ole32!CRpcChannelBuffer::SendReceive2+0x96 06 01ccfc28 77a6cb5d ole32!CRpcChannelBuffer::SendReceive+0x11 07 01ccfc88 77ab74c3 ole32!CAptRpcChnl::SendReceive+0xa9 08 01ccfce0 77d94c1a ole32!CCtxComChnl::SendReceive+0x124 09 01ccfcfc 77d9487d RPCRT4!NdrProxySendReceive+0x4c 0a 01ccff44 77d95136 RPCRT4!NdrClientCall2+0x4f5 0b 01ccff60 77d46e75 RPCRT4!ObjectStublessClient+0x76 0c 01ccff70 787f5818 RPCRT4!ObjectStubless+0xf 0d 01ccffb4 7c57438b comsvcs!CEventDispatcher::GetEventServerInfoThread+0x118 0e 01ccffec 00000000 KERNEL32!BaseThreadStart+0x52 Thread ID: 19 System Thread ID: 8ec Kernel Time: 0:0:0.0 User Time: 0:0:0.0 Thread Type: ASP Executing Page: ASP.dll symbols not found. Unable to locate ASP page. Continuing with other analysis. # ChildEBP RetAddr 00 029efe70 7c573c23 ntdll!ZwWaitForMultipleObjects+0xb 01 029efec0 77e119e6 KERNEL32!WaitForMultipleObjectsEx+0xea 02 029eff1c 77e11ace USER32!MsgWaitForMultipleObjectsEx+0x153 03 029eff38 74a110f5 USER32!MsgWaitForMultipleObjects+0x1d WARNING: Stack unwind information not available. Following frames may be wrong. 04 029eff7c 78008454 asp!AspStatusHtmlDump+0x2f9c 05 029effb4 7c57438b MSVCRT!endthread+0xc1 06 029effec 00000000 KERNEL32!BaseThreadStart+0x52 Thread ID: 20 System Thread ID: 8c0 Kernel Time: 0:0:0.0 User Time: 0:0:0.0 Thread Type: ASP Executing Page: ASP.dll symbols not found. Unable to locate ASP page. Continuing with other analysis. # ChildEBP RetAddr 00 02a2fe70 7c573c23 ntdll!ZwWaitForMultipleObjects+0xb 01 02a2fec0 77e119e6 KERNEL32!WaitForMultipleObjectsEx+0xea 02 02a2ff1c 77e11ace USER32!MsgWaitForMultipleObjectsEx+0x153 03 02a2ff38 74a034be USER32!MsgWaitForMultipleObjects+0x1d WARNING: Stack unwind information not available. Following frames may be wrong. 04 02a2ff7c 78008454 asp!TS_RESOURCE::operator=+0x9db2 05 02a2ffb4 7c57438b MSVCRT!endthread+0xc1 06 02a2ffec 00000000 KERNEL32!BaseThreadStart+0x52 Thread ID: 21 System Thread ID: 1c8 Kernel Time: 0:0:0.15 User Time: 0:0:0.0 *** WARNING: Unable to verify checksum for *** ERROR: Symbol file could not be found. Defaulted to export symbols for - Thread Type: PDM (Debugger) Thread. # ChildEBP RetAddr 00 02a6fddc 7c573c23 ntdll!ZwWaitForMultipleObjects+0xb 01 02a6fe2c 77e119e6 KERNEL32!WaitForMultipleObjectsEx+0xea 02 02a6fe88 77e11ace USER32!MsgWaitForMultipleObjectsEx+0x153 03 02a6fea4 4a00886c USER32!MsgWaitForMultipleObjects+0x1d 04 02a6ff88 4a008a85 pdm+0x886c 05 02a6ffb0 4a008a09 pdm+0x8a85 06 02a6ffb4 7c57438b pdm+0x8a09 07 02a6ffec 00000000 KERNEL32!BaseThreadStart+0x52 Thread ID: 22 System Thread ID: 84c Kernel Time: 0:0:0.0 User Time: 0:0:0.0 Thread Type: Other # ChildEBP RetAddr 00 02aeff9c 77f842c4 ntdll!NtDelayExecution+0xb 01 02aeffb4 7c57438b ntdll!RtlpTimerThread+0x42 02 02aeffec 00000000 KERNEL32!BaseThreadStart+0x52 Thread ID: 23 System Thread ID: 5b4 Kernel Time: 0:0:13.765 User Time: 0:1:8.78 Thread Type: Idle ASP thread # ChildEBP RetAddr 00 02b2fe28 7c573c23 ntdll!ZwWaitForMultipleObjects+0xb 01 02b2fe78 77e119e6 KERNEL32!WaitForMultipleObjectsEx+0xea 02 02b2fed4 77e11ace USER32!MsgWaitForMultipleObjectsEx+0x153 03 02b2fef0 787c3911 USER32!MsgWaitForMultipleObjects+0x1d 04 02b2ff1c 787c2cc0 comsvcs!STAThread::WaitForWork+0x33 05 02b2ffb4 7c57438b comsvcs!STAThread::STAThreadWorker+0x4e2 06 02b2ffec 00000000 KERNEL32!BaseThreadStart+0x52 Thread ID: 24 System Thread ID: 958 Kernel Time: 0:0:17.93 User Time: 0:1:34.156 Thread Type: Idle ASP thread # ChildEBP RetAddr 00 02b6fe28 7c573c23 ntdll!ZwWaitForMultipleObjects+0xb 01 02b6fe78 77e119e6 KERNEL32!WaitForMultipleObjectsEx+0xea 02 02b6fed4 77e11ace USER32!MsgWaitForMultipleObjectsEx+0x153 03 02b6fef0 787c3911 USER32!MsgWaitForMultipleObjects+0x1d 04 02b6ff1c 787c2cc0 comsvcs!STAThread::WaitForWork+0x33 05 02b6ffb4 7c57438b comsvcs!STAThread::STAThreadWorker+0x4e2 06 02b6ffec 00000000 KERNEL32!BaseThreadStart+0x52 Thread ID: 25 System Thread ID: 2a4 Kernel Time: 0:0:2.171 User Time: 0:0:10.703 Thread Type: Idle ASP thread # ChildEBP RetAddr 00 02bafe28 7c573c23 ntdll!ZwWaitForMultipleObjects+0xb 01 02bafe78 77e119e6 KERNEL32!WaitForMultipleObjectsEx+0xea 02 02bafed4 77e11ace USER32!MsgWaitForMultipleObjectsEx+0x153 03 02bafef0 787c3911 USER32!MsgWaitForMultipleObjects+0x1d 04 02baff1c 787c2cc0 comsvcs!STAThread::WaitForWork+0x33 05 02baffb4 7c57438b comsvcs!STAThread::STAThreadWorker+0x4e2 06 02baffec 00000000 KERNEL32!BaseThreadStart+0x52 Thread ID: 26 System Thread ID: 874 Kernel Time: 0:0:4.765 User Time: 0:0:25.218 Thread Type: Idle ASP thread # ChildEBP RetAddr 00 02cefe28 7c573c23 ntdll!ZwWaitForMultipleObjects+0xb 01 02cefe78 77e119e6 KERNEL32!WaitForMultipleObjectsEx+0xea 02 02cefed4 77e11ace USER32!MsgWaitForMultipleObjectsEx+0x153 03 02cefef0 787c3911 USER32!MsgWaitForMultipleObjects+0x1d 04 02ceff1c 787c2cc0 comsvcs!STAThread::WaitForWork+0x33 05 02ceffb4 7c57438b comsvcs!STAThread::STAThreadWorker+0x4e2 06 02ceffec 00000000 KERNEL32!BaseThreadStart+0x52 Thread ID: 27 System Thread ID: 88c Kernel Time: 0:0:0.0 User Time: 0:0:0.0 *** ERROR: Symbol file could not be found. Defaulted to export symbols for y:\app\filenet\idm\fnpfetch.dll - *** ERROR: Symbol file could not be found. Defaulted to export symbols for - Thread Type: Other # ChildEBP RetAddr 00 064afe08 66df6f50 USER32!NtUserWaitMessage+0xb WARNING: Stack unwind information not available. Following frames may be wrong. 01 064aff0c 6c3bde29 fnpfetch+0x6f50 02 064aff7c 780085bc MFC42!Ordinal2546+0x147 03 064affb4 7c57438b MSVCRT!endthreadex+0xbc 04 064affec 00000000 KERNEL32!BaseThreadStart+0x52 Thread ID: 28 System Thread ID: 848 Kernel Time: 0:0:0.609 User Time: 0:0:1.468 *** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\Program Files\Common Files\System\OLE DB\oledb32.dll - Thread Type: Other # ChildEBP RetAddr 00 06a7ff58 7c573b28 ntdll!ZwWaitForSingleObject+0xb 01 06a7ff80 7c573b50 KERNEL32!WaitForSingleObjectEx+0x71 02 06a7ff90 1f8945ab KERNEL32!WaitForSingleObject+0xf WARNING: Stack unwind information not available. Following frames may be wrong. 03 06a7ffb4 7c57438b oledb32!DllGetClassObject+0x2881 04 06a7ffec 00000000 KERNEL32!BaseThreadStart+0x52 Thread ID: 29 System Thread ID: 83c Kernel Time: 0:0:0.921 User Time: 0:0:1.78 Thread Type: Other # ChildEBP RetAddr 00 06abff50 7c573b28 ntdll!ZwWaitForSingleObject+0xb 01 06abff78 7c573b50 KERNEL32!WaitForSingleObjectEx+0x71 02 06abff88 1f8945bb KERNEL32!WaitForSingleObject+0xf WARNING: Stack unwind information not available. Following frames may be wrong. 03 06abffb4 7c57438b oledb32!DllGetClassObject+0x2891 04 06abffec 00000000 KERNEL32!BaseThreadStart+0x52 Thread ID: 30 System Thread ID: 964 Kernel Time: 0:0:0.0 User Time: 0:0:0.0 Thread Type: Idle ASP thread # ChildEBP RetAddr 00 06affd54 7c573b28 ntdll!ZwWaitForSingleObject+0xb 01 06affd7c 7c573b50 KERNEL32!WaitForSingleObjectEx+0x71 02 06affd8c 7878db85 KERNEL32!WaitForSingleObject+0xf 03 06afffb4 7c57438b comsvcs!PingThread+0xf5 04 06afffec 00000000 KERNEL32!BaseThreadStart+0x52 Thread ID: 31 System Thread ID: 5c4 Kernel Time: 0:0:0.0 User Time: 0:0:0.0 Thread Type: Other # ChildEBP RetAddr 00 06d4ff20 77f838a5 ntdll!ZwRemoveIoCompletion+0xb 01 06d4ffb4 7c57438b ntdll!RtlpWorkerThread+0x6b 02 06d4ffec 00000000 KERNEL32!BaseThreadStart+0x52 Thread ID: 32 System Thread ID: 970 Kernel Time: 0:0:0.921 User Time: 0:16:49.843 *** ERROR: Symbol file could not be found. Defaulted to export symbols for y:\PROGRA~1\JavaSoft\JRE\132E6D~1.1\bin\HotSpot\jvm.dll - Thread Type: Other # ChildEBP RetAddr 00 33bffea8 7c573b28 ntdll!ZwWaitForSingleObject+0xb 01 33bffed0 7c573b50 KERNEL32!WaitForSingleObjectEx+0x71 02 33bffee0 6d46475a KERNEL32!WaitForSingleObject+0xf WARNING: Stack unwind information not available. Following frames may be wrong. 03 33bfff10 6d48ad8a jvm!JVM_FindSignal+0x121b5 04 33bfff68 6d48ac1e jvm!JVM_FindSignal+0x387e5 05 33bfff7c 780085bc jvm!JVM_FindSignal+0x38679 06 33bfffb4 7c57438b MSVCRT!endthreadex+0xbc 07 33bfffec 00000000 KERNEL32!BaseThreadStart+0x52 Thread ID: 33 System Thread ID: 980 Kernel Time: 0:0:0.0 User Time: 0:0:0.0 Thread Type: Other # ChildEBP RetAddr 00 33c3ff88 75179cd7 ntdll!ZwWaitForMultipleObjects+0xb 01 33c3ffb4 7c57438b NETAPI32!NetbiosWaiter+0x71 02 33c3ffec 00000000 KERNEL32!BaseThreadStart+0x52 Thread ID: 34 System Thread ID: 940 Kernel Time: 0:0:0.93 User Time: 0:0:0.515 Thread Type: Other # ChildEBP RetAddr 00 33c7fc18 7c573b28 ntdll!ZwWaitForSingleObject+0xb 01 33c7fc40 7c573b50 KERNEL32!WaitForSingleObjectEx+0x71 02 33c7fc50 6d465f47 KERNEL32!WaitForSingleObject+0xf WARNING: Stack unwind information not available. Following frames may be wrong. 03 33c7fc88 6d4763ae jvm!JVM_FindSignal+0x139a2 04 33c7fcac 6d44b9f2 jvm!JVM_FindSignal+0x23e09 05 33c7fccc 06b52890 jvm!JVM_MonitorWait+0x70 06 33c7fcfc 06b5035a 0x6b52890 07 33c7fd30 06b5035a 0x6b5035a 08 33c7fd5c 6d4db41c 0x6b5035a 09 33c7fd84 6d44034e jvm!JVMCI_InstallStackOvrFlowExceptionFilter+0x435c4 0a 33c7fe04 6d46932d jvm!JVM_DisableCompiler+0x678d 0b 33c7fe40 6d440262 jvm!JVM_FindSignal+0x16d88 0c 33c7fe94 6d43ffe0 jvm!JVM_DisableCompiler+0x66a1 0d 33c7fee8 6d44f403 jvm!JVM_DisableCompiler+0x641f 0e 33c7ff3c 6d482c10 jvm!JVM_StartThread+0x1bb 0f 33c7ff68 6d482be0 jvm!JVM_FindSignal+0x3066b 10 33c7ff7c 780085bc jvm!JVM_FindSignal+0x3063b 11 33c7ffb4 7c57438b MSVCRT!endthreadex+0xbc 12 33c7ffec 00000000 KERNEL32!BaseThreadStart+0x52 Thread ID: 35 System Thread ID: 69c Kernel Time: 0:0:0.15 User Time: 0:0:0.156 Thread Type: Other # ChildEBP RetAddr 00 33cbfbe0 7c573b28 ntdll!ZwWaitForSingleObject+0xb 01 33cbfc08 7c573b50 KERNEL32!WaitForSingleObjectEx+0x71 02 33cbfc18 6d465f47 KERNEL32!WaitForSingleObject+0xf WARNING: Stack unwind information not available. Following frames may be wrong. 03 33cbfc50 6d4763ae jvm!JVM_FindSignal+0x139a2 04 33cbfc74 6d44b9f2 jvm!JVM_FindSignal+0x23e09 05 33cbfc94 06b52890 jvm!JVM_MonitorWait+0x70 06 33cbfcc4 06b5035a 0x6b52890 07 33cbfd00 06b503aa 0x6b5035a 08 33cbfd44 06b503aa 0x6b503aa 09 33cbfd68 6d4db41c 0x6b503aa 0a 33cbfd84 6d44034e jvm!JVMCI_InstallStackOvrFlowExceptionFilter+0x435c4 0b 33cbfe04 6d46932d jvm!JVM_DisableCompiler+0x678d 0c 33cbfe40 6d440262 jvm!JVM_FindSignal+0x16d88 0d 33cbfe94 6d43ffe0 jvm!JVM_DisableCompiler+0x66a1 0e 33cbfee8 6d44f403 jvm!JVM_DisableCompiler+0x641f 0f 33cbff3c 6d482c10 jvm!JVM_StartThread+0x1bb 10 33cbff68 6d482be0 jvm!JVM_FindSignal+0x3066b 11 33cbff7c 780085bc jvm!JVM_FindSignal+0x3063b 12 33cbffb4 7c57438b MSVCRT!endthreadex+0xbc 13 33cbffec 00000000 KERNEL32!BaseThreadStart+0x52 Thread ID: 36 System Thread ID: 51c Kernel Time: 0:0:0.0 User Time: 0:0:0.0 Thread Type: Other # ChildEBP RetAddr 00 0110ff08 7c573a4e ntdll!NtDelayExecution+0xb 01 0110ff28 7c573a22 KERNEL32!SleepEx+0x32 02 0110ff34 6d469578 KERNEL32!Sleep+0xb WARNING: Stack unwind information not available. Following frames may be wrong. 03 0110ff58 6d48273d jvm!JVM_FindSignal+0x16fd3 04 0110ff7c 780085bc jvm!JVM_FindSignal+0x30198 05 0110ffb4 7c57438b MSVCRT!endthreadex+0xbc 06 0110ffec 00000000 KERNEL32!BaseThreadStart+0x52 Thread ID: 37 System Thread ID: 92c Kernel Time: 0:0:0.0 User Time: 0:0:0.0 Thread Type: Other # ChildEBP RetAddr 00 068afef4 7c573b28 ntdll!ZwWaitForSingleObject+0xb 01 068aff1c 7c573b50 KERNEL32!WaitForSingleObjectEx+0x71 02 068aff2c 6d46475a KERNEL32!WaitForSingleObject+0xf WARNING: Stack unwind information not available. Following frames may be wrong. 03 068aff5c 6d482883 jvm!JVM_FindSignal+0x121b5 04 068aff7c 780085bc jvm!JVM_FindSignal+0x302de 05 068affb4 7c57438b MSVCRT!endthreadex+0xbc 06 068affec 00000000 KERNEL32!BaseThreadStart+0x52 Thread ID: 38 System Thread ID: 844 Kernel Time: 0:0:0.15 User Time: 0:0:0.515 Thread Type: Other # ChildEBP RetAddr 00 068efe84 7c573b28 ntdll!ZwWaitForSingleObject+0xb 01 068efeac 7c573b50 KERNEL32!WaitForSingleObjectEx+0x71 02 068efebc 6d4647a7 KERNEL32!WaitForSingleObject+0xf WARNING: Stack unwind information not available. Following frames may be wrong. 03 068efeec 6d490750 jvm!JVM_FindSignal+0x12202 04 00000000 00000000 jvm!JVM_FindSignal+0x3e1ab Thread ID: 39 System Thread ID: 3c8 Kernel Time: 0:0:0.109 User Time: 0:0:0.93 Thread Type: Other # ChildEBP RetAddr 00 096bfc30 7c573b28 ntdll!ZwWaitForSingleObject+0xb 01 096bfc58 7c573b50 KERNEL32!WaitForSingleObjectEx+0x71 02 096bfc68 6d465f47 KERNEL32!WaitForSingleObject+0xf WARNING: Stack unwind information not available. Following frames may be wrong. 03 096bfca0 6d4763ae jvm!JVM_FindSignal+0x139a2 04 096bfcc4 6d44b9f2 jvm!JVM_FindSignal+0x23e09 05 096bfce4 06b52890 jvm!JVM_MonitorWait+0x70 06 096bfd14 06b5035a 0x6b52890 07 096bfd50 6d4db41c 0x6b5035a 08 096bfd84 6d44034e jvm!JVMCI_InstallStackOvrFlowExceptionFilter+0x435c4 09 096bfe04 6d46932d jvm!JVM_DisableCompiler+0x678d 0a 096bfe40 6d440262 jvm!JVM_FindSignal+0x16d88 0b 096bfe94 6d43ffe0 jvm!JVM_DisableCompiler+0x66a1 0c 096bfee8 6d44f403 jvm!JVM_DisableCompiler+0x641f 0d 096bff3c 6d482c10 jvm!JVM_StartThread+0x1bb 0e 096bff68 6d482be0 jvm!JVM_FindSignal+0x3066b 0f 096bff7c 780085bc jvm!JVM_FindSignal+0x3063b 10 096bffb4 7c57438b MSVCRT!endthreadex+0xbc 11 096bffec 00000000 KERNEL32!BaseThreadStart+0x52 Thread ID: 40 System Thread ID: 5a4 Kernel Time: 0:0:0.0 User Time: 0:0:0.0 Thread Type: Other # ChildEBP RetAddr 00 0973f69c 74fd1394 ntdll!ZwWaitForSingleObject+0xb WARNING: Stack unwind information not available. Following frames may be wrong. 01 0973f6d8 74fd487c msafd+0x1394 02 0973fb80 7503ca41 msafd!WSPSetSockOpt+0x19cd 03 0973fbb8 7503c9cc WS2_32!WSAAccept+0x72 04 0973fc38 06b52890 WS2_32!accept+0x15 05 0973fc64 06b5035a 0x6b52890 06 0973fc9c 06b5035a 0x6b5035a 07 0973fcc4 06b5035a 0x6b5035a 08 0973fcf8 06b503aa 0x6b5035a 09 0973fd20 06b50422 0x6b503aa 0a 0973fd6c 6d4db41c 0x6b50422 0b 0973fd84 6d44034e jvm!JVMCI_InstallStackOvrFlowExceptionFilter+0x435c4 0c 0973fe04 6d46932d jvm!JVM_DisableCompiler+0x678d 0d 0973fe40 6d440262 jvm!JVM_FindSignal+0x16d88 0e 0973fe94 6d43ffe0 jvm!JVM_DisableCompiler+0x66a1 0f 0973fee8 6d44f403 jvm!JVM_DisableCompiler+0x641f 10 0973ff3c 6d482c10 jvm!JVM_StartThread+0x1bb 11 0973ff68 6d482be0 jvm!JVM_FindSignal+0x3066b 12 0973ff7c 780085bc jvm!JVM_FindSignal+0x3063b 13 0973ffb4 7c57438b MSVCRT!endthreadex+0xbc 14 0973ffec 00000000 KERNEL32!BaseThreadStart+0x52 Thread ID: 41 System Thread ID: 904 Kernel Time: 0:0:0.0 User Time: 0:0:0.0 Thread Type: Other # ChildEBP RetAddr 00 0977fbb0 7c573b28 ntdll!ZwWaitForSingleObject+0xb 01 0977fbd8 7c573b50 KERNEL32!WaitForSingleObjectEx+0x71 02 0977fbe8 6d465f47 KERNEL32!WaitForSingleObject+0xf WARNING: Stack unwind information not available. Following frames may be wrong. 03 0977fc20 6d4763ae jvm!JVM_FindSignal+0x139a2 04 0977fc44 6d44b9f2 jvm!JVM_FindSignal+0x23e09 05 0977fc64 06b52890 jvm!JVM_MonitorWait+0x70 06 0977fc94 06b5035a 0x6b52890 07 0977fcd0 06b503aa 0x6b5035a 08 0977fd14 06b503aa 0x6b503aa 09 0977fd38 06b50422 0x6b503aa 0a 0977fd6c 6d4db41c 0x6b50422 0b 0977fd84 6d44034e jvm!JVMCI_InstallStackOvrFlowExceptionFilter+0x435c4 0c 0977fe04 6d46932d jvm!JVM_DisableCompiler+0x678d 0d 0977fe40 6d440262 jvm!JVM_FindSignal+0x16d88 0e 0977fe94 6d43ffe0 jvm!JVM_DisableCompiler+0x66a1 0f 0977fee8 6d44f403 jvm!JVM_DisableCompiler+0x641f 10 0977ff3c 6d482c10 jvm!JVM_StartThread+0x1bb 11 0977ff68 6d482be0 jvm!JVM_FindSignal+0x3066b 12 0977ff7c 780085bc jvm!JVM_FindSignal+0x3063b 13 0977ffb4 7c57438b MSVCRT!endthreadex+0xbc 14 0977ffec 00000000 KERNEL32!BaseThreadStart+0x52 Thread ID: 42 System Thread ID: 8bc Kernel Time: 0:0:22.890 User Time: 0:1:58.968 Thread Type: Idle ASP thread # ChildEBP RetAddr 00 0bbbfe28 7c573c23 ntdll!ZwWaitForMultipleObjects+0xb 01 0bbbfe78 77e119e6 KERNEL32!WaitForMultipleObjectsEx+0xea 02 0bbbfed4 77e11ace USER32!MsgWaitForMultipleObjectsEx+0x153 03 0bbbfef0 787c3911 USER32!MsgWaitForMultipleObjects+0x1d 04 0bbbff1c 787c2cc0 comsvcs!STAThread::WaitForWork+0x33 05 0bbbffb4 7c57438b comsvcs!STAThread::STAThreadWorker+0x4e2 06 0bbbffec 00000000 KERNEL32!BaseThreadStart+0x52 Thread ID: 43 System Thread ID: 978 Kernel Time: 0:0:5.171 User Time: 0:0:23.750 Thread Type: Idle ASP thread # ChildEBP RetAddr 00 0de2fe28 7c573c23 ntdll!ZwWaitForMultipleObjects+0xb 01 0de2fe78 77e119e6 KERNEL32!WaitForMultipleObjectsEx+0xea 02 0de2fed4 77e11ace USER32!MsgWaitForMultipleObjectsEx+0x153 03 0de2fef0 787c3911 USER32!MsgWaitForMultipleObjects+0x1d 04 0de2ff1c 787c2cc0 comsvcs!STAThread::WaitForWork+0x33 05 0de2ffb4 7c57438b comsvcs!STAThread::STAThreadWorker+0x4e2 06 0de2ffec 00000000 KERNEL32!BaseThreadStart+0x52 Thread ID: 44 System Thread ID: 6d8 Kernel Time: 0:0:0.0 User Time: 0:0:0.0 Thread Type: Other # ChildEBP RetAddr 00 0c58ff10 7c573b28 ntdll!ZwWaitForSingleObject+0xb 01 0c58ff38 7c573b50 KERNEL32!WaitForSingleObjectEx+0x71 02 0c58ff48 6c37143a KERNEL32!WaitForSingleObject+0xf WARNING: Stack unwind information not available. Following frames may be wrong. 03 0c58ffb4 7c57438b MFC42!Ordinal4168+0xd 04 0c58ffec 00000000 KERNEL32!BaseThreadStart+0x52 Thread ID: 45 System Thread ID: 6dc Kernel Time: 0:0:2.31 User Time: 0:0:1.125 Thread Type: Other # ChildEBP RetAddr 00 0c5cff30 77abbad5 USER32!NtUserGetMessage+0xb 01 0c5cff70 77abba23 ole32!CDllHost::STAWorkerLoop+0x40 02 0c5cff8c 77abb95e ole32!CDllHost::WorkerThread+0xc2 03 0c5cff90 77ab50ee ole32!DLLHostThreadEntry+0x9 04 0c5cffa8 77ab5046 ole32!CRpcThread::WorkerLoop+0x22 05 0c5cffb4 7c57438b ole32!CRpcThreadCache::RpcWorkerThreadEntry+0x1a 06 0c5cffec 00000000 KERNEL32!BaseThreadStart+0x52 Thread ID: 46 System Thread ID: 52c Kernel Time: 0:0:6.750 User Time: 0:14:34.250 *** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINNT\System32\vbscript.dll - Thread Type: ASP Executing Page: ASP.dll symbols not found. Unable to locate ASP page. Continuing with other analysis. # ChildEBP RetAddr WARNING: Stack unwind information not available. Following frames may be wrong. 00 0995f2e8 7357ce1f vbscript!DllCanUnloadNow+0x2efb 01 0995f5b0 73574380 vbscript!DllGetClassObject+0x49a3 02 0995f6b4 7357c7c1 vbscript!DllCanUnloadNow+0x2d0d 03 0995f988 73574380 vbscript!DllGetClassObject+0x4345 04 0995fa8c 7357444c vbscript!DllCanUnloadNow+0x2d0d 05 0995faf0 73574746 vbscript!DllCanUnloadNow+0x2dd9 06 0995fb40 735747b3 vbscript!DllCanUnloadNow+0x30d3 07 0995fb5c 74a1c75c vbscript!DllCanUnloadNow+0x3140 08 0995fb8c 74a1c677 asp!DllUnregisterServer+0xa546 09 0995fbd0 74a093b3 asp!DllUnregisterServer+0xa461 0a 0995fbdc 74a0864a asp!TerminateExtension+0x4196 0b 0995fc18 74a08458 asp!TerminateExtension+0x342d 0c 0995fc60 74a0d9a6 asp!TerminateExtension+0x323b 0d 0995fcb0 74a2cfd2 asp!TerminateExtension+0x8789 0e 0995fcc8 787c3bda asp!DllUnregisterServer+0x1adbc 0f 0995fcd0 77aa1f39 comsvcs!STAActivityWorkHelper+0xa 10 0995fd14 77aa1d5d ole32!EnterForCallback+0x6a 11 0995fe40 77aa1c1c ole32!SwitchForCallback+0x12f 12 0995fe68 77aa672a ole32!PerformCallback+0x50 13 0995fed4 77aa6583 ole32!CObjectContext::InternalContextCallback+0x10d 14 0995fef4 787c0515 ole32!CObjectContext::DoCallback+0x1a 15 0995ff24 787c2b31 comsvcs!STAActivityWork::DoWork+0x75 16 0995ffb4 7c57438b comsvcs!STAThread::STAThreadWorker+0x353 17 0995ffec 00000000 KERNEL32!BaseThreadStart+0x52 Thread ID: 47 System Thread ID: 968 Kernel Time: 0:0:7.812 User Time: 0:0:39.718 Thread Type: Idle ASP thread # ChildEBP RetAddr 00 08fdfe28 7c573c23 ntdll!ZwWaitForMultipleObjects+0xb 01 08fdfe78 77e119e6 KERNEL32!WaitForMultipleObjectsEx+0xea 02 08fdfed4 77e11ace USER32!MsgWaitForMultipleObjectsEx+0x153 03 08fdfef0 787c3911 USER32!MsgWaitForMultipleObjects+0x1d 04 08fdff1c 787c2cc0 comsvcs!STAThread::WaitForWork+0x33 05 08fdffb4 7c57438b comsvcs!STAThread::STAThreadWorker+0x4e2 06 08fdffec 00000000 KERNEL32!BaseThreadStart+0x52 Thread ID: 48 System Thread ID: 9dc Kernel Time: 0:0:7.265 User Time: 0:0:9.687 Thread Type: HTTP Listener # ChildEBP RetAddr 00 0983ff50 7c573c73 ntdll!ZwRemoveIoCompletion+0xb 01 0983ff7c 6d7088db KERNEL32!GetQueuedCompletionStatus+0x27 WARNING: Stack unwind information not available. Following frames may be wrong. 02 7c310dd6 f76868ff ISATQ!AtqGetCapTraceInfo+0x7d0 03 6aec8b55 20007300 0xf76868ff 04 69002000 0048005c 0x20007300 05 0054004e 00500054 0x48005c 06 0050ffff 66263531 0x500054 07 31333632 00000000 IDMLogon!NPPasswordChangeNotify+0x451 Thread ID: 49 System Thread ID: 9a8 Kernel Time: 0:0:9.468 User Time: 0:0:46.593 Thread Type: Idle ASP thread # ChildEBP RetAddr 00 0c06fe28 7c573c23 ntdll!ZwWaitForMultipleObjects+0xb 01 0c06fe78 77e119e6 KERNEL32!WaitForMultipleObjectsEx+0xea 02 0c06fed4 77e11ace USER32!MsgWaitForMultipleObjectsEx+0x153 03 0c06fef0 787c3911 USER32!MsgWaitForMultipleObjects+0x1d 04 0c06ff1c 787c2cc0 comsvcs!STAThread::WaitForWork+0x33 05 0c06ffb4 7c57438b comsvcs!STAThread::STAThreadWorker+0x4e2 06 0c06ffec 00000000 KERNEL32!BaseThreadStart+0x52 Thread ID: 50 System Thread ID: 8d0 Kernel Time: 0:0:0.0 User Time: 0:0:0.0 Thread Type: Possible ASP page. Possible DCOM activity Executing Page: ASP.dll symbols not found. Unable to locate ASP page. Continuing with other analysis. No remote call being made # ChildEBP RetAddr 00 0a50fe24 77d37ba7 ntdll!ZwReplyWaitReceivePortEx+0xb 01 0a50ff74 77d37b4c RPCRT4!LRPC_ADDRESS::ReceiveLotsaCalls+0x74 02 0a50ff78 77d359c3 RPCRT4!RecvLotsaCallsWrapper+0x9 03 0a50ffa8 77d358d6 RPCRT4!BaseCachedThreadRoutine+0x11f 04 0a50ffb4 7c57438b RPCRT4!ThreadStartRoutine+0x18 05 0a50ffec 00000000 KERNEL32!BaseThreadStart+0x52 Thread ID: 51 System Thread ID: 9a0 Kernel Time: 0:0:0.0 User Time: 0:0:0.62 Thread Type: Other # ChildEBP RetAddr 00 02befbac 7c573b28 ntdll!ZwWaitForSingleObject+0xb 01 02befbd4 7c573b50 KERNEL32!WaitForSingleObjectEx+0x71 02 02befbe4 6d465f47 KERNEL32!WaitForSingleObject+0xf WARNING: Stack unwind information not available. Following frames may be wrong. 03 02befc1c 6d4763ae jvm!JVM_FindSignal+0x139a2 04 02befc40 6d44b9f2 jvm!JVM_FindSignal+0x23e09 05 02befc60 06b52890 jvm!JVM_MonitorWait+0x70 06 02befc90 06b5035a 0x6b52890 07 02befccc 06b503aa 0x6b5035a 08 02befd18 06b50422 0x6b503aa 09 02befd6c 6d4db41c 0x6b50422 0a 02befd84 6d44034e jvm!JVMCI_InstallStackOvrFlowExceptionFilter+0x435c4 0b 02befe04 6d46932d jvm!JVM_DisableCompiler+0x678d 0c 02befe40 6d440262 jvm!JVM_FindSignal+0x16d88 0d 02befe94 6d43ffe0 jvm!JVM_DisableCompiler+0x66a1 0e 02befee8 6d44f403 jvm!JVM_DisableCompiler+0x641f 0f 02beff3c 6d482c10 jvm!JVM_StartThread+0x1bb 10 02beff68 6d482be0 jvm!JVM_FindSignal+0x3066b 11 02beff7c 780085bc jvm!JVM_FindSignal+0x3063b 12 02beffb4 7c57438b MSVCRT!endthreadex+0xbc 13 02beffec 00000000 KERNEL32!BaseThreadStart+0x52 Thread ID: 52 System Thread ID: 938 Kernel Time: 0:0:2.171 User Time: 0:0:9.687 Thread Type: Idle ASP thread # ChildEBP RetAddr 00 00c6fe28 7c573c23 ntdll!ZwWaitForMultipleObjects+0xb 01 00c6fe78 77e119e6 KERNEL32!WaitForMultipleObjectsEx+0xea 02 00c6fed4 77e11ace USER32!MsgWaitForMultipleObjectsEx+0x153 03 00c6fef0 787c3911 USER32!MsgWaitForMultipleObjects+0x1d 04 00c6ff1c 787c2cc0 comsvcs!STAThread::WaitForWork+0x33 05 00c6ffb4 7c57438b comsvcs!STAThread::STAThreadWorker+0x4e2 06 00c6ffec 00000000 KERNEL32!BaseThreadStart+0x52 Thread ID: 53 System Thread ID: 94c Kernel Time: 0:0:2.796 User Time: 0:5:37.750 Thread Type: ASP Executing Page: ASP.dll symbols not found. Unable to locate ASP page. Continuing with other analysis. # ChildEBP RetAddr 00 02c2f45c 77f88266 ntdll!ZwSetEvent+0xb 01 02c2f46c 77f881b1 ntdll!RtlpUnWaitCriticalSection+0x1b 02 02c2f474 77fcd962 ntdll!RtlLeaveCriticalSection+0x1d 03 02c2f650 6e5a1a30 ntdll!RtlAllocateHeap+0x944 WARNING: Stack unwind information not available. Following frames may be wrong. 04 02c2f698 74a18f58 IisRTL!ALLOC_CACHE_HANDLER::Alloc+0x64 05 02c2f6c0 735719ac asp!DllUnregisterServer+0x6d42 06 02c2f988 73574380 vbscript!DllCanUnloadNow+0x339 07 02c2fa8c 7357444c vbscript!DllCanUnloadNow+0x2d0d 08 02c2faf0 73574746 vbscript!DllCanUnloadNow+0x2dd9 09 02c2fb40 735747b3 vbscript!DllCanUnloadNow+0x30d3 0a 02c2fb5c 74a1c75c vbscript!DllCanUnloadNow+0x3140 0b 02c2fb8c 74a1c677 asp!DllUnregisterServer+0xa546 0c 02c2fbd0 74a093b3 asp!DllUnregisterServer+0xa461 0d 02c2fbdc 74a0864a asp!TerminateExtension+0x4196 0e 02c2fc18 74a08458 asp!TerminateExtension+0x342d 0f 02c2fc60 74a0d9a6 asp!TerminateExtension+0x323b 10 02c2fcb0 74a2cfd2 asp!TerminateExtension+0x8789 11 02c2fcc8 787c3bda asp!DllUnregisterServer+0x1adbc 12 02c2fcd0 77aa1f39 comsvcs!STAActivityWorkHelper+0xa 13 02c2fd14 77aa1d5d ole32!EnterForCallback+0x6a 14 02c2fe40 77aa1c1c ole32!SwitchForCallback+0x12f 15 02c2fe68 77aa672a ole32!PerformCallback+0x50 16 02c2fed4 77aa6583 ole32!CObjectContext::InternalContextCallback+0x10d 17 02c2fef4 787c0515 ole32!CObjectContext::DoCallback+0x1a 18 02c2ff24 787c2b31 comsvcs!STAActivityWork::DoWork+0x75 19 02c2ffb4 7c57438b comsvcs!STAThread::STAThreadWorker+0x353 1a 02c2ffec 00000000 KERNEL32!BaseThreadStart+0x52 Thread ID: 54 System Thread ID: 570 Kernel Time: 0:24:51.343 User Time: 0:48:17.296 Thread Type: Other # ChildEBP RetAddr WARNING: Stack unwind information not available. Following frames may be wrong. 00 0965e1d4 78024c78 MSVCRT!fputs+0x164 01 0965e674 78023962 MSVCRT!wscanf+0xafe 02 0965e6ac 1f89d9e8 MSVCRT!swprintf+0x2e 03 0965e74c 00450064 oledb32!DllGetClassObject+0xbcbe 04 00650064 00000000 0x450064 Thread ID: 55 System Thread ID: 988 Kernel Time: 0:0:4.750 User Time: 0:0:26.46 Thread Type: Idle ASP thread # ChildEBP RetAddr 00 08e6fe28 7c573c23 ntdll!ZwWaitForMultipleObjects+0xb 01 08e6fe78 77e119e6 KERNEL32!WaitForMultipleObjectsEx+0xea 02 08e6fed4 77e11ace USER32!MsgWaitForMultipleObjectsEx+0x153 03 08e6fef0 787c3911 USER32!MsgWaitForMultipleObjects+0x1d 04 08e6ff1c 787c2cc0 comsvcs!STAThread::WaitForWork+0x33 05 08e6ffb4 7c57438b comsvcs!STAThread::STAThreadWorker+0x4e2 06 08e6ffec 00000000 KERNEL32!BaseThreadStart+0x52 Thread ID: 56 System Thread ID: 9c8 Kernel Time: 0:0:2.625 User Time: 0:0:11.625 Thread Type: Idle ASP thread # ChildEBP RetAddr 00 02d2fe28 7c573c23 ntdll!ZwWaitForMultipleObjects+0xb 01 02d2fe78 77e119e6 KERNEL32!WaitForMultipleObjectsEx+0xea 02 02d2fed4 77e11ace USER32!MsgWaitForMultipleObjectsEx+0x153 03 02d2fef0 787c3911 USER32!MsgWaitForMultipleObjects+0x1d 04 02d2ff1c 787c2cc0 comsvcs!STAThread::WaitForWork+0x33 05 02d2ffb4 7c57438b comsvcs!STAThread::STAThreadWorker+0x4e2 06 02d2ffec 00000000 KERNEL32!BaseThreadStart+0x52 Thread ID: 57 System Thread ID: 204 Kernel Time: 0:0:0.203 User Time: 0:0:0.718 Thread Type: Idle ASP thread # ChildEBP RetAddr 00 096ffe28 7c573c23 ntdll!ZwWaitForMultipleObjects+0xb 01 096ffe78 77e119e6 KERNEL32!WaitForMultipleObjectsEx+0xea 02 096ffed4 77e11ace USER32!MsgWaitForMultipleObjectsEx+0x153 03 096ffef0 787c3911 USER32!MsgWaitForMultipleObjects+0x1d 04 096fff1c 787c2cc0 comsvcs!STAThread::WaitForWork+0x33 05 096fffb4 7c57438b comsvcs!STAThread::STAThreadWorker+0x4e2 06 096fffec 00000000 KERNEL32!BaseThreadStart+0x52 Thread ID: 58 System Thread ID: 9d8 Kernel Time: 0:0:0.125 User Time: 0:0:0.531 Thread Type: Idle ASP thread # ChildEBP RetAddr 00 0987fe28 7c573c23 ntdll!ZwWaitForMultipleObjects+0xb 01 0987fe78 77e119e6 KERNEL32!WaitForMultipleObjectsEx+0xea 02 0987fed4 77e11ace USER32!MsgWaitForMultipleObjectsEx+0x153 03 0987fef0 787c3911 USER32!MsgWaitForMultipleObjects+0x1d 04 0987ff1c 787c2cc0 comsvcs!STAThread::WaitForWork+0x33 05 0987ffb4 7c57438b comsvcs!STAThread::STAThreadWorker+0x4e2 06 0987ffec 00000000 KERNEL32!BaseThreadStart+0x52 Thread ID: 59 System Thread ID: 7c0 Kernel Time: 0:0:3.812 User Time: 0:0:22.500 Thread Type: Idle ASP thread # ChildEBP RetAddr 00 098bfe28 7c573c23 ntdll!ZwWaitForMultipleObjects+0xb 01 098bfe78 77e119e6 KERNEL32!WaitForMultipleObjectsEx+0xea 02 098bfed4 77e11ace USER32!MsgWaitForMultipleObjectsEx+0x153 03 098bfef0 787c3911 USER32!MsgWaitForMultipleObjects+0x1d 04 098bff1c 787c2cc0 comsvcs!STAThread::WaitForWork+0x33 05 098bffb4 7c57438b comsvcs!STAThread::STAThreadWorker+0x4e2 06 098bffec 00000000 KERNEL32!BaseThreadStart+0x52 Thread ID: 60 System Thread ID: 7b4 Kernel Time: 0:0:1.187 User Time: 0:0:6.218 Thread Type: Idle ASP thread # ChildEBP RetAddr 00 097bfe28 7c573c23 ntdll!ZwWaitForMultipleObjects+0xb 01 097bfe78 77e119e6 KERNEL32!WaitForMultipleObjectsEx+0xea 02 097bfed4 77e11ace USER32!MsgWaitForMultipleObjectsEx+0x153 03 097bfef0 787c3911 USER32!MsgWaitForMultipleObjects+0x1d 04 097bff1c 787c2cc0 comsvcs!STAThread::WaitForWork+0x33 05 097bffb4 7c57438b comsvcs!STAThread::STAThreadWorker+0x4e2 06 097bffec 00000000 KERNEL32!BaseThreadStart+0x52 Thread ID: 61 System Thread ID: 99c Kernel Time: 0:0:0.125 User Time: 0:0:0.953 Thread Type: Idle ASP thread # ChildEBP RetAddr 00 09c7fe28 7c573c23 ntdll!ZwWaitForMultipleObjects+0xb 01 09c7fe78 77e119e6 KERNEL32!WaitForMultipleObjectsEx+0xea 02 09c7fed4 77e11ace USER32!MsgWaitForMultipleObjectsEx+0x153 03 09c7fef0 787c3911 USER32!MsgWaitForMultipleObjects+0x1d 04 09c7ff1c 787c2cc0 comsvcs!STAThread::WaitForWork+0x33 05 09c7ffb4 7c57438b comsvcs!STAThread::STAThreadWorker+0x4e2 06 09c7ffec 00000000 KERNEL32!BaseThreadStart+0x52 Thread ID: 62 System Thread ID: 890 Kernel Time: 0:0:0.0 User Time: 0:0:0.0 Thread Type: Possible ASP page. Possible DCOM activity Executing Page: ASP.dll symbols not found. Unable to locate ASP page. Continuing with other analysis. No remote call being made # ChildEBP RetAddr 00 09cbfe24 77d37ba7 ntdll!ZwReplyWaitReceivePortEx+0xb 01 09cbff74 77d37b4c RPCRT4!LRPC_ADDRESS::ReceiveLotsaCalls+0x74 02 09cbff78 77d359c3 RPCRT4!RecvLotsaCallsWrapper+0x9 03 09cbffa8 77d358d6 RPCRT4!BaseCachedThreadRoutine+0x11f 04 09cbffb4 7c57438b RPCRT4!ThreadStartRoutine+0x18 05 09cbffec 00000000 KERNEL32!BaseThreadStart+0x52 Thread ID: 63 System Thread ID: 4cc Kernel Time: 0:0:2.218 User Time: 0:0:11.62 Thread Type: Idle ASP thread # ChildEBP RetAddr 00 0bd6fe28 7c573c23 ntdll!ZwWaitForMultipleObjects+0xb 01 0bd6fe78 77e119e6 KERNEL32!WaitForMultipleObjectsEx+0xea 02 0bd6fed4 77e11ace USER32!MsgWaitForMultipleObjectsEx+0x153 03 0bd6fef0 787c3911 USER32!MsgWaitForMultipleObjects+0x1d 04 0bd6ff1c 787c2cc0 comsvcs!STAThread::WaitForWork+0x33 05 0bd6ffb4 7c57438b comsvcs!STAThread::STAThreadWorker+0x4e2 06 0bd6ffec 00000000 KERNEL32!BaseThreadStart+0x52 Thread ID: 64 System Thread ID: a34 Kernel Time: 0:0:0.781 User Time: 0:0:4.296 Thread Type: Idle ASP thread # ChildEBP RetAddr 00 0be2fe28 7c573c23 ntdll!ZwWaitForMultipleObjects+0xb 01 0be2fe78 77e119e6 KERNEL32!WaitForMultipleObjectsEx+0xea 02 0be2fed4 77e11ace USER32!MsgWaitForMultipleObjectsEx+0x153 03 0be2fef0 787c3911 USER32!MsgWaitForMultipleObjects+0x1d 04 0be2ff1c 787c2cc0 comsvcs!STAThread::WaitForWork+0x33 05 0be2ffb4 7c57438b comsvcs!STAThread::STAThreadWorker+0x4e2 06 0be2ffec 00000000 KERNEL32!BaseThreadStart+0x52 Thread ID: 65 System Thread ID: a58 Kernel Time: 0:0:0.46 User Time: 0:0:0.375 Thread Type: Idle ASP thread # ChildEBP RetAddr 00 0be7fe28 7c573c23 ntdll!ZwWaitForMultipleObjects+0xb 01 0be7fe78 77e119e6 KERNEL32!WaitForMultipleObjectsEx+0xea 02 0be7fed4 77e11ace USER32!MsgWaitForMultipleObjectsEx+0x153 03 0be7fef0 787c3911 USER32!MsgWaitForMultipleObjects+0x1d 04 0be7ff1c 787c2cc0 comsvcs!STAThread::WaitForWork+0x33 05 0be7ffb4 7c57438b comsvcs!STAThread::STAThreadWorker+0x4e2 06 0be7ffec 00000000 KERNEL32!BaseThreadStart+0x52 Thread ID: 66 System Thread ID: a40 Kernel Time: 0:0:0.781 User Time: 0:0:3.515 Thread Type: Idle ASP thread # ChildEBP RetAddr 00 0bf0fe28 7c573c23 ntdll!ZwWaitForMultipleObjects+0xb 01 0bf0fe78 77e119e6 KERNEL32!WaitForMultipleObjectsEx+0xea 02 0bf0fed4 77e11ace USER32!MsgWaitForMultipleObjectsEx+0x153 03 0bf0fef0 787c3911 USER32!MsgWaitForMultipleObjects+0x1d 04 0bf0ff1c 787c2cc0 comsvcs!STAThread::WaitForWork+0x33 05 0bf0ffb4 7c57438b comsvcs!STAThread::STAThreadWorker+0x4e2 06 0bf0ffec 00000000 KERNEL32!BaseThreadStart+0x52 Thread ID: 67 System Thread ID: a3c Kernel Time: 0:0:0.609 User Time: 0:0:2.671 Thread Type: Idle ASP thread # ChildEBP RetAddr 00 097ffe28 7c573c23 ntdll!ZwWaitForMultipleObjects+0xb 01 097ffe78 77e119e6 KERNEL32!WaitForMultipleObjectsEx+0xea 02 097ffed4 77e11ace USER32!MsgWaitForMultipleObjectsEx+0x153 03 097ffef0 787c3911 USER32!MsgWaitForMultipleObjects+0x1d 04 097fff1c 787c2cc0 comsvcs!STAThread::WaitForWork+0x33 05 097fffb4 7c57438b comsvcs!STAThread::STAThreadWorker+0x4e2 06 097fffec 00000000 KERNEL32!BaseThreadStart+0x52 Thread ID: 68 System Thread ID: a54 Kernel Time: 0:0:0.156 User Time: 0:0:1.62 Thread Type: Idle ASP thread # ChildEBP RetAddr 00 0a48fe28 7c573c23 ntdll!ZwWaitForMultipleObjects+0xb 01 0a48fe78 77e119e6 KERNEL32!WaitForMultipleObjectsEx+0xea 02 0a48fed4 77e11ace USER32!MsgWaitForMultipleObjectsEx+0x153 03 0a48fef0 787c3911 USER32!MsgWaitForMultipleObjects+0x1d 04 0a48ff1c 787c2cc0 comsvcs!STAThread::WaitForWork+0x33 05 0a48ffb4 7c57438b comsvcs!STAThread::STAThreadWorker+0x4e2 06 0a48ffec 00000000 KERNEL32!BaseThreadStart+0x52 Thread ID: 69 System Thread ID: 9ac Kernel Time: 0:0:0.484 User Time: 0:0:1.593 Thread Type: Idle ASP thread # ChildEBP RetAddr 00 02cafe28 7c573c23 ntdll!ZwWaitForMultipleObjects+0xb 01 02cafe78 77e119e6 KERNEL32!WaitForMultipleObjectsEx+0xea 02 02cafed4 77e11ace USER32!MsgWaitForMultipleObjectsEx+0x153 03 02cafef0 787c3911 USER32!MsgWaitForMultipleObjects+0x1d 04 02caff1c 787c2cc0 comsvcs!STAThread::WaitForWork+0x33 05 02caffb4 7c57438b comsvcs!STAThread::STAThreadWorker+0x4e2 06 02caffec 00000000 KERNEL32!BaseThreadStart+0x52 Thread ID: 70 System Thread ID: 8cc Kernel Time: 0:0:2.312 User Time: 0:6:27.515 Other information: Thread is waiting for a lock to be released. Looking for lock owner. The owning thread is 0. This usually indicates that the lock has either been leaked or is in a 'convoy' state Thread Type: ASP Executing Page: ASP.dll symbols not found. Unable to locate ASP page. Continuing with other analysis. # ChildEBP RetAddr 00 0c1ef40c 77fcc21a ntdll!RtlEnterCriticalSection+0xc1 01 0c1ef5e4 6e5a1a30 ntdll!RtlAllocateHeap+0x177 WARNING: Stack unwind information not available. Following frames may be wrong. 02 0c1ef62c 74a18cb9 IisRTL!ALLOC_CACHE_HANDLER::Alloc+0x64 03 0c1ef68c 74a18982 asp!DllUnregisterServer+0x6aa3 04 0c1ef6b4 7357195d asp!DllUnregisterServer+0x676c 05 0c1ef988 73574380 vbscript!DllCanUnloadNow+0x2ea 06 0c1efa8c 7357444c vbscript!DllCanUnloadNow+0x2d0d 07 0c1efaf0 73574746 vbscript!DllCanUnloadNow+0x2dd9 08 0c1efb40 735747b3 vbscript!DllCanUnloadNow+0x30d3 09 0c1efb5c 74a1c75c vbscript!DllCanUnloadNow+0x3140 0a 0c1efb8c 74a1c677 asp!DllUnregisterServer+0xa546 0b 0c1efbd0 74a093b3 asp!DllUnregisterServer+0xa461 0c 0c1efbdc 74a0864a asp!TerminateExtension+0x4196 0d 0c1efc18 74a08458 asp!TerminateExtension+0x342d 0e 0c1efc60 74a0d9a6 asp!TerminateExtension+0x323b 0f 0c1efcb0 74a2cfd2 asp!TerminateExtension+0x8789 10 0c1efcc8 787c3bda asp!DllUnregisterServer+0x1adbc 11 0c1efcd0 77aa1f39 comsvcs!STAActivityWorkHelper+0xa 12 0c1efd14 77aa1d5d ole32!EnterForCallback+0x6a 13 0c1efe40 77aa1c1c ole32!SwitchForCallback+0x12f 14 0c1efe68 77aa672a ole32!PerformCallback+0x50 15 0c1efed4 77aa6583 ole32!CObjectContext::InternalContextCallback+0x10d 16 0c1efef4 787c0515 ole32!CObjectContext::DoCallback+0x1a 17 0c1eff24 787c2b31 comsvcs!STAActivityWork::DoWork+0x75 18 0c1effb4 7c57438b comsvcs!STAThread::STAThreadWorker+0x353 19 0c1effec 00000000 KERNEL32!BaseThreadStart+0x52 Thread ID: 71 System Thread ID: 990 Kernel Time: 0:0:0.31 User Time: 0:0:0.31 Thread Type: Idle ASP thread # ChildEBP RetAddr 00 09cffe28 7c573c23 ntdll!ZwWaitForMultipleObjects+0xb 01 09cffe78 77e119e6 KERNEL32!WaitForMultipleObjectsEx+0xea 02 09cffed4 77e11ace USER32!MsgWaitForMultipleObjectsEx+0x153 03 09cffef0 787c3911 USER32!MsgWaitForMultipleObjects+0x1d 04 09cfff1c 787c2cc0 comsvcs!STAThread::WaitForWork+0x33 05 09cfffb4 7c57438b comsvcs!STAThread::STAThreadWorker+0x4e2 06 09cfffec 00000000 KERNEL32!BaseThreadStart+0x52 Thread ID: 72 System Thread ID: 1e4 Kernel Time: 0:0:1.515 User Time: 0:9:52.46 Other information: Thread is waiting for a lock to be released. Looking for lock owner. The owning thread is 0. This usually indicates that the lock has either been leaked or is in a 'convoy' state Thread Type: ASP Executing Page: ASP.dll symbols not found. Unable to locate ASP page. Continuing with other analysis. # ChildEBP RetAddr 00 0a4cf3fc 77f8822a ntdll!ZwWaitForSingleObject+0xb 01 0a4cf470 77f8819b ntdll!RtlpWaitForCriticalSection+0x9e 02 0a4cf478 77fcc21a ntdll!RtlEnterCriticalSection+0x46 03 0a4cf650 6e5a1a30 ntdll!RtlAllocateHeap+0x177 WARNING: Stack unwind information not available. Following frames may be wrong. 04 0a4cf698 74a18f58 IisRTL!ALLOC_CACHE_HANDLER::Alloc+0x64 05 0a4cf6c0 735719ac asp!DllUnregisterServer+0x6d42 06 0a4cf988 73574380 vbscript!DllCanUnloadNow+0x339 07 0a4cfa8c 7357444c vbscript!DllCanUnloadNow+0x2d0d 08 0a4cfaf0 73574746 vbscript!DllCanUnloadNow+0x2dd9 09 0a4cfb40 735747b3 vbscript!DllCanUnloadNow+0x30d3 0a 0a4cfb5c 74a1c75c vbscript!DllCanUnloadNow+0x3140 0b 0a4cfb8c 74a1c677 asp!DllUnregisterServer+0xa546 0c 0a4cfbd0 74a093b3 asp!DllUnregisterServer+0xa461 0d 0a4cfbdc 74a0864a asp!TerminateExtension+0x4196 0e 0a4cfc18 74a08458 asp!TerminateExtension+0x342d 0f 0a4cfc60 74a0d9a6 asp!TerminateExtension+0x323b 10 0a4cfcb0 74a2cfd2 asp!TerminateExtension+0x8789 11 0a4cfcc8 787c3bda asp!DllUnregisterServer+0x1adbc 12 0a4cfcd0 77aa1f39 comsvcs!STAActivityWorkHelper+0xa 13 0a4cfd14 77aa1d5d ole32!EnterForCallback+0x6a 14 0a4cfe40 77aa1c1c ole32!SwitchForCallback+0x12f 15 0a4cfe68 77aa672a ole32!PerformCallback+0x50 16 0a4cfed4 77aa6583 ole32!CObjectContext::InternalContextCallback+0x10d 17 0a4cfef4 787c0515 ole32!CObjectContext::DoCallback+0x1a 18 0a4cff24 787c2b31 comsvcs!STAActivityWork::DoWork+0x75 19 0a4cffb4 7c57438b comsvcs!STAThread::STAThreadWorker+0x353 1a 0a4cffec 00000000 KERNEL32!BaseThreadStart+0x52 Thread ID: 73 System Thread ID: 93c Kernel Time: 0:0:0.62 User Time: 0:0:0.265 Thread Type: Idle ASP thread # ChildEBP RetAddr 00 02c6fe28 7c573c23 ntdll!ZwWaitForMultipleObjects+0xb 01 02c6fe78 77e119e6 KERNEL32!WaitForMultipleObjectsEx+0xea 02 02c6fed4 77e11ace USER32!MsgWaitForMultipleObjectsEx+0x153 03 02c6fef0 787c3911 USER32!MsgWaitForMultipleObjects+0x1d 04 02c6ff1c 787c2cc0 comsvcs!STAThread::WaitForWork+0x33 05 02c6ffb4 7c57438b comsvcs!STAThread::STAThreadWorker+0x4e2 06 02c6ffec 00000000 KERNEL32!BaseThreadStart+0x52 Thread ID: 74 System Thread ID: 9b8 Kernel Time: 0:0:0.31 User Time: 0:0:0.15 Thread Type: Idle ASP thread # ChildEBP RetAddr 00 5ae8fe28 7c573c23 ntdll!ZwWaitForMultipleObjects+0xb 01 5ae8fe78 77e119e6 KERNEL32!WaitForMultipleObjectsEx+0xea 02 5ae8fed4 77e11ace USER32!MsgWaitForMultipleObjectsEx+0x153 03 5ae8fef0 787c3911 USER32!MsgWaitForMultipleObjects+0x1d 04 5ae8ff1c 787c2cc0 comsvcs!STAThread::WaitForWork+0x33 05 5ae8ffb4 7c57438b comsvcs!STAThread::STAThreadWorker+0x4e2 06 5ae8ffec 00000000 KERNEL32!BaseThreadStart+0x52 Thread ID: 75 System Thread ID: 2c4 Kernel Time: 0:0:0.15 User Time: 0:0:0.31 Thread Type: Idle ASP thread # ChildEBP RetAddr 00 6bfafe28 7c573c23 ntdll!ZwWaitForMultipleObjects+0xb 01 6bfafe78 77e119e6 KERNEL32!WaitForMultipleObjectsEx+0xea 02 6bfafed4 77e11ace USER32!MsgWaitForMultipleObjectsEx+0x153 03 6bfafef0 787c3911 USER32!MsgWaitForMultipleObjects+0x1d 04 6bfaff1c 787c2cc0 comsvcs!STAThread::WaitForWork+0x33 05 6bfaffb4 7c57438b comsvcs!STAThread::STAThreadWorker+0x4e2 06 6bfaffec 00000000 KERNEL32!BaseThreadStart+0x52 ***** Dump name is formatted as: PID-Timestamp.dmp Creating Y:\app\iisstate\output\2320-1163646371.dmp - mini user dump ***** Closing open log file Y:\app\iisstate\output\IISState-2320.log Tag: Web Server Version Revealed (IIS) Tag: 389695

During a recent penetration test we were notifed that the following was
happening.

Web Server Version Revealed (IIS) and the recommendation was to use a generic
webserver name so as the server is not targeted for known vulnerabilities.

These are on Windows Server 2003.

The question I have is how do I do this.

Anyone that can help please let me know.

Top

Re: Web Server Version Revealed (IIS) by Bernard

Bernard
Wed Nov 22 22:53:22 CST 2006

Are you referring to the banner information?
Yes, you are able to change it. but do you think it will protect the server?

Most attack script now crawling the net, hitting your box with all possible
ways of attacks. do you think it will stop when it see that 'not iis
banner', then stop?

and what did those penetration guys tell you?
change the name and will protect it forever?

--
Regards,
Bernard Cheah
http://www.iis.net/
http://www.iis-resources.com/
http://msmvps.com/blogs/bernard/

"dsmoody" <u29464@uwe> wrote in message news:69af3de1dd3a3@uwe...
> During a recent penetration test we were notifed that the following was
> happening.
>
> Web Server Version Revealed (IIS) and the recommendation was to use a
> generic
> webserver name so as the server is not targeted for known vulnerabilities.
>
> These are on Windows Server 2003.
>
> The question I have is how do I do this.
>
> Anyone that can help please let me know.
>

Top

Re: Web Server Version Revealed (IIS) by Daniel

Daniel
Thu Nov 23 05:50:59 CST 2006

dsmoody wrote on Wed, 22 Nov 2006 21:03:34 GMT:

> During a recent penetration test we were notifed that the following was
> happening.
>
> Web Server Version Revealed (IIS) and the recommendation was to use a
> generic webserver name so as the server is not targeted for known
> vulnerabilities.
>
> These are on Windows Server 2003.
>
> The question I have is how do I do this.
>
> Anyone that can help please let me know.

"Security through obscurity" is generally a waste of time. As Bernard
pointed out, most scripted hacks don't even bother checking what server
software is being run.

Dan

Top

Re: Web Server Version Revealed (IIS) by dsmoody

dsmoody
Thu Nov 23 07:35:03 CST 2006

yes I understand that but my client is asking for this and in order to gain
the business i need to do it. So with that said can anyone tell me how to do
this?

Daniel Crichton wrote:
>dsmoody wrote on Wed, 22 Nov 2006 21:03:34 GMT:
>
>> During a recent penetration test we were notifed that the following was
>> happening.
>[quoted text clipped - 8 lines]
>>
>> Anyone that can help please let me know.
>
>"Security through obscurity" is generally a waste of time. As Bernard
>pointed out, most scripted hacks don't even bother checking what server
>software is being run.
>
>Dan

--
Message posted via WinServerKB.com
http://www.winserverkb.com/Uwe/Forums.aspx/iis-general/200611/1

Top

Re: Web Server Version Revealed (IIS) by Daniel

Daniel
Thu Nov 23 09:28:57 CST 2006

dsmoody wrote on Thu, 23 Nov 2006 13:35:03 GMT:

> yes I understand that but my client is asking for this and in order to
> gain the business i need to do it. So with that said can anyone tell me
> how to do this?

You can use the URLScan add-on from MS:

http://www.microsoft.com/technet/security/tools/urlscan.mspx#EXE

While this is intended for pre-IIS6, it will allow the additional options
that were not built-in to IIS6 to be used such as removing the server
header.

Dan

Top

Re: Web Server Version Revealed (IIS) by Bernard

Bernard
Thu Nov 23 21:56:35 CST 2006

why not give them the full package?
customize all services ? <g>
FIX: You cannot suppress the default FTP banner for the FTP service
http://support.microsoft.com/?id=826270
XCON: How to Modify the SMTP Banner
http://support.microsoft.com/?id=281224

--
Regards,
Bernard Cheah
http://www.iis.net/
http://www.iis-resources.com/
http://msmvps.com/blogs/bernard/

"Daniel Crichton" <msnews@worldofspack.com> wrote in message
news:evMLZQxDHHA.2080@TK2MSFTNGP04.phx.gbl...
> dsmoody wrote on Thu, 23 Nov 2006 13:35:03 GMT:
>
>> yes I understand that but my client is asking for this and in order to
>> gain the business i need to do it. So with that said can anyone tell me
>> how to do this?
>
> You can use the URLScan add-on from MS:
>
> http://www.microsoft.com/technet/security/tools/urlscan.mspx#EXE
>
> While this is intended for pre-IIS6, it will allow the additional options
> that were not built-in to IIS6 to be used such as removing the server
> header.
>
> Dan
>

Top