How to programmatically clear network passwords from IE

TheMSsForum.com: The Microsoft Software Forum

The MSS Forum ‹ IIS
- Archive
  - Biz
  - MCSE
  - CRM
  - Drivers
  - Framework
  - ADO
  - ASP
  - Compact
  - Forms
  - Dotnet
  - C#
  - VB
  - FontpageGen
  - Excel
  - WorkSheet
  - Exchange
  - Setup
  - Fox
  - Fontpage
  - ASP
  - IIS
  - Entourage
  - Money
  - Messanger
  - PocketPC
  - Powerpoint
  - Project
  - Publisher
  - Excel
  - VB
  - Security
  - Portal
  - Services
  - SQLServerDev
  - SVCS
  - SQLServer
  - VB
  - VC
  - MFC
  - ExcelGen

- Previous
  - 1
    - How to programmatically clear network passwords from IE I run a web site (ASP) on the company intranet which I want to restrict access to. A logon box is necessary since some computers are logged on with "common" profiles. Using IIS 6, I have set authentication method to Digest Auth which communicates with Active Directory as wanted. I've remove anonymous access and integrated Win auth. I've also set connection timeout to 30 seconds. My problem is this: 1) User A successfully logs on to the site using his/hers network password 2) User A leaves the computer without closing ALL Internet Explorer windows 3) User B enters the site. The login box is pre-filled with user A's username/password. User B only needs to click OK to enter the site. I've tried changing the login settings under Authentication in IE, but this doesn't help. Is there a way to (preferably programmatically) clear the username and password for the logon box? Tag: How to programmatically clear network passwords from IE Tag: 387912
  - 2
    - How to programmatically clear network passwords from IE I run a web site (ASP) on the company intranet which I want to restrict access to. A logon box is necessary since some computers are logged on with "common" profiles. Using IIS 6, I have set authentication method to Digest Auth which communicates with Active Directory as wanted. I've remove anonymous access and integrated Win auth. I've also set connection timeout to 30 seconds. My problem is this: 1) User A successfully logs on to the site using his/hers network password 2) User A leaves the computer without closing ALL Internet Explorer windows 3) User B enters the site. The login box is pre-filled with user A's username/password. User B only needs to click OK to enter the site. I've tried changing the login settings under Authentication in IE, but this doesn't help. Is there a way to (preferably programmatically) clear the username and password for the logon box? Tag: How to programmatically clear network passwords from IE Tag: 387911
  - 3
    - random 401.2 and 500 error hi, I have software in tens desktops, the software is developed in c# and it trying to send XML stream to a server by POST mode to aspx file that exist in some VD. The sending is with the Httpwebrequest class, and the software is running in local system permissions (service). Also, the code contains htts authentication and it create networkcredentials with some name and password. In the server side - I have IIS 6 that get anonymous sessions, but the VD permission is Integrated windows authentication only and in the web.config file that contains in the VD, there is the tag with the identity impersonate="true" and inside there is the same name and password that the client sent in the http auth. The clients are staying in WAN (nor LAN), and most of them sending the stream with success , but some of them failed and got error from the server - 401.2 (Logon failed due to server configuration) or 500 (Internal server error). Anyone knows how could it happen? I really appreciate any help, Thanks, Dov Tag: How to programmatically clear network passwords from IE Tag: 387910
  - 4
    - IIS 6.0: Migration tool syntax Dear ALL, I'm going to migrate about 200 web sites from IIS 5.0 to IIS 6.0 Migration tool seems to be easy to use, but I've take a look to the syntax in order to change IP.... /serverbindings IP:port:hostheadername ....but if a web site has more than one host header ? Regards Alberto Brivio -- tel. 011-5813734 Tag: How to programmatically clear network passwords from IE Tag: 387909
  - 5
    - IIS User rights problem Hello, I have a Windows XP Professional system which is connected to Domain controller in Windows 2000 Server. I have installed IIS in Windows XP Professional system. But my web designer who uses windows XP professional can't see any directory when he runs IIS. For working he has to be in Administrative group. I can't give administrative rights to the domain user due to security reason. Is there any way I can remove the domain user from administrative group and give access to him for running IIS? Please help me. Geo Tag: How to programmatically clear network passwords from IE Tag: 387900
  - 6
    - Unable to Debug on the web server Hello, I am a newbee to ASP.NET . Am using Windows Visual Web Developer 2005 Express Edition. I created the a webservice yesterday and hosted it on the IIS server version 6.0. directly from the IDE by selecting 'http' as location of the project. When i try to run it by pressing F5 i get and error saying "Couldnt debug cos debugging is not enabled in the web config.... enable debugging ???" To which i clicked 'YES' so it enabled the debugging. Now i dont get that message but when i try to execute it by pressing F5 it says something like "Web Server could not debug, The web server couldnt find the requested resource." So i tried to do it by pressing Ctrl+F5 (Execute without Debugging) , In this case a new Explorer window opened with the http 404 error saying 'Requested resource not found.' Can somebody please help me on this. The webservice code is correct as it contains nothing but the only method that the IDE generates upon creation and its running on my friends pc on IIS version 5. Am using winxp service pack 2 Tag: How to programmatically clear network passwords from IE Tag: 387899
  - 7
    - PHP scripts, ASP or VBScript I was asked today about enabling PHP on our IIS 6.0 server which has ASP enabled already. This is installed on a Windows 2003 Enterprise Server with all updates applied. After doing some research, it looks like I need to install PHP on the server, which I'd rather not do. Can anyone give me a heads up on this? I told the Web author to find ASP or VBscripts instead of PHP, but if the majority of experts out there think I should install PHP and enable these extensions, please say so. Otherwise, can someone please point me in the right direction to find comparable ASP scripts to submit feedback to a webmaster, etc...? Thank to all... Regards, JoeF Tag: How to programmatically clear network passwords from IE Tag: 387887
  - 8
    - loging into our helpdesk website all, i just build this helpdesk server using IIS6, i would like the users to just use their user ID and not have to put in the domain name how can i do that thx Tag: How to programmatically clear network passwords from IE Tag: 387886
  - 9
    - Creating an additional site We currently have a site configured in IIS 5 (xyz.com) linked to its own IP Address and pointing to its own directory (default.asp). We want to point xyz.com/applications to a different directory with applications.asp file. When someone types in www.xyz.com/applications it goes to the applications.asp file. Is this possible and how should we configure this? Thanks in advance. Tag: How to programmatically clear network passwords from IE Tag: 387881
  - 10
    - Creating Extra Website Hi, I have created a new Web site on my IIS server. This is in addition to the default web site. Here are the details: Domain name: testdomain.com Server IP Address: 192.168.1.23 Servername: SRVR10 Host Header Name: relocation Web site IP Address: "All Unasigned" Port: 80 I have created a Host record in my local DNS and checked the box to create the associated PTR record for relocation.testdomain.com for 192.168.1.23. I then try to browse to relocation.testdomain.com and it doesn't work. Can anyone tell me what else I need to do to access this website via relocation.testdomain.com? By the way, the site has been started. I have tried to set the websties IP address to 192.168.1.23 and restart it but it didn't help. TIA, Jarryd Tag: How to programmatically clear network passwords from IE Tag: 387880
  - 11
    - MSI Install I have two test environments running IIS 6.0 on both. In both environments i have to drives, C: and E: I didnt set these environmments up, something strange happens when installing the same MSI (Web app). In one environment it installs to C:Inetpub/wwwroot and in the other environment it installs to E:inetpub/wwwroot! Even if the E:Inetpub/wwwroot is deleted from the drive, when installing to this machine it will create the directories and install! What do i have to do to stop this happening. What is it that is affecting this? IIS on both machines have the same settings yet this strange thing happens? Thanks Stuart Application Integrator Tag: How to programmatically clear network passwords from IE Tag: 387878
  - 12
    - Website ID # how do you know your website ID#? Tag: How to programmatically clear network passwords from IE Tag: 387871
  - 13
    - Default Document Setting Within my Intranet Site I set the Default Document setting to an asp page, i.e Survey.asp. The page loads correctly, however, on submit the DLLHost.exe uses all the CPU and the page hangs. However, if I type the URL in manually in the Address Bar and click the submit button the page functions correctly. Has anybody else experienced problems with the Default Document Setting. Tag: How to programmatically clear network passwords from IE Tag: 387869
  - 14
    - IIS6 + httphandlers + 404 error Hi, We recently moved from IIS5 to IIS6. I am running a ASP.net 1.1 web app. in the web.config file for the app there is the following entry under httphandlers: <add verb="*" path="*.ads" type="Snippets.Publishing.Adverts.AdvertClickHandler,Snippets.Publishing.Adverts" /> <add verb="GET,HEAD" path="*.jpg,*.gif,*.swf,*.pdf,*.css,*.htm,*.js,*.doc,*.mp3,*.zip,*.ico,*.txt" type="System.Web.StaticFileHandler" /> <add verb="*" path="*.asp" type="System.Web.HttpForbiddenHandler" /> My problem is: The ".ads" extension always returns a 404.2 error. I have so far done the following: 1. Registered .ads in the MIME Types as application/octet-stream. 2. added the .ads extension to the web Application Config for the web app, with the exectuable path pointing to: C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll with ALL verbs allowed. Is there something i need to add to web services extension node? This is the only thing I can see that is different from IIS5 to IIS6. Any help would be appreciated, Regards Matt Tag: How to programmatically clear network passwords from IE Tag: 387868
  - 15
    - Generating SSL Certificate For Testing I would like to create a SSL cert for testing purposes for a website. How do I go about doing that? Tag: How to programmatically clear network passwords from IE Tag: 387867
  - 16
    - System failure after IIS activation Hi, I recently activated IIS on my PC cause I would like to test some ASP pages of my new site. Well...after the activation, my system became slowly, and, at the end of all, almost all of the application didn't even start!! I was costricted to reboot several times, and I felt very nervous so....I decided for a radical solutions..uninstall IIS services. Now my PC is "reborn"..but , anyway, I cannot test my ASP pages as well. What I have to do?....maybe improve the performance of my system (cpu= intel celeron 2.66GHz - 512mb Ram - XP Pro x64 sp1).? Or maybe...there's another solution? Thanx in advance. Konrad Tag: How to programmatically clear network passwords from IE Tag: 387866
  - 17
    - redirect from my winXP iis server to another webserver on the network i have my little home network set up in the moment that a WIN XP is connecting to the internet and shares it with all other computers on the network. on another computer i have set up my website. it's linux and the web-site is php with mysql. i do have a static ip address, and when i type it in, i can see my winXP webserver. how an i redirect it, so it points to the linux web server. i have IIS set up on the winXP, and i try to redirect in properties, but i can't make the connection. sometimes i am asked for a password when i try to access the web-site over the internet, or it does not work at all. any help apretiated. dimitri Tag: How to programmatically clear network passwords from IE Tag: 387865
  - 18
    - utf-8 charset problem my page is server by IIS (on a winXP SP2) which contains this: <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> and the request is made by C# .Net 2.0 with this code: webrq.Headers.Add(HttpRequestHeader.AcceptCharset, Encoding.UTF8.WebName); but the HttpWebResponse.CharacterSet = "ISO-8859-1" any1 can say why? and how can detect the char set correctly the response header is as follows: HttpWebResponse.Headers = {Accept-Ranges: bytes Content-Length: 8609 Content-Type: text/html Date: Mon, 25 Sep 2006 07:44:11 GMT ETag: "3a51249e792c61:900" Last-Modified: Sun, 18 Jun 2006 14:55:48 GMT Server: Microsoft-IIS/5.1 X-Powered-By: ASP.NET } System.Net.WebHeaderCollection Tag: How to programmatically clear network passwords from IE Tag: 387856
  - 19
    - Virtual Directory properties Hello, I want to read virtual directory properties by my program (.Net). Is this possible? Thanks Mehdi Tag: How to programmatically clear network passwords from IE Tag: 387855
  - 20
    - HcScriptFileExtensions restes after reboot i have iis 6.0 on windows 2003 server. every time i reboot the computer, HcScriptFileExtensions parameter of the gzip compression scheme in the iis metabase resets to empty string: HcScriptFileExtensions="". this only happens to the HcScriptFileExtensions parameter of the gzip compression scheme, but not deflate, and only when i reboot the computer. if i restart www publishing service, or even iis admin service, HcScriptFileExtensions is not affected and stays as i set it (by manually editing the metabase): HcScriptFileExtensions="asp". any help will be appreciated andrew Tag: How to programmatically clear network passwords from IE Tag: 387854
  - 21
    - asp classic app moved to IIS 6 slow/failing Hi All, I have several classic asp pages in site that were originally programmed with Visual Interdev (or Visual Web Developer Alpha... remember that?). The pages use the Script Library objects for Recordset and Data Grid functionality. The database is an Access mdb file that we connect to. The app was recently moved from a Windows 2000, IIS 5 server to a Windows 2003 IIS 6 server. The permissions, database connections info etc was duplicated on the new server. The application works... However, the database access/grid page will occasionally work, but most often now takes so long to process that we receive a timeout in the app. We have not changed the programming, and on some occasions the page will execute quickly. It seems that the first accesses of the page can be quick, but subsequent requests can slow down so much we get the timeout, and this plain english (default error I think): "An error occurred on the server when processing the URL. Please contact the system administrator." In the IIS log file for the site, it includes the following error for the post request: POST /search_dir/Default.asp |-|ASP_0113|Script_timed_out 80 Does anyone have any ideas on what could be choking the asp/MS Access application. K Waldron Tag: How to programmatically clear network passwords from IE Tag: 387853
  - 22
    - IIS 6 and Anonymous on Windows Server 2003 I have a brand spanking fresh install of IIS on Windows Server 2003 R2. It has anonymous access enabled on the default website and NOT integrated windows authentication. I only want anonymous access. I have made sure that the Anonymous account (IUSR_computername) has Read, "Read & Execute" and "List Folder Contents" on the Inetpub\wwwroot folder. I cannot get the iisstart.htm webpage to load (it is one of the default documents in IIS). I keep getting 401.1 errors. Any ideas on why IIS is being so difficult? And how I might resolve this problem? Thanks. Tag: How to programmatically clear network passwords from IE Tag: 387846
  - 23
    - Looking for configuration settings I don't have a whole lot of IIS experience and I need to find where some settings are stored and figured the good people here could help. There are 2 main things I am looking for and if you can provide help on either that would be great. 1. I need to know where IIS stores it's settings (files or registry pointers would be great), such as: NTFS permission settings IIS Application Setting: Execute Permissions W3C Extended Logging Format EXTENDED property Parent Paths <..> Index Server is enabled/disabled Directory browsing IIS "Basic" authentication Etc. 2. If you know of any command line tools to query for the above information *remotely*. Tag: How to programmatically clear network passwords from IE Tag: 387844
  - 24
    - Content and scripts on network share Hi, everyone, I'm trying to set up an IIS server so that the content for one site will be stored on a remote file server. Unfortunately, I seem to be having some authentication problems in that configuration, so I'm hoping that someone here will have some insight. Here's the setup: Web server running IIS 6 on Windows 2003 SP 1 File server running Windows 2000 AS SP 4 (IIS is NOT installed) Both servers are in the same Active Directory domain, and I want to use Windows authentication to connect to the site. The Web content contains ASP scripts. When I try to connect, I get 401 Forbidden errors indicating, among other things, that an ACL is present on the resource. I've done some digging around, but I haven't found any effective solution. Any thoughts? Thanks, Tom Tag: How to programmatically clear network passwords from IE Tag: 387843
  - 25
    - website referrals I have a little problem. I've got 3 domain controllers so all three have the same IP address. One is hosting a website. From inside our building, users may get any of those three servers and I need to have them get the one hosting the website when they make a request. I thought I could just set up IIS on the other two servers and then "refer" requests back to the right server. That does work but the problem is that sometimes the website request includes additional string information and I can't figure out if it is possible to set up the referral to pass that info along. For example: corp.company.com/website1 and I refer that to 192.168.0.10/website1. That works fine. The issue is requests can come in corp.company.com/website1/login.asp?IDProject=2&IDFeedback=5162. My referal right now then just sends them to 192.168.0.10/website1. Is there anyway to have the referal append the other stuff that came in with the original request? THX!! Mark Tag: How to programmatically clear network passwords from IE Tag: 387840
- Next
  - 1
    - IIS Setup Issues Howdy- I need some help in getting my web page to serve under VISTA RC-1. I have successfully installed IIS. I select the correct directory, I:/GradyGroup (starting is index.htm). When I go to IIS and select Edit Site->Settings I see STATUS: Started, BINDING: *80(http), and PATH: I:/GradyGroup. Thinking this may be a firewall issue, I set up Windows Firewall to allow Port 80 incoming- that did not work. Then I turned the firewall OFF- that did not work. Web page is not visiable (CANNOT DISPLAY WEBPAGE error). I am stuckâ??any ideas Thanks Tag: How to programmatically clear network passwords from IE Tag: 387839
  - 2
    - IIS6: Wildcard Application Maps, Default Content Pages and Basic Authentication There is an apparent issue with IIS when the following situation occurs: * A vdir has default content page enabled (which is the default, look under documents tab) * the vdir uses basic authentication * the vdir's application configuration has a wildcard application map defined under these conditions, the basic authentication base64 encoded user:pwd information normally found the http headers via Request.Headers and Request.ServerVariables is not there. -LZ Tag: How to programmatically clear network passwords from IE Tag: 387837
  - 3
    - HTTP Error 401.1 - Unauthorized: Access Hi Any one can help me to get rid for the following error message - HTTP Error 401.1 - Unauthorized: Access I am explain the setup first Server1: Windows 2000 SP4 - Domain Controller with Active directory the Domain Name is ABC Server2: Windows 2003 SP1 - Microsoft Dynamics - With Named SQL Server Server3: Windows 2003 SP1 - IIS, Windows Share Point Server, Business Portal The entire servers are added to domain ABC. In the domain we are having following user User1 - Domain User User2 - Domain User We installed the BP in the server 3 logged in as ABC\Administrator. We followed the BusinessPortalInstallation.pdf document. While installing the BP we uncheck the option use enhance security for administration pages in web site configuration (refer the Step 9 page 43 BusinessPortalInstallation.pdf). While Installation we added sample user also. After the successful installation we added the domain users, user1 and user2 thru Site Settings => Mange Portal User. User1 was assigned as site administrator and user2 as employee user. I can able access the web site in the server 3 Now the problem is I can't able to access web site as a any domain user from any client or server even though we followed the client setup procedure in the chapter 14 in BusinessPortalInstallation.pdf Assume that I logged in the Server2 as domain administrator as ABC\Administrator. Which is the same user installed the BP in server3. Now I give the URL in IE It is prompting for the username password with prompting windows as connecting to Server3.ABC.com we had given the user id as ABC\Administrator and password which is prompted for 3 times and throw this following message You do not have permission to view this directory or page using the credentials that you supplied. HTTP Error 401.1 - Unauthorized: Access is denied due to invalid credentials. Internet Information Services (IIS)" Also it is not allowing any domain users (User1 and User2) it is giving the same error message But I can able to access the web site from server2 as any Sample User which was created in the installation. It seems that the user are locally available in the server3 is allowed to access from any PC to confirm this we created the user3 in the serever3 (not in the server1 domain) and we added this user in the site settings=>Mange Portal User as site administrator user. Now from the Server2 we try to access the web site when it is prompting for the userid we given as Server3\user3 and the respective password then the site is loading I can go to all the web pages but form here as portal administrator if we try to add or delete any user it is giving the script error message. From this we clearly understand that the IIS in server3 is not allowing accessing any domain user to access the web site. So will you please help us to how can we fix this problem Please reply at the earliest Regards Nizham Tag: How to programmatically clear network passwords from IE Tag: 387836
  - 4
    - createobject fails - help! I'd appreciate any help with this. It's really important that I get it working right! I'm fairly new to IIS. I've used different open source servers in the past, but now I have to write a program that can be migrated from IIS 5.1 under Windows XP Pro to IIS 6 under Windows Server 2003 (I'm migrating it because I can run IIS 5.1 on my computer now to test things, but if there's any reason I should just throw it on IIS 6 in the first place let me know - for the most part I'm using simple ASP scripts). Anyway - I've got a simple com server that I need one of my asp pages to access using createobject. If I run the ASP pages under my account, with authentication through the server, the com application fires up just fine. When I switch over to the anonymous IUSR accound, I keep getting this ASP error: Error Type: Microsoft VBScript runtime (0x800A0046) Permission denied: 'CreateObject' The com server, by the way, is an MFC app written in VC++.net. I really need this to work. I gave the IUSR account read/write access to the directory with the com app in it, but that didn't seem to work. I'd really appeciate any hints!!!! Do I need to run this as a service? If the com server is run in the background or under the sys account, what can I set in the MFC app to keep it the object from dissapearing after the page is done with it? Tag: How to programmatically clear network passwords from IE Tag: 387835
  - 5
    - CGI Application misbehaved, incomplete headers I am experiencing the problem described here: http://support.microsoft.com/default.aspx?scid=kb;EN-US;884764 Specifically, the problem occurs when I am trying to access a PHP page which runs an application with exec(). It has occurred before on other pages, but I haven't noticed it for a while. Microsoft has a patch for IIS here: http://support.microsoft.com/kb/839229/ Would they charge $100 for the support email to get the patch? Does anyone know a different solution to this problem? There's a lot of stuff on Google, but nothing I have seen has solved it. Tag: How to programmatically clear network passwords from IE Tag: 387834
  - 6
    - how to diagnose slow running IIS IIS6 is running very slow when serving aspx pages connected to sql server 2005 on win2k3 x64 edition. (IIS is also on x64) Pages take about 5 seconds to load, used to be instantaneous, none database connected pages run great. any pointers on where to look or how to tune ? cheers mark Tag: How to programmatically clear network passwords from IE Tag: 387833
  - 7
    - IISState.log - Slow Performance on SBS2003 SP1 Hi there, We have a new SBS2003 SP1 installation running a classic ASP application in its own application pool using default settings. Intermittantly the application's performance degrades dramatically with most pages timing out. No excessive CPU or memory utilization is evident and there is nothing in the eventlogs to suggest any problems. The IIS6 htperr1.log contains a multitude of "Connection_Dropped manunetapplicationpool" entries for various ASP pages. Performing an IISRESET or recycle of the Application Pool temporarily resolves the problem. This slowdown is occuring daily and renders the application unusable. I have taken an IISState dump when the web application goes into slowdown. Listed below is the IISState.log. Can someone take a look at this and hopefully give me an idea on what maybe causing this. Regards, Russell. Opened log file 'C:\Program Files\IIS Resources\IISState\output\IISState.log' *********************** Starting new log output IISState version 3.0 Thu Sep 21 20:27:00 2006 OS = Windows 2003 Server Executable: w3wp.exe PID = 3868 Note: Thread times are formatted as HH:MM:SS.ms *********************** Thread ID: 0 System Thread ID: 1044 Kernel Time: 0:0:0.46 User Time: 0:0:0.31 Thread Status: Thread is in a WAIT state. Thread Type: HTTP Compression Thread # ChildEBP RetAddr 00 0007fc08 7c822124 ntdll!KiFastSystemCallRet 01 0007fc0c 77e6bad8 ntdll!NtWaitForSingleObject+0xc 02 0007fc7c 77e6ba42 kernel32!WaitForSingleObjectEx+0xac 03 0007fc90 5a36467a kernel32!WaitForSingleObject+0x12 04 0007fca0 5a366e63 w3dt!WP_CONTEXT::RunMainThreadLoop+0x10 05 0007fca8 5a3af41d w3dt!UlAtqStartListen+0x2d 06 0007fcb8 5a3bc259 w3core!W3_SERVER::StartListen+0xbd 07 0007ff0c 0100187c w3core!UlW3Start+0x26e 08 0007ff44 01001a23 w3wp!wmain+0x22a 09 0007ffc0 77e523e5 w3wp!wmainCRTStartup+0x12b 0a 0007fff0 00000000 kernel32!BaseProcessStart+0x23 Thread ID: 1 System Thread ID: 1d24 Kernel Time: 0:0:0.0 User Time: 0:0:0.0 Thread Status: Thread is in a WAIT state. Thread Status: Thread is in a WAIT state. Thread Type: Other # ChildEBP RetAddr 00 009afea0 7c822114 ntdll!KiFastSystemCallRet 01 009afea4 7c80e504 ntdll!NtWaitForMultipleObjects+0xc 02 009aff48 7c80e933 ntdll!EtwpWaitForMultipleObjectsEx+0xf7 03 009affb8 77e6608b ntdll!EtwpEventPump+0x27f 04 009affec 00000000 kernel32!BaseThreadStart+0x34 Thread ID: 2 System Thread ID: 1f4c Kernel Time: 0:0:0.0 User Time: 0:0:0.0 Thread Type: Other # ChildEBP RetAddr 00 009eff9c 7c821364 ntdll!KiFastSystemCallRet 01 009effa0 7c81fe26 ntdll!NtDelayExecution+0xc 02 009effb8 77e6608b ntdll!RtlpTimerThread+0x47 03 009effec 00000000 kernel32!BaseThreadStart+0x34 Thread ID: 3 System Thread ID: 10f0 Kernel Time: 0:0:0.0 User Time: 0:0:0.0 Thread Type: Other # ChildEBP RetAddr 00 00a2ff70 7c821bf4 ntdll!KiFastSystemCallRet 01 00a2ff74 7c83ad75 ntdll!NtRemoveIoCompletion+0xc 02 00a2ffb8 77e6608b ntdll!RtlpWorkerThread+0x3d 03 00a2ffec 00000000 kernel32!BaseThreadStart+0x34 Thread ID: 4 System Thread ID: 1eec Kernel Time: 0:0:0.0 User Time: 0:0:0.0 Thread Type: Possible ASP page. Possible DCOM activity Executing Page: Unable to locate ASP page No remote call being made # ChildEBP RetAddr 00 00a8fe18 7c821c54 ntdll!KiFastSystemCallRet 01 00a8fe1c 77c7538c ntdll!ZwReplyWaitReceivePortEx+0xc 02 00a8ff84 77c5778f RPCRT4!LRPC_ADDRESS::ReceiveLotsaCalls+0x198 03 00a8ff8c 77c5f7dd RPCRT4!RecvLotsaCallsWrapper+0xd 04 00a8ffac 77c5de88 RPCRT4!BaseCachedThreadRoutine+0x9d 05 00a8ffb8 77e6608b RPCRT4!ThreadStartRoutine+0x1b 06 00a8ffec 00000000 kernel32!BaseThreadStart+0x34 Thread ID: 5 System Thread ID: a5c Kernel Time: 0:0:0.0 User Time: 0:0:0.0 Thread Type: Other # ChildEBP RetAddr 00 00acff10 7c821364 ntdll!KiFastSystemCallRet 01 00acff14 77e41ea7 ntdll!NtDelayExecution+0xc 02 00acff7c 77e424c1 kernel32!SleepEx+0x68 03 00acff8c 776b22a0 kernel32!Sleep+0xf 04 00acff98 776b2307 ole32!CROIDTable::WorkerThreadLoop+0x14 05 00acffac 776b2374 ole32!CRpcThread::WorkerLoop+0x1e 06 00acffb8 77e6608b ole32!CRpcThreadCache::RpcWorkerThreadEntry+0x20 07 00acffec 00000000 kernel32!BaseThreadStart+0x34 Thread ID: 6 System Thread ID: 1dcc Kernel Time: 0:0:0.0 User Time: 0:0:0.0 Thread Type: HTTP Listener # ChildEBP RetAddr 00 00c8ff24 7c821bf4 ntdll!KiFastSystemCallRet 01 00c8ff28 77e66142 ntdll!NtRemoveIoCompletion+0xc 02 00c8ff54 5a30249e kernel32!GetQueuedCompletionStatus+0x29 03 00c8ff8c 5a3026bc W3TP!THREAD_POOL_DATA::ThreadPoolThread+0x33 04 00c8ffa0 5a301db9 W3TP!THREAD_POOL_DATA::ThreadPoolThread+0x24 05 00c8ffb8 77e6608b W3TP!THREAD_MANAGER::ThreadManagerThread+0x39 06 00c8ffec 00000000 kernel32!BaseThreadStart+0x34 Thread ID: 7 System Thread ID: 1ce0 Kernel Time: 0:0:0.0 User Time: 0:0:0.0 Thread Type: HTTP Listener # ChildEBP RetAddr 00 00ccff24 7c821bf4 ntdll!KiFastSystemCallRet 01 00ccff28 77e66142 ntdll!NtRemoveIoCompletion+0xc 02 00ccff54 5a30249e kernel32!GetQueuedCompletionStatus+0x29 03 00ccff8c 5a3026bc W3TP!THREAD_POOL_DATA::ThreadPoolThread+0x33 04 00ccffa0 5a301db9 W3TP!THREAD_POOL_DATA::ThreadPoolThread+0x24 05 00ccffb8 77e6608b W3TP!THREAD_MANAGER::ThreadManagerThread+0x39 06 00ccffec 00000000 kernel32!BaseThreadStart+0x34 Thread ID: 8 System Thread ID: 1a4c Kernel Time: 0:0:0.15 User Time: 0:0:0.15 Thread Type: HTTP Listener # ChildEBP RetAddr 00 00d0ff24 7c821bf4 ntdll!KiFastSystemCallRet 01 00d0ff28 77e66142 ntdll!NtRemoveIoCompletion+0xc 02 00d0ff54 5a30249e kernel32!GetQueuedCompletionStatus+0x29 03 00d0ff8c 5a3026bc W3TP!THREAD_POOL_DATA::ThreadPoolThread+0x33 04 00d0ffa0 5a301db9 W3TP!THREAD_POOL_DATA::ThreadPoolThread+0x24 05 00d0ffb8 77e6608b W3TP!THREAD_MANAGER::ThreadManagerThread+0x39 06 00d0ffec 00000000 kernel32!BaseThreadStart+0x34 Thread ID: 9 System Thread ID: 1c18 Kernel Time: 0:0:0.31 User Time: 0:0:0.15 Thread Type: HTTP Listener # ChildEBP RetAddr 00 00d4ff24 7c821bf4 ntdll!KiFastSystemCallRet 01 00d4ff28 77e66142 ntdll!NtRemoveIoCompletion+0xc 02 00d4ff54 5a30249e kernel32!GetQueuedCompletionStatus+0x29 03 00d4ff8c 5a3026bc W3TP!THREAD_POOL_DATA::ThreadPoolThread+0x33 04 00d4ffa0 5a301db9 W3TP!THREAD_POOL_DATA::ThreadPoolThread+0x24 05 00d4ffb8 77e6608b W3TP!THREAD_MANAGER::ThreadManagerThread+0x39 06 00d4ffec 00000000 kernel32!BaseThreadStart+0x34 Thread ID: 10 System Thread ID: 17a0 Kernel Time: 0:0:0.0 User Time: 0:0:0.0 Thread Status: Thread is in a WAIT state. Thread Type: Other # ChildEBP RetAddr 00 00e0fcec 7c822114 ntdll!KiFastSystemCallRet 01 00e0fcf0 7c83acfd ntdll!NtWaitForMultipleObjects+0xc 02 00e0ffb8 77e6608b ntdll!RtlpWaitThread+0x161 03 00e0ffec 00000000 kernel32!BaseThreadStart+0x34 Thread ID: 11 System Thread ID: e7c Kernel Time: 0:0:0.0 User Time: 0:0:0.0 Thread Status: Thread is in a WAIT state. Thread Type: HTTP Compression Thread # ChildEBP RetAddr 00 0185fa84 7c822124 ntdll!KiFastSystemCallRet 01 0185fa88 77e6bad8 ntdll!NtWaitForSingleObject+0xc 02 0185faf8 77e6ba42 kernel32!WaitForSingleObjectEx+0xac 03 0185fb0c 5a3b8147 kernel32!WaitForSingleObject+0x12 04 0185ffb8 77e6608b w3core!HTTP_COMPRESSION::CompressionThread+0x126 05 0185ffec 00000000 kernel32!BaseThreadStart+0x34 Thread ID: 12 System Thread ID: 1d4c Kernel Time: 0:0:0.0 User Time: 0:0:0.0 Thread Type: Possible ASP page. Possible DCOM activity Executing Page: Unable to locate ASP page No remote call being made # ChildEBP RetAddr 00 0189fe18 7c821c54 ntdll!KiFastSystemCallRet 01 0189fe1c 77c7538c ntdll!ZwReplyWaitReceivePortEx+0xc 02 0189ff84 77c5778f RPCRT4!LRPC_ADDRESS::ReceiveLotsaCalls+0x198 03 0189ff8c 77c5f7dd RPCRT4!RecvLotsaCallsWrapper+0xd 04 0189ffac 77c5de88 RPCRT4!BaseCachedThreadRoutine+0x9d 05 0189ffb8 77e6608b RPCRT4!ThreadStartRoutine+0x1b 06 0189ffec 00000000 kernel32!BaseThreadStart+0x34 Thread ID: 13 System Thread ID: 1b18 Kernel Time: 0:0:0.0 User Time: 0:0:0.0 Thread Type: Other # ChildEBP RetAddr 00 018dff8c 7c821364 ntdll!KiFastSystemCallRet 01 018dff90 7c815267 ntdll!NtDelayExecution+0xc 02 018dffb8 77e6608b ntdll!RtlpIOWorkerThread+0x3f 03 018dffec 00000000 kernel32!BaseThreadStart+0x34 Thread ID: 14 System Thread ID: 1968 Kernel Time: 0:0:0.0 User Time: 0:0:0.0 Thread Status: Thread is in a WAIT state. Thread Type: ASP Executing Page: Unable to locate ASP page # ChildEBP RetAddr 00 0257ff0c 7c822124 ntdll!KiFastSystemCallRet 01 0257ff10 77e6bad8 ntdll!NtWaitForSingleObject+0xc 02 0257ff80 77e6ba42 kernel32!WaitForSingleObjectEx+0xac 03 0257ff94 709fc91b kernel32!WaitForSingleObject+0x12 04 0257ffb4 709fc8f3 asp!CApplnCleanupMgr::ApplnCleanupDoWork+0x1e 05 0257ffb8 77e6608b asp!CApplnCleanupMgr::ApplnCleanupThread+0xa 06 0257ffec 00000000 kernel32!BaseThreadStart+0x34 Thread ID: 15 System Thread ID: a50 Kernel Time: 0:0:0.0 User Time: 0:0:0.0 Thread Status: Thread is in a WAIT state. Thread Type: ASP Executing Page: Unable to locate ASP page # ChildEBP RetAddr 00 0263fe1c 7c822114 ntdll!KiFastSystemCallRet 01 0263fe20 77e67143 ntdll!NtWaitForMultipleObjects+0xc 02 0263fec8 7739cd08 kernel32!WaitForMultipleObjectsEx+0x11a 03 0263ff24 7738e381 USER32!RealMsgWaitForMultipleObjectsEx+0x141 04 0263ff40 709fbcbe USER32!MsgWaitForMultipleObjects+0x1f 05 0263ff84 77bcb530 asp!CMTACallbackThread::Thread+0x4f 06 0263ffb8 77e6608b msvcrt!_endthreadex+0xa3 07 0263ffec 00000000 kernel32!BaseThreadStart+0x34 Thread ID: 16 System Thread ID: 1acc Kernel Time: 0:0:0.0 User Time: 0:0:0.0 Thread Status: Thread is in a WAIT state. Thread Type: ASP Executing Page: Unable to locate ASP page # ChildEBP RetAddr 00 026bfef4 7c822124 ntdll!KiFastSystemCallRet 01 026bfef8 77e6bad8 ntdll!NtWaitForSingleObject+0xc 02 026bff68 77e6ba42 kernel32!WaitForSingleObjectEx+0xac 03 026bff7c 709fe9b7 kernel32!WaitForSingleObject+0x12 04 026bffb8 77e6608b asp!CViperReqManager::WatchThread+0x68 05 026bffec 00000000 kernel32!BaseThreadStart+0x34 Thread ID: 17 System Thread ID: 19a4 Kernel Time: 0:0:0.0 User Time: 0:0:0.0 Thread Status: Thread is in a WAIT state. Thread Type: Idle ASP thread # ChildEBP RetAddr 00 026ffee8 7c822124 ntdll!KiFastSystemCallRet 01 026ffeec 77e6bad8 ntdll!NtWaitForSingleObject+0xc 02 026fff5c 77e6ba42 kernel32!WaitForSingleObjectEx+0xac 03 026fff70 75bd4bd0 kernel32!WaitForSingleObject+0x12 04 026fff84 77bcb530 comsvcs!CSTAThreadPool::LoadBalanceThreadControlLoop+0x29 05 026fffb8 77e6608b msvcrt!_endthreadex+0xa3 06 026fffec 00000000 kernel32!BaseThreadStart+0x34 Thread ID: 18 System Thread ID: 1d10 Kernel Time: 0:0:0.0 User Time: 0:0:0.0 Thread Status: Thread is in a WAIT state. Thread Type: Idle ASP thread # ChildEBP RetAddr 00 0273fee0 7c822124 ntdll!KiFastSystemCallRet 01 0273fee4 77e6bad8 ntdll!NtWaitForSingleObject+0xc 02 0273ff54 77e6ba42 kernel32!WaitForSingleObjectEx+0xac 03 0273ff68 75bd464d kernel32!WaitForSingleObject+0x12 04 0273ff84 77bcb530 comsvcs!CSTAThreadPool::KillThreadControlLoop+0x25 05 0273ffb8 77e6608b msvcrt!_endthreadex+0xa3 06 0273ffec 00000000 kernel32!BaseThreadStart+0x34 Thread ID: 19 System Thread ID: 1ac4 Kernel Time: 0:0:0.62 User Time: 0:0:0.78 Thread Status: Thread is in a WAIT state. Thread Type: Idle ASP thread # ChildEBP RetAddr 00 0277fdcc 7c822114 ntdll!KiFastSystemCallRet 01 0277fdd0 77e67143 ntdll!NtWaitForMultipleObjects+0xc 02 0277fe78 7739cd08 kernel32!WaitForMultipleObjectsEx+0x11a 03 0277fed4 7738e381 USER32!RealMsgWaitForMultipleObjectsEx+0x141 04 0277fef0 75bd86c6 USER32!MsgWaitForMultipleObjects+0x1f 05 0277ff84 77bcb530 comsvcs!CSTAThread::WorkerLoop+0x1e5 06 0277ffb8 77e6608b msvcrt!_endthreadex+0xa3 07 0277ffec 00000000 kernel32!BaseThreadStart+0x34 Thread ID: 20 System Thread ID: 1d78 Kernel Time: 0:0:0.0 User Time: 0:0:0.15 Thread Status: Thread is in a WAIT state. Thread Type: Idle ASP thread # ChildEBP RetAddr 00 027bfdcc 7c822114 ntdll!KiFastSystemCallRet 01 027bfdd0 77e67143 ntdll!NtWaitForMultipleObjects+0xc 02 027bfe78 7739cd08 kernel32!WaitForMultipleObjectsEx+0x11a 03 027bfed4 7738e381 USER32!RealMsgWaitForMultipleObjectsEx+0x141 04 027bfef0 75bd86c6 USER32!MsgWaitForMultipleObjects+0x1f 05 027bff84 77bcb530 comsvcs!CSTAThread::WorkerLoop+0x1e5 06 027bffb8 77e6608b msvcrt!_endthreadex+0xa3 07 027bffec 00000000 kernel32!BaseThreadStart+0x34 Thread ID: 21 System Thread ID: 1fd8 Kernel Time: 0:0:0.109 User Time: 0:0:0.234 Thread Status: Thread is in a WAIT state. Thread Type: Idle ASP thread # ChildEBP RetAddr 00 027ffdcc 7c822114 ntdll!KiFastSystemCallRet 01 027ffdd0 77e67143 ntdll!NtWaitForMultipleObjects+0xc 02 027ffe78 7739cd08 kernel32!WaitForMultipleObjectsEx+0x11a 03 027ffed4 7738e381 USER32!RealMsgWaitForMultipleObjectsEx+0x141 04 027ffef0 75bd86c6 USER32!MsgWaitForMultipleObjects+0x1f 05 027fff84 77bcb530 comsvcs!CSTAThread::WorkerLoop+0x1e5 06 027fffb8 77e6608b msvcrt!_endthreadex+0xa3 07 027fffec 00000000 kernel32!BaseThreadStart+0x34 Thread ID: 22 System Thread ID: 1b64 Kernel Time: 0:0:0.0 User Time: 0:0:0.0 Thread Status: Thread is in a WAIT state. Thread Type: Idle ASP thread # ChildEBP RetAddr 00 0283fdcc 7c822114 ntdll!KiFastSystemCallRet 01 0283fdd0 77e67143 ntdll!NtWaitForMultipleObjects+0xc 02 0283fe78 7739cd08 kernel32!WaitForMultipleObjectsEx+0x11a 03 0283fed4 7738e381 USER32!RealMsgWaitForMultipleObjectsEx+0x141 04 0283fef0 75bd86c6 USER32!MsgWaitForMultipleObjects+0x1f 05 0283ff84 77bcb530 comsvcs!CSTAThread::WorkerLoop+0x1e5 06 0283ffb8 77e6608b msvcrt!_endthreadex+0xa3 07 0283ffec 00000000 kernel32!BaseThreadStart+0x34 Thread ID: 23 System Thread ID: 1de8 Kernel Time: 0:0:0.0 User Time: 0:0:0.0 Thread Status: Thread is in a WAIT state. Thread Type: Idle ASP thread # ChildEBP RetAddr 00 02f3fd00 7c822124 ntdll!KiFastSystemCallRet 01 02f3fd04 77e6bad8 ntdll!NtWaitForSingleObject+0xc 02 02f3fd74 77e6ba42 kernel32!WaitForSingleObjectEx+0xac 03 02f3fd88 75bb22b9 kernel32!WaitForSingleObject+0x12 04 02f3ffb8 77e6608b comsvcs!PingThread+0xf6 05 02f3ffec 00000000 kernel32!BaseThreadStart+0x34 Thread ID: 24 System Thread ID: 18ac Kernel Time: 0:0:0.0 User Time: 0:0:0.0 Thread Type: Other # ChildEBP RetAddr 00 02f9ff40 7c821bf4 ntdll!KiFastSystemCallRet 01 02f9ff44 77e66142 ntdll!NtRemoveIoCompletion+0xc 02 02f9ff70 3381bdba kernel32!GetQueuedCompletionStatus+0x29 03 02f9ffb8 77e6608b sqlncli!SNIAsyncWait+0x9e 04 02f9ffec 00000000 kernel32!BaseThreadStart+0x34 Thread ID: 25 System Thread ID: 1290 Kernel Time: 0:0:0.0 User Time: 0:0:0.0 Thread Type: Other # ChildEBP RetAddr 00 03b1ff70 7c821bf4 ntdll!KiFastSystemCallRet 01 03b1ff74 7c83ad75 ntdll!NtRemoveIoCompletion+0xc 02 03b1ffb8 77e6608b ntdll!RtlpWorkerThread+0x3d 03 03b1ffec 00000000 kernel32!BaseThreadStart+0x34 Thread ID: 26 System Thread ID: 10f4 Kernel Time: 0:0:0.0 User Time: 0:0:0.0 Thread Type: Other # ChildEBP RetAddr 00 03b5ff70 7c821bf4 ntdll!KiFastSystemCallRet 01 03b5ff74 7c83ad75 ntdll!NtRemoveIoCompletion+0xc 02 03b5ffb8 77e6608b ntdll!RtlpWorkerThread+0x3d 03 03b5ffec 00000000 kernel32!BaseThreadStart+0x34 Thread ID: 27 System Thread ID: 1d1c Kernel Time: 0:0:0.0 User Time: 0:0:0.0 Thread Type: Other # ChildEBP RetAddr 00 03c9ff70 7c821bf4 ntdll!KiFastSystemCallRet 01 03c9ff74 7c83ad75 ntdll!NtRemoveIoCompletion+0xc 02 03c9ffb8 77e6608b ntdll!RtlpWorkerThread+0x3d 03 03c9ffec 00000000 kernel32!BaseThreadStart+0x34 Thread ID: 28 System Thread ID: 1890 Kernel Time: 0:0:0.0 User Time: 0:0:0.0 Thread Type: Other # ChildEBP RetAddr 00 03cdff70 7c821bf4 ntdll!KiFastSystemCallRet 01 03cdff74 7c83ad75 ntdll!NtRemoveIoCompletion+0xc 02 03cdffb8 77e6608b ntdll!RtlpWorkerThread+0x3d 03 03cdffec 00000000 kernel32!BaseThreadStart+0x34 ***** Dump name is formatted as: PID-Timestamp.dmp Creating C:\Program Files\IIS Resources\IISState\output\3868-1158834476.dmp - user full dump Dump successfully written ***** Closing open log file C:\Program Files\IIS Resources\IISState\output\IISState.log Opened log file 'C:\Program Files\IIS Resources\IISState\output\IISState.log' *********************** Starting new log output IISState version 3.0 Fri Sep 22 10:21:42 2006 OS = Windows 2003 Server Executable: w3wp.exe PID = 7844 Note: Thread times are formatted as HH:MM:SS.ms *********************** Thread ID: 0 System Thread ID: b0c Kernel Time: 0:0:0.46 User Time: 0:0:0.62 Thread Status: Thread is in a WAIT state. Thread Type: HTTP Compression Thread # ChildEBP RetAddr 00 0007fc08 7c822124 ntdll!KiFastSystemCallRet 01 0007fc0c 77e6bad8 ntdll!NtWaitForSingleObject+0xc 02 0007fc7c 77e6ba42 kernel32!WaitForSingleObjectEx+0xac 03 0007fc90 5a36467a kernel32!WaitForSingleObject+0x12 04 0007fca0 5a366e63 w3dt!WP_CONTEXT::RunMainThreadLoop+0x10 05 0007fca8 5a3af41d w3dt!UlAtqStartListen+0x2d 06 0007fcb8 5a3bc259 w3core!W3_SERVER::StartListen+0xbd 07 0007ff0c 0100187c w3core!UlW3Start+0x26e 08 0007ff44 01001a23 w3wp!wmain+0x22a 09 0007ffc0 77e523e5 w3wp!wmainCRTStartup+0x12b 0a 0007fff0 00000000 kernel32!BaseProcessStart+0x23 Thread ID: 1 System Thread ID: 1238 Kernel Time: 0:0:0.0 User Time: 0:0:0.0 Thread Type: Other # ChildEBP RetAddr 00 009eff9c 7c821364 ntdll!KiFastSystemCallRet 01 009effa0 7c81fe26 ntdll!NtDelayExecution+0xc 02 009effb8 77e6608b ntdll!RtlpTimerThread+0x47 03 009effec 00000000 kernel32!BaseThreadStart+0x34 Thread ID: 2 System Thread ID: 1fd8 Kernel Time: 0:0:0.0 User Time: 0:0:0.0 Thread Type: HTTP Listener # ChildEBP RetAddr 00 00c8ff24 7c821bf4 ntdll!KiFastSystemCallRet 01 00c8ff28 77e66142 ntdll!NtRemoveIoCompletion+0xc 02 00c8ff54 5a30249e kernel32!GetQueuedCompletionStatus+0x29 03 00c8ff8c 5a3026bc W3TP!THREAD_POOL_DATA::ThreadPoolThread+0x33 04 00c8ffa0 5a301db9 W3TP!THREAD_POOL_DATA::ThreadPoolThread+0x24 05 00c8ffb8 77e6608b W3TP!THREAD_MANAGER::ThreadManagerThread+0x39 06 00c8ffec 00000000 kernel32!BaseThreadStart+0x34 Thread ID: 3 System Thread ID: 1bb0 Kernel Time: 0:0:0.0 User Time: 0:0:0.0 Thread Type: HTTP Listener # ChildEBP RetAddr 00 00ccff24 7c821bf4 ntdll!KiFastSystemCallRet 01 00ccff28 77e66142 ntdll!NtRemoveIoCompletion+0xc 02 00ccff54 5a30249e kernel32!GetQueuedCompletionStatus+0x29 03 00ccff8c 5a3026bc W3TP!THREAD_POOL_DATA::ThreadPoolThread+0x33 04 00ccffa0 5a301db9 W3TP!THREAD_POOL_DATA::ThreadPoolThread+0x24 05 00ccffb8 77e6608b W3TP!THREAD_MANAGER::ThreadManagerThread+0x39 06 00ccffec 00000000 kernel32!BaseThreadStart+0x34 Thread ID: 4 System Thread ID: e28 Kernel Time: 0:0:0.171 User Time: 0:0:0.46 Thread Type: HTTP Listener # ChildEBP RetAddr 00 00d0ff24 7c821bf4 ntdll!KiFastSystemCallRet 01 00d0ff28 77e66142 ntdll!NtRemoveIoCompletion+0xc 02 00d0ff54 5a30249e kernel32!GetQueuedCompletionStatus+0x29 03 00d0ff8c 5a3026bc W3TP!THREAD_POOL_DATA::ThreadPoolThread+0x33 04 00d0ffa0 5a301db9 W3TP!THREAD_POOL_DATA::ThreadPoolThread+0x24 05 00d0ffb8 77e6608b W3TP!THREAD_MANAGER::ThreadManagerThread+0x39 06 00d0ffec 00000000 kernel32!BaseThreadStart+0x34 Thread ID: 5 System Thread ID: 1850 Kernel Time: 0:0:0.46 User Time: 0:0:0.31 Thread Type: HTTP Listener # ChildEBP RetAddr 00 00d4ff24 7c821bf4 ntdll!KiFastSystemCallRet 01 00d4ff28 77e66142 ntdll!NtRemoveIoCompletion+0xc 02 00d4ff54 5a30249e kernel32!GetQueuedCompletionStatus+0x29 03 00d4ff8c 5a3026bc W3TP!THREAD_POOL_DATA::ThreadPoolThread+0x33 04 00d4ffa0 5a301db9 W3TP!THREAD_POOL_DATA::ThreadPoolThread+0x24 05 00d4ffb8 77e6608b W3TP!THREAD_MANAGER::ThreadManagerThread+0x39 06 00d4ffec 00000000 kernel32!BaseThreadStart+0x34 Thread ID: 6 System Thread ID: 1e88 Kernel Time: 0:0:0.0 User Time: 0:0:0.0 Thread Status: Thread is in a WAIT state. Thread Type: Other # ChildEBP RetAddr 00 00e0fcec 7c822114 ntdll!KiFastSystemCallRet 01 00e0fcf0 7c83acfd ntdll!NtWaitForMultipleObjects+0xc 02 00e0ffb8 77e6608b ntdll!RtlpWaitThread+0x161 03 00e0ffec 00000000 kernel32!BaseThreadStart+0x34 Thread ID: 7 System Thread ID: 1ec0 Kernel Time: 0:0:0.0 User Time: 0:0:0.0 Thread Status: Thread is in a WAIT state. Thread Type: HTTP Compression Thread # ChildEBP RetAddr 00 0185fa84 7c822124 ntdll!KiFastSystemCallRet 01 0185fa88 77e6bad8 ntdll!NtWaitForSingleObject+0xc 02 0185faf8 77e6ba42 kernel32!WaitForSingleObjectEx+0xac 03 0185fb0c 5a3b8147 kernel32!WaitForSingleObject+0x12 04 0185ffb8 77e6608b w3core!HTTP_COMPRESSION::CompressionThread+0x126 05 0185ffec 00000000 kernel32!BaseThreadStart+0x34 Thread ID: 8 System Thread ID: e04 Kernel Time: 0:0:0.0 User Time: 0:0:0.0 Thread Type: Other # ChildEBP RetAddr 00 018dff8c 7c821364 ntdll!KiFastSystemCallRet 01 018dff90 7c815267 ntdll!NtDelayExecution+0xc 02 018dffb8 77e6608b ntdll!RtlpIOWorkerThread+0x3f 03 018dffec 00000000 kernel32!BaseThreadStart+0x34 Thread ID: 9 System Thread ID: db8 Kernel Time: 0:0:0.0 User Time: 0:0:0.0 Thread Status: Thread is in a WAIT state. Thread Type: ASP Executing Page: Unable to locate ASP page # ChildEBP RetAddr 00 0257ff0c 7c822124 ntdll!KiFastSystemCallRet 01 0257ff10 77e6bad8 ntdll!NtWaitForSingleObject+0xc 02 0257ff80 77e6ba42 kernel32!WaitForSingleObjectEx+0xac 03 0257ff94 709fc91b kernel32!WaitForSingleObject+0x12 04 0257ffb4 709fc8f3 asp!CApplnCleanupMgr::ApplnCleanupDoWork+0x1e 05 0257ffb8 77e6608b asp!CApplnCleanupMgr::ApplnCleanupThread+0xa 06 0257ffec 00000000 kernel32!BaseThreadStart+0x34 Thread ID: 10 System Thread ID: 1ca0 Kernel Time: 0:0:0.0 User Time: 0:0:0.0 Thread Status: Thread is in a WAIT state. Thread Type: ASP Executing Page: Unable to locate ASP page # ChildEBP RetAddr 00 0263fe1c 7c822114 ntdll!KiFastSystemCallRet 01 0263fe20 77e67143 ntdll!NtWaitForMultipleObjects+0xc 02 0263fec8 7739cd08 kernel32!WaitForMultipleObjectsEx+0x11a 03 0263ff24 7738e381 USER32!RealMsgWaitForMultipleObjectsEx+0x141 04 0263ff40 709fbcbe USER32!MsgWaitForMultipleObjects+0x1f 05 0263ff84 77bcb530 asp!CMTACallbackThread::Thread+0x4f 06 0263ffb8 77e6608b msvcrt!_endthreadex+0xa3 07 0263ffec 00000000 kernel32!BaseThreadStart+0x34 Thread ID: 11 System Thread ID: 14bc Kernel Time: 0:0:0.0 User Time: 0:0:0.0 Thread Status: Thread is in a WAIT state. Thread Type: ASP Executing Page: Unable to locate ASP page # ChildEBP RetAddr 00 0267fef4 7c822124 ntdll!KiFastSystemCallRet 01 0267fef8 77e6bad8 ntdll!NtWaitForSingleObject+0xc 02 0267ff68 77e6ba42 kernel32!WaitForSingleObjectEx+0xac 03 0267ff7c 709fe9b7 kernel32!WaitForSingleObject+0x12 04 0267ffb8 77e6608b asp!CViperReqManager::WatchThread+0x68 05 0267ffec 00000000 kernel32!BaseThreadStart+0x34 Thread ID: 12 System Thread ID: 1bec Kernel Time: 0:0:0.0 User Time: 0:0:0.0 Thread Status: Thread is in a WAIT state. Thread Type: Idle ASP thread # ChildEBP RetAddr 00 026dfee8 7c822124 ntdll!KiFastSystemCallRet 01 026dfeec 77e6bad8 ntdll!NtWaitForSingleObject+0xc 02 026dff5c 77e6ba42 kernel32!WaitForSingleObjectEx+0xac 03 026dff70 75bd4bd0 kernel32!WaitForSingleObject+0x12 04 026dff84 77bcb530 comsvcs!CSTAThreadPool::LoadBalanceThreadControlLoop+0x29 05 026dffb8 77e6608b msvcrt!_endthreadex+0xa3 06 026dffec 00000000 kernel32!BaseThreadStart+0x34 Thread ID: 13 System Thread ID: 11a8 Kernel Time: 0:0:0.0 User Time: 0:0:0.0 Thread Status: Thread is in a WAIT state. Thread Type: Idle ASP thread # ChildEBP RetAddr 00 0271fee0 7c822124 ntdll!KiFastSystemCallRet 01 0271fee4 77e6bad8 ntdll!NtWaitForSingleObject+0xc 02 0271ff54 77e6ba42 kernel32!WaitForSingleObjectEx+0xac 03 0271ff68 75bd464d kernel32!WaitForSingleObject+0x12 04 0271ff84 77bcb530 comsvcs!CSTAThreadPool::KillThreadControlLoop+0x25 05 0271ffb8 77e6608b msvcrt!_endthreadex+0xa3 06 0271ffec 00000000 kernel32!BaseThreadStart+0x34 Thread ID: 14 System Thread ID: 1e1c Kernel Time: 0:0:0.62 User Time: 0:0:0.78 Thread Status: Thread is in a WAIT state. Thread Type: Idle ASP thread # ChildEBP RetAddr 00 0275fdcc 7c822114 ntdll!KiFastSystemCallRet 01 0275fdd0 77e67143 ntdll!NtWaitForMultipleObjects+0xc 02 0275fe78 7739cd08 kernel32!WaitForMultipleObjectsEx+0x11a 03 0275fed4 7738e381 USER32!RealMsgWaitForMultipleObjectsEx+0x141 04 0275fef0 75bd86c6 USER32!MsgWaitForMultipleObjects+0x1f 05 0275ff84 77bcb530 comsvcs!CSTAThread::WorkerLoop+0x1e5 06 0275ffb8 77e6608b msvcrt!_endthreadex+0xa3 07 0275ffec 00000000 kernel32!BaseThreadStart+0x34 Thread ID: 15 System Thread ID: 1f38 Kernel Time: 0:0:0.15 User Time: 0:0:0.31 Thread Status: Thread is in a WAIT state. Thread Type: Idle ASP thread # ChildEBP RetAddr 00 0279fdcc 7c822114 ntdll!KiFastSystemCallRet 01 0279fdd0 77e67143 ntdll!NtWaitForMultipleObjects+0xc 02 0279fe78 7739cd08 kernel32!WaitForMultipleObjectsEx+0x11a 03 0279fed4 7738e381 USER32!RealMsgWaitForMultipleObjectsEx+0x141 04 0279fef0 75bd86c6 USER32!MsgWaitForMultipleObjects+0x1f 05 0279ff84 77bcb530 comsvcs!CSTAThread::WorkerLoop+0x1e5 06 0279ffb8 77e6608b msvcrt!_endthreadex+0xa3 07 0279ffec 00000000 kernel32!BaseThreadStart+0x34 Thread ID: 16 System Thread ID: 1ea0 Kernel Time: 0:0:0.78 User Time: 0:0:0.218 Thread Status: Thread is in a WAIT state. Thread Type: Idle ASP thread # ChildEBP RetAddr 00 027dfdcc 7c822114 ntdll!KiFastSystemCallRet 01 027dfdd0 77e67143 ntdll!NtWaitForMultipleObjects+0xc 02 027dfe78 7739cd08 kernel32!WaitForMultipleObjectsEx+0x11a 03 027dfed4 7738e381 USER32!RealMsgWaitForMultipleObjectsEx+0x141 04 027dfef0 75bd86c6 USER32!MsgWaitForMultipleObjects+0x1f 05 027dff84 77bcb530 comsvcs!CSTAThread::WorkerLoop+0x1e5 06 027dffb8 77e6608b msvcrt!_endthreadex+0xa3 07 027dffec 00000000 kernel32!BaseThreadStart+0x34 Thread ID: 17 System Thread ID: 1a54 Kernel Time: 0:0:0.15 User Time: 0:0:0.0 Thread Status: Thread is in a WAIT state. Thread Type: Idle ASP thread # ChildEBP RetAddr 00 0281fdcc 7c822114 ntdll!KiFastSystemCallRet 01 0281fdd0 77e67143 ntdll!NtWaitForMultipleObjects+0xc 02 0281fe78 7739cd08 kernel32!WaitForMultipleObjectsEx+0x11a 03 0281fed4 7738e381 USER32!RealMsgWaitForMultipleObjectsEx+0x141 04 0281fef0 75bd86c6 USER32!MsgWaitForMultipleObjects+0x1f 05 0281ff84 77bcb530 comsvcs!CSTAThread::WorkerLoop+0x1e5 06 0281ffb8 77e6608b msvcrt!_endthreadex+0xa3 07 0281ffec 00000000 kernel32!BaseThreadStart+0x34 Thread ID: 18 System Thread ID: 18b8 Kernel Time: 0:0:0.0 User Time: 0:0:0.0 Thread Status: Thread is in a WAIT state. Thread Type: Idle ASP thread # ChildEBP RetAddr 00 02f3fd00 7c822124 ntdll!KiFastSystemCallRet 01 02f3fd04 77e6bad8 ntdll!NtWaitForSingleObject+0xc 02 02f3fd74 77e6ba42 kernel32!WaitForSingleObjectEx+0xac 03 02f3fd88 75bb22b9 kernel32!WaitForSingleObject+0x12 04 02f3ffb8 77e6608b comsvcs!PingThread+0xf6 05 02f3ffec 00000000 kernel32!BaseThreadStart+0x34 Thread ID: 19 System Thread ID: 1530 Kernel Time: 0:0:0.0 User Time: 0:0:0.0 Thread Type: Other # ChildEBP RetAddr 00 02f9ff40 7c821bf4 ntdll!KiFastSystemCallRet 01 02f9ff44 77e66142 ntdll!NtRemoveIoCompletion+0xc 02 02f9ff70 3381bdba kernel32!GetQueuedCompletionStatus+0x29 03 02f9ffb8 77e6608b sqlncli!SNIAsyncWait+0x9e 04 02f9ffec 00000000 kernel32!BaseThreadStart+0x34 Thread ID: 20 System Thread ID: 1470 Kernel Time: 0:0:0.0 User Time: 0:0:0.0 Thread Type: Other # ChildEBP RetAddr 00 0380ff70 7c821bf4 ntdll!KiFastSystemCallRet 01 0380ff74 7c83ad75 ntdll!NtRemoveIoCompletion+0xc 02 0380ffb8 77e6608b ntdll!RtlpWorkerThread+0x3d 03 0380ffec 00000000 kernel32!BaseThreadStart+0x34 Thread ID: 21 System Thread ID: 1364 Kernel Time: 0:0:0.234 User Time: 0:0:1.515 Thread Status: Thread is in a WAIT state. Thread Type: Idle ASP thread # ChildEBP RetAddr 00 039cfdcc 7c822114 ntdll!KiFastSystemCallRet 01 039cfdd0 77e67143 ntdll!NtWaitForMultipleObjects+0xc 02 039cfe78 7739cd08 kernel32!WaitForMultipleObjectsEx+0x11a 03 039cfed4 7738e381 USER32!RealMsgWaitForMultipleObjectsEx+0x141 04 039cfef0 75bd86c6 USER32!MsgWaitForMultipleObjects+0x1f 05 039cff84 77bcb530 comsvcs!CSTAThread::WorkerLoop+0x1e5 06 039cffb8 77e6608b msvcrt!_endthreadex+0xa3 07 039cffec 00000000 kernel32!BaseThreadStart+0x34 Thread ID: 22 System Thread ID: 1e98 Kernel Time: 0:0:0.531 User Time: 0:0:2.421 Thread Status: Thread is in a WAIT state. Thread Type: Idle ASP thread # ChildEBP RetAddr 00 0384fdcc 7c822114 ntdll!KiFastSystemCallRet 01 0384fdd0 77e67143 ntdll!NtWaitForMultipleObjects+0xc 02 0384fe78 7739cd08 kernel32!WaitForMultipleObjectsEx+0x11a 03 0384fed4 7738e381 USER32!RealMsgWaitForMultipleObjectsEx+0x141 04 0384fef0 75bd86c6 USER32!MsgWaitForMultipleObjects+0x1f 05 0384ff84 77bcb530 comsvcs!CSTAThread::WorkerLoop+0x1e5 06 0384ffb8 77e6608b msvcrt!_endthreadex+0xa3 07 0384ffec 00000000 kernel32!BaseThreadStart+0x34 Thread ID: 23 System Thread ID: 1b94 Kernel Time: 0:0:0.359 User Time: 0:0:1.593 Thread Status: Thread is in a WAIT state. Thread Type: Idle ASP thread # ChildEBP RetAddr 00 03f0fdcc 7c822114 ntdll!KiFastSystemCallRet 01 03f0fdd0 77e67143 ntdll!NtWaitForMultipleObjects+0xc 02 03f0fe78 7739cd08 kernel32!WaitForMultipleObjectsEx+0x11a 03 03f0fed4 7738e381 USER32!RealMsgWaitForMultipleObjectsEx+0x141 04 03f0fef0 75bd86c6 USER32!MsgWaitForMultipleObjects+0x1f 05 03f0ff84 77bcb530 comsvcs!CSTAThread::WorkerLoop+0x1e5 06 03f0ffb8 77e6608b msvcrt!_endthreadex+0xa3 07 03f0ffec 00000000 kernel32!BaseThreadStart+0x34 Thread ID: 24 System Thread ID: 1e68 Kernel Time: 0:0:0.218 User Time: 0:0:1.562 Thread Status: Thread is in a WAIT state. Thread Type: Idle ASP thread # ChildEBP RetAddr 00 03c0fdcc 7c822114 ntdll!KiFastSystemCallRet 01 03c0fdd0 77e67143 ntdll!NtWaitForMultipleObjects+0xc 02 03c0fe78 7739cd08 kernel32!WaitForMultipleObjectsEx+0x11a 03 03c0fed4 7738e381 USER32!RealMsgWaitForMultipleObjectsEx+0x141 04 03c0fef0 75bd86c6 USER32!MsgWaitForMultipleObjects+0x1f 05 03c0ff84 77bcb530 comsvcs!CSTAThread::WorkerLoop+0x1e5 06 03c0ffb8 77e6608b msvcrt!_endthreadex+0xa3 07 03c0ffec 00000000 kernel32!BaseThreadStart+0x34 Thread ID: 25 System Thread ID: 14a8 Kernel Time: 0:0:0.234 User Time: 0:0:1.562 Thread Status: Thread is in a WAIT state. Thread Type: Idle ASP thread # ChildEBP RetAddr 00 03c8fdcc 7c822114 ntdll!KiFastSystemCallRet 01 03c8fdd0 77e67143 ntdll!NtWaitForMultipleObjects+0xc 02 03c8fe78 7739cd08 kernel32!WaitForMultipleObjectsEx+0x11a 03 03c8fed4 7738e381 USER32!RealMsgWaitForMultipleObjectsEx+0x141 04 03c8fef0 75bd86c6 USER32!MsgWaitForMultipleObjects+0x1f 05 03c8ff84 77bcb530 comsvcs!CSTAThread::WorkerLoop+0x1e5 06 03c8ffb8 77e6608b msvcrt!_endthreadex+0xa3 07 03c8ffec 00000000 kernel32!BaseThreadStart+0x34 Thread ID: 26 System Thread ID: 12a0 Kernel Time: 0:0:0.93 User Time: 0:0:0.390 Thread Status: Thread is in a WAIT state. Thread Type: Idle ASP thread # ChildEBP RetAddr 00 047afdcc 7c822114 ntdll!KiFastSystemCallRet 01 047afdd0 77e67143 ntdll!NtWaitForMultipleObjects+0xc 02 047afe78 7739cd08 kernel32!WaitForMultipleObjectsEx+0x11a 03 047afed4 7738e381 USER32!RealMsgWaitForMultipleObjectsEx+0x141 04 047afef0 75bd86c6 USER32!MsgWaitForMultipleObjects+0x1f 05 047aff84 77bcb530 comsvcs!CSTAThread::WorkerLoop+0x1e5 06 047affb8 77e6608b msvcrt!_endthreadex+0xa3 07 047affec 00000000 kernel32!BaseThreadStart+0x34 Thread ID: 27 System Thread ID: cb4 Kernel Time: 0:0:0.328 User Time: 0:0:1.687 Thread Status: Thread is in a WAIT state. Thread Type: Other # ChildEBP RetAddr 00 052bfe78 7c822124 ntdll!KiFastSystemCallRet 01 052bfe7c 77e6bad8 ntdll!NtWaitForSingleObject+0xc 02 052bfeec 77e6ba42 kernel32!WaitForSingleObjectEx+0xac 03 052bff00 791d401f kernel32!WaitForSingleObject+0x12 04 052bff24 791fdacc mscorsvr!ThreadpoolMgr::WorkerThreadStart+0x3a 05 052bffb8 77e6608b mscorsvr!ThreadpoolMgr::intermediateThreadProc+0x44 06 052bffec 00000000 kernel32!BaseThreadStart+0x34 Thread ID: 28 System Thread ID: 12f0 Kernel Time: 0:0:0.0 User Time: 0:0:0.0 Thread Status: Thread is in a WAIT state. Thread Type: Other # ChildEBP RetAddr 00 0540fe70 7c822114 ntdll!KiFastSystemCallRet 01 0540fe74 77e67143 ntdll!NtWaitForMultipleObjects+0xc 02 0540ff1c 77e6109d kernel32!WaitForMultipleObjectsEx+0x11a 03 0540ff38 79238fd6 kernel32!WaitForMultipleObjects+0x18 04 0540ffa0 79238f4d mscorsvr!DebuggerRCThread::MainLoop+0x90 05 0540ffb0 7923a714 mscorsvr!DebuggerRCThread::ThreadProc+0x68 06 0540ffb8 77e6608b mscorsvr!DebuggerRCThread::ThreadProcStatic+0xb 07 0540ffec 00000000 kernel32!BaseThreadStart+0x34 Thread ID: 29 System Thread ID: 1820 Kernel Time: 0:0:0.0 User Time: 0:0:0.31 Thread Status: Thread is in a WAIT state. Thread Type: Other # ChildEBP RetAddr 00 0f57fefc 7c822124 ntdll!KiFastSystemCallRet 01 0f57ff00 77e6bad8 ntdll!NtWaitForSingleObject+0xc 02 0f57ff70 77e6ba42 kernel32!WaitForSingleObjectEx+0xac 03 0f57ff84 791fe6b0 kernel32!WaitForSingleObject+0x12 04 0f57ffac 792356be mscorsvr!gc_heap::gc_thread_function+0x2f 05 0f57ffb8 77e6608b mscorsvr!gc_heap::gc_thread_stub+0x1e 06 0f57ffec 00000000 kernel32!BaseThreadStart+0x34 Thread ID: 30 System Thread ID: b00 Kernel Time: 0:0:0.0 User Time: 0:0:0.31 Thread Status: Thread is in a WAIT state. Thread Type: Other # ChildEBP RetAddr 00 0f5bfdfc 7c822124 ntdll!KiFastSystemCallRet 01 0f5bfe00 77e6bad8 ntdll!NtWaitForSingleObject+0xc 02 0f5bfe70 77e6ba42 kernel32!WaitForSingleObjectEx+0xac 03 0f5bfe84 791fe6b0 kernel32!WaitForSingleObject+0x12 04 0f5bfeac 792356be mscorsvr!gc_heap::gc_thread_function+0x2f 05 0f5bffb8 77e6608b mscorsvr!gc_heap::gc_thread_stub+0x1e 06 0f5bffec 00000000 kernel32!BaseThreadStart+0x34 Thread ID: 31 System Thread ID: 134 Kernel Time: 0:0:0.0 User Time: 0:0:0.0 Thread Status: Thread is in a WAIT state. Thread Type: Other # ChildEBP RetAddr 00 0f5ffdf8 7c822114 ntdll!KiFastSystemCallRet 01 0f5ffdfc 77e67143 ntdll!NtWaitForMultipleObjects+0xc 02 0f5ffea4 77e6109d kernel32!WaitForMultipleObjectsEx+0x11a 03 0f5ffec0 792782d9 kernel32!WaitForMultipleObjects+0x18 04 0f5ffee0 791fecf4 mscorsvr!WaitForFinalizerEvent+0xc8 05 0f5fff24 79245681 mscorsvr!GCHeap::FinalizerThreadStart+0x96 06 0f5fffb8 77e6608b mscorsvr!Thread::intermediateThreadProc+0x44 07 0f5fffec 00000000 kernel32!BaseThreadStart+0x34 Thread ID: 32 System Thread ID: e0c Kernel Time: 0:0:0.0 User Time: 0:0:0.0 Thread Type: Other # ChildEBP RetAddr 00 0f9eff38 7c821364 ntdll!KiFastSystemCallRet 01 0f9eff3c 77e41ea7 ntdll!NtDelayExecution+0xc 02 0f9effa4 791cc578 kernel32!SleepEx+0x68 03 0f9effb8 77e6608b mscorsvr!ThreadpoolMgr::TimerThreadStart+0x30 04 0f9effec 00000000 kernel32!BaseThreadStart+0x34 Thread ID: 33 System Thread ID: 1368 Kernel Time: 0:0:0.0 User Time: 0:0:0.15 Thread Type: Other # ChildEBP RetAddr 00 0fabfeb0 7c821364 ntdll!KiFastSystemCallRet 01 0fabfeb4 77e41ea7 ntdll!NtDelayExecution+0xc 02 0fabff1c 77e424c1 kernel32!SleepEx+0x68 03 0fabff2c 791bf4f9 kernel32!Sleep+0xf 04 0fabffb8 77e6608b mscorsvr!ThreadpoolMgr::GateThreadStart+0x54 05 0fabffec 00000000 kernel32!BaseThreadStart+0x34 Thread ID: 34 System Thread ID: 161c Kernel Time: 0:0:0.0 User Time: 0:0:0.0 Thread Status: Thread is in a WAIT state. Thread Type: Other # ChildEBP RetAddr 00 0fcefec0 7c822114 ntdll!KiFastSystemCallRet 01 0fcefec4 77e67143 ntdll!NtWaitForMultipleObjects+0xc 02 0fceff6c 77e6109d kernel32!WaitForMultipleObjectsEx+0x11a 03 0fceff88 76928415 kernel32!WaitForMultipleObjects+0x18 04 0fceffb8 77e6608b USERENV!NotificationThread+0x5f 05 0fceffec 00000000 kernel32!BaseThreadStart+0x34 Thread ID: 35 System Thread ID: 1428 Kernel Time: 0:0:0.0 User Time: 0:0:0.0 Thread Type: Other # ChildEBP RetAddr 00 106cff14 7739c78d ntdll!KiFastSystemCallRet 01 106cff34 77694ff1 USER32!NtUserGetMessage+0xc 02 106cff74 776cf35b ole32!CDllHost::STAWorkerLoop+0x72 03 106cff90 776cf2a3 ole32!CDllHost::WorkerThread+0xc8 04 106cff98 776b2307 ole32!DLLHostThreadEntry+0xd 05 106cffac 776b2374 ole32!CRpcThread::WorkerLoop+0x1e 06 106cffb8 77e6608b ole32!CRpcThreadCache::RpcWorkerThreadEntry+0x20 07 106cffec 00000000 kernel32!BaseThreadStart+0x34 Thread ID: 36 System Thread ID: 1998 Kernel Time: 0:0:0.0 User Time: 0:0:0.0 Thread Status: Thread is in a WAIT state. Thread Type: Other # ChildEBP RetAddr 00 1207fe48 7c822114 ntdll!KiFastSystemCallRet 01 1207fe4c 77e67143 ntdll!NtWaitForMultipleObjects+0xc 02 1207fef4 7739cd08 kernel32!WaitForMultipleObjectsEx+0x11a 03 1207ff50 7738e381 USER32!RealMsgWaitForMultipleObjectsEx+0x141 04 1207ff6c 4dda6ad4 USER32!MsgWaitForMultipleObjects+0x1f 05 1207ffb8 77e6608b gdiplus!BackgroundThreadProc+0x59 06 1207ffec 00000000 kernel32!BaseThreadStart+0x34 Thread ID: 37 System Thread ID: 1f18 Kernel Time: 0:0:0.0 User Time: 0:0:0.78 Thread Status: Thread is in a WAIT state. Thread Type: Other # ChildEBP RetAddr 00 0ff5fc78 7c822124 ntdll!KiFastSystemCallRet 01 0ff5fc7c 77e6bad8 ntdll!NtWaitForSingleObject+0xc 02 0ff5fcec 77e6ba42 kernel32!WaitForSingleObjectEx+0xac 03 0ff5fd00 791d401f kernel32!WaitForSingleObject+0x12 04 0ff5fd24 791fdacc mscorsvr!ThreadpoolMgr::WorkerThreadStart+0x3a 05 0ff5ffb8 77e6608b mscorsvr!ThreadpoolMgr::intermediateThreadProc+0x44 06 0ff5ffec 00000000 kernel32!BaseThreadStart+0x34 Thread ID: 38 System Thread ID: 1790 Kernel Time: 0:0:0.46 User Time: 0:0:0.421 Thread Status: Thread is in a WAIT state. Thread Type: Idle ASP thread # ChildEBP RetAddr 00 1381fdcc 7c822114 ntdll!KiFastSystemCallRet 01 1381fdd0 77e67143 ntdll!NtWaitForMultipleObjects+0xc 02 1381fe78 7739cd08 kernel32!WaitForMultipleObjectsEx+0x11a 03 1381fed4 7738e381 USER32!RealMsgWaitForMultipleObjectsEx+0x141 04 1381fef0 75bd86c6 USER32!MsgWaitForMultipleObjects+0x1f 05 1381ff84 77bcb530 comsvcs!CSTAThread::WorkerLoop+0x1e5 06 1381ffb8 77e6608b msvcrt!_endthreadex+0xa3 07 1381ffec 00000000 kernel32!BaseThreadStart+0x34 Thread ID: 39 System Thread ID: 10b8 Kernel Time: 0:0:0.0 User Time: 0:0:0.0 Thread Type: Possible ASP page. Possible DCOM activity Executing Page: Unable to locate ASP page No remote call being made # ChildEBP RetAddr 00 0404fe18 7c821c54 ntdll!KiFastSystemCallRet 01 0404fe1c 77c7538c ntdll!ZwReplyWaitReceivePortEx+0xc 02 0404ff84 77c5778f RPCRT4!LRPC_ADDRESS::ReceiveLotsaCalls+0x198 03 0404ff8c 77c5f7dd RPCRT4!RecvLotsaCallsWrapper+0xd 04 0404ffac 77c5de88 RPCRT4!BaseCachedThreadRoutine+0x9d 05 0404ffb8 77e6608b RPCRT4!ThreadStartRoutine+0x1b 06 0404ffec 00000000 kernel32!BaseThreadStart+0x34 Thread ID: 40 System Thread ID: 1460 Kernel Time: 0:0:0.0 User Time: 0:0:0.15 Thread Status: Thread is in a WAIT state. Thread Type: Idle ASP thread # ChildEBP RetAddr 00 04e2fdcc 7c822114 ntdll!KiFastSystemCallRet 01 04e2fdd0 77e67143 ntdll!NtWaitForMultipleObjects+0xc 02 04e2fe78 7739cd08 kernel32!WaitForMultipleObjectsEx+0x11a 03 04e2fed4 7738e381 USER32!RealMsgWaitForMultipleObjectsEx+0x141 04 04e2fef0 75bd86c6 USER32!MsgWaitForMultipleObjects+0x1f 05 04e2ff84 77bcb530 comsvcs!CSTAThread::WorkerLoop+0x1e5 06 04e2ffb8 77e6608b msvcrt!_endthreadex+0xa3 07 04e2ffec 00000000 kernel32!BaseThreadStart+0x34 Thread ID: 41 System Thread ID: 19ac Kernel Time: 0:0:0.0 User Time: 0:0:0.0 Thread Type: Other # ChildEBP RetAddr 00 0189ff70 7c821bf4 ntdll!KiFastSystemCallRet 01 0189ff74 7c83ad75 ntdll!NtRemoveIoCompletion+0xc 02 0189ffb8 77e6608b ntdll!RtlpWorkerThread+0x3d 03 0189ffec 00000000 kernel32!BaseThreadStart+0x34 Thread ID: 42 System Thread ID: 1b98 Kernel Time: 0:0:0.0 User Time: 0:0:0.0 Thread Type: Other # ChildEBP RetAddr 00 00a8ff70 7c821bf4 ntdll!KiFastSystemCallRet 01 00a8ff74 7c83ad75 ntdll!NtRemoveIoCompletion+0xc 02 00a8ffb8 77e6608b ntdll!RtlpWorkerThread+0x3d 03 00a8ffec 00000000 kernel32!BaseThreadStart+0x34 Thread ID: 43 System Thread ID: 514 Kernel Time: 0:0:0.0 User Time: 0:0:0.0 Thread Type: Other # ChildEBP RetAddr 00 03c4ff70 7c821bf4 ntdll!KiFastSystemCallRet 01 03c4ff74 7c83ad75 ntdll!NtRemoveIoCompletion+0xc 02 03c4ffb8 77e6608b ntdll!RtlpWorkerThread+0x3d 03 03c4ffec 00000000 kernel32!BaseThreadStart+0x34 Thread ID: 44 System Thread ID: b70 Kernel Time: 0:0:0.0 User Time: 0:0:0.0 Thread Type: Possible ASP page. Possible DCOM activity Executing Page: Unable to locate ASP page No remote call being made # ChildEBP RetAddr 00 03ccfe18 7c821c54 ntdll!KiFastSystemCallRet 01 03ccfe1c 77c7538c ntdll!ZwReplyWaitReceivePortEx+0xc 02 03ccff84 77c5778f RPCRT4!LRPC_ADDRESS::ReceiveLotsaCalls+0x198 03 03ccff8c 77c5f7dd RPCRT4!RecvLotsaCallsWrapper+0xd 04 03ccffac 77c5de88 RPCRT4!BaseCachedThreadRoutine+0x9d 05 03ccffb8 77e6608b RPCRT4!ThreadStartRoutine+0x1b 06 03ccffec 00000000 kernel32!BaseThreadStart+0x34 ***** Dump name is formatted as: PID-Timestamp.dmp Creating C:\Program Files\IIS Resources\IISState\output\7844-1158884548.dmp - user full dump Dump successfully written ***** Closing open log file C:\Program Files\IIS Resources\IISState\output\IISState.log Tag: How to programmatically clear network passwords from IE Tag: 387831
  - 8
    - Using a different SSL port seamlessly I want my IIS site to use a port other than 443 for SSL, but I don't want my users to have to type port numbers in when entering the URL. How can I avoid this and have it on a different port without users needing to know or enter port numbers? Tag: How to programmatically clear network passwords from IE Tag: 387830
  - 9
    - w3wp.exe not responding when memory usage exceed 800M? Hi, I've got a webserver and increasingly number of users, I noticed almost each time more than 50 users connected and the IIS worker process memory usage will climb up to 800MB or even more than 1,000MB. This causes the application stop responding with "OutOfMemory exception" or "Server application unavailable" sometimes I need to stop/start the www service if stop/start the site doesn't work, because recycling the application pool is just not responding, w3wp.exe seems dead. Does anyone have any ideas, thanks, Chris Tag: How to programmatically clear network passwords from IE Tag: 387829
  - 10
    - World Wide Web Publishing Service error (Event ID 7023) We set up Outlook Web Access on our Exchange Server 2003 machine yesterday (running Windows 2003). SSL and form based login were enabled, the certificate issued by an internal CA. Everything worked fine all day. Overnight (at 8pm) about 20 minutes after we checked Outlook Web Access from home. We got the following error: Event Type: Error Event Source: W3SVC Event Category: None Event ID: 1036 Date: 21/09/2006 Time: 20:04:12 User: N/A Computer: CHARLIE Description: A failure occurred while initializing the configuration manager for the World Wide Web Publishing Service. The data field contains the error number. Data: 0000: 800706ba Followed by; Event Type: Error Event Source: Service Control Manager Event Category: None Event ID: 7023 Date: 21/09/2006 Time: 20:04:14 User: N/A Computer: CHARLIE Description: The World Wide Web Publishing Service service terminated with the following error: The RPC server is unavailable. And the web page stopped loading (Page Cannot be Displayed). In the morning we went to services, started the World Wide Web Publishing Service and it is working fine (for an hour now). We need out Outlook Web Access to be reliable, and since we dont know why it stopped working we cant trust it at the moment. We are already fighting a 'reliability battle' with some high profile users who will insist on continuing to use their own POP3 accounts if Outlook Web Access doesn't prove itself to them as a valid alternative. Could anyone shed any light on the possible reason for these errors? What is the RPC server? Tag: How to programmatically clear network passwords from IE Tag: 387827
  - 11
    - Large Attachments are being Sent as Empty Files Hi, I am using the ASP.NET MailMessage object to send email and attachment via IIS SMTP. It works fine when the attachement is, say, 10 KB in size, but if the file which I want to attach is, say, 1 MB then it will be sent but the attachment will be empty. Is there a reason why larger files are "emptied" with IIS SMTP? Thanks, John Tag: How to programmatically clear network passwords from IE Tag: 387822
  - 12
    - Can we match the time on the IIS log to ours? Hi all, I do not know the time zone used in the IIS log. Is there a way to change the time zone to the timw zone we live in (Eastern time zone)? Thanks. Tag: How to programmatically clear network passwords from IE Tag: 387820
  - 13
    - Can't make IIS listen on only one IP I have a Server 2003 SP1 machine with all the latest updates. IIS is running on on this machine and I have 7 virtual websites set up. I have added a second static IP address to one NIC I have in the machine. I need to make IIS listen on only the first IP address and not the second. Here is what I have done: 1) Went to every website and changed the ip address in the pull down to the second IP address. This didn't work. 2) Stopped IIS (using iisreset /stop) and issued the command: "httpcfg set iplisten -i <second ip address>" This returned: "HttpSetServiceConfiguration completed with 0.". I then issued the command "httpcfg query iplisten". This returned: IP : <first ip address> -------------------------------------- Started IIS (suing iisreset /start). This didn't work 3) Stopped IIS (using iisreset /stop) and issued the command: "cscript adsutil.vbs set w3svc/disablesocketpooling true" This returned: disablesocketpooling : (BOOLEAN) True I then issued the command: "httpcfg set iplisten -i <second ip address>" This returned: "HttpSetServiceConfiguration completed with 0.". I then issued the command "httpcfg query iplisten". This returned: IP : <first ip address> -------------------------------------- Started IIS (suing iisreset /start). This didn't work To confirm that IIS was still listening to the second IP address, I pointed a web browser on a machine on the same network to the second IP address. When I returned "Bad Request (Invalid Hostname)", I knew that IIS was answering. Anyone have any ideas? TIA Tag: How to programmatically clear network passwords from IE Tag: 387818
  - 14
    - HTTP Compression Problem I have enabled HTTP Compression on my IIS 5.0 Server and selected "compress static files" only. I have also configured the metabase to compress the "dll" ext for static files. i.e. cscript.exe adsutil.vbs set W3Svc/Filters/Compression/GZIP/HcFileExtensions "txt" "dat" "xml" "dll" Problem is IIS is compressing an ISAPI DLL that I already had installed. (this is an ISAPI_Redirector dll for apache) I can see the dll file in "IIS Temporary Compressed Files" folder. This problem does not occur on IIS 6.0 (Win2003 Server) only on my IIS 5.0 (Win 2000 Server) Any ideas? Tag: How to programmatically clear network passwords from IE Tag: 387817
  - 15
    - indexing 100% CPU Is it possible to use Microsoft Indexing server to index a web site without it using 100% processing of the CPU its running on? Every article I have seen about fixing this says to disable the indexing service. Well if I am using it I can't disable it. There must be a fix or something that stops it from hogging up the cpu. Thanks for any suggestions. Bob Tag: How to programmatically clear network passwords from IE Tag: 387814
  - 16
    - HcScriptFileExtensions restes after reboot i have iis 6.0 on windows 2003 server. every time i reboot the computer, HcScriptFileExtensions parameter of the gzip compression scheme in the iis metabase resets to empty string: HcScriptFileExtensions="". this only happens to the HcScriptFileExtensions parameter of the gzip compression scheme, but not deflate, and only when i reboot the computer. if i restart www publishing service, or even iis admin service, HcScriptFileExtensions is not affected and stays as i set it (by manually editing the metabase): HcScriptFileExtensions="asp". any help will be appreciated andrew Tag: How to programmatically clear network passwords from IE Tag: 387813
  - 17
    - Search Link Problem Windows 2003 In IIS I created MyWeb with a host header of MyWeb (no dns, management's "temporary" solution) with Home directory located at C:\MyWeb Created MyWeb Index. In "Query the Catalog" I see the query working correctly. But when I mouse over the link I notice the link as file:///c:/MyWeb/Folder1/WebPage01.htm. At the web site the search also seems to work well. I get correct results for the search word but when I click on the links I get a "The Page Cannot be displayed" error. When I mouse over the link it shows the file:///c:/MyWeb/Folder1/WebPage01.htm instead of the http://MyWeb/Folder1/WebPage01.htm Is this an indexing server problem, an IIS problem or a mix of both? How do I correct this? ANY help would be appreciated. Thanks PJ Tag: How to programmatically clear network passwords from IE Tag: 387812
  - 18
    - Invalid viewstate Hi, I have encountered a problem in our dev.test environment (W2003/ASP.NET 2.0). All of a sudden one of our asp.net web applications has seized to function. - We have not changed the code for this particular application for months - We have not re-configured the IIS or the OS in anyway for months All of a sudden every request in this application throws an exception stating that the Viewstate is invalid. - This is an isolated machine (i.e not a cluster) - No load is put on the machine so the processes should have to recycle frequently The application runs fine in other similiar envrionments (dev.stage, acceptance, production). My questions: Does anyone know if an Invalid Viewstate has been caused based upon the requesting clients UserAgent? Does anyone know if MS has released a security update or similiar that could cause this problem (the effected machine is the only one that recives auto updates..)? The machineKey is set to Autogenerate...ASPNET is running under Network_Service could that account update the registry hive?? Regards /Oscar Tag: How to programmatically clear network passwords from IE Tag: 387809
  - 19
    - IIS diagnostic Hi I'm running a .NET 2.0 Application on my 2003 Server and normally everything works fine, but sometimes the application starts working very wierd... objects stored in a shared hashtable seems to disappear. Is there a way (I'm sure there is) to figure out what IIS is doing, things like: Did it run out of memory Has a garbage collect just occured ... I'be been looking in the logfiles, but they seems to only log information about loaded pages..... Where should I look?? TIA Søren Tag: How to programmatically clear network passwords from IE Tag: 387806
  - 20
    - URLScan Rejecting .asmx Hello all, I've been having difficulties trying to expose my webservice. Each call to the page returns a 404 error. After reviewing the logs it appears as though URLScan is rejecting the requests because the "URL contains extension '.asmx', which is disallowed". I've checked my .ini file and it would appear as though I should be allowing them. Can someone please take a look at the following and see if I'm missing something rather trivial? Also, how do I go about disabling URLScan? I'd like to turn it off temporarily to see if that affects anything. Thanks, Frank PS I've changed the switch for UseAllowExtensions from 0 to 1 with no change. IIS Log: 2006-09-21 00:45:39 204.82.124.240 - 10.101.2.2 443 GET /<Rejected-By-UrlScan> ~/webservice/Service1.asmx/ 404 URLScan Log: [09-21-2006 - 11:45:39] Client at 204.82.124.240: URL contains extension '.asmx', which is disallowed. Request will be rejected. Site Instance='1', Raw URL='/webservices/Service1.asmx' urlscan.ini: [options] UseAllowVerbs=1 ; if 1, use [AllowVerbs] section, else use [DenyVerbs] section UseAllowExtensions=0 ; if 1, use [AllowExtensions] section, else use [DenyExtensions] section NormalizeUrlBeforeScan=1 ; if 1, canonicalize URL before processing VerifyNormalization=1 ; if 1, canonicalize URL twice and reject request if a change occurs AllowHighBitCharacters=0 ; if 1, allow high bit (ie. UTF8 or MBCS) characters in URL AllowDotInPath=1 ; if 1, allow dots that are not file extensions RemoveServerHeader=0 ; if 1, remove "Server" header from response EnableLogging=1 ; if 1, log UrlScan activity PerProcessLogging=0 ; if 1, the UrlScan.log filename will contain a PID (ie. UrlScan.123.log) AllowLateScanning=0 ; if 1, then UrlScan will load as a low priority filter. PerDayLogging=1 ; if 1, UrlScan will produce a new log each day with activity in the form UrlScan.010101.log RejectResponseUrl= ; UrlScan will send rejected requests to the URL specified here. Default is /<Rejected-by-UrlScan> UseFastPathReject=0 ; If 1, then UrlScan will not use the RejectResponseUrl or allow IIS to log the request ; If RemoveServerHeader is 0, then AlternateServerName can be ; used to specify a replacement for IIS's built in 'Server' header AlternateServerName= [AllowVerbs] ; ; The verbs (aka HTTP methods) listed here are those commonly ; processed by a typical IIS server. ; ; Note that these entries are effective if "UseAllowVerbs=1" ; is set in the [Options] section above. ; GET HEAD POST [DenyVerbs] ; ; The verbs (aka HTTP methods) listed here are used for publishing ; content to an IIS server via WebDAV. ; ; Note that these entries are effective if "UseAllowVerbs=0" ; is set in the [Options] section above. ; PROPFIND PROPPATCH MKCOL DELETE PUT COPY MOVE LOCK UNLOCK OPTIONS SEARCH [DenyHeaders] ; ; The following request headers alter processing of a ; request by causing the server to process the request ; as if it were intended to be a WebDAV request, instead ; of a request to retrieve a resource. ; Translate: If: Lock-Token: [AllowExtensions] ; ; Extensions listed here are commonly used on a typical IIS server. ; ; Note that these entries are effective if "UseAllowExtensions=1" ; is set in the [Options] section above. ; .asp .cer .cdx .asa .htm .html .txt .jpg .jpeg .gif .ashx .aspx .asmx .axd ;.idq ;.htw ;.ida ;.idc ;.shtm ;.shtml ;.stm ;.htr ;.printer [DenyExtensions] .asax .ascx .ctnfig .cs .csproj .dll .licx .pdb .resx .resources .vb .vbproj .vsdisco .webinfo .xsd .xsx ; ; Extensions listed here either run code directly on the server, ; are processed as scripts, or are static files that are ; generally not intended to be served out. ; ; Note that these entries are effective if "UseAllowExtensions=0" ; is set in the [Options] section above. ; ; Deny executables that could run on the server .exe .bat .cmd .com ; Deny infrequently used scripts .htw ; Maps to webhits.dll, part of Index Server .ida ; Maps to idq.dll, part of Index Server .idq ; Maps to idq.dll, part of Index Server .htr ; Maps to ism.dll, a legacy administrative tool .idc ; Maps to httpodbc.dll, a legacy database access tool .shtm ; Maps to ssinc.dll, for Server Side Includes .shtml ; Maps to ssinc.dll, for Server Side Includes .stm ; Maps to ssinc.dll, for Server Side Includes .printer ; Maps to msw3prt.dll, for Internet Printing Services ; Deny various static files .ini ; Configuration files .log ; Log files .pol ; Policy files .dat ; Configuration files ;.asp ;.cer ;.cdx ;.asa [DenyUrlSequences] .. ; Don't allow directory traversals ./ ; Don't allow trailing dot on a directory name \ ; Don't allow backslashes in URL : ; Don't allow alternate stream access % ; Don't allow escaping after normalization & ; Don't allow multiple CGI processes to run on a single request < > </ Tag: How to programmatically clear network passwords from IE Tag: 387805
  - 21
    - IIS6.0 I'm not sure if this is an IIS6.0 issue or FP2003. But, anyway, I'm running IIS6.0 on a win2k3 machine. I have an form that uploads image files. Everytime I click "upload", the server/IIS6.0 prompts me for a username and password (just as if I were opening the web site with FP2003 to publis. edit, update, etc.) How can I turn this off (prompting me for a username and password)???? -- NuBee Tag: How to programmatically clear network passwords from IE Tag: 387804
  - 22
    - Can IIS Do this? Hi all, I posted an IIS related question in the Windows XP group & it was suggested I post here, so here is the question I originally posted: I have a client who is running Windows XP Professional, with Apache > 2.0.59 for Windows as a web server. Recently, they added an > application to this machine which requires IIS (5.1 on this machine), > so I have set it up on port 8080 & it is working properly. > > Apache is doing the authentication via a username/password box & once > logged in, the user is redirected to the IIS server running on port > 8080. > > My question is - can IIS be configured to only accept requests for > data > once the user has been redirected from Apache server? > > If so, would someone please point me to a resource or outline how I > can do this - days of research have revealed next to nothing. > Please duplicate any reply post by email as I have great difficulty in finding these posts when next I visit - thanks in advance - my email address is hmag@ozemail.com.au - bye for now, Terry Tag: How to programmatically clear network passwords from IE Tag: 387802
  - 23
    - IIS Integrated Authentication Hi, We're facing a problem with getting an application we're using to pass user credentials to IIS. After a lengthy investigation, it was determined that the application was passing the userid in mixed case (which is how it has been entered in our Active Directory environment). We confirmed this was the problem by altering one test user such that the userid in AD for that test account was all lower case and everything worked as expected, the application was able to connect successfully to IIS. However, when reverting the username back to mixed case (i.e.Test as opposed to test), the authentication fails. All our usernames in Active Directory are entered in mixed case and modifying them to all be lower case is out of question. Is there anyway to force an XP client or IE browser to send userids to IIS in a case sensitive format (mixed case) regardless of how the usernames are entered in Active Directory? Thanks, Ahmed Tag: How to programmatically clear network passwords from IE Tag: 387801
  - 24
    - inetinfo at 100% intermittently, IISState log Hello, Well, I've perused many posts here concerning IISState logs in hopes of learning how to interpret them myself, but to no avail as I still can't make sense of my own. I see several threads with high kernel and user times but not sure which is the culprit, nor what pages/dlls to investigate. The server is Windows 2000 SP4 fully patched running IIS and FPE 2002. There are maybe 300 websites hosted with generally generic html. The issue only began occurring about two weeks ago so I assume the problem is someone's messy page or code somewhere. No idea how to track it down though. Any help would be greatly appreciated, thanks! (captured during 100% cpu utilization by inetinfo) Opened log file 'C:\iisstate\output\IISState-676.log' *********************** Starting new log output IISState version 3.3.1 Wed Sep 20 16:09:31 2006 OS = Windows 2000 Executable: inetinfo.exe PID = 676 Note: Thread times are formatted as HH:MM:SS.ms *********************** Thread ID: 0 System Thread ID: 2a0 Kernel Time: 0:0:0.0 User Time: 0:0:0.0 Thread Type: Other # ChildEBP RetAddr 00 0006f89c 7c586351 ntdll!ZwReadFile+0xb 01 0006f910 7c2dd578 KERNEL32!ReadFile+0x181 02 0006f93c 7c2dd61e ADVAPI32!ObjectCloseAuditAlarmA+0x2f 03 0006f9b8 7c2d1e18 ADVAPI32!ObjectDeleteAuditAlarmW+0x4 04 0006fbf4 01002884 ADVAPI32!`string' 05 0006fd30 01001e94 inetinfo!StartDispatchTable+0x2f1 06 0006ff70 01002fbf inetinfo!main+0x654 07 0006ffc0 7c5989a5 inetinfo!mainCRTStartup+0xff 08 0006fff0 00000000 KERNEL32!BaseProcessStart+0x3d Thread ID: 1 System Thread ID: 2b0 Kernel Time: 0:0:0.15 User Time: 0:0:0.125 Thread Type: Other # ChildEBP RetAddr 00 0059fd1c 7c59a072 ntdll!ZwWaitForSingleObject+0xb 01 0059fd44 7c57b3e9 KERNEL32!WaitForSingleObjectEx+0x71 02 0059fd54 6e6f1685 KERNEL32!WaitForSingleObject+0xf 03 0059fd70 01002440 iisadmin!ServiceEntry+0x156 04 0059ffa4 7c2dcf43 inetinfo!InetinfoStartService+0x2bd 05 0059ffec 00000000 ADVAPI32!AccessCheckByTypeResultListAndAuditAlarmByHandleW+0x2f Thread ID: 2 System Thread ID: 2c8 Kernel Time: 0:0:3.859 User Time: 0:0:2.156 Thread Type: Other # ChildEBP RetAddr 00 006dfe5c 7c59a23d ntdll!ZwWaitForMultipleObjects+0xb 01 006dfeac 77e4169f KERNEL32!WaitForMultipleObjectsEx+0xea 02 006dff08 77e41706 USER32!__ClientExtTextOutW+0x3f 03 006dff24 6e5a5a7c USER32!__ClientGetTextExtentPointW+0x48 04 006dff78 78008593 IisRTL!SchedulerWorkerThread+0xa7 05 006dffb4 7c57b396 MSVCRT!_endthreadex+0x98 06 006dffec 00000000 KERNEL32!BaseThreadStart+0x52 Thread ID: 3 System Thread ID: 2cc Kernel Time: 0:0:4.62 User Time: 0:0:1.953 Thread Type: Other # ChildEBP RetAddr 00 0071fe5c 7c59a23d ntdll!ZwWaitForMultipleObjects+0xb 01 0071feac 77e4169f KERNEL32!WaitForMultipleObjectsEx+0xea 02 0071ff08 77e41706 USER32!__ClientExtTextOutW+0x3f 03 0071ff24 6e5a5a7c USER32!__ClientGetTextExtentPointW+0x48 04 0071ff78 78008593 IisRTL!SchedulerWorkerThread+0xa7 05 0071ffb4 7c57b396 MSVCRT!_endthreadex+0x98 06 0071ffec 00000000 KERNEL32!BaseThreadStart+0x52 Thread ID: 4 System Thread ID: 310 Kernel Time: 0:0:0.500 User Time: 0:0:0.812 Thread Type: Possible ASP page. Possible DCOM activity Executing Page: ASP.dll symbols not found. Unable to locate ASP page. Continuing with other analysis. No remote call being made # ChildEBP RetAddr 00 00b6fe24 77d595d9 ntdll!ZwReplyWaitReceivePortEx+0xb 01 00b6ff74 77d58e4a RPCRT4!LRPC_ADDRESS::ReceiveLotsaCalls+0x74 02 00b6ff78 77d3aeed RPCRT4!RecvLotsaCallsWrapper+0x9 03 00b6ffa8 77d37de8 RPCRT4!BaseCachedThreadRoutine+0x4f 04 00b6ffb4 7c57b396 RPCRT4!ThreadStartRoutine+0x18 05 00b6ffec 00000000 KERNEL32!BaseThreadStart+0x52 Thread ID: 5 System Thread ID: 3cc Kernel Time: 0:0:0.125 User Time: 0:0:0.312 Thread Type: Other # ChildEBP RetAddr 00 00fffc1c 7c59a23d ntdll!ZwWaitForMultipleObjects+0xb 01 00fffc6c 77e4169f KERNEL32!WaitForMultipleObjectsEx+0xea 02 00fffcc8 77e41706 USER32!__ClientExtTextOutW+0x3f 03 00fffce4 769c71e0 USER32!__ClientGetTextExtentPointW+0x48 04 00fffd30 65f0cfd8 INFOCOMM!IIS_SERVICE::StartServiceOperation+0x209 05 00fffd70 01002440 w3svc!ServiceEntry+0x1b5 06 00ffffa4 7c2dcf43 inetinfo!InetinfoStartService+0x2bd 07 00ffffec 00000000 ADVAPI32!AccessCheckByTypeResultListAndAuditAlarmByHandleW+0x2f Thread ID: 6 System Thread ID: 3d8 Kernel Time: 0:0:0.0 User Time: 0:0:0.0 Thread Type: HTTP Listener # ChildEBP RetAddr 00 010cff5c 7c585433 ntdll!NtRemoveIoCompletion+0xb 01 010cff88 6d7029ef KERNEL32!GetQueuedCompletionStatus+0x27 02 010cffb4 7c57b396 ISATQ!I_AtqOplockThreadFunc+0x32 03 010cffec 00000000 KERNEL32!BaseThreadStart+0x52 Thread ID: 7 System Thread ID: 3e8 Kernel Time: 0:0:12.531 User Time: 0:0:1.15 Thread Type: HTTP Listener # ChildEBP RetAddr 00 0110ff50 7c585433 ntdll!NtRemoveIoCompletion+0xb 01 0110ff7c 6d702957 KERNEL32!GetQueuedCompletionStatus+0x27 02 0110ffb4 7c57b396 ISATQ!AtqPoolThread+0x40 03 0110ffec 00000000 KERNEL32!BaseThreadStart+0x52 Thread ID: 8 System Thread ID: 3ec Kernel Time: 0:1:3.796 User Time: 0:0:5.281 Thread Type: HTTP Listener # ChildEBP RetAddr 00 0114ff50 7c585433 ntdll!NtRemoveIoCompletion+0xb 01 0114ff7c 6d702957 KERNEL32!GetQueuedCompletionStatus+0x27 02 0114ffb4 7c57b396 ISATQ!AtqPoolThread+0x40 03 0114ffec 00000000 KERNEL32!BaseThreadStart+0x52 Thread ID: 9 System Thread ID: 3f4 Kernel Time: 0:0:0.0 User Time: 0:0:0.0 Thread Type: Possible ASP page. Possible DCOM activity Executing Page: ASP.dll symbols not found. Unable to locate ASP page. Continuing with other analysis. No remote call being made # ChildEBP RetAddr 00 012cfeb8 7c585433 ntdll!NtRemoveIoCompletion+0xb 01 012cfee4 77d818ff KERNEL32!GetQueuedCompletionStatus+0x27 02 012cff20 77d51484 RPCRT4!COMMON_ProcessCalls+0x9e 03 012cff74 77d512bd RPCRT4!LOADABLE_TRANSPORT::ProcessIOEvents+0x99 04 012cff78 77d3aeed RPCRT4!ProcessIOEventsWrapper+0x9 05 012cffa8 77d37de8 RPCRT4!BaseCachedThreadRoutine+0x4f 06 012cffb4 7c57b396 RPCRT4!ThreadStartRoutine+0x18 07 012cffec 00000000 KERNEL32!BaseThreadStart+0x52 Thread ID: 10 System Thread ID: 40c Kernel Time: 0:0:0.0 User Time: 0:0:0.0 Thread Type: Other # ChildEBP RetAddr 00 0151fd20 7c59a23d ntdll!ZwWaitForMultipleObjects+0xb 01 0151fd70 7c59a150 KERNEL32!WaitForMultipleObjectsEx+0xea 02 0151fd88 778322b2 KERNEL32!WaitForMultipleObjects+0x17 03 0151ffb4 7c57b396 RTUTILS!TraceServerThread+0xde 04 0151ffec 00000000 KERNEL32!BaseThreadStart+0x52 Thread ID: 11 System Thread ID: 42c Kernel Time: 0:0:0.0 User Time: 0:0:0.0 Thread Type: HTTP Compression Thread # ChildEBP RetAddr 00 0156ff5c 7c59a072 ntdll!ZwWaitForSingleObject+0xb 01 0156ff84 7c57b3e9 KERNEL32!WaitForSingleObjectEx+0x71 02 0156ff94 732c3366 KERNEL32!WaitForSingleObject+0xf 03 0156ffb4 7c57b396 compfilt!CompressionThread+0x29 04 0156ffc0 00000000 KERNEL32!BaseThreadStart+0x52 Thread ID: 12 System Thread ID: 448 Kernel Time: 0:0:0.187 User Time: 0:0:0.46 Thread Type: Other # ChildEBP RetAddr 00 015dfe70 7c59a23d ntdll!ZwWaitForMultipleObjects+0xb 01 015dfec0 77e4169f KERNEL32!WaitForMultipleObjectsEx+0xea 02 015dff1c 77e41706 USER32!__ClientExtTextOutW+0x3f 03 015dff38 65f09ccb USER32!__ClientGetTextExtentPointW+0x48 04 015dff7c 78008454 w3svc!CMTACallbackThread::Thread+0x42 05 015dffb4 7c57b396 MSVCRT!_endthread+0xc6 06 015dffec 00000000 KERNEL32!BaseThreadStart+0x52 Thread ID: 13 System Thread ID: 44c Kernel Time: 0:0:0.0 User Time: 0:0:0.0 Thread Type: Other # ChildEBP RetAddr 00 0161fea8 7c59a23d ntdll!ZwWaitForMultipleObjects+0xb 01 0161fef8 77e4169f KERNEL32!WaitForMultipleObjectsEx+0xea 02 0161ff54 77e41706 USER32!__ClientExtTextOutW+0x3f 03 0161ff70 65f09d47 USER32!__ClientGetTextExtentPointW+0x48 04 0161ffb4 7c57b396 w3svc!OleHackThread+0x88 05 0161ffec 00000000 KERNEL32!BaseThreadStart+0x52 Thread ID: 14 System Thread ID: 4b8 Kernel Time: 0:0:0.140 User Time: 0:0:0.46 Thread Type: Other # ChildEBP RetAddr 00 0169fc1c 7c59a23d ntdll!ZwWaitForMultipleObjects+0xb 01 0169fc6c 77e4169f KERNEL32!WaitForMultipleObjectsEx+0xea 02 0169fcc8 77e41706 USER32!__ClientExtTextOutW+0x3f 03 0169fce4 769c71e0 USER32!__ClientGetTextExtentPointW+0x48 04 0169fd30 6fc6b2f0 INFOCOMM!IIS_SERVICE::StartServiceOperation+0x209 05 0169fd70 01002440 ftpsvc2!ServiceEntry+0xc7 06 0169ffa4 7c2dcf43 inetinfo!InetinfoStartService+0x2bd 07 0169ffec 00000000 ADVAPI32!AccessCheckByTypeResultListAndAuditAlarmByHandleW+0x2f Thread ID: 15 System Thread ID: 4c0 Kernel Time: 0:0:0.31 User Time: 0:0:0.31 Thread Type: SMTP Service Worker Thread # ChildEBP RetAddr 00 016dfc1c 7c59a23d ntdll!ZwWaitForMultipleObjects+0xb 01 016dfc6c 77e4169f KERNEL32!WaitForMultipleObjectsEx+0xea 02 016dfcc8 77e41706 USER32!__ClientExtTextOutW+0x3f 03 016dfce4 769c71e0 USER32!__ClientGetTextExtentPointW+0x48 04 016dfd30 6b561a78 INFOCOMM!IIS_SERVICE::StartServiceOperation+0x209 05 016dfd70 01002440 SMTPSVC!ServiceEntry+0x136 06 016dffa4 7c2dcf43 inetinfo!InetinfoStartService+0x2bd 07 016dffec 00000000 ADVAPI32!AccessCheckByTypeResultListAndAuditAlarmByHandleW+0x2f Thread ID: 16 System Thread ID: 4dc Kernel Time: 0:0:0.0 User Time: 0:0:0.0 Thread Type: Other # ChildEBP RetAddr 00 0175ff00 7c59a23d ntdll!ZwWaitForMultipleObjects+0xb 01 0175ff50 75037871 KERNEL32!WaitForMultipleObjectsEx+0xea 02 0175ff6c 6fc66e80 WS2_32!WSAWaitForMultipleEvents+0x18 03 0175ffb4 7c57b396 ftpsvc2!PASV_ACCEPT_CONTEXT::AcceptThreadFunc+0x39 04 0175ffec 00000000 KERNEL32!BaseThreadStart+0x52 Thread ID: 17 System Thread ID: 4e0 Kernel Time: 0:0:0.0 User Time: 0:0:0.0 Thread Type: Other # ChildEBP RetAddr 00 0179ff20 7c59a23d ntdll!ZwWaitForMultipleObjects+0xb 01 0179ff70 7c59a150 KERNEL32!WaitForMultipleObjectsEx+0xea 02 0179ff88 701224fa KERNEL32!WaitForMultipleObjects+0x17 03 0179ffb4 7c57b396 exstrace!RegNotifyThread+0x6f 04 0179ffec 00000000 KERNEL32!BaseThreadStart+0x52 Thread ID: 18 System Thread ID: 4e8 Kernel Time: 0:0:0.0 User Time: 0:0:0.0 Thread Type: Other # ChildEBP RetAddr 00 017dff24 7c59a23d ntdll!ZwWaitForMultipleObjects+0xb 01 017dff74 7c59a150 KERNEL32!WaitForMultipleObjectsEx+0xea 02 017dff8c 70121e6a KERNEL32!WaitForMultipleObjects+0x17 03 017dffb4 7c57b396 exstrace!WriteTraceThread+0x2f 04 017dffec 00000000 KERNEL32!BaseThreadStart+0x52 Thread ID: 19 System Thread ID: 4f4 Kernel Time: 0:0:0.15 User Time: 0:0:0.93 Thread Type: Other # ChildEBP RetAddr 00 0191ff64 7c59a072 ntdll!ZwWaitForSingleObject+0xb 01 0191ff8c 7c57b3e9 KERNEL32!WaitForSingleObjectEx+0x71 02 0191ff9c 6ff2841e KERNEL32!WaitForSingleObject+0xf 03 0191ffb4 7c57b396 FCACHDLL!CScheduleThread::ScheduleThread+0x22 04 0191ffec 00000000 KERNEL32!BaseThreadStart+0x52 Thread ID: 20 System Thread ID: 4f8 Kernel Time: 0:0:0.0 User Time: 0:0:0.0 Thread Type: SMTP Service Worker Thread # ChildEBP RetAddr 00 01a5ff18 7c59a23d ntdll!ZwWaitForMultipleObjects+0xb 01 01a5ff68 7c59a150 KERNEL32!WaitForMultipleObjectsEx+0xea 02 01a5ff80 6b57b026 KERNEL32!WaitForMultipleObjects+0x17 03 01a5ffb4 7c57b396 SMTPSVC!TcpRegNotifyThread+0x136 04 01a5ffec 00000000 KERNEL32!BaseThreadStart+0x52 Thread ID: 21 System Thread ID: 4fc Kernel Time: 0:0:0.0 User Time: 0:0:0.0 Thread Type: SMTP Service Worker Thread # ChildEBP RetAddr 00 01a9ff68 7c59a072 ntdll!ZwWaitForSingleObject+0xb 01 01a9ff90 7c57b3e9 KERNEL32!WaitForSingleObjectEx+0x71 02 01a9ffa0 6b57ae5a KERNEL32!WaitForSingleObject+0xf 03 01a9ffb4 7c57b396 SMTPSVC!FreeLibThread+0x1d 04 01a9ffec 00000000 KERNEL32!BaseThreadStart+0x52 Thread ID: 22 System Thread ID: 680 Kernel Time: 0:0:0.0 User Time: 0:0:0.0 Thread Type: Possible ASP page. Possible DCOM activity Executing Page: ASP.dll symbols not found. Unable to locate ASP page. Continuing with other analysis. No remote call being made # ChildEBP RetAddr 00 01b5fe24 77d595d9 ntdll!ZwReplyWaitReceivePortEx+0xb 01 01b5ff74 77d58e4a RPCRT4!LRPC_ADDRESS::ReceiveLotsaCalls+0x74 02 01b5ff78 77d3afbd RPCRT4!RecvLotsaCallsWrapper+0x9 03 01b5ffa8 77d37de8 RPCRT4!BaseCachedThreadRoutine+0x11f 04 01b5ffb4 7c57b396 RPCRT4!ThreadStartRoutine+0x18 05 01b5ffec 00000000 KERNEL32!BaseThreadStart+0x52 Thread ID: 23 System Thread ID: 6b4 Kernel Time: 0:0:0.0 User Time: 0:0:0.0 Thread Type: Other # ChildEBP RetAddr 00 01b9fce0 74fd1394 ntdll!ZwWaitForSingleObject+0xb 01 01b9fd1c 74fd3c59 msafd!SockWaitForSingleObject+0x1a8 02 01b9fe08 750312f5 msafd!WSPSelect+0x24e 03 01b9fe6c 6e2b3b6e WS2_32!select+0xe7 04 01b9ffb4 7c57b396 inetsloc!SocketListenThread+0x51 05 01b9ffec 00000000 KERNEL32!BaseThreadStart+0x52 Thread ID: 24 System Thread ID: 6bc Kernel Time: 0:0:0.0 User Time: 0:0:0.15 Thread Type: Possible ASP page. Possible DCOM activity Executing Page: ASP.dll symbols not found. Unable to locate ASP page. Continuing with other analysis. No remote call being made # ChildEBP RetAddr 00 01bdfe24 77d595d9 ntdll!ZwReplyWaitReceivePortEx+0xb 01 01bdff74 77d58e4a RPCRT4!LRPC_ADDRESS::ReceiveLotsaCalls+0x74 02 01bdff78 77d3afbd RPCRT4!RecvLotsaCallsWrapper+0x9 03 01bdffa8 77d37de8 RPCRT4!BaseCachedThreadRoutine+0x11f 04 01bdffb4 7c57b396 RPCRT4!ThreadStartRoutine+0x18 05 01bdffec 00000000 KERNEL32!BaseThreadStart+0x52 Thread ID: 25 System Thread ID: 6c8 Kernel Time: 0:0:0.0 User Time: 0:0:0.0 Thread Type: HTTP Listener # ChildEBP RetAddr 00 01c1fdfc 74fd1394 ntdll!ZwWaitForSingleObject+0xb 01 01c1fe38 74fd3c59 msafd!SockWaitForSingleObject+0x1a8 02 01c1ff24 750312f5 msafd!WSPSelect+0x24e 03 01c1ff88 6d7075bd WS2_32!select+0xe7 04 01c1ffb0 6d70791b ISATQ!ATQ_BMON_SET::BmonThreadFunc+0x22 05 01c1ffb4 7c57b396 ISATQ!BmonThreadFunc+0x9 06 01c1ffec 00000000 KERNEL32!BaseThreadStart+0x52 Thread ID: 26 System Thread ID: 294 Kernel Time: 0:0:0.0 User Time: 0:0:0.0 Thread Type: Other # ChildEBP RetAddr 00 01c6ff54 7c59a072 ntdll!ZwWaitForSingleObject+0xb 01 01c6ff7c 7c57b3e9 KERNEL32!WaitForSingleObjectEx+0x71 02 01c6ff8c 741a99cd KERNEL32!WaitForSingleObject+0xf 03 01c6ffb4 7c57b396 aqueue!CSMTP_RETRY_HANDLER::RetryThreadRoutine+0xce 04 01c6ffec 00000000 KERNEL32!BaseThreadStart+0x52 Thread ID: 27 System Thread ID: 6f8 Kernel Time: 0:0:0.0 User Time: 0:0:0.0 Thread Type: SMTP Service Worker Thread # ChildEBP RetAddr 00 01cafed0 7c59a23d ntdll!ZwWaitForMultipleObjects+0xb 01 01caff20 7c59a150 KERNEL32!WaitForMultipleObjectsEx+0xea 02 01caff38 741900e1 KERNEL32!WaitForMultipleObjects+0x17 03 01caff9c 6b56dccd aqueue!CConnMgr::GetNextConnection+0x1da 04 01caffb4 7c57b396 SMTPSVC!PERSIST_QUEUE::QueueThreadRoutine+0x23 05 01caffec 00000000 KERNEL32!BaseThreadStart+0x52 Thread ID: 28 System Thread ID: 6b0 Kernel Time: 0:1:16.453 User Time: 0:0:6.203 Thread Type: HTTP Listener # ChildEBP RetAddr 00 0202ff50 7c585433 ntdll!NtRemoveIoCompletion+0xb 01 0202ff7c 6d702957 KERNEL32!GetQueuedCompletionStatus+0x27 02 0202ffb4 7c57b396 ISATQ!AtqPoolThread+0x40 03 0202ffec 00000000 KERNEL32!BaseThreadStart+0x52 Thread ID: 29 System Thread ID: 7f8 Kernel Time: 0:0:37.140 User Time: 0:0:3.78 Thread Type: HTTP Listener # ChildEBP RetAddr 00 0217ff50 7c585433 ntdll!NtRemoveIoCompletion+0xb 01 0217ff7c 6d702957 KERNEL32!GetQueuedCompletionStatus+0x27 02 0217ffb4 7c57b396 ISATQ!AtqPoolThread+0x40 03 0217ffec 00000000 KERNEL32!BaseThreadStart+0x52 Thread ID: 30 System Thread ID: 7b8 Kernel Time: 0:0:11.109 User Time: 0:0:1.140 Thread Type: HTTP Listener # ChildEBP RetAddr 00 023bff50 7c585433 ntdll!NtRemoveIoCompletion+0xb 01 023bff7c 6d702957 KERNEL32!GetQueuedCompletionStatus+0x27 02 023bffb4 7c57b396 ISATQ!AtqPoolThread+0x40 03 023bffec 00000000 KERNEL32!BaseThreadStart+0x52 Thread ID: 31 System Thread ID: 84c Kernel Time: 0:0:6.578 User Time: 0:0:0.468 Thread Type: HTTP Listener # ChildEBP RetAddr 00 023fff50 7c585433 ntdll!NtRemoveIoCompletion+0xb 01 023fff7c 6d702957 KERNEL32!GetQueuedCompletionStatus+0x27 02 023fffb4 7c57b396 ISATQ!AtqPoolThread+0x40 03 023fffec 00000000 KERNEL32!BaseThreadStart+0x52 Thread ID: 32 System Thread ID: 434 Kernel Time: 0:0:0.343 User Time: 0:0:0.968 Thread Type: Possible ASP page. Possible DCOM activity Executing Page: ASP.dll symbols not found. Unable to locate ASP page. Continuing with other analysis. No remote call being made # ChildEBP RetAddr 00 0292fe24 77d595d9 ntdll!ZwReplyWaitReceivePortEx+0xb 01 0292ff74 77d58e4a RPCRT4!LRPC_ADDRESS::ReceiveLotsaCalls+0x74 02 0292ff78 77d3aeed RPCRT4!RecvLotsaCallsWrapper+0x9 03 0292ffa8 77d37de8 RPCRT4!BaseCachedThreadRoutine+0x4f 04 0292ffb4 7c57b396 RPCRT4!ThreadStartRoutine+0x18 05 0292ffec 00000000 KERNEL32!BaseThreadStart+0x52 Thread ID: 33 System Thread ID: 8e0 Kernel Time: 0:0:0.468 User Time: 0:0:0.921 Thread Type: Possible ASP page. Possible DCOM activity Executing Page: ASP.dll symbols not found. Unable to locate ASP page. Continuing with other analysis. No remote call being made # ChildEBP RetAddr 00 0296fe24 77d595d9 ntdll!ZwReplyWaitReceivePortEx+0xb 01 0296ff74 77d58e4a RPCRT4!LRPC_ADDRESS::ReceiveLotsaCalls+0x74 02 0296ff78 77d3aeed RPCRT4!RecvLotsaCallsWrapper+0x9 03 0296ffa8 77d37de8 RPCRT4!BaseCachedThreadRoutine+0x4f 04 0296ffb4 7c57b396 RPCRT4!ThreadStartRoutine+0x18 05 0296ffec 00000000 KERNEL32!BaseThreadStart+0x52 Thread ID: 34 System Thread ID: 880 Kernel Time: 0:1:3.187 User Time: 0:0:5.62 Thread Type: HTTP Listener # ChildEBP RetAddr 00 034bf85c 7c5862f5 ntdll!ZwReadFile+0xb 01 034bf8d0 769b21cf KERNEL32!ReadFile+0x125 02 034bf914 769b2aee INFOCOMM!ReadFileIntoMemoryCache+0xdc 03 034bfbc8 769b2794 INFOCOMM!TspOpenCachedFileHelper+0x281 04 034bfbec 769b25b1 INFOCOMM!TspOpenCachedFile+0x73 05 034bfd18 769b2028 INFOCOMM!TsCreateFile+0x142 06 034bfd48 65f03f0c INFOCOMM!TsCreateFileFromURI+0x10a 07 034bfda8 65f0242b w3svc!HTTP_REQUEST::DoGet+0x1c4 08 034bff18 65f01d97 w3svc!HTTP_REQUEST::DoWork+0x504 09 034bff38 65f047ef w3svc!CLIENT_CONN::DoWork+0x1aa 0a 034bff4c 6d701a22 w3svc!W3Completion+0x43 0b 034bff80 6d7029a6 ISATQ!AtqpProcessContext+0x266 0c 034bffb4 7c57b396 ISATQ!AtqPoolThread+0x1a8 0d 034bffec 00000000 KERNEL32!BaseThreadStart+0x52 Thread ID: 35 System Thread ID: 66c Kernel Time: 0:0:0.15 User Time: 0:0:0.0 Thread Type: Idle ASP thread # ChildEBP RetAddr 00 0365ff08 7c59a23d ntdll!ZwWaitForMultipleObjects+0xb 01 0365ff58 7c59a150 KERNEL32!WaitForMultipleObjectsEx+0xea 02 0365ff70 787f67ee KERNEL32!WaitForMultipleObjects+0x17 03 0365ffb4 7c57b396 COMSVCS!CEventDispatcher::PushEvents+0x4e 04 0365ffc0 00000000 KERNEL32!BaseThreadStart+0x52 Thread ID: 36 System Thread ID: 894 Kernel Time: 0:0:0.0 User Time: 0:0:0.0 Thread Type: Possible ASP page. Possible DCOM activity Executing Page: ASP.dll symbols not found. Unable to locate ASP page. Continuing with other analysis. Remote call is either to a MTA object or object not initialized. Also, possible utility thread. DCOM call being made to Process ID: 1812 Waiting on thread id: ffffffff # ChildEBP RetAddr 00 0369fb68 77d4f214 ntdll!NtRequestWaitReplyPort+0xb 01 0369fb94 77d3b7a6 RPCRT4!LRPC_CCALL::SendReceive+0x124 02 0369fba0 7cef6bee RPCRT4!I_RpcSendReceive+0x2c 03 0369fbc0 7cef6ab9 ole32!ThreadSendReceive+0xef 04 0369fbd8 7cef3ab6 ole32!CRpcChannelBuffer::SwitchAptAndDispatchCall+0x14f 05 0369fc18 7cef692d ole32!CRpcChannelBuffer::SendReceive2+0x96 06 0369fc28 7ce3cc2d ole32!CRpcChannelBuffer::SendReceive+0x11 07 0369fc88 7ce87f7f ole32!CAptRpcChnl::SendReceive+0xa9 08 0369fce0 77d91337 ole32!CCtxComChnl::SendReceive+0x124 09 0369fcfc 77d93b47 RPCRT4!NdrProxySendReceive+0x4c 0a 0369ff44 77d96f9c RPCRT4!NdrClientCall2+0x4f5 0b 0369ff60 77d792ab RPCRT4!ObjectStublessClient+0x76 0c 0369ff70 787f6732 RPCRT4!ObjectStubless+0xf 0d 0369ffb4 7c57b396 COMSVCS!CEventDispatcher::GetEventServerInfoThread+0x152 0e 0369ffec 00000000 KERNEL32!BaseThreadStart+0x52 Thread ID: 37 System Thread ID: 8d0 Kernel Time: 0:0:8.687 User Time: 0:18:45.921 *** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\50\bin\fp5Autl.dll - Thread Type: Front Page Authoring. # ChildEBP RetAddr 00 037efdc8 7c59a23d ntdll!ZwWaitForMultipleObjects+0xb 01 037efe18 7c59a150 KERNEL32!WaitForMultipleObjectsEx+0xea 02 037efe30 32e5dddf KERNEL32!WaitForMultipleObjects+0x17 WARNING: Stack unwind information not available. Following frames may be wrong. 03 037eff78 32e2366c fp5Autl!Ordinal1596+0xe58 04 037effb4 7c57b396 fp5Autl!Ordinal475+0x43b 05 037effec 00000000 KERNEL32!BaseThreadStart+0x52 Thread ID: 38 System Thread ID: 3f8 Kernel Time: 0:0:13.78 User Time: 0:33:0.0 *** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\50\bin\fp5Awel.dll - Thread Type: Front Page Authoring. # ChildEBP RetAddr 00 0387ef64 32dc3f9c KERNEL32!InterlockedIncrement+0xd WARNING: Stack unwind information not available. Following frames may be wrong. 01 0387efac 32f663da fp5Autl!Ordinal432+0x14 02 0387f20c 32f661b5 fp5Awel!Ordinal371+0x496 03 0387f2b4 32f5e14c fp5Awel!Ordinal371+0x271 04 0387f334 32f5e202 fp5Awel!Ordinal241+0x1108 05 0387f35c 32f5fba3 fp5Awel!Ordinal241+0x11be 06 0387f3b8 32f77bf4 fp5Awel!Ordinal300+0x1cd 07 0387f3fc 32fc91fd fp5Awel!Ordinal356+0x17d 08 0387f460 32faceca fp5Awel!Ordinal289+0xfa3 09 0387f494 32fac83c fp5Awel!Ordinal243+0x8404 0a 0387f4ec 32fac0e9 fp5Awel!Ordinal243+0x7d76 0b 0387f58c 32fabcb2 fp5Awel!Ordinal243+0x7623 0c 0387f5ac 32fd7b7b fp5Awel!Ordinal243+0x71ec 0d 0387f848 32fc910e fp5Awel!Ordinal370+0x48dc 0e 0387faac 33053184 fp5Awel!Ordinal289+0xeb4 0f 0387fcb0 33052dea fp5Awel!Ordinal250+0x9c7 10 0387fccc 32db6602 fp5Awel!Ordinal250+0x62d 11 0387fd34 3306f78f fp5Autl!Ordinal1519+0x55 12 0387fe04 32d212f9 fp5Awel!VshtmlHttpExtensionProc+0xec 13 0387fe0c 32e5dee0 shtml!mainp1+0xa 14 0387fe40 32e5de01 fp5Autl!Ordinal1596+0xf59 15 0387ff78 32e2366c fp5Autl!Ordinal1596+0xe7a 16 0387ffb4 7c57b396 fp5Autl!Ordinal475+0x43b 17 0387ffec 00000000 KERNEL32!BaseThreadStart+0x52 Thread ID: 39 System Thread ID: 218 Kernel Time: 0:0:0.0 User Time: 0:0:0.0 *** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\50\servsupp\fp5amsft.dll - Thread Type: Front Page Authoring. # ChildEBP RetAddr 00 0399fef8 7c59a072 ntdll!ZwWaitForSingleObject+0xb 01 0399ff20 7c57b3e9 KERNEL32!WaitForSingleObjectEx+0x71 02 0399ff30 32d48b57 KERNEL32!WaitForSingleObject+0xf WARNING: Stack unwind information not available. Following frames may be wrong. 03 0399ff70 32db651d fp5amsft!prepareToUnload+0xfc29 04 0399ffb4 7c57b396 fp5Autl!Ordinal587+0x19 05 0399ffec 00000000 KERNEL32!BaseThreadStart+0x52 Thread ID: 40 System Thread ID: 370 Kernel Time: 0:0:3.828 User Time: 0:0:0.296 Thread Type: HTTP Listener # ChildEBP RetAddr 00 04e5ff50 7c585433 ntdll!NtRemoveIoCompletion+0xb 01 04e5ff7c 6d702957 KERNEL32!GetQueuedCompletionStatus+0x27 02 04e5ffb4 7c57b396 ISATQ!AtqPoolThread+0x40 03 04e5ffec 00000000 KERNEL32!BaseThreadStart+0x52 Thread ID: 41 System Thread ID: 30c Kernel Time: 0:1:14.875 User Time: 0:0:5.953 Thread Type: HTTP Listener # ChildEBP RetAddr 00 04e9ff50 7c585433 ntdll!NtRemoveIoCompletion+0xb 01 04e9ff7c 6d702957 KERNEL32!GetQueuedCompletionStatus+0x27 02 04e9ffb4 7c57b396 ISATQ!AtqPoolThread+0x40 03 04e9ffec 00000000 KERNEL32!BaseThreadStart+0x52 Thread ID: 42 System Thread ID: 388 Kernel Time: 0:0:31.875 User Time: 0:0:2.484 Thread Type: HTTP Listener # ChildEBP RetAddr 00 04edf808 7c5862f5 ntdll!ZwReadFile+0xb 01 04edf87c 769b21cf KERNEL32!ReadFile+0x125 02 04edf8c0 769b2aee INFOCOMM!ReadFileIntoMemoryCache+0xdc 03 04edfb74 769b2794 INFOCOMM!TspOpenCachedFileHelper+0x281 04 04edfb98 769b25b1 INFOCOMM!TspOpenCachedFile+0x73 05 04edfcc4 769b2028 INFOCOMM!TsCreateFile+0x142 06 04edfcf4 65f03f0c INFOCOMM!TsCreateFileFromURI+0x10a 07 04edfd54 65f0242b w3svc!HTTP_REQUEST::DoGet+0x1c4 08 04edfec4 65f01d97 w3svc!HTTP_REQUEST::DoWork+0x504 09 04edfee4 65f06be5 w3svc!CLIENT_CONN::DoWork+0x1aa 0a 04edff08 65f06b58 w3svc!CreateClient+0x7b 0b 04edff4c 6d701ad2 w3svc!W3OnConnectEx+0x118 0c 04edff80 6d7029a6 ISATQ!AtqpProcessContext+0x23e 0d 04edffb4 7c57b396 ISATQ!AtqPoolThread+0x1a8 0e 04edffec 00000000 KERNEL32!BaseThreadStart+0x52 Thread ID: 43 System Thread ID: 398 Kernel Time: 0:0:3.78 User Time: 0:0:0.343 Thread Type: HTTP Listener # ChildEBP RetAddr 00 04f1ff50 7c585433 ntdll!NtRemoveIoCompletion+0xb 01 04f1ff7c 6d702957 KERNEL32!GetQueuedCompletionStatus+0x27 02 04f1ffb4 7c57b396 ISATQ!AtqPoolThread+0x40 03 04f1ffec 00000000 KERNEL32!BaseThreadStart+0x52 Thread ID: 44 System Thread ID: 7f4 Kernel Time: 0:0:0.0 User Time: 0:0:0.0 Thread Type: Other # ChildEBP RetAddr 00 03fcff9c 77fa238a ntdll!ZwDelayExecution+0xb 01 03fcffb4 7c57b396 ntdll!RtlpTimerThread+0x42 02 03fcffec 00000000 KERNEL32!BaseThreadStart+0x52 Thread ID: 45 System Thread ID: 164 Kernel Time: 0:0:38.468 User Time: 0:0:2.921 Thread Type: HTTP Listener # ChildEBP RetAddr 00 084fff50 7c585433 ntdll!NtRemoveIoCompletion+0xb 01 084fff7c 6d702957 KERNEL32!GetQueuedCompletionStatus+0x27 02 084fffb4 7c57b396 ISATQ!AtqPoolThread+0x40 03 084fffec 00000000 KERNEL32!BaseThreadStart+0x52 Thread ID: 46 System Thread ID: 180 Kernel Time: 0:1:28.625 User Time: 0:0:6.671 Thread Type: HTTP Listener # ChildEBP RetAddr 00 085eff50 7c585433 ntdll!NtRemoveIoCompletion+0xb 01 085eff7c 6d702957 KERNEL32!GetQueuedCompletionStatus+0x27 02 085effb4 7c57b396 ISATQ!AtqPoolThread+0x40 03 085effec 00000000 KERNEL32!BaseThreadStart+0x52 Thread ID: 47 System Thread ID: 408 Kernel Time: 0:1:45.796 User Time: 0:0:8.187 Thread Type: HTTP Listener # ChildEBP RetAddr 00 04ceff50 7c585433 ntdll!NtRemoveIoCompletion+0xb 01 04ceff7c 6d702957 KERNEL32!GetQueuedCompletionStatus+0x27 02 04ceffb4 7c57b396 ISATQ!AtqPoolThread+0x40 03 04ceffec 00000000 KERNEL32!BaseThreadStart+0x52 Thread ID: 48 System Thread ID: 8a4 Kernel Time: 0:0:5.812 User Time: 0:0:0.234 Thread Type: HTTP Listener # ChildEBP RetAddr 00 04d2ff50 7c585433 ntdll!NtRemoveIoCompletion+0xb 01 04d2ff7c 6d702957 KERNEL32!GetQueuedCompletionStatus+0x27 02 04d2ffb4 7c57b396 ISATQ!AtqPoolThread+0x40 03 04d2ffec 00000000 KERNEL32!BaseThreadStart+0x52 Thread ID: 49 System Thread ID: 8b0 Kernel Time: 0:0:0.0 User Time: 0:0:0.0 Thread Type: Other # ChildEBP RetAddr 00 0761ebe0 77fa0ff5 ntdll!ZwWaitForMultipleObjects+0xb 01 0761ffb4 7c57b396 ntdll!RtlpWaitThread+0x1b9 02 0761ffec 00000000 KERNEL32!BaseThreadStart+0x52 Thread ID: 50 System Thread ID: 224 Kernel Time: 0:0:0.0 User Time: 0:0:0.0 Thread Type: Other # ChildEBP RetAddr 00 0765ff1c 7c59a23d ntdll!ZwWaitForMultipleObjects+0xb 01 0765ff6c 7c59a150 KERNEL32!WaitForMultipleObjectsEx+0xea 02 0765ff84 7c0f6a8b KERNEL32!WaitForMultipleObjects+0x17 03 0765ffb4 7c57b396 USERENV!NotificationThread+0x5f 04 0765ffec 00000000 KERNEL32!BaseThreadStart+0x52 Thread ID: 51 System Thread ID: 430 Kernel Time: 0:0:0.453 User Time: 0:0:0.640 Thread Type: Possible ASP page. Possible DCOM activity Executing Page: ASP.dll symbols not found. Unable to locate ASP page. Continuing with other analysis. No remote call being made # ChildEBP RetAddr 00 05dcfe24 77d595d9 ntdll!ZwReplyWaitReceivePortEx+0xb 01 05dcff74 77d58e4a RPCRT4!LRPC_ADDRESS::ReceiveLotsaCalls+0x74 02 05dcff78 77d3aeed RPCRT4!RecvLotsaCallsWrapper+0x9 03 05dcffa8 77d37de8 RPCRT4!BaseCachedThreadRoutine+0x4f 04 05dcffb4 7c57b396 RPCRT4!ThreadStartRoutine+0x18 05 05dcffec 00000000 KERNEL32!BaseThreadStart+0x52 ***** Dump name is formatted as: PID-Timestamp.dmp Creating C:\iisstate\output\676-1158786592.dmp - mini user dump ***** Closing open log file C:\iisstate\output\IISState-676.log Tag: How to programmatically clear network passwords from IE Tag: 387800
  - 25
    - domain to virtual directory Hi, to all. I have a question is it possible to point domain (www.test.com) to virtual directory ? Thanks Tag: How to programmatically clear network passwords from IE Tag: 387790

I run a web site (ASP) on the company intranet which I want to restrict
access to. A logon box is necessary since some computers are logged on
with "common" profiles.

Using IIS 6, I have set authentication method to Digest Auth which
communicates with Active Directory as wanted. I've remove anonymous
access and integrated Win auth. I've also set connection timeout to 30
seconds.

My problem is this:
1) User A successfully logs on to the site using his/hers network
password
2) User A leaves the computer without closing ALL Internet Explorer
windows
3) User B enters the site. The login box is pre-filled with user A's
username/password. User B only needs to click OK to enter the site.

I've tried changing the login settings under Authentication in IE, but
this doesn't help.

Is there a way to (preferably programmatically) clear the username and
password for the logon box?

Top

Re: How to programmatically clear network passwords from IE by ocb

ocb
Tue Sep 26 08:36:36 CDT 2006

Sorry for the multiple posts. Problems with the company firewall it
seems.

Top

Re: How to programmatically clear network passwords from IE by GregKirkpatrick

GregKirkpatrick
Tue Sep 26 10:05:02 CDT 2006

Sounds like this is coming from AutoComplete.

In Internet Options, click Content / AutoComplete. Uncheck the boxes there,
and click the Clear Forms and Clear Passwords buttons.

This can, of course, be controlled by Group Policy.

Top

Re: How to programmatically clear network passwords from IE by ocb

ocb
Tue Sep 26 17:10:21 CDT 2006

Thanks for the reply.

The only autocomplete feature currently enabled, is for web addresses.
I've tried clearing the forms and passwords, but still the username and
password are pre-filled in the login box.

Is there a way to change a Group policy temporarily? Since "my" server
is only one of many in the corporate domain, I'm guessing it would be
hard to convince the corporate network admins to change the policy or
make a custom one for me (and the 50+ people potentially using the
specific intranet site).

Top