major IIS performance problems II
From: tparks69 (tparks69_at_discussions.microsoft.com)
Date: 07/27/04
- Next message: Douglas Knudsen: "RE: Forcing to SSL page"
- Previous message: dcp: "Suffered a Fatal Communication Error"
- Next in thread: Pat [MSFT]: "Re: major IIS performance problems II"
- Reply: Pat [MSFT]: "Re: major IIS performance problems II"
- Messages sorted by: [ date ] [ thread ]
Date: Tue, 27 Jul 2004 10:10:43 -0700
Last week I posted about a problem I'm having with bad response times from IIS. David Wang(Msft) asked me to post an IISState dump from the IIS server. This message is just to repost that dump in the hopes that someone can help interpret it for me so I can figure out why our application is performing badly. For reference please see the message from 7/20 titled "major IIS performance problems..." The log is enclosed here as well. Can anyone help?
Opened log file 'C:\iisstate\output\IISState-1688.log'
***********************
Starting new log output
IISState version 3.3.1
Thu Jul 22 11:47:15 2004
OS = Windows 2000
Executable: dllhost.exe
PID = 1688
Thread ID: 0
System Thread ID: 680
Kernel Time: 0:0:0.40
User Time: 0:0:0.0
*** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINNT\system32\ntdll.dll -
*** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINNT\system32\KERNEL32.DLL -
WARNING: Stack unwind information not available. Following frames may be wrong.
Thread Status: Thread is in a WAIT state.
Thread Type: Other
WARNING: Stack unwind information not available. Following frames may be wrong.
# ChildEBP RetAddr
00 0006fd50 7c4f1b1b ntdll!NtWaitForSingleObject+0xb
01 00000000 00000000 KERNEL32!WaitForSingleObject+0xf
Thread ID: 1
System Thread ID: 214
Kernel Time: 0:0:0.0
User Time: 0:0:0.40
*** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINNT\system32\RPCRT4.DLL -
WARNING: Stack unwind information not available. Following frames may be wrong.
Thread Type: Possible ASP page. Possible DCOM activity
Executing Page: *** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINNT\system32\inetsrv\asp.dll -
ASP.dll symbols not found. Unable to locate ASP page.
Continuing with other analysis.
*** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINNT\system32\ole32.dll -
OLE32.dll Symbols not found. Unable to proceed with DCOM check.
Continuing other analysis.
WARNING: Stack unwind information not available. Following frames may be wrong.
# ChildEBP RetAddr
00 0088ff74 77d3d9db ntdll!NtReplyWaitReceivePortEx+0xb
01 0088ffa8 77d3dd0b RPCRT4!RpcBindingSetOption+0x6b4
02 0088ffb4 7c4e987c RPCRT4!RpcBindingSetOption+0x9e4
03 0088ffec 00000000 KERNEL32!SetThreadExecutionState+0x227
Thread ID: 2
System Thread ID: 480
Kernel Time: 0:0:0.0
User Time: 0:0:0.0
WARNING: Stack unwind information not available. Following frames may be wrong.
Thread Type: Other
WARNING: Stack unwind information not available. Following frames may be wrong.
# ChildEBP RetAddr
00 008cff7c 7c4fac79 ntdll!ZwDelayExecution+0xb
01 00007530 00000000 KERNEL32!Sleep+0xb
Thread ID: 3
System Thread ID: 4f8
Kernel Time: 0:0:0.0
User Time: 0:0:0.0
*** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINNT\system32\USER32.DLL -
WARNING: Stack unwind information not available. Following frames may be wrong.
Thread Type: Other
WARNING: Stack unwind information not available. Following frames may be wrong.
# ChildEBP RetAddr
00 0090ff30 77adc54e USER32!TranslateMessageEx+0x4a
01 0090ff70 77adc4ce ole32!CoInstall+0x730
02 0090ff8c 77adc3d0 ole32!CoInstall+0x6b0
03 00007530 00000000 ole32!CoInstall+0x5b2
Thread ID: 4
System Thread ID: 574
Kernel Time: 0:0:0.30
User Time: 0:0:0.50
*** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINNT\system32\TxfAux.Dll -
WARNING: Stack unwind information not available. Following frames may be wrong.
Thread Type: Other
WARNING: Stack unwind information not available. Following frames may be wrong.
# ChildEBP RetAddr
00 0099fc98 6de8b983 ntdll!NtRemoveIoCompletion+0xb
01 0099fd94 6de8b8d8 TxfAux!Log+0x5e3
02 0099ffb4 7c4e987c TxfAux!Log+0x538
03 0099ffec 00000000 KERNEL32!SetThreadExecutionState+0x227
Thread ID: 5
System Thread ID: 664
Kernel Time: 0:0:0.60
User Time: 0:0:0.30
WARNING: Stack unwind information not available. Following frames may be wrong.
Thread Type: Possible ASP page. Possible DCOM activity
Executing Page: ASP.dll symbols not found. Unable to locate ASP page.
Continuing with other analysis.
OLE32.dll Symbols not found. Unable to proceed with DCOM check.
Continuing other analysis.
WARNING: Stack unwind information not available. Following frames may be wrong.
# ChildEBP RetAddr
00 00b5ff74 77d3d9db ntdll!NtReplyWaitReceivePortEx+0xb
01 00b5ffa8 77d3dd0b RPCRT4!RpcBindingSetOption+0x6b4
02 00b5ffb4 7c4e987c RPCRT4!RpcBindingSetOption+0x9e4
03 00b5ffec 00000000 KERNEL32!SetThreadExecutionState+0x227
Thread ID: 6
System Thread ID: 624
Kernel Time: 0:0:0.0
User Time: 0:0:0.0
WARNING: Stack unwind information not available. Following frames may be wrong.
Thread Status: Thread is in a WAIT state.
Thread Type: Other
WARNING: Stack unwind information not available. Following frames may be wrong.
# ChildEBP RetAddr
00 00b9ff58 7c4fabfb ntdll!NtWaitForMultipleObjects+0xb
01 00b9ffec 00000000 KERNEL32!WaitForMultipleObjects+0x17
Thread ID: 7
System Thread ID: 498
Kernel Time: 0:0:0.0
User Time: 0:0:0.0
WARNING: Stack unwind information not available. Following frames may be wrong.
*** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINNT\system32\COMSVCS.DLL -
*** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINNT\system32\NETAPI32.dll -
Thread Type: Possible ASP page. Possible DCOM activity
Executing Page: ASP.dll symbols not found. Unable to locate ASP page.
Continuing with other analysis.
OLE32.dll Symbols not found. Unable to proceed with DCOM check.
Continuing other analysis.
WARNING: Stack unwind information not available. Following frames may be wrong.
# ChildEBP RetAddr
00 00bdfb94 77d36f6c ntdll!ZwRequestWaitReplyPort+0xb
01 00bdfba0 77b2b8fd RPCRT4!I_RpcSendReceive+0x22
02 00bdfbc0 77b2b84b ole32!StgGetIFillLockBytesOnFile+0x13115
03 00bdfbd8 77b2b6bc ole32!StgGetIFillLockBytesOnFile+0x13063
04 00bdfc18 77b2dbc2 ole32!StgGetIFillLockBytesOnFile+0x12ed4
05 00bdfc88 77a90349 ole32!HACCEL_UserMarshal+0x308
06 00bdfce0 77d94908 ole32!DcomChannelSetHResult+0x555
07 00bdfcfc 77d93e62 RPCRT4!NdrProxySendReceive+0x46
08 00bdff44 77d949ef RPCRT4!NdrClientCall2+0x4ca
09 00bdff60 77d41baf RPCRT4!IUnknown_AddRef_Proxy+0x6c
0a 00bdff70 787f372e RPCRT4!RpcBindingInqAuthClientExW+0xb7
0b 78868f0c ffffffff COMSVCS!RegisterComEvents+0x6768
0c 0008abf0 78868f0c 0xffffffff
0d 00000000 00000000 COMSVCS!RegisterComEvents+0x7bf46
Thread ID: 8
System Thread ID: 3f0
Kernel Time: 0:0:0.0
User Time: 0:0:0.0
WARNING: Stack unwind information not available. Following frames may be wrong.
Thread Type: Other
WARNING: Stack unwind information not available. Following frames may be wrong.
# ChildEBP RetAddr
00 00c1ff00 7c4fac79 ntdll!ZwDelayExecution+0xb
01 77f89134 4affc033 KERNEL32!Sleep+0xb
02 0424548b 00000000 0x4affc033
Thread ID: 9
System Thread ID: 2b8
Kernel Time: 0:0:0.0
User Time: 0:0:0.0
WARNING: Stack unwind information not available. Following frames may be wrong.
*** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINNT\system32\IISRTL.DLL -
Thread Status: Thread is in a WAIT state.
Thread Type: Other
WARNING: Stack unwind information not available. Following frames may be wrong.
# ChildEBP RetAddr
00 00d1feac 77e13990 ntdll!NtWaitForMultipleObjects+0xb
01 00d1ff08 77e13a5c USER32!MsgWaitForMultipleObjectsEx+0xe0
02 00d1ff24 6e5a5a7c USER32!MsgWaitForMultipleObjects+0x1d
03 00406ba0 000003e9 IISRTL!ALLOC_CACHE_HANDLER__SetLookasideCleanupInterval+0xe4
Thread ID: 10
System Thread ID: 578
Kernel Time: 0:0:0.0
User Time: 0:0:0.0
*** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINNT\system32\inetsrv\ISATQ.DLL -
WARNING: Stack unwind information not available. Following frames may be wrong.
Thread Type: HTTP Listener
WARNING: Stack unwind information not available. Following frames may be wrong.
# ChildEBP RetAddr
00 00d5ff7c 6d702957 ntdll!NtRemoveIoCompletion+0xb
01 7c30fcf9 e65868ff ISATQ!CDirMonitor__RemoveEntry+0xeb
02 6aec8b55 00000000 0xe65868ff
Thread ID: 11
System Thread ID: 5c0
Kernel Time: 0:0:0.0
User Time: 0:0:0.0
WARNING: Stack unwind information not available. Following frames may be wrong.
Thread Type: Possible ASP page. Possible DCOM activity
Executing Page: ASP.dll symbols not found. Unable to locate ASP page.
Continuing with other analysis.
OLE32.dll Symbols not found. Unable to proceed with DCOM check.
Continuing other analysis.
WARNING: Stack unwind information not available. Following frames may be wrong.
# ChildEBP RetAddr
00 00edfee4 77d357c0 ntdll!NtRemoveIoCompletion+0xb
01 00edff20 77d52899 RPCRT4!UuidFromStringA+0x141c
02 00edff74 77d52778 RPCRT4!I_RpcTransConnectionReallocPacket+0x26c
03 00edffa8 77d3dd0b RPCRT4!I_RpcTransConnectionReallocPacket+0x14b
04 00edffb4 7c4e987c RPCRT4!RpcBindingSetOption+0x9e4
05 00edffec 00000000 KERNEL32!SetThreadExecutionState+0x227
Thread ID: 12
System Thread ID: 5a4
Kernel Time: 0:0:0.10
User Time: 0:0:0.30
WARNING: Stack unwind information not available. Following frames may be wrong.
Thread Type: Possible ASP page. Possible DCOM activity
Executing Page: ASP.dll symbols not found. Unable to locate ASP page.
Continuing with other analysis.
OLE32.dll Symbols not found. Unable to proceed with DCOM check.
Continuing other analysis.
WARNING: Stack unwind information not available. Following frames may be wrong.
# ChildEBP RetAddr
00 00f9ff74 77d3d9db ntdll!NtReplyWaitReceivePortEx+0xb
01 00f9ffa8 77d3dd0b RPCRT4!RpcBindingSetOption+0x6b4
02 00f9ffb4 7c4e987c RPCRT4!RpcBindingSetOption+0x9e4
03 00f9ffec 00000000 KERNEL32!SetThreadExecutionState+0x227
Thread ID: 13
System Thread ID: 254
Kernel Time: 0:0:0.0
User Time: 0:0:0.0
WARNING: Stack unwind information not available. Following frames may be wrong.
*** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINNT\system32\MSVCRT.dll -
Thread Status: Thread is in a WAIT state.
Thread Type: ASP
Executing Page: ASP.dll symbols not found. Unable to locate ASP page.
Continuing with other analysis.
WARNING: Stack unwind information not available. Following frames may be wrong.
# ChildEBP RetAddr
00 010cfec0 77e13990 ntdll!NtWaitForMultipleObjects+0xb
01 010cff1c 77e13a5c USER32!MsgWaitForMultipleObjectsEx+0xe0
02 010cff38 74a01e69 USER32!MsgWaitForMultipleObjects+0x1d
03 010cff7c 78008454 asp!GetExtensionVersion+0x2deb
04 010cffb4 7c4e987c MSVCRT!endthread+0xc1
05 010cffec 00000000 KERNEL32!SetThreadExecutionState+0x227
Thread ID: 14
System Thread ID: 5ec
Kernel Time: 0:0:0.20
User Time: 0:0:0.0
WARNING: Stack unwind information not available. Following frames may be wrong.
Thread Status: Thread is in a WAIT state.
Thread Type: Idle ASP thread
WARNING: Stack unwind information not available. Following frames may be wrong.
# ChildEBP RetAddr
00 0110fe78 77e13990 ntdll!NtWaitForMultipleObjects+0xb
01 0110fed4 77e13a5c USER32!MsgWaitForMultipleObjectsEx+0xe0
02 0110fef0 787c2885 USER32!MsgWaitForMultipleObjects+0x1d
03 000ba1b8 000002d4 COMSVCS!Ordinal7+0x29d5
Thread ID: 15
System Thread ID: 5f0
Kernel Time: 0:0:0.0
User Time: 0:0:0.0
WARNING: Stack unwind information not available. Following frames may be wrong.
Thread Status: Thread is in a WAIT state.
Thread Type: Idle ASP thread
WARNING: Stack unwind information not available. Following frames may be wrong.
# ChildEBP RetAddr
00 0114fe78 77e13990 ntdll!NtWaitForMultipleObjects+0xb
01 0114fed4 77e13a5c USER32!MsgWaitForMultipleObjectsEx+0xe0
02 0114fef0 787c2885 USER32!MsgWaitForMultipleObjects+0x1d
03 000c06e8 000002d4 COMSVCS!Ordinal7+0x29d5
Thread ID: 16
System Thread ID: 630
Kernel Time: 0:0:1.191
User Time: 0:0:6.188
*** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINNT\System32\msxml3.dll -
WARNING: Stack unwind information not available. Following frames may be wrong.
Thread Type: Other
WARNING: Stack unwind information not available. Following frames may be wrong.
# ChildEBP RetAddr
00 0118ea5c 69b273a3 msxml3!DllGetClassObject+0xedde
01 0118ea84 69b24ad4 msxml3!DllGetClassObject+0xe77b
02 0118ea98 69b249a0 msxml3!DllGetClassObject+0xbeac
03 0118eba0 69b3b948 msxml3!DllGetClassObject+0xbd78
04 0118ebdc 69b3b8b7 msxml3!DllMain+0x5bc9
05 0118ec50 69b3b791 msxml3!DllMain+0x5b38
06 0118ecc4 69b858dd msxml3!DllMain+0x5a12
07 0118ece8 69b8596e msxml3!Ordinal10+0x3291b
08 0118ed00 69b8616d msxml3!Ordinal10+0x329ac
09 0118ed78 69b454d8 msxml3!Ordinal10+0x331ab
0a 0118edd4 69b346f2 msxml3!DllMain+0xf759
0b 0118ee18 69b34649 msxml3!DllGetClassObject+0x1baca
0c 01993760 00000015 msxml3!DllGetClassObject+0x1ba21
Thread ID: 17
System Thread ID: 634
Kernel Time: 0:0:0.0
User Time: 0:0:0.0
WARNING: Stack unwind information not available. Following frames may be wrong.
Thread Status: Thread is in a WAIT state.
Thread Type: Idle ASP thread
WARNING: Stack unwind information not available. Following frames may be wrong.
# ChildEBP RetAddr
00 011cfe78 77e13990 ntdll!NtWaitForMultipleObjects+0xb
01 011cfed4 77e13a5c USER32!MsgWaitForMultipleObjectsEx+0xe0
02 011cfef0 787c2885 USER32!MsgWaitForMultipleObjects+0x1d
03 000c1408 000002d4 COMSVCS!Ordinal7+0x29d5
Thread ID: 18
System Thread ID: 638
Kernel Time: 0:0:2.263
User Time: 0:0:13.138
WARNING: Stack unwind information not available. Following frames may be wrong.
Thread Status: Thread is in a WAIT state.
Thread Type: Idle ASP thread
WARNING: Stack unwind information not available. Following frames may be wrong.
# ChildEBP RetAddr
00 0120fe78 77e13990 ntdll!NtWaitForMultipleObjects+0xb
01 0120fed4 77e13a5c USER32!MsgWaitForMultipleObjectsEx+0xe0
02 0120fef0 787c2885 USER32!MsgWaitForMultipleObjects+0x1d
03 000c1880 000002d4 COMSVCS!Ordinal7+0x29d5
Thread ID: 19
System Thread ID: 63c
Kernel Time: 0:0:0.0
User Time: 0:0:0.0
WARNING: Stack unwind information not available. Following frames may be wrong.
Thread Status: Thread is in a WAIT state.
Thread Type: Idle ASP thread
WARNING: Stack unwind information not available. Following frames may be wrong.
# ChildEBP RetAddr
00 0124fe78 77e13990 ntdll!NtWaitForMultipleObjects+0xb
01 0124fed4 77e13a5c USER32!MsgWaitForMultipleObjectsEx+0xe0
02 0124fef0 787c2885 USER32!MsgWaitForMultipleObjects+0x1d
03 000c1ce8 000002d4 COMSVCS!Ordinal7+0x29d5
Thread ID: 20
System Thread ID: 5b0
Kernel Time: 0:0:0.570
User Time: 0:0:3.264
WARNING: Stack unwind information not available. Following frames may be wrong.
Thread Status: Thread is in a WAIT state.
Thread Type: Idle ASP thread
WARNING: Stack unwind information not available. Following frames may be wrong.
# ChildEBP RetAddr
00 0128fe78 77e13990 ntdll!NtWaitForMultipleObjects+0xb
01 0128fed4 77e13a5c USER32!MsgWaitForMultipleObjectsEx+0xe0
02 0128fef0 787c2885 USER32!MsgWaitForMultipleObjects+0x1d
03 000c1440 000002d4 COMSVCS!Ordinal7+0x29d5
Thread ID: 21
System Thread ID: 478
Kernel Time: 0:0:0.0
User Time: 0:0:0.0
WARNING: Stack unwind information not available. Following frames may be wrong.
Thread Status: Thread is in a WAIT state.
Thread Type: Idle ASP thread
WARNING: Stack unwind information not available. Following frames may be wrong.
# ChildEBP RetAddr
00 012cfe78 77e13990 ntdll!NtWaitForMultipleObjects+0xb
01 012cfed4 77e13a5c USER32!MsgWaitForMultipleObjectsEx+0xe0
02 012cfef0 787c2885 USER32!MsgWaitForMultipleObjects+0x1d
03 000c25d0 000002d4 COMSVCS!Ordinal7+0x29d5
Thread ID: 22
System Thread ID: 3d0
Kernel Time: 0:0:0.10
User Time: 0:0:0.0
WARNING: Stack unwind information not available. Following frames may be wrong.
Thread Type: Other
WARNING: Stack unwind information not available. Following frames may be wrong.
# ChildEBP RetAddr
00 0132ffb4 7c4e987c ntdll!ZwDelayExecution+0xb
01 0132ffec 00000000 KERNEL32!SetThreadExecutionState+0x227
Thread ID: 23
System Thread ID: 53c
Kernel Time: 0:0:0.10
User Time: 0:0:0.0
WARNING: Stack unwind information not available. Following frames may be wrong.
Thread Type: Other
WARNING: Stack unwind information not available. Following frames may be wrong.
# ChildEBP RetAddr
00 013affb4 7c4e987c ntdll!NtRemoveIoCompletion+0xb
01 013affec 00000000 KERNEL32!SetThreadExecutionState+0x227
Thread ID: 24
System Thread ID: 4fc
Kernel Time: 0:0:0.30
User Time: 0:0:0.0
WARNING: Stack unwind information not available. Following frames may be wrong.
Thread Type: Possible ASP page. Possible DCOM activity
Executing Page: ASP.dll symbols not found. Unable to locate ASP page.
Continuing with other analysis.
OLE32.dll Symbols not found. Unable to proceed with DCOM check.
Continuing other analysis.
WARNING: Stack unwind information not available. Following frames may be wrong.
# ChildEBP RetAddr
00 01a3ff74 77d3d9db ntdll!NtReplyWaitReceivePortEx+0xb
01 01a3ffa8 77d3dd0b RPCRT4!RpcBindingSetOption+0x6b4
02 01a3ffb4 7c4e987c RPCRT4!RpcBindingSetOption+0x9e4
03 01a3ffec 00000000 KERNEL32!SetThreadExecutionState+0x227
Dump name is formatted as: PID-Timestamp.dmp
*****
closing open log file
Opened log file 'C:\iisstate\output\IISState-1688.log'
***********************
Starting new log output
IISState version 3.3.1
Thu Jul 22 11:48:16 2004
OS = Windows 2000
Executable: dllhost.exe
PID = 1688
Note: Thread times are formatted as HH:MM:SS.ms
***********************
Thread ID: 0
System Thread ID: 680
Kernel Time: 0:0:0.40
User Time: 0:0:0.0
*** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINNT\system32\ntdll.dll -
*** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINNT\system32\KERNEL32.DLL -
WARNING: Stack unwind information not available. Following frames may be wrong.
Thread Status: Thread is in a WAIT state.
Thread Type: Other
WARNING: Stack unwind information not available. Following frames may be wrong.
# ChildEBP RetAddr
00 0006fd50 7c4f1b1b ntdll!NtWaitForSingleObject+0xb
01 00000000 00000000 KERNEL32!WaitForSingleObject+0xf
Thread ID: 1
System Thread ID: 214
Kernel Time: 0:0:0.0
User Time: 0:0:0.40
*** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINNT\system32\RPCRT4.DLL -
WARNING: Stack unwind information not available. Following frames may be wrong.
Thread Type: Possible ASP page. Possible DCOM activity
Executing Page: *** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINNT\system32\inetsrv\asp.dll -
ASP.dll symbols not found. Unable to locate ASP page.
Continuing with other analysis.
*** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINNT\system32\ole32.dll -
OLE32.dll Symbols not found. Unable to proceed with DCOM check.
Continuing other analysis.
WARNING: Stack unwind information not available. Following frames may be wrong.
# ChildEBP RetAddr
00 0088ff74 77d3d9db ntdll!NtReplyWaitReceivePortEx+0xb
01 0088ffa8 77d3dd0b RPCRT4!RpcBindingSetOption+0x6b4
02 0088ffb4 7c4e987c RPCRT4!RpcBindingSetOption+0x9e4
03 0088ffec 00000000 KERNEL32!SetThreadExecutionState+0x227
Thread ID: 2
System Thread ID: 480
Kernel Time: 0:0:0.0
User Time: 0:0:0.0
WARNING: Stack unwind information not available. Following frames may be wrong.
Thread Type: Other
WARNING: Stack unwind information not available. Following frames may be wrong.
# ChildEBP RetAddr
00 008cff7c 7c4fac79 ntdll!ZwDelayExecution+0xb
01 00007530 00000000 KERNEL32!Sleep+0xb
Thread ID: 3
System Thread ID: 4f8
Kernel Time: 0:0:0.0
User Time: 0:0:0.0
*** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINNT\system32\USER32.DLL -
WARNING: Stack unwind information not available. Following frames may be wrong.
Thread Type: Other
WARNING: Stack unwind information not available. Following frames may be wrong.
# ChildEBP RetAddr
00 0090ff30 77adc54e USER32!TranslateMessageEx+0x4a
01 0090ff70 77adc4ce ole32!CoInstall+0x730
02 0090ff8c 77adc3d0 ole32!CoInstall+0x6b0
03 00007530 00000000 ole32!CoInstall+0x5b2
Thread ID: 4
System Thread ID: 574
Kernel Time: 0:0:0.30
User Time: 0:0:0.50
*** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINNT\system32\TxfAux.Dll -
WARNING: Stack unwind information not available. Following frames may be wrong.
Thread Type: Other
WARNING: Stack unwind information not available. Following frames may be wrong.
# ChildEBP RetAddr
00 0099fc98 6de8b983 ntdll!NtRemoveIoCompletion+0xb
01 0099fd94 6de8b8d8 TxfAux!Log+0x5e3
02 0099ffb4 7c4e987c TxfAux!Log+0x538
03 0099ffec 00000000 KERNEL32!SetThreadExecutionState+0x227
Thread ID: 5
System Thread ID: 664
Kernel Time: 0:0:0.60
User Time: 0:0:0.30
WARNING: Stack unwind information not available. Following frames may be wrong.
Thread Type: Possible ASP page. Possible DCOM activity
Executing Page: ASP.dll symbols not found. Unable to locate ASP page.
Continuing with other analysis.
OLE32.dll Symbols not found. Unable to proceed with DCOM check.
Continuing other analysis.
WARNING: Stack unwind information not available. Following frames may be wrong.
# ChildEBP RetAddr
00 00b5ff74 77d3d9db ntdll!NtReplyWaitReceivePortEx+0xb
01 00b5ffa8 77d3dd0b RPCRT4!RpcBindingSetOption+0x6b4
02 00b5ffb4 7c4e987c RPCRT4!RpcBindingSetOption+0x9e4
03 00b5ffec 00000000 KERNEL32!SetThreadExecutionState+0x227
Thread ID: 6
System Thread ID: 624
Kernel Time: 0:0:0.0
User Time: 0:0:0.0
WARNING: Stack unwind information not available. Following frames may be wrong.
Thread Status: Thread is in a WAIT state.
Thread Type: Other
WARNING: Stack unwind information not available. Following frames may be wrong.
# ChildEBP RetAddr
00 00b9ff58 7c4fabfb ntdll!NtWaitForMultipleObjects+0xb
01 00b9ffec 00000000 KERNEL32!WaitForMultipleObjects+0x17
Thread ID: 7
System Thread ID: 498
Kernel Time: 0:0:0.0
User Time: 0:0:0.0
WARNING: Stack unwind information not available. Following frames may be wrong.
*** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINNT\system32\COMSVCS.DLL -
*** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINNT\system32\NETAPI32.dll -
Thread Type: Possible ASP page. Possible DCOM activity
Executing Page: ASP.dll symbols not found. Unable to locate ASP page.
Continuing with other analysis.
OLE32.dll Symbols not found. Unable to proceed with DCOM check.
Continuing other analysis.
WARNING: Stack unwind information not available. Following frames may be wrong.
# ChildEBP RetAddr
00 00bdfb94 77d36f6c ntdll!ZwRequestWaitReplyPort+0xb
01 00bdfba0 77b2b8fd RPCRT4!I_RpcSendReceive+0x22
02 00bdfbc0 77b2b84b ole32!StgGetIFillLockBytesOnFile+0x13115
03 00bdfbd8 77b2b6bc ole32!StgGetIFillLockBytesOnFile+0x13063
04 00bdfc18 77b2dbc2 ole32!StgGetIFillLockBytesOnFile+0x12ed4
05 00bdfc88 77a90349 ole32!HACCEL_UserMarshal+0x308
06 00bdfce0 77d94908 ole32!DcomChannelSetHResult+0x555
07 00bdfcfc 77d93e62 RPCRT4!NdrProxySendReceive+0x46
08 00bdff44 77d949ef RPCRT4!NdrClientCall2+0x4ca
09 00bdff60 77d41baf RPCRT4!IUnknown_AddRef_Proxy+0x6c
0a 00bdff70 787f372e RPCRT4!RpcBindingInqAuthClientExW+0xb7
0b 78868f0c ffffffff COMSVCS!RegisterComEvents+0x6768
0c 0008abf0 78868f0c 0xffffffff
0d 00000000 00000000 COMSVCS!RegisterComEvents+0x7bf46
Thread ID: 8
System Thread ID: 3f0
Kernel Time: 0:0:0.0
User Time: 0:0:0.0
WARNING: Stack unwind information not available. Following frames may be wrong.
Thread Type: Other
WARNING: Stack unwind information not available. Following frames may be wrong.
# ChildEBP RetAddr
00 00c1ff00 7c4fac79 ntdll!ZwDelayExecution+0xb
01 77f89134 4affc033 KERNEL32!Sleep+0xb
02 0424548b 00000000 0x4affc033
Thread ID: 9
System Thread ID: 2b8
Kernel Time: 0:0:0.0
User Time: 0:0:0.0
WARNING: Stack unwind information not available. Following frames may be wrong.
*** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINNT\system32\IISRTL.DLL -
Thread Status: Thread is in a WAIT state.
Thread Type: Other
WARNING: Stack unwind information not available. Following frames may be wrong.
# ChildEBP RetAddr
00 00d1feac 77e13990 ntdll!NtWaitForMultipleObjects+0xb
01 00d1ff08 77e13a5c USER32!MsgWaitForMultipleObjectsEx+0xe0
02 00d1ff24 6e5a5a7c USER32!MsgWaitForMultipleObjects+0x1d
03 00406ba0 000003e9 IISRTL!ALLOC_CACHE_HANDLER__SetLookasideCleanupInterval+0xe4
Thread ID: 10
System Thread ID: 578
Kernel Time: 0:0:0.0
User Time: 0:0:0.0
*** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINNT\system32\inetsrv\ISATQ.DLL -
WARNING: Stack unwind information not available. Following frames may be wrong.
Thread Type: HTTP Listener
WARNING: Stack unwind information not available. Following frames may be wrong.
# ChildEBP RetAddr
00 00d5ff7c 6d702957 ntdll!NtRemoveIoCompletion+0xb
01 7c30fcf9 e65868ff ISATQ!CDirMonitor__RemoveEntry+0xeb
02 6aec8b55 00000000 0xe65868ff
Thread ID: 11
System Thread ID: 5c0
Kernel Time: 0:0:0.0
User Time: 0:0:0.0
WARNING: Stack unwind information not available. Following frames may be wrong.
Thread Type: Possible ASP page. Possible DCOM activity
Executing Page: ASP.dll symbols not found. Unable to locate ASP page.
Continuing with other analysis.
OLE32.dll Symbols not found. Unable to proceed with DCOM check.
Continuing other analysis.
WARNING: Stack unwind information not available. Following frames may be wrong.
# ChildEBP RetAddr
00 00edfee4 77d357c0 ntdll!NtRemoveIoCompletion+0xb
01 00edff20 77d52899 RPCRT4!UuidFromStringA+0x141c
02 00edff74 77d52778 RPCRT4!I_RpcTransConnectionReallocPacket+0x26c
03 00edffa8 77d3dd0b RPCRT4!I_RpcTransConnectionReallocPacket+0x14b
04 00edffb4 7c4e987c RPCRT4!RpcBindingSetOption+0x9e4
05 00edffec 00000000 KERNEL32!SetThreadExecutionState+0x227
Thread ID: 12
System Thread ID: 5a4
Kernel Time: 0:0:0.10
User Time: 0:0:0.30
WARNING: Stack unwind information not available. Following frames may be wrong.
Thread Type: Possible ASP page. Possible DCOM activity
Executing Page: ASP.dll symbols not found. Unable to locate ASP page.
Continuing with other analysis.
OLE32.dll Symbols not found. Unable to proceed with DCOM check.
Continuing other analysis.
WARNING: Stack unwind information not available. Following frames may be wrong.
# ChildEBP RetAddr
00 00f9ff74 77d3d9db ntdll!NtReplyWaitReceivePortEx+0xb
01 00f9ffa8 77d3dd0b RPCRT4!RpcBindingSetOption+0x6b4
02 00f9ffb4 7c4e987c RPCRT4!RpcBindingSetOption+0x9e4
03 00f9ffec 00000000 KERNEL32!SetThreadExecutionState+0x227
Thread ID: 13
System Thread ID: 254
Kernel Time: 0:0:0.0
User Time: 0:0:0.0
WARNING: Stack unwind information not available. Following frames may be wrong.
*** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINNT\system32\MSVCRT.dll -
Thread Status: Thread is in a WAIT state.
Thread Type: ASP
Executing Page: ASP.dll symbols not found. Unable to locate ASP page.
Continuing with other analysis.
WARNING: Stack unwind information not available. Following frames may be wrong.
# ChildEBP RetAddr
00 010cfec0 77e13990 ntdll!NtWaitForMultipleObjects+0xb
01 010cff1c 77e13a5c USER32!MsgWaitForMultipleObjectsEx+0xe0
02 010cff38 74a01e69 USER32!MsgWaitForMultipleObjects+0x1d
03 010cff7c 78008454 asp!GetExtensionVersion+0x2deb
04 010cffb4 7c4e987c MSVCRT!endthread+0xc1
05 010cffec 00000000 KERNEL32!SetThreadExecutionState+0x227
Thread ID: 14
System Thread ID: 5ec
Kernel Time: 0:0:0.660
User Time: 0:0:3.374
WARNING: Stack unwind information not available. Following frames may be wrong.
Thread Status: Thread is in a WAIT state.
Thread Type: Idle ASP thread
WARNING: Stack unwind information not available. Following frames may be wrong.
# ChildEBP RetAddr
00 0110fe78 77e13990 ntdll!NtWaitForMultipleObjects+0xb
01 0110fed4 77e13a5c USER32!MsgWaitForMultipleObjectsEx+0xe0
02 0110fef0 787c2885 USER32!MsgWaitForMultipleObjects+0x1d
03 000ba1b8 000002d4 COMSVCS!Ordinal7+0x29d5
Thread ID: 15
System Thread ID: 5f0
Kernel Time: 0:0:0.0
User Time: 0:0:0.0
WARNING: Stack unwind information not available. Following frames may be wrong.
Thread Status: Thread is in a WAIT state.
Thread Type: Idle ASP thread
WARNING: Stack unwind information not available. Following frames may be wrong.
# ChildEBP RetAddr
00 0114fe78 77e13990 ntdll!NtWaitForMultipleObjects+0xb
01 0114fed4 77e13a5c USER32!MsgWaitForMultipleObjectsEx+0xe0
02 0114fef0 787c2885 USER32!MsgWaitForMultipleObjects+0x1d
03 000c06e8 000002d4 COMSVCS!Ordinal7+0x29d5
Thread ID: 16
System Thread ID: 630
Kernel Time: 0:0:1.642
User Time: 0:0:8.682
*** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINNT\System32\vbscript.dll -
WARNING: Stack unwind information not available. Following frames may be wrong.
Thread Type: ASP
Executing Page: ASP.dll symbols not found. Unable to locate ASP page.
Continuing with other analysis.
WARNING: Stack unwind information not available. Following frames may be wrong.
# ChildEBP RetAddr
00 0072e362 00000000 vbscript!DllCanUnloadNow+0x9985
- Next message: Douglas Knudsen: "RE: Forcing to SSL page"
- Previous message: dcp: "Suffered a Fatal Communication Error"
- Next in thread: Pat [MSFT]: "Re: major IIS performance problems II"
- Reply: Pat [MSFT]: "Re: major IIS performance problems II"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
