Iamapp.exe generates consistent access violation on startup.

  • Thread starter Thread starter Eamon Stanley
  • Start date Start date
E

Eamon Stanley

Help, this is making me insane.
I have a two-week old win2k installation on a two-month old machine.
Win2k is fully up to date with sp's and patches, and the box is a
fairly standard wintel sort of machine. Norton IS 02 and System Works
02 installed, along with spybot and Ad-aware 6.
Most of the time when I start the machine, I get a message telling
me that Iamapp.exe has generated errors and will be closed, error log
being generated, etc. Sometimes Iamapp.exe is stopped by windows
sometimes not. None of this appears in event viewer as an error, only
as "information" from drwtsn32. I have to restart Iamapp from
start/run. More interesting, even when iamapp isn't stopped by
windows, OE and messenger are both nonfunctional until I stop/start
Iamapp. Essentially, IM and OE are broken until I jumpstart Iamapp.exe
from TM and start/run. OE gives me "server cannot be etc", and IM
gives me the ".net service is not available" window. None of the
diagnostic utilities I have access to tell me anything useful that I
know enough to interpret.
I have tried setting NIS to manual start, and putting a shortcut in
Docs&settings\all users\start menu\programs\startup with /load in the
shortcut path, as per a suggestion in usenet, and in the Symantec KB.
I've set IM to completely manual start and left only the shortcut in
the accesories toolbar, from the same reasoning. I haven't set NIS to
completely manual start, and I haven't set OE to manual start with or
without shortcut. I have not been able to find anything in the MS KB,
the Symantec KB, or the usenets.
When I built the machine initially, I installed Norton immediately
after office and win2k, and before anything else. I didn't have this
problem until I had to remove/reinstall Norton for an unrelated
reason. I would really prefer not to have to do a ground-up rebuild on
the box just for this.
The Drwtsn logs all look like this, the only thing different is the
PID for Iamapp isn't always the same.


Application exception occurred:
App: (pid=1420)
When: 7/16/2003 @ 20:45:15.046
Exception number: c0000005 (access violation)

*----> System Information <----*
Computer Name: STORMCROW
User Name: Administrator
Number of Processors: 1
Processor Type: x86 Family 15 Model 2 Stepping 7
Windows 2000 Version: 5.0
Current Build: 2195
Service Pack: 4
Current Type: Uniprocessor Free
Registered Organization: chaosycles
Registered Owner: Eamon Stanley

*----> Task List <----*
0 Idle.exe
8 System.exe
232 SMSS.exe
256 CSRSS.exe
276 WINLOGON.exe
304 SERVICES.exe
316 LSASS.exe
488 gearsec.exe
508 nmapserv.exe
536 NPROTECT.exe
552 svchost.exe
600 svchost.exe
616 NAVAPSVC.exe
684 NISUM.exe
700 NMSSvc.exe
764 mstask.exe
780 NOPDB.exe
820 SYMPROXYSVC.exe
848 WinMgmt.exe
872 NISSERV.exe
1092 WinMgmt.exe
1168 explorer.exe
1212 SymTray.exe
1128 igfxtray.exe
1292 hkcmd.exe
1312 LMonitor.exe
1340 SOUNDMAN.exe
1392 PROMon.exe
1400 NAVAPW32.exe
1420 IAMAPP.exe
1464 PCAlert4.exe
1152 WZQKPICK.exe
1320 MSOFFICE.exe
1436 DRWTSN32.exe
0 _Total.exe

(00400000 - 0045D000)
(77F80000 - 77FFB000)
(75050000 - 75058000)
(7C4E0000 - 7C599000)
(75030000 - 75044000)
(78000000 - 78045000)
(7C2D0000 - 7C332000)
(77D30000 - 77D9E000)
(75020000 - 75028000)
(77E10000 - 77E75000)
(77F40000 - 77F7C000)
(782F0000 - 78538000)
(70BD0000 - 70C35000)
(71710000 - 71794000)
(77A50000 - 77B3C000)
(779B0000 - 77A4B000)
(64A00000 - 64A29000)
(76B30000 - 76B6E000)
(6EE00000 - 6EE0F000)
(780C0000 - 78121000)
(6C400000 - 6C406000)
(63200000 - 6320A000)
(62400000 - 6245D000)
(77570000 - 775A0000)
(775A0000 - 77626000)
(6CA00000 - 6CA06000)
(010D0000 - 012D4000)
(70200000 - 70295000)
(77440000 - 774B8000)
(77430000 - 77440000)
(10000000 - 10026000)
(014F0000 - 01521000)
(77820000 - 77827000)
(759B0000 - 759B6000)
(77840000 - 7787E000)
(770C0000 - 770E3000)
(719B0000 - 719B8000)

State Dump for Thread Id 0x588

eax=00000000 ebx=00000000 ecx=00164d38 edx=00130608 esi=63206d54
edi=0000000f
eip=6320134a esp=0012f24c ebp=0012f27c iopl=0 nv up ei ng nz
na po cy
cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000
efl=00000287


function: <nosymbols>
6320132a 33c0 xor eax,eax
6320132c c3 ret
6320132d 57 push edi
6320132e 33ff xor edi,edi
63201330 85c0 test eax,eax
63201332 7e31 jle 63206965
63201334 56 push esi
63201335 8b04bd186d2063 mov eax,[63206d18+edi*4]
ds:0000000f=????????
6320133c ff34bda06c2063 push dword ptr [63206ca0+edi*4]
ds:0000000f=????????
63201343 8d34bd186d2063 lea esi,[63206d18+edi*4]
ds:0000000f=????????
FAULT ->6320134a 8b08 mov ecx,[eax]
ds:00000000=????????
6320134c 50 push eax
6320134d ff5118 call dword ptr [ecx+0x18]
ds:00bdec1e=????????
63201350 8b06 mov eax,[esi]
ds:63206d54=00000000
63201352 50 push eax
63201353 8b08 mov ecx,[eax]
ds:00000000=????????
63201355 ff5108 call dword ptr [ecx+0x8]
ds:00bdec1e=????????
63201358 832600 and dword ptr [esi],0x0
ds:63206d54=00000000
6320135b 47 inc edi
6320135c 3b3d986d2063 cmp edi,[63206d98]
ds:63206d98=00000010
63201362 7cd1 jl 63207235
63201364 5e pop esi

*----> Stack Back Trace <----*

FramePtr ReturnAd Param#1 Param#2 Param#3 Param#4 Function Name
0012F27C 6320105D 00000000 00000000 0015D778 0015D81C !<nosymbols>
0012F2A0 632013CB 00000000 0015CD04 0012FFB0 63204460 !<nosymbols>
0012F2BC 632029E5 00411FB0 00402AD2 0041004D 00133817 !<nosymbols>
0012FF24 0040BC5C 00400000 00000000 00000000 00000001
!UMCBK_Initialize
0012FFC0 7C4E87F5 0041004D 00500050 7FFDF000 C0000005 !<nosymbols>
0012FFF0 00000000 0040BB28 00000000 000000C8 00000100
kernel32!DosDateTimeToFileTime

*----> Raw Stack Dump <----*
0012f24c 00 00 00 00 c8 51 20 63 - 1c d8 15 00 ee 12 20 63 .....Q
c...... c
0012f25c 01 00 00 00 01 00 00 00 - 00 00 00 00 60 6b 2f 00
.............`k/.
0012f26c 0c fd 15 00 94 f2 12 00 - 4c 44 20 63 ff ff ff ff
.........LD c....
0012f27c a0 f2 12 00 5d 10 20 63 - 00 00 00 00 00 00 00 00 ....].
c........
0012f28c 78 d7 15 00 1c d8 15 00 - b0 f2 12 00 0c 44 20 63
x............D c
0012f29c 01 00 00 00 bc f2 12 00 - cb 13 20 63 00 00 00 00
........... c....
0012f2ac 04 cd 15 00 b0 ff 12 00 - 60 44 20 63 00 00 00 00
.........`D c....
0012f2bc 24 ff 12 00 e5 29 20 63 - b0 1f 41 00 d2 2a 40 00 $....)
c..A..*@.
0012f2cc 4d 00 41 00 17 38 13 00 - 00 00 00 00 00 00 13 00
M.A..8..........
0012f2dc c8 21 13 00 00 00 00 00 - d8 f2 12 00 88 06 13 00
..!..............
0012f2ec 8c f3 12 00 91 81 f9 77 - a0 99 f8 77 ff ff ff ff
........w...w....
0012f2fc 9c f3 12 00 82 c8 fc 77 - 78 13 13 00 d0 21 13 00
........wx....!..
0012f30c d0 21 13 00 34 00 00 c0 - 00 00 00 00 00 00 00 00
..!..4...........
0012f31c 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00
.................
0012f32c 00 00 00 00 00 00 00 00 - 79 00 5c 00 00 00 00 00
.........y.\.....
0012f33c 00 00 00 00 00 00 00 00 - d0 21 13 00 ff ff ff e7
..........!......
0012f34c 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00
.................
0012f35c 8c f3 12 00 00 00 00 00 - 64 99 f8 77 00 00 13 00
.........d..w....
0012f36c 58 24 13 00 00 00 00 00 - 68 f3 12 00 88 06 13 00
X$......h.......
0012f37c 1c f4 12 00 91 81 f9 77 - a0 99 f8 77 ff ff ff ff
........w...w....

State Dump for Thread Id 0x5c4

eax=00161000 ebx=00000000 ecx=00ecfbac edx=00000000 esi=00143ca0
edi=00000100
eip=77f839c7 esp=00ecfe28 ebp=00ecff74 iopl=0 nv up ei pl nz
na po nc
cs=001b ss=0023 ds=0023 es=0023 fs=0038 gs=0000
efl=00000206


function: NtReplyWaitReceivePortEx
77f839bc b8ac000000 mov eax,0xac
77f839c1 8d542404 lea edx,[esp+0x4]
ss:01949d0f=????????
77f839c5 cd2e int 2e
77f839c7 c21400 ret 0x14
77f839ca 8b4710 mov eax,[edi+0x10]
ds:00a79fe6=????????
77f839cd 8b483c mov ecx,[eax+0x3c]
ds:00bdaee6=????????
77f839d0 f6400801 test byte ptr [eax+0x8],0x1
ds:00bdaee6=??
77f839d4 7502 jnz
RtlCreateProcessParameters+0xd (77f83cd8)
77f839d6 03c8 add ecx,eax
77f839d8 894de4 mov [ebp+0xe4],ecx
ss:01949e5a=????????
77f839db 8b4710 mov eax,[edi+0x10]
ds:00a79fe6=????????
77f839de 668b4038 mov ax,[eax+0x38]
ds:00bdaee7=????
77f839e2 668945e0 mov [ebp+0xe0],ax
ss:01949e5b=????
77f839e6 668945e2 mov [ebp+0xe2],ax
ss:01949e5b=????
77f839ea 53 push ebx

*----> Stack Back Trace <----*

FramePtr ReturnAd Param#1 Param#2 Param#3 Param#4 Function Name
00ECFF74 77D56D5E 77D39AD0 00143CA0 4014379C 00000070
ntdll!NtReplyWaitReceivePortEx
00ECFFA8 77D41C6D 001412A8 00ECFFEC 7C4E987C 00142340
rpcrt4!TowerConstruct
00ECFFB4 7C4E987C 00142340 4014379C 00000070 00142340
rpcrt4!I_RpcServerInqTransportType
00ECFFEC 00000000 00000000 00000000 00000000 00000000
kernel32!SetThreadExecutionState

State Dump for Thread Id 0x5c8

eax=00148000 ebx=00000102 ecx=00fcfd44 edx=00000000 esi=77f89153
edi=00fcff74
eip=77f8915e esp=00fcff60 ebp=00fcff7c iopl=0 nv up ei pl nz
na po nc
cs=001b ss=0023 ds=0023 es=0023 fs=0038 gs=0000
efl=00000206


function: ZwDelayExecution
77f89153 b832000000 mov eax,0x32
77f89158 8d542404 lea edx,[esp+0x4]
ss:01a49e47=????????
77f8915c cd2e int 2e
77f8915e c20800 ret 0x8

*----> Stack Back Trace <----*

FramePtr ReturnAd Param#1 Param#2 Param#3 Param#4 Function Name
00FCFF7C 7C4FAC79 0000EA60 00000000 77AB862F 0000EA60
ntdll!ZwDelayExecution
00007530 00000000 00000000 00000000 00000000 00000000 kernel32!Sleep

State Dump for Thread Id 0x5d0

eax=77d32778 ebx=00000000 ecx=00140ce0 edx=00000000 esi=00143ca0
edi=00000100
eip=77f839c7 esp=010cfe28 ebp=010cff74 iopl=0 nv up ei pl nz
na pe nc
cs=001b ss=0023 ds=0023 es=0023 fs=0038 gs=0000
efl=00000202


function: NtReplyWaitReceivePortEx
77f839bc b8ac000000 mov eax,0xac
77f839c1 8d542404 lea edx,[esp+0x4]
ss:01b49d0f=????????
77f839c5 cd2e int 2e
77f839c7 c21400 ret 0x14
77f839ca 8b4710 mov eax,[edi+0x10]
ds:00a79fe6=????????
77f839cd 8b483c mov ecx,[eax+0x3c]
ds:787ac65e=????????
77f839d0 f6400801 test byte ptr [eax+0x8],0x1
ds:787ac65e=??
77f839d4 7502 jnz
RtlCreateProcessParameters+0xd (77f83cd8)
77f839d6 03c8 add ecx,eax
77f839d8 894de4 mov [ebp+0xe4],ecx
ss:01b49e5a=????????
77f839db 8b4710 mov eax,[edi+0x10]
ds:00a79fe6=????????
77f839de 668b4038 mov ax,[eax+0x38]
ds:787ac65f=????
77f839e2 668945e0 mov [ebp+0xe0],ax
ss:01b49e5b=????
77f839e6 668945e2 mov [ebp+0xe2],ax
ss:01b49e5b=????
77f839ea 53 push ebx

*----> Stack Back Trace <----*

FramePtr ReturnAd Param#1 Param#2 Param#3 Param#4 Function Name
010CFF74 77D56D5E 77D39AD0 00143CA0 00000000 00000000
ntdll!NtReplyWaitReceivePortEx
010CFFA8 77D41C6D 001412A8 010CFFEC 7C4E987C 00147528
rpcrt4!TowerConstruct
010CFFB4 7C4E987C 00147528 00000000 00000000 00147528
rpcrt4!I_RpcServerInqTransportType
010CFFEC 00000000 77D41C55 00147528 00000000 00905A4D
kernel32!SetThreadExecutionState

*----> Raw Stack Dump <----*
010cfe28 94 74 d5 77 58 01 00 00 - 54 ff 0c 01 00 00 00 00
..t.wX...T.......
010cfe38 10 65 15 00 58 ff 0c 01 - 30 12 14 00 00 75 14 00
..e..X...0....u..
010cfe48 34 91 f8 77 00 00 00 00 - 00 00 00 00 00 00 00 00
4..w............
010cfe58 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00
.................
010cfe68 02 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00
.................
010cfe78 00 00 00 00 00 00 00 00 - 00 00 00 00 2f 00 00 00
............./...
010cfe88 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00
.................
010cfe98 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00
.................
010cfea8 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00
.................
010cfeb8 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00
.................
010cfec8 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00
.................
010cfed8 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00
.................
010cfee8 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00
.................
010cfef8 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00
.................
010cff08 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00
.................
010cff18 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00
.................
010cff28 00 00 00 00 20 70 a9 84 - 40 f8 99 84 00 00 00 00 ....
p..@.......
010cff38 40 f8 99 84 d0 f9 99 84 - 64 1c f0 b6 41 df 42 80
@.......d...A.B.
010cff48 f2 de 42 80 d4 4b 06 80 - a0 f9 99 84 02 00 04 00
...B..K..........
010cff58 00 a2 2f 4d ff ff ff ff - 50 fe 0c 01 00 00 02 80
.../M....P.......

State Dump for Thread Id 0x534

eax=00000534 ebx=00000002 ecx=00000000 edx=00000000 esi=77f93233
edi=00000002
eip=77f9323e esp=013efefc ebp=013eff48 iopl=0 nv up ei pl zr
na po nc
cs=001b ss=0023 ds=0023 es=0023 fs=0038 gs=0000
efl=00000246


function: NtWaitForMultipleObjects
77f93233 b8e9000000 mov eax,0xe9
77f93238 8d542404 lea edx,[esp+0x4]
ss:01e69de3=????????
77f9323c cd2e int 2e
77f9323e c21400 ret 0x14

*----> Stack Back Trace <----*

FramePtr ReturnAd Param#1 Param#2 Param#3 Param#4 Function Name
013EFF48 64A01FD5 013EFF20 00000001 00000000 00000000
ntdll!NtWaitForMultipleObjects
77E158B4 0C7D8B57 452DC78B 0F000001 02CF7684 48E88300
!IamStopAlertThread
56EC8B55 00000000 00000000 00000000 00000000 00000000 <nosymbols>

State Dump for Thread Id 0x530

eax=00156000 ebx=00000003 ecx=014eed80 edx=00000000 esi=77f93233
edi=00000003
eip=77f9323e esp=014efd18 ebp=014efd64 iopl=0 nv up ei pl zr
na po nc
cs=001b ss=0023 ds=0023 es=0023 fs=0038 gs=0000
efl=00000246


function: NtWaitForMultipleObjects
77f93233 b8e9000000 mov eax,0xe9
77f93238 8d542404 lea edx,[esp+0x4]
ss:01f69bff=????????
77f9323c cd2e int 2e
77f9323e c21400 ret 0x14

*----> Stack Back Trace <----*

FramePtr ReturnAd Param#1 Param#2 Param#3 Param#4 Function Name
014EFD64 77E13990 014EFD3C 00000001 00000000 00000000
ntdll!NtWaitForMultipleObjects
014EFDC0 77E13A5C 014EFD8C 014EFE0C FFFFFFFF 000000FF
user32!MsgWaitForMultipleObjectsEx
014EFDDC 64A022D7 00000002 014EFE0C 00000000 FFFFFFFF
user32!MsgWaitForMultipleObjects
014EFFB4 7C4E987C 002F67F0 77F91C58 FFFFFFFF 002F67F0
!IamStopAlertThread
014EFFEC 00000000 78008532 002F67F0 00000000 00905A4D
kernel32!SetThreadExecutionState

*----> Raw Stack Dump <----*
014efd18 d7 bd 4e 7c 03 00 00 00 - 3c fd 4e 01 01 00 00 00
...N|....<.N.....
014efd28 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00
.................
014efd38 03 00 00 00 d8 01 00 00 - c4 01 00 00 10 02 00 00
.................
014efd48 07 00 00 00 00 00 00 00 - 00 00 00 00 80 fd 4e 01
...............N.
014efd58 00 00 00 00 00 00 00 00 - 88 c9 13 00 c0 fd 4e 01
...............N.
014efd68 90 39 e1 77 3c fd 4e 01 - 01 00 00 00 00 00 00 00
..9.w<.N.........
014efd78 00 00 00 00 00 00 00 00 - a8 a1 a1 64 3f 55 e1 77
............d?U.w
014efd88 f0 67 2f 00 d8 01 00 00 - c4 01 00 00 10 02 00 00
..g/.............
014efd98 07 00 00 00 00 00 00 00 - 01 00 00 00 84 fb 4e 01
...............N.
014efda8 b8 34 a0 6c a4 ff 4e 01 - 00 00 00 00 cc 96 fd 7f
..4.l..N.........
014efdb8 00 00 00 00 10 02 00 00 - dc fd 4e 01 5c 3a e1 77
...........N.\:.w
014efdc8 8c fd 4e 01 0c fe 4e 01 - ff ff ff ff ff 00 00 00
...N...N.........
014efdd8 00 00 00 00 b4 ff 4e 01 - d7 22 a0 64 02 00 00 00
.......N..".d....
014efde8 0c fe 4e 01 00 00 00 00 - ff ff ff ff ff 00 00 00
...N.............
014efdf8 f0 67 2f 00 58 1c f9 77 - f0 67 2f 00 cc 40 15 00
..g/.X..w.g/..@..
014efe08 64 4b 15 00 d8 01 00 00 - c4 01 00 00 00 07 00 00
dK..............
014efe18 4c d1 44 80 3a 9e 01 00 - 70 25 10 86 3a 9e 01 00
L.D.:...p%..:...
014efe28 70 25 10 86 01 b2 fd 7f - 61 04 00 00 f1 da 44 80
p%......a.....D.
014efe38 61 04 00 00 90 ca a8 84 - 00 b0 fd 7f fc 07 30 c0
a.............0.
014efe48 00 00 00 00 00 00 00 00 - 61 04 00 00 74 8b 5f b7
.........a...t._.

State Dump for Thread Id 0x5e8

eax=77d41c55 ebx=80020000 ecx=77f98191 edx=00000000 esi=00143ca0
edi=00000100
eip=77f839c7 esp=018afe28 ebp=018aff74 iopl=0 nv up ei pl nz
na pe nc
cs=001b ss=0023 ds=0023 es=0023 fs=0038 gs=0000
efl=00000202


function: NtReplyWaitReceivePortEx
77f839bc b8ac000000 mov eax,0xac
77f839c1 8d542404 lea edx,[esp+0x4]
ss:02329d0f=????????
77f839c5 cd2e int 2e
77f839c7 c21400 ret 0x14
77f839ca 8b4710 mov eax,[edi+0x10]
ds:00a79fe6=????????
77f839cd 8b483c mov ecx,[eax+0x3c]
ds:787bbb3b=????????
77f839d0 f6400801 test byte ptr [eax+0x8],0x1
ds:787bbb3b=??
77f839d4 7502 jnz
RtlCreateProcessParameters+0xd (77f83cd8)
77f839d6 03c8 add ecx,eax
77f839d8 894de4 mov [ebp+0xe4],ecx
ss:02329e5a=????????
77f839db 8b4710 mov eax,[edi+0x10]
ds:00a79fe6=????????
77f839de 668b4038 mov ax,[eax+0x38]
ds:787bbb3c=????
77f839e2 668945e0 mov [ebp+0xe0],ax
ss:02329e5b=????
77f839e6 668945e2 mov [ebp+0xe2],ax
ss:02329e5b=????
77f839ea 53 push ebx

*----> Stack Back Trace <----*

FramePtr ReturnAd Param#1 Param#2 Param#3 Param#4 Function Name
018AFF74 77D56D5E 77D39A00 00143CA0 00153D88 00ECFA74
ntdll!NtReplyWaitReceivePortEx
018AFFA8 77D41C6D 0015CA38 018AFFEC 7C4E987C 0015BBD0
rpcrt4!TowerConstruct
018AFFB4 7C4E987C 0015BBD0 00153D88 00ECFA74 0015BBD0
rpcrt4!I_RpcServerInqTransportType
018AFFEC 00000000 00000000 00000000 00000000 00000000
kernel32!SetThreadExecutionState

Thanks, any help or hints are appreciated.
 
Back
Top