Unable to connect either remote or Console profiler to a w3wp.exe IIS worker process

Hello,

 

I would appreciate advice as I am unable to connect the dottrace profiler to an IIS worker process:

C:\JetBrains>ConsoleProfiler.exe attach 7704
dotTrace Console Profiler 2019.1 build 777.0.20190423.74250. Copyright (C) 2019 JetBrains s.r.o.
Profiling in progress...
Unable to start profiling. Profiler is unable to attach to the process: Please ensure the process is not run under another profiler, performance monitoring tool, mocking tool, or try to reboot the computer.

The machine is a VM running in Azure, but I've also tried a VM running in our local infrastructure and the problem was the same.

We have a .net 4.5.2 application that deploys into IIS so I need to connect to the w3wp.exe worker process. Doesn't appear to be permissions based, I am admin on the box, launched the cmd prompt as admin etc.

I have tried the various suggestions I have read in other posts, including rebooting all machines, and removing a monitoring process. I have also updated dottrace from 2018 to 2019.1 and I can't see any other process that is causing the error.

If I try to connect to another .net application - outside of IIS - then it works correctly. But the w3wp.exe process connection never works.

Is there a way to find out what other tool is stopping the profiler from connecting to the process?

Any suggestions would be appreciated...

 

Thanks,

 

Kevin

3 comments
Comment actions Permalink

Kevin,

 

Sorry for the delay with the answer.

Unfortunately no, there is no easy way to find out what application is preventing dotTrace from attaching. It must be some performance or stability monitoring tool.

You can try to manually find suspicious dlls (which can be related to some monitoring tool) loaded into the w3wp process.
To do this, please:
- install Process Explorer tool from Microsoft site (https://docs.microsoft.com/en-us/sysinternals/downloads/process-explorer ),
- run it under an account with administrative rights,
- set focus to the corresponding process in Process Explorer,
- press Ctrl+L (or enable Show Lower Panel option in View menu), then press Ctrl+D for enabling DLLs view.

You can press Ctrl+A to save information about the process to a file and then send this file to us ("Submit a Request" button in the upper right corner), we'll try to help you.

0
Comment actions Permalink

Thanks the ProcessExplorer hint was useful.

 

I found the following suspicious looking DLLs:
Messages64.dll Messages Microsoft Corp. C:\Program Files\Microsoft Monitoring Agent\Agent\APMDOTNETAgent\V8.0.10918.0\Messages64.dll
PerfMon64.dll PerfMon64 Microsoft Corp. C:\Program Files\Microsoft Monitoring Agent\Agent\APMDOTNETAgent\V8.0.10918.0\PerfMon64.dll
StubProfiler64.dll StubProfiler64 Microsoft Corp. C:\Program Files\Microsoft Monitoring Agent\Agent\APMDOTNETAgent\V8.0.10918.0\StubProfiler64.dll
Microsoft.ApplicationInsights.Extensions.Base_x64.dll Microsoft Corp. C:\Program Files\Microsoft Monitoring Agent\Agent\APMDOTNETAgent\V8.0.10918.0\x64\Microsoft.ApplicationInsights.Extensions.Base_x64.dll
Microsoft.ApplicationInsights.ExtensionsHost_x64.dll Microsoft Corp. C:\Program Files\Microsoft Monitoring Agent\Agent\APMDOTNETAgent\V8.0.10918.0\x64\Microsoft.ApplicationInsights.ExtensionsHost_x64.dll
MicrosoftInstrumentationEngine_x64.dll Microsoft Instrumentation Engine Microsoft Corporation C:\Program Files\Microsoft Monitoring Agent\Agent\APMDOTNETAgent\V8.0.10918.0\x64\MicrosoftInstrumentationEngine_x64.dll
AntiXssLibrary.dll AntiXss Library Microsoft Corporation C:\Windows\assembly\GAC_MSIL\AntiXssLibrary\7.0.5000.0__31bf3856ad364e35\AntiXssLibrary.dll
Microsoft.EnterpriseManagement.OperationsManager.Apm.Instrumentation.dll Microsoft Corporation C:\Windows\assembly\GAC_MSIL\Microsoft.EnterpriseManagement.OperationsManager.Apm.Instrumentation\7.0.5000.0__31bf3856ad364e35\Microsoft.EnterpriseManagement.OperationsManager.Apm.Instrumentation.dll
Microsoft.EnterpriseManagement.OperationsManager.Apm.InstrumentationUtils.dll Microsoft Corporation C:\Windows\assembly\GAC_MSIL\Microsoft.EnterpriseManagement.OperationsManager.Apm.InstrumentationUtils\7.0.5000.0__31bf3856ad364e35\Microsoft.EnterpriseManagement.OperationsManager.Apm.InstrumentationUtils.dll

 

So after some discussion it was clear that additional monitoring (SCOM MS APM package) had been added to the VMs since I last used them. We found a way to disable it with the following:

`msiexec.exe /fvomus "\\server\share\agents\scom2016\x64\MOMagent.msi" NOAPM=1`
triggers a repair of the SCOM/OMS agent, and uninstalls the APM components.

 

Hopefully this is useful to others in the future!

1
Comment actions Permalink

Kevin,

 

Thank you, indeed this information will be very useful.

0

Please sign in to leave a comment.