How I lost 90 minutes of my life last night - Windows 2016 server

Posts: 2450
Joined: Tue Jan 13, 2015 10:58 am
Location: Tampa, FL

Post by Jaymer »

you know each month there are win updates that the system nags you about.
so i had to install updates. let them download for 5-10 mins then restarted.

but Aware wouldn't start.
kept saying a port was in use. "tomcat must already be running" and would quit the CP

I ran 'currports' and sure enough, something was on port 80
but wasn't anything from me. all i did was install updates.

what the hell was on 80.
it showed it "in use" by process 4-System

I'm looking in services for "W3 service" (or similar) - its not called that anymore.

Eventually (like 1 hour) I run Server Manager and notice there is an IIS box. I don't run IIS. How the hell did that get there.
I checked currports again and I have a ton of connections from 1.255.x.x - after looking that up, nothing makes you gulp at midnight like a bunch of unknown connections coming from S. Korea.
First thing I did was block then on the nifty Upcloud firewall. Gone, Bastards!

Then started removing IIS crap and making sure that couldn't restart.
Gone were the processes on Port 80 and I rebooted for good measure and Aware starts up first time like it should have.

What a PITA!
