ASP 500 Error and Error Code 0x800700aa when browsing a simple .asp page

I recently helped a customer with an issue where ASP pages would not execute and returned the following error page:

HTTP Error 500.0 - Internal Server Error

If you check the Detailed Error page you will see the following additional information (NOTE: Steps to enable and use Detailed Errors can be found HERE):

Detailed Error Information
Module IsapiModule
Notification ExecuteRequestHandler
Handler ASPClassic
Error Code 0x800700aa
Requested URL https://localhost:80/Test_site/Default.asp
Physical Path C:\inetpub\wwwroot\Test_site\Default.asp
Logon Method Anonymous
Logon User Anonymous

Creating a Test Page

First we will create a simple  ASP page to test with. This will eliminate the possibility that an application problem is causing the error. These steps assume that IIS is in the default configuration with  the Default Web Site and content in C:\inetpub\wwwroot.

A) Create a text file with the  following text and save this as  c:\inetpub\wwwroot\Test.ASP
    <%Response.Write(“Hello”)%>

B) If there is a Global.ASA file located in C:\inetpub\wwwroot  rename this  temporarily for testing (i.e. Global.asa.txt)

C) Test the page https://localhost/test.asp

If the error does not occur with the Test page then the resolution below will not apply.

Troubleshooting

To troubleshoot this we used Process Monitor to gather a log when attempting to execute an ASP page. When we got the error, we stopped the Process Monitor log then searched ( Edit > Find)  for  w3wp.exe. We right-clicked on this and selected “Include w3wp.exe” ,which filtered the log. So now we were filtered down to only items relating to IIS’s worker process.

The next step required a little knowledge of the internals of ASP to recognize something was odd about what was being called, but since we know the answer we can just jump to what we found. 

In the process of executing the page we found the following call to a McAfee component used for scanning VB Script code.

12:31:49.0797868 PM    w3wp.exe    8264    CreateFile    C:\Program Files\McAfee\VirusScan\scriptsn.dll    PATH NOT FOUND 

But in our customer’s case McAfee was not installed, which explains the PATH NOT FOUND error. However it then begged the question, why is access to a non-installed component being attempted?  The answer is in this Registry entry. The CLSID below would normally be pointing to VBScript.dll which is used to execute the ASP code.

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B54F3741-5B07-11cf-A4B0-00AA004A55E8}\InprocServer32
    (Default)    REG_SZ    C:\Program Files\McAfee\VirusScan\scriptsn.dll

McAfee adds this as part of there ScriptScan feature  to intercept the script calls before they are executed.

Resolution

As you may have already concluded this registry key was left behind from a previous McAffee installation and should have been removed.

A)  If McAfee is not installed on your system then you need to revert the registry setting to point back to Vbscript.dll.

Note: These steps 1-10 were required on Windows 7 to allow you to edit the registry. This may not be required on Windows 2003.

1. Open Registry Editor
2. Navigate to :   HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B54F3741-5B07-11cf-A4B0-00AA004A55E8}
3. Right Click and Select Permissions
4. Click Advanced
5. Click on the owner Tab
6. In the "Change owner to "  Administrators
7. Click Apply can click OK
8. The Select Administrators in the list of accounts under " Groups or User names"
9. Click the "FULL Control"
10. Click Apply and OK
11.   Create a text file with the following text and save it as VbScript.Reg. (NOTE: Information on how to modify the Registry with .REG files can be found here HERE)

Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B54F3741-5B07-11cf-A4B0-00AA004A55E8}]
@="VB Script Language"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B54F3741-5B07-11cf-A4B0-00AA004A55E8}\Implemented Categories]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B54F3741-5B07-11cf-A4B0-00AA004A55E8}\Implemented Categories\{F0B7A1A1-9847-11CF-8F20-00805F2CD064}]
@=hex(0):
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B54F3741-5B07-11cf-A4B0-00AA004A55E8}\Implemented Categories\{F0B7A1A2-9847-11CF-8F20-00805F2CD064}]
@=hex(0):
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B54F3741-5B07-11cf-A4B0-00AA004A55E8}\InprocServer32]
@="C:\\Windows\\system32\\vbscript.dll"
"ThreadingModel"="Both"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B54F3741-5B07-11cf-A4B0-00AA004A55E8}\OLEScript]
@=hex(0):
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B54F3741-5B07-11cf-A4B0-00AA004A55E8}\ProgID]
@="VBScript"

12. Double click the registry file vbscript.reg . The message should state that the keys were added to the registry.  

13. Now when you check  HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B54F3741-5B07-11cf-A4B0-00AA004A55E8}  the Inproc server should point to vbscript.dll

B) If MacAfee is installed on your system and in the Process Monitor Log you see “ACCESS DENIED” for this scriptsn.dll you can resolve the issue by giving the account that is failing read/execute permissions to scriptsn.dll. This will be the Process identity of the worker process (w3wp.exe). 

If you are not sure how to identify the identity, Dave's Blog has a good overview of this for all versions of IIS along with reference links.

If you need help disabling this feature in McAfee you can contact McAfee Support

Comments

  • Anonymous
    November 17, 2010
    I had a very similar problem with Vista 64bits.When running a Test.asp page the error code was 0x80070002. In the registry the InprocServer32 was set to "C:WindowsSysWow64vbscript.dll", i changed it to "C:Windows\system32vbscript.dll", and it did solve the problem. Thank you  Richma for your post.

  • Anonymous
    July 07, 2011
    I had this problem, but to fix it completely I also had to make the same changes in HKEY_LOCAL_MACHINESOFTWAREWow6432NodeClassesCLSID{B54F3741-5B07-11cf-A4B0-00AA004A55E8}

  • Anonymous
    April 02, 2012
    You can apply to Windows Server 2008: Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINESOFTWAREWow6432NodeClassesCLSID{B54F3741-5B07-11cf-A4B0-00AA004A55E8}InprocServer32] @="C:\Windows\system32\vbscript.dll" "ThreadingModel"="Both"

  • Anonymous
    August 13, 2012
    Thanks everyone, just changing one registry to C:Windows\system32vbscript.dll solved my issue. previously it was set to HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{B54F3741-5B07-11cf-A4B0-00AA004A55E8}InprocServer32] @="C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20110523113110.dll"

  • Anonymous
    October 02, 2012
    thanks a lot for the help and by registering following dll s has solved the issue: regsvr32   c:winntsystem32oleaut32.dll regsvr32   c:winntsystem32inetsrvasp.dll regsvr32   C:Windowssystem32vbscript.dll

  • Anonymous
    February 04, 2013
    THANK YOU for this extremely well written solution to a very vexing problem.  Wow, I had just unistalled MacAfee, and sure enough, that lead to Classic ASP to fail.  THanks again.

  • Anonymous
    November 27, 2014
    Thank you so much. Looking for a solution to this problem about 3 days from Russia.Syktyvkar

  • Anonymous
    December 16, 2014
    Thanks a lot ,follow your step ,I fixed my problem .

  • Anonymous
    May 21, 2015
    I was called at 3am this morning for the same issue after a server reboot.  We do use Mcafee, but I found that the registry key was pointing to a non-existent scriptsn.dll.  Changing the registry key to vbscript.dll did not fix (re-registering may have fixed).  In the end, uninstalling and reinstalling Mcafee resolved my issue.