Jump to content

Malwarebytes wont start on Windows Server


Ideaz

Recommended Posts

Please analyze this log file: I think there is something wrong with the 010 - Unknown file... I have already ran Spybot and it didn't fix the problem.

___________

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 9:59:34 PM, on 9/10/2011

Platform: Windows 2003 SP2 (WinNT 5.02.3790)

MSIE: Internet Explorer v7.00 (7.00.6000.17093)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

C:\Program Files\Alwil Software\Avast4\aswServ.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\ServerAppliance\appmgr.exe

C:\CFusionMX\runtime\bin\jrunsvc.exe

C:\CFusionMX\db\slserver52\bin\swagent.exe

C:\CFusionMX\db\slserver52\bin\swstrtr.exe

C:\CFusionMX\db\slserver52\bin\swsoc.exe

C:\CFusionMX\runtime\bin\jrun.exe

C:\WINDOWS\System32\dns.exe

C:\WINDOWS\system32\ServerAppliance\elementmgr.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\inetsrv\inetinfo.exe

C:\Program Files\SmarterTools\SmarterMail\Service\MailService.exe

C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe

D:\MySQL_Server\bin\mysqld-nt.exe

C:\Program Files\SmarterTools\SmarterMail\Web Server\SMWebSvr.exe

C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

C:\WINDOWS\system32\ServerAppliance\srvcsurg.exe

C:\Program Files\SmarterTools\SmarterStats\Service\SSSvc.exe

C:\Program Files\SmarterTools\SmarterStats\Web Server\SSWebSvr.exe

C:\WINDOWS\System32\tssdis.exe

C:\Program Files\WinRoute Pro\winroute.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\dllhost.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\rdpclip.exe

C:\WINDOWS\Explorer.EXE

C:\PROGRA~1\ALWILS~1\Avast4\aswDisp.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Documents and Settings\kevin.IDEAZWEB1.000\Application Data\Dropbox\bin\Dropbox.exe

D:\MySQL_Server\bin\winmysqladmin.exe

c:\windows\system32\inetsrv\w3wp.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\Macromedia\Dreamweaver MX\Dreamweaver.exe

C:\Program Files\Microsoft SQL Server\MSSQL$HELM\Binn\sqlservr.exe

C:\WINDOWS\system32\NOTEPAD.EXE

C:\Program Files\Spybot - Search & Destroy\SDUpdate.exe

C:\WINDOWS\system32\mmc.exe

C:\WINDOWS\system32\taskmgr.exe

D:\Program Files\HIJackThis\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005

O1 - Hosts: 216.194.67.170 IDEAZWEB1

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll

O4 - HKLM\..\Run: [Ptipbmf] rundll32.exe ptipbmf.dll,SetWriteCacheMode

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\aswDisp.exe

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')

O4 - Startup: Dropbox.lnk = C:\Documents and Settings\kevin.IDEAZWEB1.000\Application Data\Dropbox\bin\Dropbox.exe

O4 - Startup: WinMySQLadmin.lnk = D:\MySQL_Server\bin\winmysqladmin.exe

O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe

O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll

O15 - ProtocolDefaults: '@ivt' protocol is in My Computer Zone, should be Intranet Zone

O15 - ProtocolDefaults: 'file' protocol is in My Computer Zone, should be Internet Zone

O15 - ProtocolDefaults: 'ftp' protocol is in My Computer Zone, should be Internet Zone

O15 - ProtocolDefaults: 'http' protocol is in My Computer Zone, should be Internet Zone

O15 - ProtocolDefaults: 'https' protocol is in My Computer Zone, should be Internet Zone

O17 - HKLM\System\CCS\Services\Tcpip\..\{44487FD7-BE95-41A1-87A3-0DA5B2A2CFF9}: NameServer = 216.234.161.25,216.194.64.160

O17 - HKLM\System\CCS\Services\Tcpip\..\{44E2A868-9218-44EA-A4F3-146D9AC94773}: NameServer = 127.0.0.1

O17 - HKLM\System\CCS\Services\Tcpip\..\{B0425816-9329-4CEF-94F6-8CEA86D32E45}: NameServer = 127.0.0.1

O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswServ.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswMaiSv.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswWebSv.exe

O23 - Service: ColdFusion MX Application Server - Macromedia Inc. - C:\CFusionMX\runtime\bin\jrunsvc.exe

O23 - Service: ColdFusion MX ODBC Agent - Unknown owner - C:\CFusionMX\db\slserver52\bin\swagent.exe

O23 - Service: ColdFusion MX ODBC Server - Unknown owner - C:\CFusionMX\db\slserver52\bin\swstrtr.exe

O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: SmarterMail Service (MailService) - - C:\Program Files\SmarterTools\SmarterMail\Service\MailService.exe

O23 - Service: MySql - Unknown owner - D:/MySQL_Server/bin/mysqld-nt.exe

O23 - Service: SmarterMail Web Server (SMWebSvr) - SmarterTools Inc - C:\Program Files\SmarterTools\SmarterMail\Web Server\SMWebSvr.exe

O23 - Service: SmarterStats Service (SSCollect) - SmarterTools Inc. - C:\Program Files\SmarterTools\SmarterStats\Service\SSSvc.exe

O23 - Service: SmarterStats Web Server (SSWebSvr) - SmarterTools Inc - C:\Program Files\SmarterTools\SmarterStats\Web Server\SSWebSvr.exe

O23 - Service: WinRoute Pro 4.2 (WinRoute) - Unknown owner - C:\Program Files\WinRoute Pro\winroute.exe

--

End of file - 6499 bytes

Link to post
Share on other sites

  • 4 weeks later...
  • Staff

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.