• Global community
    • Language:
      • Deutsch
      • English
      • Español
      • Français
      • Português
  • 日本語コミュニティ
    Dedicated community for Japanese speakers
  • 한국 커뮤니티
    Dedicated community for Korean speakers
Exit
0

ColdFusion won't run after cleaning up a malware infection.

New Here ,
Jul 09, 2015 Jul 09, 2015

Copy link to clipboard

Copied

I got a nasty package of malware delivered to my personal/development workstation over the weekend.  I used both HouseCall and Kapersky tools to clean it up.  I think I got it all.  But when I went to work in my coldfusion code, I found that the service would not start.

I reinstalled it, but now it starts yet I get a 503 error: Service not available when I try to open administrator to finish the install.

Please help.  One of things I noticed was the malware had attacked the jre's.

Views

277

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Engaged ,
Jul 09, 2015 Jul 09, 2015

Copy link to clipboard

Copied

Have you considered a fresh install of CF?  I'd be worried after a virus to start patching bits and pieces and would want to know that everything is 100%.  That being said, what do you see in the application logs when it starts up?

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
New Here ,
Jul 09, 2015 Jul 09, 2015

Copy link to clipboard

Copied

Yes I tried a complete uninstall and deleted the cf directory since it was still there. Then did a complete reinstall from scratch. The problem appears when the installer finishes and I go to launch the configuration (CF administrator).

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Advocate ,
Jul 10, 2015 Jul 10, 2015

Copy link to clipboard

Copied

Running this on IIS or Apache?

Have you run the web site configurator after installing CF?

What ever malware you had could have done a number on the web server you are using making things difficult.

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
New Here ,
Jul 10, 2015 Jul 10, 2015

Copy link to clipboard

Copied

I am using IIS 7.0 and yes I ran the configurator.

W. Nathan Manning III

Chief Technologist, Director of IT

Application and Database Architect

Aortic Solutions PC

555 Executive Drive NW, Suite 73

Huntsville, AL 35816

1+(256)479-0278(mobile)

Skype ID: nathe37216

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Advocate ,
Jul 10, 2015 Jul 10, 2015

Copy link to clipboard

Copied

What are the coldfusion logs saying?

Did you install the same version of CF when reinstalling?

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
New Here ,
Jul 10, 2015 Jul 10, 2015

Copy link to clipboard

Copied

I didn't see anything unusual in the logs, but I am not keen on what to look for.  I've was working with CF 10, but I have tried reinstalling it, removed it and installed CF11.  No changes.

I am presently in the process of uninstalling and reinstalling IIS.  Will update.

Also, overnight I ran Kapersky Labs Virus Removal Tool.  More things were found and eliminated.

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
New Here ,
Jul 10, 2015 Jul 10, 2015

Copy link to clipboard

Copied

An update:

I ran Kapersky and found more crap and disinfected. No joy.  Uninstalled both IIS and CF, reinstalled IIS, the CF, and the configuration ran, but on the built-in server.  Ran Webserver configuration and it doesn't recognize that IIS is even there. Doesn't enumerate the websites.

I am thinking that my Windows 7 Ulitimate SP1 Workstation is subtlely and permanently hosed somehow.

But if anybody has seen this before and has any ideas, please let me know.  My Windows 10 update is weeks away.

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Engaged ,
Jul 21, 2015 Jul 21, 2015

Copy link to clipboard

Copied

LATEST

With so many OS level problems going on, it really makes sense to restore Windows to a prior snapshot, or reinstall.  Piecemeal patching is going to cost you more time in the long run.

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Resources
Documentation