Solved

Microsoft.com not loading Hijackthis log

Posted on 2009-04-11
6
311 Views
Last Modified: 2013-12-06
microsoft.com and nexislexis.com stopped loading from sbs2003 and clients. any clues from this hijackthis log?
hijackthis-log-041109.txt
0
Comment
Question by:bryanatabc
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
6 Comments
 
LVL 15

Assisted Solution

by:greyknight17
greyknight17 earned 500 total points
ID: 24127200
I don't see anything in the log that indicates any malware. Did you check your hosts file to make sure they are not restricted?

Let's see if the following two scans will find anything:

Download Malwarebytes ' Anti-Malware at http://www.besttechie.net/tools/mbam-setup.exe or http://www.majorgeeks.com/Malwarebytes_Anti-Malware_d5756.html Double-click on mbam-setup.exe to install the application.

* Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform Full Scan, then click Scan.
* The scan may take some time to finish, so please be patient.
* When the scan is complete, click OK, then Show Results to view the results.
* Make sure that everything is checked, and click Remove Selected.
* When disinfection is completed, a log will open in Notepad and you may be prompted to restart (see Extra Note below).
* The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
* Copy & paste the entire report into your next reply.

Extra Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts. Click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.

Go to http://www.bleepingcomputer.com/combofix/how-to-use-combofix and follow the instructions on how to install the Recovery Console and run ComboFix. Go through all the steps until posting the log part. Post the combofix log here.
0
 

Author Comment

by:bryanatabc
ID: 24127859
have run MBAB, attached is summary from 4 scans. Have run full scans from trendmicro worry free, microsoft malicious software remover, and malwarebytes, working on trying combofix, but am a little concerned with it since this is a working small business server 2003 in a single server office. I may have to take more time and pin everything I can down and make an image of the drives besides the normal backups. Thanks in advance for the help
Summary-4-mbam-scans.txt
0
 
LVL 15

Expert Comment

by:greyknight17
ID: 24129610
No problem. Are you only have issues accessing those two sites in particular? Any other sites giving you problems?

Do you get a page can not be displayed error? Try to ping those two sites from the command prompt and see if you get a response back. If you do, try accessing them through their IP address to see if you can get the page displayed.
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 

Author Comment

by:bryanatabc
ID: 24129784
So far, just the two sites are blocked. When you try to open them, the browser gets stuck "waiting for..."
Combo fix would not run, incompatible with OS windows small business server 2003. I have tried typing the address found for both sites from my own system into the browser and get the same results. I have tried firefox with the same result. The system is configured as a two nic server, one connected to an Actiontec DSL router, and the other to a hub for the Lan. If i plug a laptop into the hub, I have no trouble getting to the sites from the laptop. Pinging lexisnexis.com gets a reply from 138.12.4.174
Pinging msn or microsoft.com times out, but they also time out from my system so they most likley do not respond to pings. Thank again for the help. Any ideas would be appreciated.
0
 
LVL 15

Expert Comment

by:greyknight17
ID: 24133000
Can you access the site using the IP address 138.12.4.174?
0
 

Accepted Solution

by:
bryanatabc earned 0 total points
ID: 24133201
Problem solved. ISP made improvments to their network. After changing the dsl modem from PPPoE to PPPoa, everything workslike a charm, and a lot faster. Thank you much greyknight17 for the assistance.
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you are a user of the discontinued Microsoft Office Accounting 2008 (MSOA) and have to move to a new computer running Windows 8, you will be unhappy to discover that it won't install.  In particular, Microsoft SQL Server 2005 Express Edition (SSE…
If you thought ransomware was bad, think again! Doxware has the potential to be even more damaging.
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

630 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question