Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 321
  • Last Modified:

Microsoft.com not loading Hijackthis log

microsoft.com and nexislexis.com stopped loading from sbs2003 and clients. any clues from this hijackthis log?
hijackthis-log-041109.txt
0
bryanatabc
Asked:
bryanatabc
  • 3
  • 3
2 Solutions
 
greyknight17Commented:
I don't see anything in the log that indicates any malware. Did you check your hosts file to make sure they are not restricted?

Let's see if the following two scans will find anything:

Download Malwarebytes ' Anti-Malware at http://www.besttechie.net/tools/mbam-setup.exe or http://www.majorgeeks.com/Malwarebytes_Anti-Malware_d5756.html Double-click on mbam-setup.exe to install the application.

* Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform Full Scan, then click Scan.
* The scan may take some time to finish, so please be patient.
* When the scan is complete, click OK, then Show Results to view the results.
* Make sure that everything is checked, and click Remove Selected.
* When disinfection is completed, a log will open in Notepad and you may be prompted to restart (see Extra Note below).
* The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
* Copy & paste the entire report into your next reply.

Extra Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts. Click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.

Go to http://www.bleepingcomputer.com/combofix/how-to-use-combofix and follow the instructions on how to install the Recovery Console and run ComboFix. Go through all the steps until posting the log part. Post the combofix log here.
0
 
bryanatabcAuthor Commented:
have run MBAB, attached is summary from 4 scans. Have run full scans from trendmicro worry free, microsoft malicious software remover, and malwarebytes, working on trying combofix, but am a little concerned with it since this is a working small business server 2003 in a single server office. I may have to take more time and pin everything I can down and make an image of the drives besides the normal backups. Thanks in advance for the help
Summary-4-mbam-scans.txt
0
 
greyknight17Commented:
No problem. Are you only have issues accessing those two sites in particular? Any other sites giving you problems?

Do you get a page can not be displayed error? Try to ping those two sites from the command prompt and see if you get a response back. If you do, try accessing them through their IP address to see if you can get the page displayed.
0
Automating Your MSP Business

The road to profitability.
Delivering superior services is key to ensuring customer satisfaction and the consequent long-term relationships that enable MSPs to lock in predictable, recurring revenue. What's the best way to deliver superior service? One word: automation.

 
bryanatabcAuthor Commented:
So far, just the two sites are blocked. When you try to open them, the browser gets stuck "waiting for..."
Combo fix would not run, incompatible with OS windows small business server 2003. I have tried typing the address found for both sites from my own system into the browser and get the same results. I have tried firefox with the same result. The system is configured as a two nic server, one connected to an Actiontec DSL router, and the other to a hub for the Lan. If i plug a laptop into the hub, I have no trouble getting to the sites from the laptop. Pinging lexisnexis.com gets a reply from 138.12.4.174
Pinging msn or microsoft.com times out, but they also time out from my system so they most likley do not respond to pings. Thank again for the help. Any ideas would be appreciated.
0
 
greyknight17Commented:
Can you access the site using the IP address 138.12.4.174?
0
 
bryanatabcAuthor Commented:
Problem solved. ISP made improvments to their network. After changing the dsl modem from PPPoE to PPPoa, everything workslike a charm, and a lot faster. Thank you much greyknight17 for the assistance.
0

Featured Post

Who's Defending Your Organization from Threats?

Protecting against advanced threats requires an IT dream team – a well-oiled machine of people and solutions working together to defend your organization. Download our resource kit today to learn more about the tools you need to build you IT Dream Team!

  • 3
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now