Solved

Microsoft.com not loading Hijackthis log

Posted on 2009-04-11
6
296 Views
Last Modified: 2013-12-06
microsoft.com and nexislexis.com stopped loading from sbs2003 and clients. any clues from this hijackthis log?
hijackthis-log-041109.txt
0
Comment
Question by:bryanatabc
  • 3
  • 3
6 Comments
 
LVL 15

Assisted Solution

by:greyknight17
greyknight17 earned 500 total points
ID: 24127200
I don't see anything in the log that indicates any malware. Did you check your hosts file to make sure they are not restricted?

Let's see if the following two scans will find anything:

Download Malwarebytes ' Anti-Malware at http://www.besttechie.net/tools/mbam-setup.exe or http://www.majorgeeks.com/Malwarebytes_Anti-Malware_d5756.html Double-click on mbam-setup.exe to install the application.

* Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform Full Scan, then click Scan.
* The scan may take some time to finish, so please be patient.
* When the scan is complete, click OK, then Show Results to view the results.
* Make sure that everything is checked, and click Remove Selected.
* When disinfection is completed, a log will open in Notepad and you may be prompted to restart (see Extra Note below).
* The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
* Copy & paste the entire report into your next reply.

Extra Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts. Click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.

Go to http://www.bleepingcomputer.com/combofix/how-to-use-combofix and follow the instructions on how to install the Recovery Console and run ComboFix. Go through all the steps until posting the log part. Post the combofix log here.
0
 

Author Comment

by:bryanatabc
ID: 24127859
have run MBAB, attached is summary from 4 scans. Have run full scans from trendmicro worry free, microsoft malicious software remover, and malwarebytes, working on trying combofix, but am a little concerned with it since this is a working small business server 2003 in a single server office. I may have to take more time and pin everything I can down and make an image of the drives besides the normal backups. Thanks in advance for the help
Summary-4-mbam-scans.txt
0
 
LVL 15

Expert Comment

by:greyknight17
ID: 24129610
No problem. Are you only have issues accessing those two sites in particular? Any other sites giving you problems?

Do you get a page can not be displayed error? Try to ping those two sites from the command prompt and see if you get a response back. If you do, try accessing them through their IP address to see if you can get the page displayed.
0
Zoho SalesIQ

Hassle-free live chat software re-imagined for business growth. 2 users, always free.

 

Author Comment

by:bryanatabc
ID: 24129784
So far, just the two sites are blocked. When you try to open them, the browser gets stuck "waiting for..."
Combo fix would not run, incompatible with OS windows small business server 2003. I have tried typing the address found for both sites from my own system into the browser and get the same results. I have tried firefox with the same result. The system is configured as a two nic server, one connected to an Actiontec DSL router, and the other to a hub for the Lan. If i plug a laptop into the hub, I have no trouble getting to the sites from the laptop. Pinging lexisnexis.com gets a reply from 138.12.4.174
Pinging msn or microsoft.com times out, but they also time out from my system so they most likley do not respond to pings. Thank again for the help. Any ideas would be appreciated.
0
 
LVL 15

Expert Comment

by:greyknight17
ID: 24133000
Can you access the site using the IP address 138.12.4.174?
0
 

Accepted Solution

by:
bryanatabc earned 0 total points
ID: 24133201
Problem solved. ISP made improvments to their network. After changing the dsl modem from PPPoE to PPPoa, everything workslike a charm, and a lot faster. Thank you much greyknight17 for the assistance.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

PREFACE The purpose of this guide is to explain what the SEPC Status Utility is and how it works. I have written the utility using AutoIt and have included the source code for your review. You are welcome to modify the code to your liking, but I wi…
The purpose of this Article is to provide information for a newly released variant of malware – with the assumption that many EE Members will have need of the information. According to “Computerworld”, well over one million web sites have been co…
This video demonstrates how to create an example email signature rule for a department in a company using CodeTwo Exchange Rules. The signature will be inserted beneath users' latest emails in conversations and will be displayed in users' Sent Items…
A simple description of email encryption using a secure portal service. This is one of the choices offered by The Email Laundry for email encryption. The other choices are pdf encryption which creates an encrypted pdf of your email and any attachmen…

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now