Solved

Microsoft.com not loading Hijackthis log

Posted on 2009-04-11
6
303 Views
Last Modified: 2013-12-06
microsoft.com and nexislexis.com stopped loading from sbs2003 and clients. any clues from this hijackthis log?
hijackthis-log-041109.txt
0
Comment
Question by:bryanatabc
  • 3
  • 3
6 Comments
 
LVL 15

Assisted Solution

by:greyknight17
greyknight17 earned 500 total points
ID: 24127200
I don't see anything in the log that indicates any malware. Did you check your hosts file to make sure they are not restricted?

Let's see if the following two scans will find anything:

Download Malwarebytes ' Anti-Malware at http://www.besttechie.net/tools/mbam-setup.exe or http://www.majorgeeks.com/Malwarebytes_Anti-Malware_d5756.html Double-click on mbam-setup.exe to install the application.

* Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform Full Scan, then click Scan.
* The scan may take some time to finish, so please be patient.
* When the scan is complete, click OK, then Show Results to view the results.
* Make sure that everything is checked, and click Remove Selected.
* When disinfection is completed, a log will open in Notepad and you may be prompted to restart (see Extra Note below).
* The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
* Copy & paste the entire report into your next reply.

Extra Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts. Click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.

Go to http://www.bleepingcomputer.com/combofix/how-to-use-combofix and follow the instructions on how to install the Recovery Console and run ComboFix. Go through all the steps until posting the log part. Post the combofix log here.
0
 

Author Comment

by:bryanatabc
ID: 24127859
have run MBAB, attached is summary from 4 scans. Have run full scans from trendmicro worry free, microsoft malicious software remover, and malwarebytes, working on trying combofix, but am a little concerned with it since this is a working small business server 2003 in a single server office. I may have to take more time and pin everything I can down and make an image of the drives besides the normal backups. Thanks in advance for the help
Summary-4-mbam-scans.txt
0
 
LVL 15

Expert Comment

by:greyknight17
ID: 24129610
No problem. Are you only have issues accessing those two sites in particular? Any other sites giving you problems?

Do you get a page can not be displayed error? Try to ping those two sites from the command prompt and see if you get a response back. If you do, try accessing them through their IP address to see if you can get the page displayed.
0
Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 

Author Comment

by:bryanatabc
ID: 24129784
So far, just the two sites are blocked. When you try to open them, the browser gets stuck "waiting for..."
Combo fix would not run, incompatible with OS windows small business server 2003. I have tried typing the address found for both sites from my own system into the browser and get the same results. I have tried firefox with the same result. The system is configured as a two nic server, one connected to an Actiontec DSL router, and the other to a hub for the Lan. If i plug a laptop into the hub, I have no trouble getting to the sites from the laptop. Pinging lexisnexis.com gets a reply from 138.12.4.174
Pinging msn or microsoft.com times out, but they also time out from my system so they most likley do not respond to pings. Thank again for the help. Any ideas would be appreciated.
0
 
LVL 15

Expert Comment

by:greyknight17
ID: 24133000
Can you access the site using the IP address 138.12.4.174?
0
 

Accepted Solution

by:
bryanatabc earned 0 total points
ID: 24133201
Problem solved. ISP made improvments to their network. After changing the dsl modem from PPPoE to PPPoa, everything workslike a charm, and a lot faster. Thank you much greyknight17 for the assistance.
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

PREFACE The purpose of this guide is to explain what the SEPC Status Utility is and how it works. I have written the utility using AutoIt and have included the source code for your review. You are welcome to modify the code to your liking, but I wi…
Have you ever tried to find someone you know on Facebook and searched to find more than one result with the same picture? Perhaps someone you know has told you that they have a 'facebook stalker' or someone who is 'posing as them' online and ta…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

828 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question