1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

some secure sites not available

Discussion in 'Web & Email' started by xflight, Oct 2, 2003.

Thread Status:
Not open for further replies.
Advertisement
  1. xflight

    xflight Thread Starter

    Joined:
    Oct 2, 2003
    Messages:
    4
    Hello all,

    I have somewhat of a problem when trying to access any secure type link when I get on some web sites. One such site is my online banking page, I am able to log on and check my account, navigate to most of the link pages with the exception of my entire "E Bill/Payee" relative to scheduling a payment or adding a payee to the account.

    I am using Window XP Home E. SP 1 with IE 6.0 on a fast DSL connection. I have tried everything I can think of including lowering my various security settings to the bare minimum with always the same results.

    "The page cannot be displayed etc"and the tag line is "Cannot find server or DNS Error Internet Explorer". I believe this is referred to as error #404 ( I however choose to call it something unprintable)

    I was hand carried for 2 hrs. through multiple fix's by the Bank site tech. rep. and the bottom line was to install a patch (Q818529) from MS and to allow 1st. and 3rd. party cookies etc. all to no avail.

    I checked my encryption to verify 128 bit and it is. I re-registered 9 .dll files I use Window Washer to keep temp IE cookies, clear history files clean. I also renamed my \system32 host file and deleted it.

    I also use Ad Aware, SpyBot and my registered Norton works, which according to them the system is clean with no virus or parasites. In addition I use Zone Alarm for a firewall. All of these security programs are current.

    Should it matter, I have a 3 yr. old made to my specs. Dell Diam. 1gig ..... 256 meg. RDRAM (Rambis) - plenty of HD space partitioned, The system is still top of line. I just finished scanning the computer with "HiJack This" and below are the results of that scan for an expert analysis.

    Please if anyone can offer any assistance, trust me I will be forever in their debt.

    Thanks,
    xflight

    ****************************************************************************************

    HJT log file

    Logfile of HijackThis v1.97.2
    Scan saved at 4:34:03 PM, on 10/1/2003
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    F:\WINDOWS\System32\smss.exe
    F:\WINDOWS\System32\winlogon.exe
    F:\WINDOWS\system32\services.exe
    F:\WINDOWS\system32\lsass.exe
    F:\WINDOWS\system32\svchost.exe
    F:\WINDOWS\System32\svchost.exe
    F:\WINDOWS\system32\spoolsv.exe
    F:\WINDOWS\Explorer.EXE
    F:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
    F:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
    F:\WINDOWS\System32\nvsvc32.exe
    F:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
    F:\WINDOWS\System32\svchost.exe
    F:\WINDOWS\System32\ZoneLabs\vsmon.exe
    F:\PROGRA~1\NORTON~1\NORTON~1\navapw32.exe
    F:\Program Files\Microsoft Hardware\Keyboard\type32.exe
    F:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe
    F:\Program Files\Tweak-XP\Tweak-xp.exe
    F:\Program Files\WheresJames\StartupMgr\StartupMgr.exe
    F:\PROGRA~1\PANICW~1\POP-UP~2\PSFREE.EXE
    F:\Program Files\New Clipmate 6\ClipMate6\ClipMt61.exe
    F:\Program Files\Tweak-XP\blads.exe
    F:\Program Files\Tweak-XP\popup.exe
    F:\Program Files\Alarm\Alarm Tray.exe
    F:\Zone Alarm XP\ZoneAlarm\zonealarm.exe
    C:\Program Files\Silicon Prairie Software\MemTurbo\memturbo.exe
    F:\Program Files\SpeedFan\speedfan.exe
    F:\Program Files\DeskSweeper\DeskSweeper.exe
    F:\Program Files\Codeforge\TweakAll2\TweakTray.exe
    F:\Program Files\UrlFixer\UrlFixer.exe
    F:\Temp\Cliffs\Little G as in Google\gSearch.exe
    F:\Temp\Cliffs\My Special Installs\1 Button Control\onebutton.exe
    F:\PROGRA~1\Netscape\Netscape\Netscp.exe
    C:\wincmd\Wincmd32.exe
    F:\Temp\Cliffs\HiJack This\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = localhost:8080
    R3 - URLSearchHook: SrchHook Class - {2C2C1BED-5B1C-4bf2-BC2A-86BF224B01AB} - F:\WINDOWS\System32\SRHOOK.dll
    N3 - Netscape 7: user_pref("browser.startup.homepage", "http://home.netscape.com/bookmark/7_1/home.html"); (F:\Documents and Settings\Cliff Livingston\Application Data\Mozilla\Profiles\default\9vrc84mn.slt\prefs.js)
    N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://F%3A%5CProgram%20Files%5CNetscape%5CNetscape%5Csearchplugins%5CSBWeb_02.src"); (F:\Documents and Settings\Cliff Livingston\Application Data\Mozilla\Profiles\default\9vrc84mn.slt\prefs.js)
    O2 - BHO: P3P Client - {00000178-CD4A-447a-BCF9-6FD0096B5527} - F:\PROGRA~1\PRIVAC~1\P3PCLI~1.DLL
    O2 - BHO: (no name) - {0000CC75-ACF3-4cac-A0A9-DD3868E06852} - F:\PROGRA~1\DAP\dapbho.dll
    O2 - BHO: (no name) - {0096CC0A-623C-4829-AD9C-19AF0DC9D8FE} - F:\PROGRA~1\DAP\dapiebar.dll
    O2 - BHO: (no name) - {2F2FBF0D-254F-11D5-B1E5-0050DAD7AF62} - F:\Program Files\ANONYMIZER\CORE\Anonymizer.dll
    O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - f:\program files\google\googletoolbar1.dll
    O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - F:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: DAP Bar - {62999427-33FC-4baf-9C9C-BCE6BD127F08} - F:\PROGRA~1\DAP\dapiebar.dll
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - F:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: Pictures - {8E929F51-5914-11D6-971F-0050FC3F9161} - F:\PROGRA~1\PICTUR~1\IEBand.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - f:\program files\google\googletoolbar1.dll
    O3 - Toolbar: Anonymizer Toolbar - {C14DC52F-B4D9-11D5-B1E6-0050DAD7AF62} - F:\Program Files\ANONYMIZER\TOOLBAR\AnonymizerBar.dll
    O4 - HKLM\..\Run: [NAV Agent] F:\PROGRA~1\NORTON~1\NORTON~1\navapw32.exe
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [IntelliType] "F:\Program Files\Microsoft Hardware\Keyboard\type32.exe"
    O4 - HKLM\..\Run: [AdaptecDirectCD] F:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE F:\WINDOWS\System32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [Show missed alarms] F:\Program Files\Alarm\Alarm.exe
    O4 - HKLM\..\Run: [WinPatrol] F:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe
    O4 - HKCU\..\Run: [Tweak-XP] F:\Program Files\Tweak-XP\Tweak-xp.exe -ex
    O4 - HKCU\..\Run: [Whej Startup Manager] F:\Program Files\WheresJames\StartupMgr\StartupMgr.exe
    O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "F:\PROGRA~1\PANICW~1\POP-UP~2\PSFREE.EXE"
    O4 - HKCU\..\Run: [ClipMate6] F:\Program Files\New Clipmate 6\ClipMate6\ClipMt61.exe
    O4 - HKCU\..\Run: [BlockAds] F:\Program Files\Tweak-XP\blads.exe
    O4 - HKCU\..\Run: [Pop-Up-Blocker] F:\Program Files\Tweak-XP\popup.exe
    O4 - HKCU\..\Run: [Mozilla Quick Launch] "F:\Program Files\Netscape\Netscape\Netscp.exe" -turbo
    O4 - Startup: MemTurbo.lnk = C:\Program Files\Silicon Prairie Software\MemTurbo\memturbo.exe
    O4 - Startup: SpeedFan.lnk = F:\Program Files\SpeedFan\speedfan.exe
    O4 - Startup: DeskSweeper.lnk = F:\Program Files\DeskSweeper\DeskSweeper.exe
    O4 - Startup: TweakTray.lnk = F:\Program Files\Codeforge\TweakAll2\TweakTray.exe
    O4 - Startup: UrlFixer.lnk = F:\Program Files\UrlFixer\UrlFixer.exe
    O4 - Startup: gSearch.exe.lnk = F:\Temp\Cliffs\Little G as in Google\gSearch.exe
    O4 - Global Startup: Alarm Clock Icon.lnk = ?
    O4 - Global Startup: ZoneAlarm.lnk = F:\Zone Alarm XP\ZoneAlarm\zonealarm.exe
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
    O7 - HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
    O8 - Extra context menu item: &Download with &DAP - F:\PROGRA~1\DAP\dapextie.htm
    O8 - Extra context menu item: &Google Search - res://F:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
    O8 - Extra context menu item: Advanced Properties - http://www.unixmage.com/util/advprop.php3
    O8 - Extra context menu item: Backward &Links - res://F:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
    O8 - Extra context menu item: Cac&hed Snapshot of Page - res://F:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
    O8 - Extra context menu item: Download &all with DAP - F:\PROGRA~1\DAP\dapextie2.htm
    O8 - Extra context menu item: IE Zoom &In - F:\PROGRA~1\IEZOOM~1\IE Zoom In.htm
    O8 - Extra context menu item: IE Zoom O&ut - F:\PROGRA~1\IEZOOM~1\IE Zoom Out.htm
    O8 - Extra context menu item: IE Zoomer Help... - F:\PROGRA~1\IEZOOM~1\IE Zoomer Help.htm
    O8 - Extra context menu item: IEB: Browser: Resize Window - F:\Program Files\IE Booster\window-size.html
    O8 - Extra context menu item: IEB: Frame: Open in &New Window - F:\Program Files\IE Booster\frame-open-in-new-window.html
    O8 - Extra context menu item: IEB: Frame: Open in &This Window - F:\Program Files\IE Booster\frame-open-in-this-window.html
    O8 - Extra context menu item: IEB: Image: Copy Path to Clipboard - F:\Program Files\IE Booster\image-copy-path-to-clipboard.html
    O8 - Extra context menu item: IEB: Image: Show Image Data - F:\Program Files\IE Booster\image-view-image-data.html
    O8 - Extra context menu item: IEB: Image: Show Server Response - F:\Program Files\IE Booster\link-show-server-response.html
    O8 - Extra context menu item: IEB: Link: Copy as <A href="URL">caption</A> - F:\Program Files\IE Booster\link-copy.html
    O8 - Extra context menu item: IEB: Link: Open in New Minimized Window - F:\Program Files\IE Booster\link-open-minimized.html
    O8 - Extra context menu item: IEB: Link: Show Server Response - F:\Program Files\IE Booster\link-show-server-response.html
    O8 - Extra context menu item: IEB: Page: Copy Title as <A href="URL">Title</a> - F:\Program Files\IE Booster\page-copy-title.html
    O8 - Extra context menu item: IEB: Page: Show Forms and Applets - F:\Program Files\IE Booster\page-show-forms.html
    O8 - Extra context menu item: IEB: Page: Show Hyperlinks - F:\Program Files\IE Booster\page-view-hyperlinks.html
    O8 - Extra context menu item: IEB: Page: Show Images - F:\Program Files\IE Booster\page-show-images.html
    O8 - Extra context menu item: IEB: Page: Show Source - F:\Program Files\IE Booster\page-view-source.html
    O8 - Extra context menu item: IEB: Page: Show Stylesheets - F:\Program Files\IE Booster\page-view-stylesheets.html
    O8 - Extra context menu item: IEB: Page: Show TABLE, FORM and DIV Borders - F:\Program Files\IE Booster\page-show-table-structure.htm
    O8 - Extra context menu item: IEB: Selection: Copy as plain text - F:\Program Files\IE Booster\selection-copy-plaintext.html
    O8 - Extra context menu item: IEB: Selection: Open in Browser - F:\Program Files\IE Booster\selection-open-in-browser.html
    O8 - Extra context menu item: IEB: Selection: Show Partial Source - F:\Program Files\IE Booster\selection-show-source.html
    O8 - Extra context menu item: Open in IE &Zoomer - F:\PROGRA~1\IEZOOM~1\Open in IE Zoomer.htm
    O8 - Extra context menu item: Si&milar Pages - res://F:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
    O8 - Extra context menu item: Translate Page - res://F:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
    O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
    O9 - Extra button: Run DAP (HKLM)
    O9 - Extra button: TTB Pane (HKLM)
    O9 - Extra button: Messenger (HKLM)
    O9 - Extra 'Tools' menuitem: Messenger (HKLM)
    O15 - Trusted Zone: http://www.exxonmobilcard.com
    O16 - DPF: symsupportutil - https://www-secure.symantec.com/techsupp/activedata/symsupportutil.CAB
    O16 - DPF: {6CB5E471-C305-11D3-99A8-000086395495} - http://toolbar.google.com/data/en/big/1.1.63-big/GoogleNav.cab
    O16 - DPF: {8EDAD21C-3584-4E66-A8AB-EB0E5584767D} - http://toolbar.google.com/data/GoogleActivate.cab
    O16 - DPF: {A7E092C3-692A-11D0-A7E5-08002B322F3B} - https://webresponse.one.microsoft.com/oas/ActiveX/FileXfer.cab
    O16 - DPF: {DC187740-46A9-11D5-A815-00B0D0428C0C} - http://www.pcpowerscan.com/pcpowerscan.cab
     
  2. dvk01

    dvk01 Moderator Malware Specialist

    Joined:
    Dec 14, 2002
    Messages:
    56,192
    First Name:
    Derek
    I would be inclined to think it is anonymizer causing your troubles
     
  3. BlueSpruce

    BlueSpruce

    Joined:
    Jul 24, 2003
    Messages:
    420
    You can have Hijack This ''Fix Checked'' these entries ,

    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present

    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present

    O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1

    O7 - HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1

    Then Reboot your computer

    They represent IE control panel and Registry locks

    Good luck
     
  4. xflight

    xflight Thread Starter

    Joined:
    Oct 2, 2003
    Messages:
    4
    Thank you all for the help, I am in the process of following your instructions for the removal of the anonymizer program. And I have deleted those programs or .. scanned with HJT.

    As soon as I get any definitive/positive feed back I will give you a heads up.

    Thanks again,

    xflight
     
  5. xflight

    xflight Thread Starter

    Joined:
    Oct 2, 2003
    Messages:
    4
    Hello again,

    After some digging I have noticed that the DOCM has an error message that reads "The server {FB7199AB-79BF-11D2-8D94-0000F875C541} did not register with DCOM within the required timeout."

    I ran a find for the subject DOCM in my registry and found most of the ref. were to .. NET\Framework\v1.1.4322 .. apparently the latter indicates the ver. #. So far all of my efforts have been un-rewarding, so any help regarding these new discoveries will be appreciated. Thanks Cliff
     
  6. yul

    yul

    Joined:
    Feb 11, 2003
    Messages:
    726
    have u checked the time on the system clock?
     
  7. xflight

    xflight Thread Starter

    Joined:
    Oct 2, 2003
    Messages:
    4
    Hello, Yes I have among many other fix's, short of using the restore program which will probably be my next stop. Unless someone comes to my rescue.

    Thanks for the reply.

    xflight
     
  8. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/168966

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice