some secure sites not available

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

xflight

Thread Starter
Joined
Oct 2, 2003
Messages
4
Hello all,

I have somewhat of a problem when trying to access any secure type link when I get on some web sites. One such site is my online banking page, I am able to log on and check my account, navigate to most of the link pages with the exception of my entire "E Bill/Payee" relative to scheduling a payment or adding a payee to the account.

I am using Window XP Home E. SP 1 with IE 6.0 on a fast DSL connection. I have tried everything I can think of including lowering my various security settings to the bare minimum with always the same results.

"The page cannot be displayed etc"and the tag line is "Cannot find server or DNS Error Internet Explorer". I believe this is referred to as error #404 ( I however choose to call it something unprintable)

I was hand carried for 2 hrs. through multiple fix's by the Bank site tech. rep. and the bottom line was to install a patch (Q818529) from MS and to allow 1st. and 3rd. party cookies etc. all to no avail.

I checked my encryption to verify 128 bit and it is. I re-registered 9 .dll files I use Window Washer to keep temp IE cookies, clear history files clean. I also renamed my \system32 host file and deleted it.

I also use Ad Aware, SpyBot and my registered Norton works, which according to them the system is clean with no virus or parasites. In addition I use Zone Alarm for a firewall. All of these security programs are current.

Should it matter, I have a 3 yr. old made to my specs. Dell Diam. 1gig ..... 256 meg. RDRAM (Rambis) - plenty of HD space partitioned, The system is still top of line. I just finished scanning the computer with "HiJack This" and below are the results of that scan for an expert analysis.

Please if anyone can offer any assistance, trust me I will be forever in their debt.

Thanks,
xflight

****************************************************************************************

HJT log file

Logfile of HijackThis v1.97.2
Scan saved at 4:34:03 PM, on 10/1/2003
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
F:\WINDOWS\System32\smss.exe
F:\WINDOWS\System32\winlogon.exe
F:\WINDOWS\system32\services.exe
F:\WINDOWS\system32\lsass.exe
F:\WINDOWS\system32\svchost.exe
F:\WINDOWS\System32\svchost.exe
F:\WINDOWS\system32\spoolsv.exe
F:\WINDOWS\Explorer.EXE
F:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
F:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
F:\WINDOWS\System32\nvsvc32.exe
F:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
F:\WINDOWS\System32\svchost.exe
F:\WINDOWS\System32\ZoneLabs\vsmon.exe
F:\PROGRA~1\NORTON~1\NORTON~1\navapw32.exe
F:\Program Files\Microsoft Hardware\Keyboard\type32.exe
F:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe
F:\Program Files\Tweak-XP\Tweak-xp.exe
F:\Program Files\WheresJames\StartupMgr\StartupMgr.exe
F:\PROGRA~1\PANICW~1\POP-UP~2\PSFREE.EXE
F:\Program Files\New Clipmate 6\ClipMate6\ClipMt61.exe
F:\Program Files\Tweak-XP\blads.exe
F:\Program Files\Tweak-XP\popup.exe
F:\Program Files\Alarm\Alarm Tray.exe
F:\Zone Alarm XP\ZoneAlarm\zonealarm.exe
C:\Program Files\Silicon Prairie Software\MemTurbo\memturbo.exe
F:\Program Files\SpeedFan\speedfan.exe
F:\Program Files\DeskSweeper\DeskSweeper.exe
F:\Program Files\Codeforge\TweakAll2\TweakTray.exe
F:\Program Files\UrlFixer\UrlFixer.exe
F:\Temp\Cliffs\Little G as in Google\gSearch.exe
F:\Temp\Cliffs\My Special Installs\1 Button Control\onebutton.exe
F:\PROGRA~1\Netscape\Netscape\Netscp.exe
C:\wincmd\Wincmd32.exe
F:\Temp\Cliffs\HiJack This\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = localhost:8080
R3 - URLSearchHook: SrchHook Class - {2C2C1BED-5B1C-4bf2-BC2A-86BF224B01AB} - F:\WINDOWS\System32\SRHOOK.dll
N3 - Netscape 7: user_pref("browser.startup.homepage", "http://home.netscape.com/bookmark/7_1/home.html"); (F:\Documents and Settings\Cliff Livingston\Application Data\Mozilla\Profiles\default\9vrc84mn.slt\prefs.js)
N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://F%3A%5CProgram%20Files%5CNetscape%5CNetscape%5Csearchplugins%5CSBWeb_02.src"); (F:\Documents and Settings\Cliff Livingston\Application Data\Mozilla\Profiles\default\9vrc84mn.slt\prefs.js)
O2 - BHO: P3P Client - {00000178-CD4A-447a-BCF9-6FD0096B5527} - F:\PROGRA~1\PRIVAC~1\P3PCLI~1.DLL
O2 - BHO: (no name) - {0000CC75-ACF3-4cac-A0A9-DD3868E06852} - F:\PROGRA~1\DAP\dapbho.dll
O2 - BHO: (no name) - {0096CC0A-623C-4829-AD9C-19AF0DC9D8FE} - F:\PROGRA~1\DAP\dapiebar.dll
O2 - BHO: (no name) - {2F2FBF0D-254F-11D5-B1E5-0050DAD7AF62} - F:\Program Files\ANONYMIZER\CORE\Anonymizer.dll
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - f:\program files\google\googletoolbar1.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - F:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: DAP Bar - {62999427-33FC-4baf-9C9C-BCE6BD127F08} - F:\PROGRA~1\DAP\dapiebar.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - F:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Pictures - {8E929F51-5914-11D6-971F-0050FC3F9161} - F:\PROGRA~1\PICTUR~1\IEBand.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - f:\program files\google\googletoolbar1.dll
O3 - Toolbar: Anonymizer Toolbar - {C14DC52F-B4D9-11D5-B1E6-0050DAD7AF62} - F:\Program Files\ANONYMIZER\TOOLBAR\AnonymizerBar.dll
O4 - HKLM\..\Run: [NAV Agent] F:\PROGRA~1\NORTON~1\NORTON~1\navapw32.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [IntelliType] "F:\Program Files\Microsoft Hardware\Keyboard\type32.exe"
O4 - HKLM\..\Run: [AdaptecDirectCD] F:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE F:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Show missed alarms] F:\Program Files\Alarm\Alarm.exe
O4 - HKLM\..\Run: [WinPatrol] F:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe
O4 - HKCU\..\Run: [Tweak-XP] F:\Program Files\Tweak-XP\Tweak-xp.exe -ex
O4 - HKCU\..\Run: [Whej Startup Manager] F:\Program Files\WheresJames\StartupMgr\StartupMgr.exe
O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "F:\PROGRA~1\PANICW~1\POP-UP~2\PSFREE.EXE"
O4 - HKCU\..\Run: [ClipMate6] F:\Program Files\New Clipmate 6\ClipMate6\ClipMt61.exe
O4 - HKCU\..\Run: [BlockAds] F:\Program Files\Tweak-XP\blads.exe
O4 - HKCU\..\Run: [Pop-Up-Blocker] F:\Program Files\Tweak-XP\popup.exe
O4 - HKCU\..\Run: [Mozilla Quick Launch] "F:\Program Files\Netscape\Netscape\Netscp.exe" -turbo
O4 - Startup: MemTurbo.lnk = C:\Program Files\Silicon Prairie Software\MemTurbo\memturbo.exe
O4 - Startup: SpeedFan.lnk = F:\Program Files\SpeedFan\speedfan.exe
O4 - Startup: DeskSweeper.lnk = F:\Program Files\DeskSweeper\DeskSweeper.exe
O4 - Startup: TweakTray.lnk = F:\Program Files\Codeforge\TweakAll2\TweakTray.exe
O4 - Startup: UrlFixer.lnk = F:\Program Files\UrlFixer\UrlFixer.exe
O4 - Startup: gSearch.exe.lnk = F:\Temp\Cliffs\Little G as in Google\gSearch.exe
O4 - Global Startup: Alarm Clock Icon.lnk = ?
O4 - Global Startup: ZoneAlarm.lnk = F:\Zone Alarm XP\ZoneAlarm\zonealarm.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O7 - HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: &Download with &DAP - F:\PROGRA~1\DAP\dapextie.htm
O8 - Extra context menu item: &Google Search - res://F:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Advanced Properties - http://www.unixmage.com/util/advprop.php3
O8 - Extra context menu item: Backward &Links - res://F:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://F:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Download &all with DAP - F:\PROGRA~1\DAP\dapextie2.htm
O8 - Extra context menu item: IE Zoom &In - F:\PROGRA~1\IEZOOM~1\IE Zoom In.htm
O8 - Extra context menu item: IE Zoom O&ut - F:\PROGRA~1\IEZOOM~1\IE Zoom Out.htm
O8 - Extra context menu item: IE Zoomer Help... - F:\PROGRA~1\IEZOOM~1\IE Zoomer Help.htm
O8 - Extra context menu item: IEB: Browser: Resize Window - F:\Program Files\IE Booster\window-size.html
O8 - Extra context menu item: IEB: Frame: Open in &New Window - F:\Program Files\IE Booster\frame-open-in-new-window.html
O8 - Extra context menu item: IEB: Frame: Open in &This Window - F:\Program Files\IE Booster\frame-open-in-this-window.html
O8 - Extra context menu item: IEB: Image: Copy Path to Clipboard - F:\Program Files\IE Booster\image-copy-path-to-clipboard.html
O8 - Extra context menu item: IEB: Image: Show Image Data - F:\Program Files\IE Booster\image-view-image-data.html
O8 - Extra context menu item: IEB: Image: Show Server Response - F:\Program Files\IE Booster\link-show-server-response.html
O8 - Extra context menu item: IEB: Link: Copy as <A href="URL">caption</A> - F:\Program Files\IE Booster\link-copy.html
O8 - Extra context menu item: IEB: Link: Open in New Minimized Window - F:\Program Files\IE Booster\link-open-minimized.html
O8 - Extra context menu item: IEB: Link: Show Server Response - F:\Program Files\IE Booster\link-show-server-response.html
O8 - Extra context menu item: IEB: Page: Copy Title as <A href="URL">Title</a> - F:\Program Files\IE Booster\page-copy-title.html
O8 - Extra context menu item: IEB: Page: Show Forms and Applets - F:\Program Files\IE Booster\page-show-forms.html
O8 - Extra context menu item: IEB: Page: Show Hyperlinks - F:\Program Files\IE Booster\page-view-hyperlinks.html
O8 - Extra context menu item: IEB: Page: Show Images - F:\Program Files\IE Booster\page-show-images.html
O8 - Extra context menu item: IEB: Page: Show Source - F:\Program Files\IE Booster\page-view-source.html
O8 - Extra context menu item: IEB: Page: Show Stylesheets - F:\Program Files\IE Booster\page-view-stylesheets.html
O8 - Extra context menu item: IEB: Page: Show TABLE, FORM and DIV Borders - F:\Program Files\IE Booster\page-show-table-structure.htm
O8 - Extra context menu item: IEB: Selection: Copy as plain text - F:\Program Files\IE Booster\selection-copy-plaintext.html
O8 - Extra context menu item: IEB: Selection: Open in Browser - F:\Program Files\IE Booster\selection-open-in-browser.html
O8 - Extra context menu item: IEB: Selection: Show Partial Source - F:\Program Files\IE Booster\selection-show-source.html
O8 - Extra context menu item: Open in IE &Zoomer - F:\PROGRA~1\IEZOOM~1\Open in IE Zoomer.htm
O8 - Extra context menu item: Si&milar Pages - res://F:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page - res://F:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
O9 - Extra button: Run DAP (HKLM)
O9 - Extra button: TTB Pane (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Messenger (HKLM)
O15 - Trusted Zone: http://www.exxonmobilcard.com
O16 - DPF: symsupportutil - https://www-secure.symantec.com/techsupp/activedata/symsupportutil.CAB
O16 - DPF: {6CB5E471-C305-11D3-99A8-000086395495} - http://toolbar.google.com/data/en/big/1.1.63-big/GoogleNav.cab
O16 - DPF: {8EDAD21C-3584-4E66-A8AB-EB0E5584767D} - http://toolbar.google.com/data/GoogleActivate.cab
O16 - DPF: {A7E092C3-692A-11D0-A7E5-08002B322F3B} - https://webresponse.one.microsoft.com/oas/ActiveX/FileXfer.cab
O16 - DPF: {DC187740-46A9-11D5-A815-00B0D0428C0C} - http://www.pcpowerscan.com/pcpowerscan.cab
 

dvk01

Retired Moderator Retired Malware Specialist
Joined
Dec 14, 2002
Messages
56,452
First Name
Derek
I would be inclined to think it is anonymizer causing your troubles
 
Joined
Jul 24, 2003
Messages
420
You can have Hijack This ''Fix Checked'' these entries ,

O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1

O7 - HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1

Then Reboot your computer

They represent IE control panel and Registry locks

Good luck
 

xflight

Thread Starter
Joined
Oct 2, 2003
Messages
4
Thank you all for the help, I am in the process of following your instructions for the removal of the anonymizer program. And I have deleted those programs or .. scanned with HJT.

As soon as I get any definitive/positive feed back I will give you a heads up.

Thanks again,

xflight
 

xflight

Thread Starter
Joined
Oct 2, 2003
Messages
4
Hello again,

After some digging I have noticed that the DOCM has an error message that reads "The server {FB7199AB-79BF-11D2-8D94-0000F875C541} did not register with DCOM within the required timeout."

I ran a find for the subject DOCM in my registry and found most of the ref. were to .. NET\Framework\v1.1.4322 .. apparently the latter indicates the ver. #. So far all of my efforts have been un-rewarding, so any help regarding these new discoveries will be appreciated. Thanks Cliff
 

xflight

Thread Starter
Joined
Oct 2, 2003
Messages
4
Hello, Yes I have among many other fix's, short of using the restore program which will probably be my next stop. Unless someone comes to my rescue.

Thanks for the reply.

xflight
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Staff online

Members online

Top