Yesterday, I discovered, to my dismay that I can no longer display secure pages. Any page that has
https:// in its address gives the 'Server Not Found' or page cannot be displayed error page. I know that the server is there because these are mainstream sites I'm trying to access, such as logging into hotmail. The problem first occurred yesterday, and although I wasnt messing around with internet settings, I did uninstall Cute FTP and Dreamweaver, although I dont know exactly when the problem occurred. I know that under the internet settings in IE SSL is enabled. I tried disabling Norton Internet security. After investigating some more I found that I cannot login to MSN or Yahoo Messenger either. Upon this discovery I concluded that the problem is much bigger than I had initially thought. I downloaded the Winstock fix for Windows XP, but it didnt fix anything. Ive removed all spyware and did a complete system scan with Norton, but nothing of consequence was found. As a last resort I used System Restore to roll back to a time when the problem was not occurring. Again there was no change.
Im out of ideas, any help would be greatly appreciated
Dustin Thomson
IE 6 SP1
XP Home SP1
Norton Internet Security / AntiVirus 2004
Spybot Search And Destroy 1.3
------
HJT Log
------
Logfile of HijackThis v1.98.2
Scan saved at 11:40:41, on 20.08.2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.e
xe
C:\WINDOWS\system32\winlog
on.exe
C:\WINDOWS\system32\servic
es.exe
C:\WINDOWS\system32\lsass.
exe
C:\WINDOWS\system32\svchos
t.exe
C:\WINDOWS\System32\svchos
t.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSetMgr.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\System32\igfxtr
ay.exe
C:\WINDOWS\System32\hkcmd.
exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\Programme\Apoint2K\Apoi
nt.exe
C:\PROGRA~1\LAUNCH~1\CPLBC
L53.EXE
C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe
C:\Programme\Apoint2K\Apnt
ex.exe
C:\Programme\Winamp\Winamp
a.exe
C:\WINDOWS\System32\ezSP_P
x.exe
C:\Programme\Hewlett-Packa
rd\Digital
Imaging\Bin\hpqWRG.exe
C:\WINDOWS\System32\ctfmon
.exe
C:\WINDOWS\system32\spools
v.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\ccProxy.exe
C:\Programme\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\SNDSrvc.exe
C:\WINDOWS\System32\svchos
t.exe
C:\Programme\Hewlett-Packa
rd\Digital
Imaging\bin\hpotdd01.exe
C:\Programme\Hewlett-Packa
rd\Digital
Imaging\bin\hpobnz08.exe
C:\Programme\Hewlett-Packa
rd\Digital
Imaging\bin\hpoevm08.exe
C:\Programme\Norton Internet Security\Norton AntiVirus\SAVScan.exe
C:\Programme\Hewlett-Packa
rd\Digital
Imaging\Bin\hpoSTS08.exe
C:\PROGRA~1\NORTON~1\NORTO
N~1\navw32
.exe
R1 - HKCU\Software\Microsoft\In
ternet Explorer\Main,Search Page =
http://www.searchwww.com/R0 - HKCU\Software\Microsoft\In
ternet Explorer\Main,Start Page =
http://www.google.at/R1 - HKLM\Software\Microsoft\In
ternet Explorer\Main,Default_Page
_URL =
http://global.acer.comR0 - HKLM\Software\Microsoft\In
ternet Explorer\Search,SearchAssi
stant =
http://www.searchwww.com/bar.htmlO2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7
695ECA0567
0} - C:\Programme\Yahoo!\Messen
ger\ycomp.
dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-7
84B7D6BE0B
3} - C:\Programme\Adobe\Acrobat
6.0\Reader\ActiveX\AcroIEH
elper.dll
O2 - BHO: CNisExtBho Class - {9ECB9560-04F9-4bbc-943D-2
98DDF1699E
1} - C:\Programme\Gemeinsame Dateien\Symantec Shared\AdBlocking\NISShExt
.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-F
ADC6B08487
2} - C:\Programme\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-0
0A0C908246
7} - C:\WINDOWS\System32\msdxm.
ocx
O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A
37C9A5676A
7} - C:\Programme\Gemeinsame Dateien\Symantec Shared\AdBlocking\NISShExt
.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7
859DF00B1D
6} - C:\Programme\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0
090271D4F8
8} - C:\Programme\Yahoo!\Messen
ger\ycomp.
dll
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtr
ay.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.
exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [Apoint] C:\Programme\Apoint2K\Apoi
nt.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\CPLBC
L53.EXE
O4 - HKLM\..\Run: [ccApp] "C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Programme\Winamp\Winam
pa.exe"
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCh
eck.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dump
rep 0 -k
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_P
x.exe
O4 - HKLM\..\Run: [HPpromo psc 2175] "C:\Programme\Hewlett-Pack
ard\Digita
l Imaging\Bin\hpqWRG.exe" /N "psc 2175" -r
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon
.exe
O4 - HKCU\..\Run: [Yahoo! Pager] C:\PROGRA~1\YAHOO!\MESSEN~
1\ypager.e
xe -quiet
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programme\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMo
n.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Programme\Gemeinsame Dateien\Adobe\Calibration\
Adobe Gamma Loader.exe
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: hp psc 2000 Series.lnk = C:\Programme\Hewlett-Packa
rd\Digital
Imaging\bin\hpobnz08.exe
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2
\OFFICE11\
EXCEL.EXE/
3000
O8 - Extra context menu item: Shorten URL -
http://www.cjb.net/menuext.htmlO9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3
C9C571A826
3} - C:\PROGRA~1\MICROS~2\OFFIC
E11\REFIEB
AR.DLL
O9 - Extra button: Recherche-Assistent - {9455301C-CF6B-11D3-A266-0
0C04F689C5
0} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Encarta Researcher\EROPROJ.DLL
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-0
0aa003c157
a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-0
0aa003c157
a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0
050045C3C9
6} - C:\PROGRA~1\YAHOO!\MESSEN~
1\YPAGER.E
XE
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0
050045C3C9
6} - C:\PROGRA~1\YAHOO!\MESSEN~
1\YPAGER.E
XE
O16 - DPF: {6BB594E2-6E4D-4CC9-98B0-9
31C323F916
5} (DepHlp Control) -
http://mirror.worldwinner.com/games/shared/dephlp.cabO16 - DPF: {C3DFA998-A486-11D4-AA25-0
0C04F72DAE
B} (MSN Photo Upload Tool) -
http://sc.groups.msn.com/controls/PhotoUC/MsnPUpld.cabO16 - DPF: {EB387D2F-E27B-4D36-979E-8
47D1036C65
D} (QDiagHUpdateObj Class) -
http://h30043.www3.hp.com/aio/en/check/qdiagh.cab?322O16 - DPF: {F58E1CEF-A068-4C15-BA5E-5
87CAF3EE8C
6} (MSN Chat Control 4.5) -
http://chat.msn.com/bin/msnchat45.cab
