Cannot access a site after extensive troubleshooting..

I'm going crazy!  Well at least it feels that way.....

I cannot access one website (  I can access from my work PC (Windows 2000) at the office but at home I cannot.

I've contacted my ISP, nothing is wrong
I also contacted my router company (Motorola), we set the firewall to off and tested a few other options, still not working
I did a trace and pinged the site, sent this to the owner of, he called Sprint since the trace uses their backbone, they say nothing is wrong

I have checked my internet settings, my network settings, I'm completely lost.

Any suggestions?
Who is Participating?
Pete LongConnect With a Mentor Technical ConsultantCommented:
>>Do you think I did something that is now blocking me from this site

I woudlnt have thought so unless you built a proxy server or are going through a firewall (Im assuming that https is open on any firewall you have)

Ive seen a few posts over the last few weeks on a similar vein, and the only cure was to remove IE and reinstall it with the 128 bit encryption pack, then the https problem dissapeared, (some users had to remove and reinstall more than once - why? - I dont know)

To remove/reinstall IE

CLick Start >Run >type regedit {enter} Navigate to the following key, HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Active Setup \ Installed Components \ {89820200-ECBD-11cf-8B85-00AA005B4383} In the right hand pane find the value "IsInstalled" right click it, select modify, then change it to 0 (thats a Zero!).
You can now download and reinstall Internet Explorer (Links below).
NB. If you want to reinstall Outlook Express at the same time perform the same action on this registry key. HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Active Setup \ Installed Components \ {44BBA840-CC51-11CF-AAFA-00AA00B6015C}


Description of the Internet Explorer Repair Tool

How to Reinstall or Repair Internet Explorer and Outlook Express in Windows XP


IE Download (From 2.0 to 6.0) and Service Packs/Patches

IE Download (From 1.0 to 6.0) and service Packs

Pete LongTechnical ConsultantCommented:
Cannot connect to HTTPS (XP)

HOW TO: Troubleshoot Situations Where You Cannot Complete MSN Sign-up or Connect to SSL Secured (128-Bit) Web Sites by Using Internet Explorer in Windows XP;EN-US;813444
Pete LongTechnical ConsultantCommented:
then click this link
Worried about phishing attacks?

90% of attacks start with a phish. It’s critical that IT admins and MSSPs have the right security in place to protect their end users from these phishing attacks. Check out our latest feature brief for tips and tricks to keep your employees off a hackers line!

Pete LongTechnical ConsultantCommented:
I posted the first link because the adrress you posted auto resolves to
Beaner1383Author Commented:
Hi Pete,

Thank you for the information and the site to Microsoft, I did all the steps on the list and I still can't access the website.  I'm ready to pull my hair out!

Let me ask you another question, a while ago when I purchased my new modem/router/printer server (Motorola).  I tried to nextwork our two computers together in the house and decided to give up because I didn't know what I was doing.  Do you think I did something that is now blocking me from this site?  I can access BOT from my laptop but the two computers I tried to network together we cannot access this site.

The reason using this site is a big deal for us is because we are trying to plan a dinner for 1,300 which is next weekend and we need to have constant access.

Thanks much,
Beaner1383Author Commented:

Well, I tried all this and still no success.  I'm currently on 6.0 service pack 2 and nothing I do seems to work.
Mad_LionConnect With a Mentor Commented:
Stop the press.
Dont uninstall IE just yet.
The symptom your describing is likely to be caused by a some sort of hijack or nasty adware.
You know those pesky pop up windows that just say "About:Blank"...
Yea, there is embeded code in those that really screw with your browser/machine in so many ways.

Just by uninstalling IE (automatically) may not do the trick.
There are registry entries and such that will linger into your next installation.

grab yourself one of the reputable adware scanners/virus scanners that defend against such attacks, as well as clean them if you've already been subject to this sort of non-sense.
(I really hate these script kiddies who pull these stunts)

Once your feeling comfortable that your system is clean (and I bet you'll be suprised how many there are living in your system) You can feel free to remove and re-install IE if you wish but by this time it may not be necessary.

I am not in the habbit of recommending specific software to anyone (I dont get paid to do that)
But I can give you this link and you can choose one for yourself.

I hope you can ease your troubled mind, and begin to browse freely.

*Note* Commonly these sorts of threats lie within shady web sites...  try to keep your browsing on trusted sites as much as possible. Also, visit on a regular basis to keep your browser updated. Also a pop-up blocker will also assist in preventing this from happening again.
Beaner1383Author Commented:
Mad Lion,

Thanks, I actually purchased Pest Patrol last weekend and cleaned up my disk.  I had over 3,000 of those damn pests on my computer so I suspect something is still lurking and I may need to completely reload my computer which will be a pain but this is one nut I can't seem to crack.

Thanks much!  Open to any other suggestions!

Cheers, Deneen
Another quick suggestion to rule out any internet explorer problems and some of the spyware problems would be to download and try another browser.  You could try mozilla or netscape and see if you have any more luck going to the site with either of them.  Just a quickie idea :) good luck.
Pete LongTechnical ConsultantCommented:
>> I actually purchased Pest Patrol

oooh we dont like paying for things ;)
?If you feel youve been hijacked take a look on my website (now the domain name is sorted :)
Beaner1383Author Commented:

Thanks Pete, I'll download one of your programs tonight when I get home and see if it helps any further.

Emisery, I have Mozilla loaded for a while on my computer and that didn't help either.

Thanks again for all the input!
Pete LongTechnical ConsultantCommented:
Beaner1383Author Commented:


Well I ran "Hijack This" and received this huge file in return, I have no clue what to do next, any ideas?  Thanks for all the help so far!

Logfile of HijackThis v1.97.7
Scan saved at 7:44:23 PM, on 5/3/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\Program Files\Trend Micro\PC-cillin 2002\Tmntsrv.exe
C:\Program Files\Trend Micro\PC-cillin 2002\PCCPFW.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\Trend Micro\PC-cillin 2002\pccguide.exe
C:\Program Files\Trend Micro\PC-cillin 2002\PCCClient.exe
C:\Program Files\Trend Micro\PC-cillin 2002\Pop3trap.exe
C:\Program Files\Dell AIO Printer A940\dlbabmgr.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Dell AIO Printer A940\dlbabmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\Program Files\Handspring\HOTSYNC.EXE
C:\Program Files\FileMap By BB v302\Filemap.exe
C:\Program Files\Microsoft Office\Office10\WINWORD.EXE
C:\Program Files\Microsoft Works\MSWorks.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Deneen Goddard\My Documents\Download Files\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
F2 - REG:system.ini: UserInit=C:\WINDOWS\System32\Userinit.exe
O2 - BHO: (no name) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 6\SnagItBHO.dll (file missing)
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\Updreg.exe
O4 - HKLM\..\Run: [AHQInit] C:\Program Files\Creative\SBLive\Program\AHQInit.exe
O4 - HKLM\..\Run: [TPP Auto Loader] C:\WINDOWS\TPPALDR.EXE
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\PC-cillin 2002\pccguide.exe"
O4 - HKLM\..\Run: [PCCClient.exe] "C:\Program Files\Trend Micro\PC-cillin 2002\PCCClient.exe"
O4 - HKLM\..\Run: [Pop3trap.exe] "C:\Program Files\Trend Micro\PC-cillin 2002\Pop3trap.exe"
O4 - HKLM\..\Run: [3six5] C:\PROGRA~1\MEDIAT~1\3six5\3six5.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [PowerPlan Calendar] C:\Program Files\PowerPlan Calendar\PowerPlanCalendar.exe false
O4 - HKLM\..\Run: [Dell AIO Printer A940] "C:\Program Files\Dell AIO Printer A940\dlbabmgr.exe"
O4 - HKLM\..\Run: [TaskMgr] C:\PROGRA~1\INTERN~1\tskmgr32.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [PestPatrol Control Center] C:\PROGRA~1\PESTPA~1\PPControl.exe
O4 - HKLM\..\Run: [PPMemCheck] C:\PROGRA~1\PESTPA~1\PPMemCheck.exe
O4 - HKLM\..\Run: [CookiePatrol] C:\PROGRA~1\PESTPA~1\CookiePatrol.exe
O4 - HKCU\..\Run: [] C:\Program Files\\mcalert.exe -auto
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [11Alive] C:\Program Files\11Alive On Your Desktop\11Alive.exe
O4 - HKCU\..\Run: [Weather] C:\PROGRA~1\AWS\WEATHE~1\Weather.exe 1
O4 - Startup: HotSync Manager.lnk = C:\Program Files\Handspring\HOTSYNC.EXE
O4 - Startup: WorldTime.lnk = C:\Program Files\\WorldTime\worldtime.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: SnagIt 6.lnk = C:\Program Files\TechSmith\SnagIt 6\SnagIt32.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
O9 - Extra button: Create Mobile Favorite (HKLM)
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... (HKLM)
O9 - Extra button: AIM (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Messenger (HKLM)
O9 - Extra button: WeatherBug (HKCU)
O16 - DPF: ppctlcab -
O16 - DPF: {01FE8D0A-51AD-459B-B62B-85E135128B32} (DD_v4.DDv4) -
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} (Microsoft Office Template and Media Control) -
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) -
O16 - DPF: {0335A685-ED24-4F7B-A08E-3BD15D84E668} -
O16 - DPF: {072D3F2E-5FB6-11D3-B461-00C04FA35A21} (CFForm Runtime) -
O16 - DPF: {0878B424-1F95-4E26-B5AB-F0D349D89650} -
O16 - DPF: {08BEF711-06DA-48B2-9534-802ECAA2E4F9} (PlxInstall Class) -
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) -
O16 - DPF: {26CBF141-7D0F-46E1-AA06-718958B6E4D2} -
O16 - DPF: {2B96D5CC-C5B5-49A5-A69D-CC0A30F9028C} (MiniBugTransporterX Class) -
O16 - DPF: {2FC9A21E-2069-4E47-8235-36318989DB13} (PPSDKActiveXScanner.MainScreen) -
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) -
O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} (Office Update Installation Engine) -
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} -
O16 - DPF: {9DBAFCCF-592F-FFFF-FFFF-00608CEC297C} -
O16 - DPF: {A8658086-E6AC-4957-BC8E-7D54A7E8A78E} (SassCln Object) -
O16 - DPF: {BAC01377-73DD-4796-854D-2A8997E3D68A} -
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
O16 - DPF: {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} (iTunesDetector Class) -
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) -
O16 - DPF: {E855A2D4-987E-4F3B-A51C-64D10A7E2479} (EPSImageControl Class) -
O16 - DPF: {EF99BD32-C1FB-11D2-892F-0090271D4F88} -

Pete LongTechnical ConsultantCommented:
hang on Ill get someone better at this than me..............................
LucFConnect With a Mentor EMEA Server EngineerCommented:
Hi Beaner1383,

Tick the checkbox in front of these lines, afterwards, click "Fix Checked"

F2 - REG:system.ini: UserInit=C:\WINDOWS\System32\Userinit.exe
O2 - BHO: (no name) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 6\SnagItBHO.dll (file missing)
O4 - HKLM\..\Run: [TaskMgr] C:\PROGRA~1\INTERN~1\tskmgr32.exe <= *****this is probably the one bugging you*****
O4 - HKCU\..\Run: [Weather] C:\PROGRA~1\AWS\WEATHE~1\Weather.exe 1
O9 - Extra button: WeatherBug (HKCU)
O16 - DPF: {0335A685-ED24-4F7B-A08E-3BD15D84E668} -
O16 - DPF: {072D3F2E-5FB6-11D3-B461-00C04FA35A21} (CFForm Runtime) -
O16 - DPF: {2B96D5CC-C5B5-49A5-A69D-CC0A30F9028C} (MiniBugTransporterX Class) -
O16 - DPF: {9DBAFCCF-592F-FFFF-FFFF-00608CEC297C} -
O16 - DPF: {BAC01377-73DD-4796-854D-2A8997E3D68A} -
O16 - DPF: {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} (iTunesDetector Class) -
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) -
O16 - DPF: {E855A2D4-987E-4F3B-A51C-64D10A7E2479} (EPSImageControl Class) -
O16 - DPF: {EF99BD32-C1FB-11D2-892F-0090271D4F88} -

After you've done all this, reboot the computer and delete:

Good luck,

LucFEMEA Server EngineerCommented:
To be more precise, you have this Backdoor on your computer:
LucFEMEA Server EngineerCommented:
I should think before posting :) So here's the thirth:

You won't like the filereport on tskmgr32.exe
Pete LongTechnical ConsultantCommented:
.......Thanks Luc :)
LucFEMEA Server EngineerCommented:
You're always welcome Pete :)
Beaner1383Author Commented:

Thanks!  I'll give this a shot when I get home tonight.

Everyone is so great!
Pete LongTechnical ConsultantCommented:
LucFEMEA Server EngineerCommented:
ditto, great to see your problem is solved :)

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.