PDA

View Full Version : Can't access https


aktrekker
19-09-08, 20:06
It's me again, but not my computer :)
A friend bought a computer at a pawn shop as-is. It has WinXP. But he doesn't have the disk. Everything is OK, but it refuses to open a secure connection. He can't login to email, etc.
It gives the error

Cannot find server or DNS Error

This ONLY happens for HTTPS. It happens with IE6 and Firefox. Encryption is installed and enabled.
BTW he is using Comcast.

Here's the report.
Copy the following text and paste it to your report AS IS!!!

---------------------------------------------------------------
AutoRuns Diagnostics for TRF v 0.5 Developed by EscondeR
---------------------------------------------------------------



Program:
"AOL Connectivity Service"
Publisher:
"(Verified) America Online Inc."
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
AOL ACS
Program path & name:
"c:\program files\common files\aol\acs\aolacsd.exe"
Enabled: [V]


Program:
"Symantec Event Manager"
Publisher:
"(Verified) Symantec Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
ccEvtMgr
Program path & name:
"c:\program files\common files\symantec shared\ccevtmgr.exe"
Enabled: [V]


Program:
"Symantec Network Proxy Service"
Publisher:
"(Verified) Symantec Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
ccProxy
Program path & name:
"c:\program files\common files\symantec shared\ccproxy.exe"
Enabled: [V]


Program:
"Symantec Settings Manager"
Publisher:
"(Verified) Symantec Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
ccSetMgr
Program path & name:
"c:\program files\common files\symantec shared\ccsetmgr.exe"
Enabled: [V]


Program:
"Handles Norton AntiVirus Auto-Protect events."
Publisher:
"(Verified) Symantec Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
navapsvc
Program path & name:
"c:\program files\norton internet security\norton antivirus\navapsvc.exe"
Enabled: [V]


Program:
"ScriptBlocking registration"
Publisher:
"(Verified) Symantec Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
SBService
Program path & name:
"c:\program files\common files\symantec shared\script blocking\sbserv.exe"
Enabled: [V]


Program:
"Symantec Network Drivers Service"
Publisher:
"(Verified) Symantec Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
SNDSrvc
Program path & name:
"c:\program files\common files\symantec shared\sndsrvc.exe"
Enabled: [V]


Program:
"Symantec Core LC"
Publisher:
"(Not verified) Symantec Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
Symantec Core LC
Program path & name:
"c:\program files\common files\symantec shared\ccpd-lc\symlcsvc.exe"
Enabled: [V]


Program:
"Symantec WMI Service"
Publisher:
"(Verified) Symantec Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
SymWSC
Program path & name:
"c:\program files\common files\symantec shared\security center\symwsc.exe"
Enabled: [V]


Program:
"Wan Miniport (ATW) Service"
Publisher:
"(Not verified) America Online Inc."
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
WANMiniportService
Program path & name:
"c:\windows\wanmpsvc.exe"
Enabled: [V]


Program:
"AV Engine"
Publisher:
"(Verified) Symantec Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
NAVENG
Program path & name:
"c:\program files\common files\symantec shared\virusdefs\20041222.016\naveng.sys"
Enabled: [V]


Program:
"AV Engine"
Publisher:
"(Verified) Symantec Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
NAVEX15
Program path & name:
"c:\program files\common files\symantec shared\virusdefs\20041222.016\navex15.sys"
Enabled: [V]


Program:
"Padus(R) ASPI Shell"
Publisher:
"(Not verified) Padus Inc."
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
pfc
Program path & name:
"c:\windows\system32\drivers\pfc.sys"
Enabled: [V]


Program:
"Px Engine Device Driver for Windows 2000/XP"
Publisher:
"(Not verified) Sonic Solutions"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
PxHelp20
Program path & name:
"c:\windows\system32\drivers\pxhelp20.sys"
Enabled: [V]


Program:
"AutoProtect"
Publisher:
"(Verified) Symantec Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
SAVRT
Program path & name:
"c:\program files\norton internet security\norton antivirus\savrt.sys"
Enabled: [V]


Program:
"SAVRTPEL"
Publisher:
"(Verified) Symantec Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
SAVRTPEL
Program path & name:
"c:\program files\norton internet security\norton antivirus\savrtpel.sys"
Enabled: [V]


Program:
"SunkFilt"
Publisher:
"(Not verified) Alcor Micro Corp."
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
SunkFilt
Program path & name:
"c:\windows\system32\drivers\sunkfilt.sys"
Enabled: [V]


Program:
N/A
Publisher:
N/A
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
Sunkfiltp
Program path & name:
File not found: C:\WINDOWS\System32\Drivers\sunkfiltp.sys"
Enabled: [V]


Program:
"DNS Filter Driver"
Publisher:
"(Verified) Symantec Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
SYMDNS
Program path & name:
"c:\windows\system32\drivers\symdns.sys"
Enabled: [V]


Program:
"Symantec Event Library"
Publisher:
"(Verified) Symantec Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
SymEvent
Program path & name:
"c:\program files\symantec\symevent.sys"
Enabled: [V]


Program:
"Firewall Filter Driver"
Publisher:
"(Verified) Symantec Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
SYMFW
Program path & name:
"c:\windows\system32\drivers\symfw.sys"
Enabled: [V]


Program:
"IDS Filter Driver"
Publisher:
"(Verified) Symantec Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
SYMIDS
Program path & name:
"c:\windows\system32\drivers\symids.sys"
Enabled: [V]


Program:
"IDS Core Driver"
Publisher:
"(Verified) Symantec Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
SYMIDSCO
Program path & name:
"c:\program files\common files\symantec shared\symcdata\idsdefs\20041123.015\symidsco.sys"
Enabled: [V]


Program:
N/A
Publisher:
N/A
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
symlcbrd
Program path & name:
c:\windows\system32\drivers\symlcbrd.sys"
Enabled: [V]


Program:
"NDIS Filter Driver"
Publisher:
"(Verified) Symantec Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
SYMNDIS
Program path & name:
"c:\windows\system32\drivers\symndis.sys"
Enabled: [V]


Program:
"Redirector Filter Driver"
Publisher:
"(Verified) Symantec Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
SYMREDRV
Program path & name:
"c:\windows\system32\drivers\symredrv.sys"
Enabled: [V]


Program:
"Network Dispatch Driver"
Publisher:
"(Verified) Symantec Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
SYMTDI
Program path & name:
"c:\windows\system32\drivers\symtdi.sys"
Enabled: [V]


Program:
"Microsoft® Document Imaging"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\SYSTEM\CurrentControlSet\Control\Print\Monito rs
Entry name:
Microsoft Document Imaging Writer Monitor
Program path & name:
"c:\windows\system32\mdimon.dll"
Enabled: [V]


Program:
"SpamSubtract Layered Service Provider"
Publisher:
"(Not verified) interMute Inc."
Entry path:
HKLM\System\CurrentControlSet\Services\WinSock2\Pa rameters\Protocol_Catalog9
Entry name:
SpamSubtract over [MSAFD Tcpip [TCP/IP]]
Program path & name:
"c:\windows\system32\spsublsp.dll"
Enabled: [V]


Program:
"SpamSubtract Layered Service Provider"
Publisher:
"(Not verified) interMute Inc."
Entry path:
HKLM\System\CurrentControlSet\Services\WinSock2\Pa rameters\Protocol_Catalog9
Entry name:
SpamSubtract over [MSAFD Tcpip [UDP/IP]]
Program path & name:
"c:\windows\system32\spsublsp.dll"
Enabled: [V]


Program:
"SpamSubtract Layered Service Provider"
Publisher:
"(Not verified) interMute Inc."
Entry path:
HKLM\System\CurrentControlSet\Services\WinSock2\Pa rameters\Protocol_Catalog9
Entry name:
SpamSubtract over [MSAFD Tcpip [RAW/IP]]
Program path & name:
"c:\windows\system32\spsublsp.dll"
Enabled: [V]


Program:
"SpamSubtract Layered Service Provider"
Publisher:
"(Not verified) interMute Inc."
Entry path:
HKLM\System\CurrentControlSet\Services\WinSock2\Pa rameters\Protocol_Catalog9
Entry name:
SpamSubtract over [RSVP UDP Service Provider]
Program path & name:
"c:\windows\system32\spsublsp.dll"
Enabled: [V]


Program:
"SpamSubtract Layered Service Provider"
Publisher:
"(Not verified) interMute Inc."
Entry path:
HKLM\System\CurrentControlSet\Services\WinSock2\Pa rameters\Protocol_Catalog9
Entry name:
SpamSubtract over [RSVP TCP Service Provider]
Program path & name:
"c:\windows\system32\spsublsp.dll"
Enabled: [V]


Program:
"SpamSubtract Layered Service Provider"
Publisher:
"(Not verified) interMute Inc."
Entry path:
HKLM\System\CurrentControlSet\Services\WinSock2\Pa rameters\Protocol_Catalog9
Entry name:
SpamSubtract
Program path & name:
"c:\windows\system32\spsublsp.dll"
Enabled: [V]


Program:
"hpsysdrv"
Publisher:
"(Not verified) Hewlett-Packard Company"
Entry path:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Entry name:
hpsysdrv
Program path & name:
"c:\windows\system\hpsysdrv.exe"
Enabled: [V]


Program:
"HpqCmon MFC Application"
Publisher:
N/A
Entry path:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Entry name:
CamMonitor
Program path & name:
c:\program files\hp\digital imaging\unload\hpqcmon.exe"
Enabled: [V]


Program:
N/A
Publisher:
N/A
Entry path:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Entry name:
HPHUPD05
Program path & name:
File not found: c:\Program Files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe"
Enabled: [V]


Program:
"HPHmon05"
Publisher:
"(Not verified) Hewlett-Packard"
Entry path:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Entry name:
HPHmon05
Program path & name:
"c:\windows\system32\hphmon05.exe"
Enabled: [V]


Program:
"KBD EXE"
Publisher:
"(Not verified) Hewlett-Packard Company"
Entry path:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Entry name:
KBD
Program path & name:
"c:\hp\kbd\kbd.exe"
Enabled: [V]


Program:
N/A
Publisher:
N/A
Entry path:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Entry name:
AutoTKit
Program path & name:
c:\hp\bin\autotkit.exe"
Enabled: [V]


Program:
N/A
Publisher:
N/A
Entry path:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Entry name:
Admilli Service
Program path & name:
c:\program files\admilli service\admilliserv.exe"
Enabled: [V]


Program:
"RealNetworks Scheduler"
Publisher:
"(Not verified) RealNetworks Inc."
Entry path:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Entry name:
TkBellExe
Program path & name:
"c:\program files\common files\real\update_ob\realsched.exe"
Enabled: [V]


Program:
"AOL Connectivity Service Dialer"
Publisher:
"(Verified) America Online Inc."
Entry path:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Entry name:
AOLDialer
Program path & name:
"c:\program files\common files\aol\acs\aoldial.exe"
Enabled: [V]


Program:
"Microsoft .NET Runtime Execution Engine"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Filter
Entry name:
application/octet-stream
Program path & name:
"c:\windows\system32\mscoree.dll"
Enabled: [V]


Program:
"Microsoft .NET Runtime Execution Engine"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Filter
Entry name:
application/x-complus
Program path & name:
"c:\windows\system32\mscoree.dll"
Enabled: [V]


Program:
"Microsoft .NET Runtime Execution Engine"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Filter
Entry name:
application/x-msdownload
Program path & name:
"c:\windows\system32\mscoree.dll"
Enabled: [V]


Program:
N/A
Publisher:
N/A
Entry path:
HKCU\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components
Entry name:
0
Program path & name:
File not found: About:Home"
Enabled: [V]


Program:
"Microsoft .NET IE SECURITY REGISTRATION"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components
Entry name:
n/a
Program path & name:
"c:\windows\system32\mscories.dll"
Enabled: [V]


Program:
"WeatherBug"
Publisher:
"(Not verified) AWS Convergence Technologies Inc."
Entry path:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
Entry name:
Weather
Program path & name:
"c:\program files\aws\weatherbug\weather.exe"
Enabled: [V]


Program:
N/A
Publisher:
N/A
Entry path:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
Entry name:
Instant Access
Program path & name:
c:\windows\system32\egdaccess_1057.dll"
Enabled: [V]


Program:
"Yahoo! Messenger"
Publisher:
"(Not verified) Yahoo! Inc."
Entry path:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
Entry name:
Yahoo! Pager
Program path & name:
"c:\program files\yahoo!\messenger\ypager.exe"
Enabled: [V]


Program:
"Norton AntiVirus Scanner Module"
Publisher:
"(Verified) Symantec Corporation"
Entry path:
Task Scheduler
Entry name:
Norton AntiVirus - Scan my computer.job
Program path & name:
"c:\program files\norton internet security\norton antivirus\navw32.exe"
Enabled: [V]


Program:
"Symantec NetDetect"
Publisher:
"(Verified) Symantec Corporation"
Entry path:
Task Scheduler
Entry name:
Symantec NetDetect.job
Program path & name:
"c:\program files\symantec\liveupdate\ndetect.exe"
Enabled: [V]


Program:
N/A
Publisher:
N/A
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects
Entry name:
BHO
Program path & name:
c:\program files\sb\smart-browser\bho.0.1.0.155.dll"
Enabled: [V]


Program:
"Yahoo! Companion 5.2 for Internet Explorer"
Publisher:
"(Verified) Yahoo! Inc."
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects
Entry name:
Yahoo! Companion BHO
Program path & name:
"c:\program files\yahoo!\common\ycomp5_2_3_0.dll"
Enabled: [V]


Program:
"My Way Speedbar"
Publisher:
"(Not verified) My Way"
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects
Entry name:
myBar BHO
Program path & name:
"c:\program files\myway\mybar\1.bin\mybar.dll"
Enabled: [V]


Program:
"Adobe Acrobat IE Helper Version 6.0 for ActivieX"
Publisher:
"(Verified) Adobe Systems Incorporated"
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects
Entry name:
AcroIEHlprObj Class
Program path & name:
"c:\program files\adobe\acrobat 6.0\reader\activex\acroiehelper.dll"
Enabled: [V]


Program:
"NIS Shell Extension"
Publisher:
"(Not verified) Symantec Corporation"
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects
Entry name:
CNisExtBho Class
Program path & name:
"c:\program files\common files\symantec shared\adblocking\nisshext.dll"
Enabled: [V]


Program:
"Norton AntiVirusNAVShellExt Module"
Publisher:
"(Verified) Symantec Corporation"
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects
Entry name:
CNavExtBho Class
Program path & name:
"c:\program files\norton internet security\norton antivirus\navshext.dll"
Enabled: [V]


Program:
N/A
Publisher:
N/A
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\She ll Extensions\Approved
Entry name:
Display Panning CPL Extension
Program path & name:
File not found: deskpan.dll"
Enabled: [V]


Program:
"Microsoft .NET Runtime Execution Engine"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\She ll Extensions\Approved
Entry name:
Fusion Cache
Program path & name:
"c:\windows\system32\mscoree.dll"
Enabled: [V]


Program:
"HPNSExtn Module"
Publisher:
N/A
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\She ll Extensions\Approved
Entry name:
HPNSView
Program path & name:
c:\program files\hp\digital imaging\bin\hpdns_01.dll"
Enabled: [V]


Program:
"Shell Extensions"
Publisher:
"(Not verified) Sonic Solutions"
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\She ll Extensions\Approved
Entry name:
RecordNow! SendToExt
Program path & name:
"c:\program files\recordnow!\shlext.dll"
Enabled: [V]


Program:
"RealOne Player Shell Extensions"
Publisher:
"(Not verified) RealNetworks"
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\She ll Extensions\Approved
Entry name:
Shell Extensions for RealOne Player
Program path & name:
"c:\program files\real\realone player\rpshellext.dll"
Enabled: [V]


Program:
"ShellvRTF"
Publisher:
"(Not verified) XSS"
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\She ll Extensions\Approved
Entry name:
SampleView
Program path & name:
"c:\windows\system32\shellvrtf.dll"
Enabled: [V]


Program:
"hp view toolbar"
Publisher:
"(Not verified) Hewlett-Packard Company"
Entry path:
HKLM\Software\Microsoft\Internet Explorer\Toolbar
Entry name:
hpdtlk02.dll
Program path & name:
"c:\program files\hp\digital imaging\bin\hpdtlk02.dll"
Enabled: [V]


Program:
"NIS Shell Extension"
Publisher:
"(Not verified) Symantec Corporation"
Entry path:
HKLM\Software\Microsoft\Internet Explorer\Toolbar
Entry name:
Web assistant
Program path & name:
"c:\program files\common files\symantec shared\adblocking\nisshext.dll"
Enabled: [V]


Program:
"Norton AntiVirusNAVShellExt Module"
Publisher:
"(Verified) Symantec Corporation"
Entry path:
HKLM\Software\Microsoft\Internet Explorer\Toolbar
Entry name:
Norton AntiVirus
Program path & name:
"c:\program files\norton internet security\norton antivirus\navshext.dll"
Enabled: [V]


Program:
"Yahoo! Companion 5.2 for Internet Explorer"
Publisher:
"(Verified) Yahoo! Inc."
Entry path:
HKLM\Software\Microsoft\Internet Explorer\Toolbar
Entry name:
ycomp5_2_3_0.dll
Program path & name:
"c:\program files\yahoo!\common\ycomp5_2_3_0.dll"
Enabled: [V]


Program:
"My Way Speedbar"
Publisher:
"(Not verified) My Way"
Entry path:
HKLM\Software\Microsoft\Internet Explorer\Toolbar
Entry name:
mybar.dll
Program path & name:
"c:\program files\myway\mybar\1.bin\mybar.dll"
Enabled: [V]


Program:
"AIM Search Toolbar"
Publisher:
"(Not verified) America Online Inc"
Entry path:
HKLM\Software\Microsoft\Internet Explorer\Toolbar
Entry name:
aimbar.dll
Program path & name:
"c:\program files\aim toolbar\aimbar.dll"
Enabled: [V]


Program:
"IE Toolbar"
Publisher:
"(Verified) America Online Inc."
Entry path:
HKLM\Software\Microsoft\Internet Explorer\Toolbar
Entry name:
toolbar.dll
Program path & name:
"c:\program files\aol toolbar\toolbar.dll"
Enabled: [V]


Program:
"WeatherBug"
Publisher:
"(Not verified) AWS Convergence Technologies Inc."
Entry path:
HKCU\Software\Microsoft\Internet Explorer\Extensions
Entry name:
WeatherBug
Program path & name:
"c:\program files\aws\weatherbug\weather.exe"
Enabled: [V]


Program:
"Yahoo! Messenger"
Publisher:
"(Not verified) Yahoo! Inc."
Entry path:
HKLM\Software\Microsoft\Internet Explorer\Extensions
Entry name:
Yahoo! Messenger
Program path & name:
"c:\program files\yahoo!\messenger\ypager.exe"
Enabled: [V]

St4r
19-09-08, 20:43
Sounds like a misconfigured firewall or an ISP problem.

You may want to try the following.

1. Check firewall rules.
2. Test with another DNS server like OpenDNS (http://www.opendns.com/).
3. Make sure all updates are installed. I might be wrong, but if I remember correctly, there's a certain fix to Winsock which addresses this issue.

spikejones
19-09-08, 20:57
do you have SSL 2.0 and SSL 3.0 enabled in internet options (for IE) as well as SSL 3.0 and TSL 1.0 for Firefox?

these setting should be default, but as it is second hand it may be altered:
http://i383.photobucket.com/albums/oo279/stryderjones/trf/securitysettings.jpg

check into using alternate DNS server as well.

aktrekker
20-09-08, 07:06
SSL1 and 2 are on and TSL. There wasn't an option for SSL3.
Going to uninstall Norton, so there may not be a firewall after that. Figured on having him install ZoneAlarm for now.
Updates will be a problem since he didn't get the XP disks with the computer - Don't say it, I know :p

DNS doesn't handle HTTP/S, only the domain. HTTPS is encrypted connection. Something just doesn't want him going to a secure site.
Already disabled Norton's service - his high speed Internet was slower than my dialup. But I suspect Norton may still be involved :cen:

EscondeR
20-09-08, 10:11
^ Run ARDiag.exe (http://www.tombraiderhub.com/download/ardiag.exe) on his PC and post the report.
Uninstall Norton crap completely, better use AVG or Kaspersky.

aktrekker
20-09-08, 11:27
I thought that's what I did. I didn't notice it said Autoruns. I'll get that tomorrow.

St4r
20-09-08, 15:23
DNS doesn't handle HTTP/S, only the domain.

Right. I only wanted to exclude the DNS error your message stated. That sort of thing might occur on sites where the HTTPS dir is stored on a separate server for example.

spikejones
20-09-08, 19:23
Updates will be a problem since he didn't get the XP disks with the computer -

updates do not need a disk. simply open windows internet explorer and go to:

tools menu -> Windows update

i dont think there is any need to have a product key for those updates... ive never had to enter one.

EscondeR
20-09-08, 19:28
I thought that's what I did. I didn't notice it said Autoruns. I'll get that tomorrow.

Oh... :o I see my vacation affects :p

1. Run Autoruns and kill the following entries:


Program:
"SunkFilt"
Publisher:
"(Not verified) Alcor Micro Corp."
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
SunkFilt
Program path & name:
"c:\windows\system32\drivers\sunkfilt.sys"
Enabled: [V]


Program:
N/A
Publisher:
N/A
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
Sunkfiltp
Program path & name:
File not found: C:\WINDOWS\System32\Drivers\sunkfiltp.sys"
Enabled: [V]


Program:
"SpamSubtract Layered Service Provider"
Publisher:
"(Not verified) interMute Inc."
Entry path:
HKLM\System\CurrentControlSet\Services\WinSock2\Pa rameters\Protocol_Catalog9
Entry name:
SpamSubtract over [MSAFD Tcpip [TCP/IP]]
Program path & name:
"c:\windows\system32\spsublsp.dll"
Enabled: [V]


Program:
"SpamSubtract Layered Service Provider"
Publisher:
"(Not verified) interMute Inc."
Entry path:
HKLM\System\CurrentControlSet\Services\WinSock2\Pa rameters\Protocol_Catalog9
Entry name:
SpamSubtract over [MSAFD Tcpip [UDP/IP]]
Program path & name:
"c:\windows\system32\spsublsp.dll"
Enabled: [V]


Program:
"SpamSubtract Layered Service Provider"
Publisher:
"(Not verified) interMute Inc."
Entry path:
HKLM\System\CurrentControlSet\Services\WinSock2\Pa rameters\Protocol_Catalog9
Entry name:
SpamSubtract over [MSAFD Tcpip [RAW/IP]]
Program path & name:
"c:\windows\system32\spsublsp.dll"
Enabled: [V]


Program:
"SpamSubtract Layered Service Provider"
Publisher:
"(Not verified) interMute Inc."
Entry path:
HKLM\System\CurrentControlSet\Services\WinSock2\Pa rameters\Protocol_Catalog9
Entry name:
SpamSubtract over [RSVP UDP Service Provider]
Program path & name:
"c:\windows\system32\spsublsp.dll"
Enabled: [V]


Program:
"SpamSubtract Layered Service Provider"
Publisher:
"(Not verified) interMute Inc."
Entry path:
HKLM\System\CurrentControlSet\Services\WinSock2\Pa rameters\Protocol_Catalog9
Entry name:
SpamSubtract over [RSVP TCP Service Provider]
Program path & name:
"c:\windows\system32\spsublsp.dll"
Enabled: [V]


Program:
"SpamSubtract Layered Service Provider"
Publisher:
"(Not verified) interMute Inc."
Entry path:
HKLM\System\CurrentControlSet\Services\WinSock2\Pa rameters\Protocol_Catalog9
Entry name:
SpamSubtract
Program path & name:
"c:\windows\system32\spsublsp.dll"
Enabled: [V]


Program:
N/A
Publisher:
N/A
Entry path:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Entry name:
HPHUPD05
Program path & name:
File not found: c:\Program Files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe"
Enabled: [V]


Program:
N/A
Publisher:
N/A
Entry path:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Entry name:
AutoTKit
Program path & name:
c:\hp\bin\autotkit.exe"
Enabled: [V]


Program:
N/A
Publisher:
N/A
Entry path:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Entry name:
Admilli Service
Program path & name:
c:\program files\admilli service\admilliserv.exe"
Enabled: [V]


Program:
"WeatherBug"
Publisher:
"(Not verified) AWS Convergence Technologies Inc."
Entry path:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
Entry name:
Weather
Program path & name:
"c:\program files\aws\weatherbug\weather.exe"
Enabled: [V]


Program:
N/A
Publisher:
N/A
Entry path:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
Entry name:
Instant Access
Program path & name:
c:\windows\system32\egdaccess_1057.dll"
Enabled: [V]



Program:
N/A
Publisher:
N/A
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects
Entry name:
BHO
Program path & name:
c:\program files\sb\smart-browser\bho.0.1.0.155.dll"
Enabled: [V]


Program:
"Yahoo! Companion 5.2 for Internet Explorer"
Publisher:
"(Verified) Yahoo! Inc."
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects
Entry name:
Yahoo! Companion BHO
Program path & name:
"c:\program files\yahoo!\common\ycomp5_2_3_0.dll"
Enabled: [V]


Program:
"My Way Speedbar"
Publisher:
"(Not verified) My Way"
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects
Entry name:
myBar BHO
Program path & name:
"c:\program files\myway\mybar\1.bin\mybar.dll"
Enabled: [V] - Malware


Program:
"hp view toolbar"
Publisher:
"(Not verified) Hewlett-Packard Company"
Entry path:
HKLM\Software\Microsoft\Internet Explorer\Toolbar
Entry name:
hpdtlk02.dll
Program path & name:
"c:\program files\hp\digital imaging\bin\hpdtlk02.dll"
Enabled: [V]


Program:
"Yahoo! Companion 5.2 for Internet Explorer"
Publisher:
"(Verified) Yahoo! Inc."
Entry path:
HKLM\Software\Microsoft\Internet Explorer\Toolbar
Entry name:
ycomp5_2_3_0.dll
Program path & name:
"c:\program files\yahoo!\common\ycomp5_2_3_0.dll"
Enabled: [V]


Program:
"My Way Speedbar"
Publisher:
"(Not verified) My Way"
Entry path:
HKLM\Software\Microsoft\Internet Explorer\Toolbar
Entry name:
mybar.dll
Program path & name:
"c:\program files\myway\mybar\1.bin\mybar.dll"
Enabled: [V] - Malware


Program:
"AIM Search Toolbar"
Publisher:
"(Not verified) America Online Inc"
Entry path:
HKLM\Software\Microsoft\Internet Explorer\Toolbar
Entry name:
aimbar.dll
Program path & name:
"c:\program files\aim toolbar\aimbar.dll"
Enabled: [V]


Program:
"IE Toolbar"
Publisher:
"(Verified) America Online Inc."
Entry path:
HKLM\Software\Microsoft\Internet Explorer\Toolbar
Entry name:
toolbar.dll
Program path & name:
"c:\program files\aol toolbar\toolbar.dll"
Enabled: [V]


Program:
"WeatherBug"
Publisher:
"(Not verified) AWS Convergence Technologies Inc."
Entry path:
HKCU\Software\Microsoft\Internet Explorer\Extensions
Entry name:
WeatherBug
Program path & name:
"c:\program files\aws\weatherbug\weather.exe"
Enabled: [V]


2. Uninstall Norton/Symantec crap completely then reboot.

3. Run Autoruns again and kill all remaining Norton/Symantec entries, if any.

aktrekker
21-09-08, 02:44
Thanks. Problem solved.
Also got rid of AOL :D