?
Solved

How is Trend Micro AntiVirus plus AntiSpyware blocking my internet

Posted on 2010-01-11
21
Medium Priority
?
674 Views
Last Modified: 2013-11-22
Hi Guys,

im working on a computer that is having trouble connecting it the the internet and opening webpages. ive narrowed the problem down to a copy of Trend Micro AntiVirus plus AntiSpyware that is installed. wen trend is on i cant open webpages (page cannot be displayed, in both IE and Chrome) is i turn off trend it works without a hitch.

ive checked the winodws firewall, it doesnt seem to be affecting the situation
the hosts file has no abnormalities
uninstallation is not an option an i dont really want to install any other antivirus software

does anyone have any ideas?
help would be greatly appreciated
0
Comment
Question by:beefstu123
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 11
  • 9
21 Comments
 
LVL 22

Expert Comment

by:optoma
ID: 26288535
Hi
Run autoruns.
In Autoruns:
Hit options and check "verify code signatures" and rescan (F5 key)
Don't make any other changes...

Within Autoruns,select the file tab and select save(Ctrl+S) and save as AutoRuns Data (*.arn) -Output file is a few megs in size
Once saved then right click autoruns.arn and rename to autoruns.txt to upload

Autoruns http://technet.microsoft.com/en-us/sysinternals/bb963902.aspx
0
 
LVL 2

Author Comment

by:beefstu123
ID: 26288673
changing the file extension may make the files unstable.  i made a copy before i made any changes in case i did something wrong
AutoRuns-Data.txt
0
 
LVL 3

Assisted Solution

by:DataVault
DataVault earned 400 total points
ID: 26289855
ive had Trend bug on my several times, i would try a uninstall reinstall of trend,
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 22

Expert Comment

by:optoma
ID: 26290631
Firstly,Mywebsearch spyware is on that machine

1-Run disk cleanup and Atf cleaner to clear temp files http://www.atribune.org/index.php?option=com_content&task=view&id=25&Itemid=25

2-Then scan with Malwarebytes(Mbam) http://www.malwarebytes.org/mbam-download.php
When its scan is finished, close Mbams logfile and hit "remove selected".
If asked to reboot,do so.

3-Attach Mbam's logfile. To locate it, open Malwarebytes, select the "logs" section.
0
 
LVL 2

Author Comment

by:beefstu123
ID: 26299558
here is the log file, thanks for the comments so far :)
mbam-log-2010-01-13--11-55-40-.txt
0
 
LVL 2

Author Comment

by:beefstu123
ID: 26299563
crap, wrong mbam log....hang on
0
 
LVL 2

Author Comment

by:beefstu123
ID: 26299842
this is the correct MBAM log.

sorry about the mixup
mbam-log-2010-01-13--12-59-01-.txt
0
 
LVL 22

Expert Comment

by:optoma
ID: 26301524
1-Create a System Restore point

2-Run this removal tool to make sure the worm is fully cleansed
http://www.sophos.com/support/disinfection/brontok.html

3-Run Combofix in windows normal mode. Follow its running steps to disable anti-virus etc..... Attach logfile here after
http://www.bleepingcomputer.com/combofix/how-to-use-combofix
0
 
LVL 2

Author Comment

by:beefstu123
ID: 26310557
done, done....and done.

thanks :)
log.txt
0
 
LVL 22

Expert Comment

by:optoma
ID: 26312133
Thanks for that.
Run Eset online scan:
1-Check "scan archives"
2-In advanced options add check to scan for "potentially unsafe applications"

When completed attach logfile:
C:\Program Files\EsetOnlineScanner\log.txt

http://www.eset.com/onlinescan/
0
 
LVL 2

Author Comment

by:beefstu123
ID: 26319337
the scan didnt turn up any infected items, heres the log :)
log.txt
0
 
LVL 22

Expert Comment

by:optoma
ID: 26320996
Ok,
Check this files out with http://www.virustotal.com/

c:\windows\DCEBoot.exec:\program files\Uninstall_CDS.exe

How is internet with Trend enabled?
0
 
LVL 2

Author Comment

by:beefstu123
ID: 26336869
ok, will do.

do you mean wat kind of connection do i have?  im just using an ethernet cable connected to a switch connected to my broadband modem.  other computers can still access the internet from this setup.
0
 
LVL 22

Expert Comment

by:optoma
ID: 26336879
Sorry, with Trend enabled, is the issue still there regarding internet being blocked?
0
 
LVL 2

Author Comment

by:beefstu123
ID: 26337299
ah right, yes. ive tested after each scan. the internet still wont work with trend enabled
0
 
LVL 22

Expert Comment

by:optoma
ID: 26337351
Did you check those two files with http://www.virustotal.com/
0
 
LVL 2

Author Comment

by:beefstu123
ID: 26337361
the DCEBoot.exe file had two negative result which i have posted.

the uninstal_CDS.exe came up with now negative results
Capture.PNG
0
 
LVL 22

Accepted Solution

by:
optoma earned 1600 total points
ID: 26337393
Since it got a few hits, delete it.
Reboot and test, although i don't think it will have any positive result on underlying issue.

Run this scanner. Its fairly quick and see if it finds anything:
Hitman Pro http://www.surfright.nl/en/hitmanpro

Whatever the results of Hitman are, reboot and test.

If still unresolved uninstall Trend (as mentioned above),reboot and reinstall Trend, providing you have your subscription details.

http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1037161
0
 
LVL 2

Author Comment

by:beefstu123
ID: 26364588
i found a copy of a trial version of the correct trend. after a reinstall using her old key the software is working again. sometimes i hate Trend lol.  anyway, thanks for all ur help and ideas.

cheers
0
 
LVL 2

Author Closing Comment

by:beefstu123
ID: 31675805
extra points to Optoma for the extended support. thanks guys :)
0
 
LVL 22

Expert Comment

by:optoma
ID: 26364721
No prob and you're welcome :)
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

You cannot be 100% sure that you can protect your organization against crypto ransomware but you can lower down the risk and impact of the infection.
IF you are either unfamiliar with rootkits, or want to know more about them, read on ....
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

765 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question