beefstu123
asked on
How is Trend Micro AntiVirus plus AntiSpyware blocking my internet
Hi Guys,
im working on a computer that is having trouble connecting it the the internet and opening webpages. ive narrowed the problem down to a copy of Trend Micro AntiVirus plus AntiSpyware that is installed. wen trend is on i cant open webpages (page cannot be displayed, in both IE and Chrome) is i turn off trend it works without a hitch.
ive checked the winodws firewall, it doesnt seem to be affecting the situation
the hosts file has no abnormalities
uninstallation is not an option an i dont really want to install any other antivirus software
does anyone have any ideas?
help would be greatly appreciated
im working on a computer that is having trouble connecting it the the internet and opening webpages. ive narrowed the problem down to a copy of Trend Micro AntiVirus plus AntiSpyware that is installed. wen trend is on i cant open webpages (page cannot be displayed, in both IE and Chrome) is i turn off trend it works without a hitch.
ive checked the winodws firewall, it doesnt seem to be affecting the situation
the hosts file has no abnormalities
uninstallation is not an option an i dont really want to install any other antivirus software
does anyone have any ideas?
help would be greatly appreciated
ASKER
changing the file extension may make the files unstable. i made a copy before i made any changes in case i did something wrong
AutoRuns-Data.txt
AutoRuns-Data.txt
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Firstly,Mywebsearch spyware is on that machine
1-Run disk cleanup and Atf cleaner to clear temp files http://www.atribune.org/index.php?option=com_content&task=view&id=25&Itemid=25
2-Then scan with Malwarebytes(Mbam) http://www.malwarebytes.org/mbam-download.php
When its scan is finished, close Mbams logfile and hit "remove selected".
If asked to reboot,do so.
3-Attach Mbam's logfile. To locate it, open Malwarebytes, select the "logs" section.
1-Run disk cleanup and Atf cleaner to clear temp files http://www.atribune.org/index.php?option=com_content&task=view&id=25&Itemid=25
2-Then scan with Malwarebytes(Mbam) http://www.malwarebytes.org/mbam-download.php
When its scan is finished, close Mbams logfile and hit "remove selected".
If asked to reboot,do so.
3-Attach Mbam's logfile. To locate it, open Malwarebytes, select the "logs" section.
ASKER
here is the log file, thanks for the comments so far :)
mbam-log-2010-01-13--11-55-40-.txt
mbam-log-2010-01-13--11-55-40-.txt
ASKER
crap, wrong mbam log....hang on
ASKER
1-Create a System Restore point
2-Run this removal tool to make sure the worm is fully cleansed
http://www.sophos.com/support/disinfection/brontok.html
3-Run Combofix in windows normal mode. Follow its running steps to disable anti-virus etc..... Attach logfile here after
http://www.bleepingcomputer.com/combofix/how-to-use-combofix
2-Run this removal tool to make sure the worm is fully cleansed
http://www.sophos.com/support/disinfection/brontok.html
3-Run Combofix in windows normal mode. Follow its running steps to disable anti-virus etc..... Attach logfile here after
http://www.bleepingcomputer.com/combofix/how-to-use-combofix
ASKER
Thanks for that.
Run Eset online scan:
1-Check "scan archives"
2-In advanced options add check to scan for "potentially unsafe applications"
When completed attach logfile:
C:\Program Files\EsetOnlineScanner\lo
http://www.eset.com/onlinescan/
Run Eset online scan:
1-Check "scan archives"
2-In advanced options add check to scan for "potentially unsafe applications"
When completed attach logfile:
C:\Program Files\EsetOnlineScanner\lo
http://www.eset.com/onlinescan/
ASKER
the scan didnt turn up any infected items, heres the log :)
log.txt
log.txt
Ok,
Check this files out with http://www.virustotal.com/
c:\windows\DCEBoot.exec:\program files\Uninstall_CDS.exe
How is internet with Trend enabled?
Check this files out with http://www.virustotal.com/
c:\windows\DCEBoot.exec:\program files\Uninstall_CDS.exe
How is internet with Trend enabled?
ASKER
ok, will do.
do you mean wat kind of connection do i have? im just using an ethernet cable connected to a switch connected to my broadband modem. other computers can still access the internet from this setup.
do you mean wat kind of connection do i have? im just using an ethernet cable connected to a switch connected to my broadband modem. other computers can still access the internet from this setup.
Sorry, with Trend enabled, is the issue still there regarding internet being blocked?
ASKER
ah right, yes. ive tested after each scan. the internet still wont work with trend enabled
Did you check those two files with http://www.virustotal.com/
ASKER
the DCEBoot.exe file had two negative result which i have posted.
the uninstal_CDS.exe came up with now negative results
Capture.PNG
the uninstal_CDS.exe came up with now negative results
Capture.PNG
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
i found a copy of a trial version of the correct trend. after a reinstall using her old key the software is working again. sometimes i hate Trend lol. anyway, thanks for all ur help and ideas.
cheers
cheers
ASKER
extra points to Optoma for the extended support. thanks guys :)
No prob and you're welcome :)
Run autoruns.
In Autoruns:
Hit options and check "verify code signatures" and rescan (F5 key)
Don't make any other changes...
Within Autoruns,select the file tab and select save(Ctrl+S) and save as AutoRuns Data (*.arn) -Output file is a few megs in size
Once saved then right click autoruns.arn and rename to autoruns.txt to upload
Autoruns http://technet.microsoft.com/en-us/sysinternals/bb963902.aspx