Jump to content

Cannot update MB 1.46 because http blocked


Recommended Posts

I'm helping a friend whose PC can open https URLs but not http. It's running Vista home premium and conneting to the net via an at&t uverse home network that supports wired, wireless and two digital phone lines. Except for http access being blocked, everything seems normal (to the extent that anything Vista-related can be called "normal") I suspect it's some configuration problem, but I can't prove it. Windows firewall was off already, I turned off TrendMicro firewall, tried various tricks from Vista forums, did a winsock reset, and rolled back Windows updates to the earliest restore point she had. No luck. Same problem with both wired and wireless. Other wireless devices (two laptops and an iPhone) are working fine.

On the malware front, I've run MB 1.46, and it cleaned out some stuff, but the problem persists. I've run a nework sniffer and I *think* I can rule out spyware - no suspicious traffic at all. But I can't rule out malware yet: when I install MB 1.46, it can't update itself because http isn't working. Is there a way I can move an up-to-date MB from another computer to hers? Or maybe configure her machine to use an https proxy? Or is 1.50 beta complete enough that I should just use that (without installation-time updates)?

Finally, is there known malware that does this kind of thing?

Any advice on this? Thanks.

Link to post
Share on other sites

Welcome to Malwarebytes! If its Internet Explorer, try re-setting it: Tools, drop down to Internet Options go to the Advanced tab and at the bottom of the program that came up press Reset Internet Explorer Settings and Restore Advanced Settings

You can turn on Trend Micro if you let TM trust these Malwarebytes files: http://forums.malwarebytes.org/index.php?s...mp;#entry162099 Section F

Post back with your results, you can try the above for starters. regards.....

Link to post
Share on other sites

Hi -

You can use this to check your settings -

  • Open Internet Explorer
  • Note: It MUST be Internet Explorer, not Firefox, Opera, Chrome or any other internet browser
  • Click on Tools at the top and select Internet Options
  • Note: If you do not see Tools, press the Alt key on your keyboard and it will show up
  • Click on the Connections tab
  • Click on the LAN settings button
  • Under Automatic configuration make sure that the box next to Automatically detect settings is checked, if it is not, then click the box next to it to check it
  • Click on the OK button to close the Local Area Network (LAN) Settings window
  • Click on the OK button to close the Internet Options window
  • Use this diagram as a guide

Disable Internet Explorer Proxy Settings and Reset TCP/IP

It is very important that these steps be carried out exactly as shown otherwise the fix will not work.

If you have any questions please ask before moving on.

  • Please start Notepad and using your mouse make sure you select and copy all the information below in the Code box into your new document.
  • Then save the file as "fixme.bat" to your Desktop - The .bat extension is important
  • In the drop down box for Save as type: make sure you select All Files (*.*) and keep the quotes on the name as well. Then close the new file.
    @ECHO OFF
    reg delete "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings" /v ProxyServer /f
    reg delete "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings" /v ProxyOverride /f
    reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings" /v ProxyEnable /t REG_DWORD /d 0 /f
    reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings" /v GlobalUserOffline /t REG_DWORD /d 0 /f
    netsh int ip reset resetlog.txt


  • On Windows XP you can double-click the file to run it.
  • On Vista/Win7 you need to Right click the file and choose Run as administrator to run it. With User Account Control on it should ask permission to run it. Click Yes
  • This will flash a black DOS box very quickly and go away, this is normal.
  • Restart your computer now.
  • Launch Internet Explorer and see if you can connect to the Internet normally.

Thank You -

Link to post
Share on other sites

Thanks, yardbird and noknojon, for your help. It's a new experience for me to have someone actually ask about progress. On some forums, questions can sit for months with no attention.

The good news is that the problem is fixed. The bad news is that I can't sort out the causes as much as I would have liked. When I got back to work on this today I realized that I had only turned off TrendMicro's firewall, but I hadn't turned off TrendMicro entirely. After running the fixme.bat script that noknojon provided, I turned off TrendMicro. HTTP was working again, MB 1.46 was able to update itself, and a Quick Scan found nothing bad. I also ran FindyKill research, and it didn't find anything concerning, either. Then I turned TrendMicro back on, and HTTP stopped working. I ended up uninstalling and re-installing TrendMicro, after which the machine seems to be back to normal.

So a scrambled TrendMicro was part of the problem, but I don't know if it was the whole problem because I didn't turn it off until after running the fixme script (doh!)

For completeness, I've attached the internet settings values before and after. There's one difference, which is that the ProxyOverride value was removed. "Auto-detect settings" was already on.

internet_settings_before.txt

internet_settings_after.txt

Link to post
Share on other sites

I have Trend Micro Internet Security since 2008, now using TM Titanium IS 2010, When/If I have a prob with them, I use there phone support. Most of the time an un-install & re-install of TM will fix the prob. I have never had the http blocked? It depends on the version & which flavor of TM your using? When I used TMIS 2009 Windows firewall was off, now I'm using Titanium Trend Micro IS & windows firewall is on! If you don't want to give a call to TM, they have an email & chat feature. Looking at your Logs, theres something going on in the Registry -- an issue I never had to deal with & trend micro.

I ended up uninstalling and re-installing TrendMicro, after which the machine seems to be back to normal.
so you did remove it & install it... ok. glad all is working for you.... Please feel free to post back any questions, issues, where we can be of any help..... regards... take care :)

EDIT spelling

Link to post
Share on other sites

Do you think that your problem is solved , or do you wish to have more help -

Please be specific if you need more help - Yardbird knows a bit about Trend programs -

This Trend Item is a bit dated but it may still help -

I'm treating the problem as solved for the time being. I know there were some changes to her u-verse networking recently, by techs who had minimal grasp of how the network hardware and configuration changes might affect what was running on the PC. So I think the most likely explanation is that those changes caused TrendMicro to get horribly confused. My friend has been out of town. When she gets back I'll ask her to start using the machine again. If the problem re-appears I'll post an update. Meanwhile, no more help is needed.

Thanks again for your assistance.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.