# Trend Micro Housecall won't work?!?



## danj (Jan 23, 2007)

Hi There,
  When I try to run the Trend Micro Housecall free online scanner I get through most of the process, but when it actually starts to scan my system the browser just closes and it's like I never tried to do the scan.  I did some research but couldn't find this particular problem.  I disable both my firewall and active virus program when I try to do the scan.  I have previously done this scan successfully with my firewall and active virus programs both on and off. 

  I have done Ad-Aware, Avast!, Spybot Search and Destroy, and SUPERAntispyware scans and have found nothing.  I don't trust Panda active scan because Ad-Aware has picked up tracking cookies from them before.

  Here is my Hijackthis log:        any advice would help - thanks

Logfile of HijackThis v1.99.1
Scan saved at 5:13:36 PM, on 1/22/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\802.11 Wireless LAN\802.11g Pen Size Wireless USB 2.0 Adapter HW.32 V1.10\SiSWLSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\HJT\HijackThis.exe

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: SiS WirelessLan Service (SiSWLSvc) - Unknown owner - C:\Program Files\802.11 Wireless LAN\802.11g Pen Size Wireless USB 2.0 Adapter HW.32 V1.10\SiSWLSvc.exe


----------



## PC eye (Jan 23, 2007)

When I tried PC-cillin here it first removed AVG immediately. The first thing to try there is remove Avast entirely along with the present firewall. PC-cillin contains it's own personal firewall and clashes with other antivirus programs. That was clearly seen with just the 30day trial version run here. As suspected the only thing found being suspect in the otherwise clean log at this time is  "C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe"


----------



## danj (Jan 23, 2007)

I wasn't running the trial version, I was running the free online scan, which doesn't include it's own firewall.  Why should I uninstall Avast! and Kerio if I have run this online scan many times successfully before with them both present?

thanks


----------



## soccerdude (Jan 23, 2007)

What browser are you using when you do the online scan?


----------



## danj (Jan 23, 2007)

Firefox, which is what I have always used for these scans


----------



## PC eye (Jan 23, 2007)

You weren't required to install PC-cillin in order to run House Call there? Apparently it generally doesn't work with FireFox and simply doesn't run with it like IE. In other words it's geared for running through IE. You were fortunate to see it run completely with FF not IE before.


----------



## danj (Jan 23, 2007)

I tried it with IE.  Still didn't work.  It just closes the browser once it starts scanning just like in firefox.


----------



## PC eye (Jan 23, 2007)

One thing that could hold up the process would be a running firewall. The online scanner there first has to copy some 1mb of data or files to the hard drive for temporary use. Once the scan is completed those are saved results stored. An active firewall or antivirus program would hamper this apparently.


----------



## cricket57 (Jan 23, 2007)

Are you trying to run Housecall for any particular reason - i.e. a possible spyware infection, or just for peace of mind?

Also, tracking cookies aren't necessarily "bad", therefore I wouldn't immediately refute Panda as untrustworthy.  Tracking Cookier are used by many wesites nowadays (e.g. Yahoo, MSN, Amazon, etc) in order for such simple tasks as keeping you logged in, etc.  Programs such as Adaware and Spybot really haven't helped in educating users buy labelling all cookies as "possibly malicious".  A simple emptying of your cookies and cache would remove these without having to use a 3rd party program to perform this...


----------



## danj (Jan 24, 2007)

Tried completely disabling firewall. still no luck

in reply to cricket57
I am using this scan because I trust trendmicro and no matter how good an antivirus program is, they never pick up everything (I'm sure some will argue otherwise).  I use Avast as a resident scanner and do full scans with Avast, Trendmicro, and Kaspersky about once a month.  The latter two being online scanners.

Also, I don't like cookies.  I clear my temp files, cache, and cookies frequently.  My computer is fast enough to deal.  It's not that I'm constantly going to sites to "find" Trojans, I'm just very cautious.  Haven't had a crash in 10 years of comp usage.

thanks for your continued help.

Any other suggestions?  It's funny, it closes any other browser windows I may also have open. (and yes I usually close all programs and windows when I do a scan).


----------



## PC eye (Jan 24, 2007)

What if any software changes have you made lately? Another thought there is the time stamp for the last scan you saw run successfully. When going to run House Call as mentioned before it automatically copied some 1mb of data to the hard drive. Those would have date and time encoded into them. How long is the time period seen between the scans that did run? over or less then 30days?

 PC-cillin was reviewed here and as expected found a few things missed by both AVG 7.5 and AdAware. But Spyware Terminator also find the data miners that AdAware missed as well as those found by AdAware that others miss. It's a catch 22 were you use one thing to pick up where the other left off.


----------

