Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

TREND Antivirus Software is in Overdrive!


  • Please log in to reply
10 replies to this topic

#1 NCSUwolfie

NCSUwolfie

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:01:14 AM

Posted 02 July 2013 - 04:05 PM

Hello!

 

I am new to this forum & wanted to see if I could get some help with my laptop so that I could attend to the problem myself.  Thank you for the opportunity to post!

I have a Dell Latitude D630.  It was issued to me by my "company" (employer to remain anonymous) in 2009, I believe.  It has Windows Vista on it & has really been a good machine.  I have  mainly used Internet Explorer as my web browser, but the company is switching over to Google Chrome in the near future.  At any rate, TREND MICRO OfficeScan is the virus protection software on this machine, & for the last 3 weeks or so, it has been in overdrive.  As soon as the computer has booted up, an OfficeScan Notification Message  pops up saying "OfficeScan detected a Web security policy violation and blocked the URL(s) listed below."  Sometimes, there might be 50 instances of weird websites that have been blocked in 5 minutes time.  How in the world do I stop this?

A computer techie that I know suggested that I go to "Add/Remove Programs" to see if strange websites related to coupons, mysearch, etc.  I did that & found some "xvid" website & deleted it.  I deleted a couple of other things that I no longer use.  This has not helped.  Again, does anyone have any suggestions as to how I can get rid of whatever is causing this problem?

 



BC AdBot (Login to Remove)

 


#2 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:04:14 PM

Posted 02 July 2013 - 06:19 PM

Hello wolfie and Welcome -

:step1: Download Security Check by Screen317 from Here
* Save it to your Desktop.
* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt; please post the contents of that document.
Note: If a security program requests permission to access the Internet, allow it to do so.

 

:step2: Please download MiniToolBox, Save it to your desktop and run it.
Now : Close any Firefox browsers you may have open
Checkmark the following boxes:
•Flush DNS
•Report IE Proxy Settings
•Reset IE Proxy Settings
•Report FF Proxy Settings
•Reset FF Proxy Settings
•List content of Hosts
•List IP configuration
•List last 10 Event Viewer log
•List Installed Programs
•List Users, Partitions and Memory size.
•List Minidump Files
 Click Go and copy / paste the result (Result.txt).

 

:step3: Please download AdwCleaner by Xplode onto your desktop.
*Close all open programs and internet browsers.
*Double click on AdwCleaner.exe to run the tool.
*Vist / Win7 / Win8 users Right click and select Run as Administrator
*Click on Delete.
*Confirm each time with Ok.
*NOTE : Your computer will be rebooted automatically. A text file will open after the restart.
*Please post the contents of that logfile with your next reply.
*You can find the logfile at C:\AdwCleaner[S1].txt as well.

 

 

Thank You -



#3 NCSUwolfie

NCSUwolfie
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:01:14 AM

Posted 03 July 2013 - 09:24 PM

Thank you for your quick response, Aussie Addict!

I tried your suggestion, which was very detailed & precise, & it has not worked.  TREND is still in overdrive. 

 

I noticed that I could not save the Security Check & MiniToolbox applications on my desktop.  When I double-clicked on each app or program, the program appeared at the bottom left corner of the page.  If I right clicked on it, there were four options.  "Open" was one, "Cancel" was another, & I don't remember the rest.  Otherwise, I could go through all the steps with no problem. 

I don't know if this information is helpful, but my browser has been Internet Explorer 7.  I also have used Facebook extensively on this computer &, of course, have accessed quite a few different web pages.  I use flash drives with this laptop frequently, as well. 



#4 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:04:14 PM

Posted 03 July 2013 - 09:28 PM

Hi -

You should have at least IE8 or IE9 these days.

Can you get anything in Safe Mode with Networking? Directions @ Windows7 forum area -

 

Thanks -



#5 NCSUwolfie

NCSUwolfie
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:01:14 AM

Posted 05 July 2013 - 06:22 PM

I checked &, the last time my techie friend worked on the computer, he updated the browser to Internet Explorer 8.  I had forgotten that.

However, I am mainly using Google Chrome now.  

I don't know about safe mode.  

Also, here is a partial URL that is popping up all the time in the TREND messages:  http://95.211...



#6 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:04:14 PM

Posted 05 July 2013 - 06:36 PM

How to start Windows in Safe Mode Try these directions -
 

Now you must Disable your Antivirus to see if there is any change -



#7 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:04:14 PM

Posted 11 July 2013 - 12:45 AM

Hello -

You have not posted back for a week, do you still require help with this problem ??

 

Thank You -



#8 NCSUwolfie

NCSUwolfie
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:01:14 AM

Posted 12 July 2013 - 03:26 PM

Thank you for asking!

Let me preface my comment by telling you that I am a person who just likes to use the computer without investigating what operating system it uses, how many gigabytes the hard drive can hold, etc. etc.  So, that is probably why my inquiry is a little uninformed.  I have learned some things through this process of trying to figure out how to fix this laptop.

 

This laptop has Windows XP on it.  There is a Windows Vista sticker on the laptop.  I don't get that.  I have been using Internet Explorer 8 as my web browser for a few months but now am primarily using Google Chrome.  Of course, TREND MICRO Office Scan is the virus protection software.

I did a little research on safe mode.  I ended up on about.com.  I followed the steps given on about.com, as I was not on the laptop & did not have my log-in for bleeping computer.com when I was researching.  Any way, I think I am still in safe mode.  I went through the steps & the screen shown before I restarted the computer showed "Safe" in all four corners.  After restarting the computer, it does not show "Safe" in all four corners.  Am I still actually in safe mode?

You said to disable the antivirus software.  I do not see how to do that.  Sometimes, that red shield pops up down at the bottom of the screen with a message that the antivirus software is turned off.  Well, it is not there now, meaning the TREND protection is indeed on.  How would I disable it?

One new discovery - I clicked on the icon for the TREND virus protection software.  Wow!  It showed how many files had been scanned, last file scanned, etc.  In the box about virus/malware, it says there is 1 infected file.  Next to "last virus/malware found," it says "Mal_Hifrm from C:\DocumentsandSettings\NetworkService\LocalSettings\TemporaryInternetFiles\Content.IE5\GRI\JGQN\ads[2].htm."  Bingo!  There is the problem.
Do you know what this is & how I get rid of it?

Thanks! 



#9 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:04:14 PM

Posted 12 July 2013 - 03:48 PM

EDIT - Please post the items requested at Post #2 first, then run the scans listed below -

 

Trend Micro Threat Encyclopedia - MAL_HIFRM Low risk
Aliases: Trojan.Dowiex!inf(Symantec), Troj/Fujif-Gen(Sophos), Trojan-Downloader.HTML.Agent.bp(Kaspersky), HTML/IFrame.Agent.E(Avira), HTML/IFrame (exact)(F-Prot)

You may need to disable Trend Antivirus just while you run these scans, but enable it once finished

 

If you have any of these programs, please Update prior to any scan

 

Download Malwarebytes Anti-Malware Free (aka MBAM) to desktop and install it
Always check for updates if not done during the install
Run a Quick Scan only

You should be able to remove all items found, unless you see any Genuine program listed
Copy / Paste the report it generates back here

Reboot after you post the log -

 

 

Download SUPERAntiSpyware Free (aka SAS) and install it to desktop
Always check for updates if not done during the install
Select Quick Scan only

You should be able to remove all items found, unless you see any Genuine program listed
Copy / Paste the report it generates back here

Reboot after you post the log -

 

 

Please download AdwCleaner by Xplode onto your desktop.

*Close all open programs and internet browsers.
*Double click on adwcleaner.exe to run the tool.
*Click on Delete.
*Confirm each time with Ok.
* NOTE :Your computer will be rebooted automatically. A text file will open after the restart.

*Please post the contents of that logfile with your next reply.
*You can find the logfile at C:\AdwCleaner[S1].txt as well.

 

Finally -

Download TFC by Old Timer to your desktop
 •Close any open windows.
•Double click the TFC icon to run the program
•TFC will close all open programs itself in order to run,
•Click the Start button to begin the process.

•Allow TFC to run uninterrupted.
•The program should not take long to finish it's job
•Once its finished it should automatically reboot your machine,
•if it doesn't, please manually reboot to ensure a complete clean

No log is generated, but it may tell you how much in Temp Files are removed

 

 

Thank You -


Edited by noknojon, 12 July 2013 - 06:08 PM.


#10 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:04:14 PM

Posted 18 July 2013 - 06:00 PM

Use these methods to Disable your Trend Micro (depends on version) while doing these scans.

Trend Micro is well known for blocking simple downloads at times -

Trend Micro Titanium
 

  • Right-click the Trend Micro icon in System Tray.
  • Click “Protection Against Viruses and Spyware”.
  • Click OK on the Protection disabled screen.

OR
 

  • Click the Trend Micro icon in the System Tray.
  • When the User interface opens, click the Settings button.
  • Select the Virus and Spyware control tab.
  • Click “Scan preferences”.
  • Uncheck the box next to “Scan for threats when opening, saving, or downloading files”.
  • Click OK.
  • Click OK on the “Protection disabled “ screen.

If your version is not covered please tell me of your specific program version.

 

Thanks -



#11 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:04:14 PM

Posted 18 July 2013 - 09:08 PM

From Trend Micro RE : Mal_Hifrm

This is like doing the scans I listed above with, TFC (Temp File Cleaner) and SUPERAntiSpyware (cookie cleaner)

 

Please clear your temporary files by doing the steps below:

------------------
CLEAR IE CACHE
------------------

1. Click on START> CONTROL PANEL
2. Double click on INTERNET OPTIONS
3. Click on DELETE COOKIES
4. DELETE FILES
5. Click on APPLY

---------------------
Deleting Temp Files
---------------------
1. Click Start >>  Run 
2. Type:   %temp%
3. Click OK
4. Highlight all the files inside the folder by clicking on CTRL + A
5. Press the DELETE button from the keyboard
---------------------------
Perform Disk Cleanup
---------------------------
1. Double-click the My Computer icon on the Dekstop.
2. Right-click Local Disk (C )
3. Click Properties
4. Click the Disk Cleanup button
5. On the Disk Cleanup tab, click on the check boxes beside the following files to be removed
      Temporary Files
      Recycle Bin
      Downloaded Program Files
     Temporary Internet Files
6. Click OK






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users