Trend Micro message

[Ken Lang]

I keep getting this message from Trend Micro, altho I am not seeking the listed site nor am I doing anything at all.

As soon as I boot up this 3 month old Win 7 pro computer I get this message, and tho I click it off, it keeps re-occuring maybe every 3 or 4 minutes. It seems to think I am looking for this site. Again, I am doing nothing.

I have run the Trend Micro scan but it came up with no problems.

Help.
Ken

[Ken Lang]

That Trend warning comes up about every minute. + I don't seem to be able to start in the safe mode.

[Wiz Feinberg]

If you had made your image larger I may have been able to read the URL Trend is blocking. This might lead to the culprit.

[Ken Lang]

The site is torrentz.eu/i

Trend says it is dangerous. My point is this message keeps coming up without my doing anything. It's like something is telling my computer to go to this site every minute or so, without my doing anything, and then Trend replying with the message.

Normal Trend scan revels no problem and I don't seem to be able
to get into safe mode via F8 to rescan.

[Wiz Feinberg]

That site allows people to exchange pirated software, music and movies. It is laden with viruses and exploit scripts. Something on your computer is trying to establish a connection to that website, to search for and download some file. Check your browsers for tabs or history tracks mentioning that url.

Some malware and rogue programs store payload files on torrents and attempt to download them once they infect a pc.

[Peter den Hartogh]

Wiz, in this case, would going back to a restore point before the problem occurred help?

[Wiz Feinberg]

Wiz, in this case, would going back to a restore point before the problem occurred help?

Possibly. It is worth trying. Ken, try to run System Restore to a time before the PC was turned off.

[Ken Lang]

I restored the computer to 3/13/12, well before the problem happened. No luck. Still get the same message every 50 seconds. I can shut down the Trend Micro message, but I like being told when I reach a bad site.

[Wiz Feinberg]

Open an elevated (Run as Administrator) command window (CMD) and type netstat -n and see if that IP or URL is listed in the readout. If so, type netstat -b -n and see if the file related to it is also listed.

Before closing the command window, run this command:

ipconfig /flushdns

Check your Windows Firewall logs and and exceptions to see if any entries exist for that URL or its IP.

Finally, reset your router and modem. This usually involves sticking a paperclip inside a tiny hole on the back of the device and holding it in for anywhere from 10 to 60 seconds. This will restore the default settings and also remove any DNS poisoning codes that may have been slipped in by a DNS Changer Trojan.

If you reset the router you must setup your networking and wireless items from scratch.

[Ken Lang]

Got the 1st 4 completed. The IP was not on the list but I cleared it anyway. Hopefully my son will help me as well.

Will reset the router with my son. We have half a dozen computers here, some of them on line as servers.

[Ken Lang]

Just ran free CCleaner. Didn't help.

[Ken Lang]

Well, this morning I opened the computer and no Trend Micro message came up. I think it's gone. Either whatever was causing it timed out, or something I did above took it away.

Once again, thanks Wiz and Peter for the suggestions.
Something you suggested worked.

[Wiz Feinberg]

Let us know if the torrent URL message returns.