Trend Micro not detecting xyz popup virus

  • 1
  • Problem
  • Updated 4 days ago
  • Acknowledged
  • (Edited)
I've recently gotten a popup virus on my computer that will show up on my desktop when I start up the computer and every hour or so after that. It sihows news articles and the popup advertises the website iklik.xyz. I did a fullscan with my Trend Micro and it didn't find anything wrong.

Edit: I'll post a screenshot when it pops up gain
Photo of outback10

outback10

  • 230 Points 100 badge 2x thumb

Posted 2 weeks ago

  • 1
Photo of Tom Emmelot

Tom Emmelot, Champion

  • 25,562 Points 20k badge 2x thumb
Hi outback10

Looks like a PUA, what you installed with your permission!
Uninstalling Potentially Unwanted Applications (PUA)
https://esupport.trendmicro.com/en-us/home/pages/technical-support/1105484.aspx?cm_mmc=Community-_-S...
Resetting your web browser for performance and website redirection issues
https://esupport.trendmicro.com/en-us/home/pages/technical-support/1096707.aspx
Hope this helps, here from you.

Kind regards,
Tom


(Edited)
Photo of TM_Joemar

TM_Joemar, Official Rep

  • 1,330 Points 1k badge 2x thumb
Hi outback10,

Welcome to the Community!

Yes. Please provide a screenshot so we can easily identify the root cause of the issue.

You may also try our free tool specialized in malware detection.
Download it here:
Scanning your computer using Trend Micro HouseCall (For Home Users)

Regards,
Joemar
Photo of outback10

outback10

  • 230 Points 100 badge 2x thumb


Also in response to Tom Emmelot, I don't have any recently downloaded programs from untrusted sources that would cause this, except for possibly two microsoft updates titled "Microsoft Office 365 ProPlus - en-us" and "Update for Windows 10 for x64-based Systems (KB4023057)" which were installed two days ago, both have Microsoft Corporation as the pubilsher.

I didn't manually installing those but I assumed they were legitimate updates. Could those be the issue?

Edit: Also housecall found no issues with my computer.
(Edited)
Photo of Tom Emmelot

Tom Emmelot, Champion

  • 25,312 Points 20k badge 2x thumb
Hi outback10

The only way you can get this PUA (no Virus), is by side installing with a other program!!
Timesindia.xyz must be in the programs list to uninstall , but the name is on-none, but must be installed lately!
If you uninstalled already then follow this.
Resetting your web browser for performance and website redirection issues
https://esupport.trendmicro.com/en-us/home/pages/technical-support/1096707.aspx

Kind regards,
Tom

Photo of TM_Joemar

TM_Joemar, Official Rep

  • 1,330 Points 1k badge 2x thumb
Hi outback10,

I don't think that those two programs would be the cause of the issue.
Do you have any luck on taking a screenshot of the popup? If yes, please attach it here so we can have a look at it.

Also, can you screenshot the installed programs on your computer, there might be an installed program that might cause it.

Regards,
Joemar
Photo of outback10

outback10

  • 230 Points 100 badge 2x thumb
I already attached a screenshot of the popup but will attach it again here. Also here's a screenshot of my installed items sorted by date installed but again I'm familiar with every item on there (except for things from Microsoft or Intel but again I'm assuming those are okay).

And again this has only been going on for a few days. So unless the PUA got onto my computer months ago and has remained dormant until now there's nothing I recently installed on this machine, program or download or otherwise, that would coincide with the PUA's sudden appearance. 

There also isn't any suspiciously named program, xyz format or otherwise, anywhere in my installed Programs and Features


(Edited)
Photo of TM_Mac

TM_Mac, Official Rep

  • 1,310 Points 1k badge 2x thumb
Hi outback10

Try running a scan using the Anti-Threat Toolkit which you can download from here: Anti-Threat Toolkit 

Please tell us the support ID that you will get after the scan so that we can check it on our end as well. 


Regards, 
Mac
Photo of Tom Emmelot

Tom Emmelot, Champion

  • 25,502 Points 20k badge 2x thumb
Hi outback10

Can you provide us with a screenshot of that new popup?

Kind regards,
Tom

Photo of outback10

outback10

  • 230 Points 100 badge 2x thumb

As you can see it has most of the same info on it but streamlined
Photo of TM_Joemar

TM_Joemar, Official Rep

  • 1,290 Points 1k badge 2x thumb
Hi outback10,

Would it be okay with you if we can remotely access your computer to check what might be causing these popups?

Regards.
Joemar
Photo of outback10

outback10

  • 230 Points 100 badge 2x thumb
Sure that would be fine. How would I help set that up?
Photo of TM_Joemar

TM_Joemar, Official Rep

  • 1,290 Points 1k badge 2x thumb
Hi outback10,

Sorry for the late response. I'll send you an email and we'll do our conversation there regarding this case.

Regards,
Joemar