Hack Attacks

P

pdizzy

Beta member
Messages
4
Hi

During the past few days Norton has been reporting Intrusion attacks coming from various IP's and being

System Infected: Tidserv Activity
or
Web Attack: Blackhole Toolkit Website 3

Sometimes the IP also includes a website address something like b5erty.......

I have also noticed that I can no longer access the Microsoft XP update site with Explorer reporting that there is a connection problem.

Thanks in advance.

PD

Just an update to say that the latest attacks are reported to come from:-

5berty3uertb.com - ip 91.199.75.65,443

PD
 
Hmm, that's a interesting problem. I would recommend checking your dns settings. Also put a hardware router in between you and the internet. That will drastically reduce the attack hitting your PC.
 
How on earth would that be a DNS issue?!? impossible! All DNS does is translate an IP address to a 'human-friendly' name e.g. 216.239.51.99 would be translated to google.com. Even if the DNS address had been changed it would just mean that address's wouln't translate correctly.

Out of curiosity is your AV updating? The reason I say this, is because this sounds like the activity of 'Fake-AV' as 'Fake-AV' stops the updating of legitimate AV programs as well as downloading Windows updates.

You may wish to try downloading and installing the following application used to remove the most common fake-av applications.

Download Remove Fake Antivirus 1.76 Free - This application is used to remove fake Antiviruses from your computers - Softpedia
 
I agree highly with MattJones with the DNS issue i do not believe this is the problem.. But infact a Fake-AV, Now going on with what matt as said do you have any user accounts on your computer that are passworded? Reason i ask is i have dealt with many laptops with fake AV "System tools 2011 etc" and sometimes going in to another User account will allow you to update your AV in my experience "Sophos" and then doing a full scan after updates have installed, the Fake-AV removed like a troopa
 
Well, a DNS cache can be poisoned to misdirect and prevent access. Anyways, I would recommend changing to a better antivirus and doing a malware scan. If you became infected your hostfile could be compromised. Also mattjones you got how a dns works backwards. It translates a human-friendly name to a ip address. Not the other way around.
 
Yup gotta go with Atari on that one too.... Try malwarebytes, all fraudulent/fake AV's i've encountered in windows are pretty easily conquered by malwarebytes :)

EDIT: Sorry didn't realise BrokenAtari's link was also to MalwareBytes lol my bad
 
You must log in or register to reply here.

Similar threads

O
hello & mostly clueless & would appreciate mac security help after trojan attack!
Replies
0
Views
931
once2023
O
H
My battle with WPSpamAIBot1gpt
Replies
3
Views
777
hamsheena
H
R
gigabyte GA-H170M-D3H boot loop power issues , and no display
Replies
5
Views
1K
ripo66
R
I
Greetings, new here!
Replies
2
Views
539
grantheo
grantheo
G
How to prevent online applications from getting information about my device
Replies
9
Views
2K
Scissorman
S
Back
Top Bottom