Not what you are looking for? Ask the experts!
System Infected: Worm W32.VBNA.b Activity
Hello Norton community,
I am using Norton Security Suite 2012. I have been getting a lot of intrusion attempts (every ten minutes; sometimes every hour). Here are all of the details.
Activity: An intrustion attempt by api.ipinfodb.com was blocked.
Recommended Action: No action required
IPS Alert Name: System Infected: Worm W32.VBNA.b Activity
Attacking Computer: api.ipinfodb.com (220.127.116.11, 80)
Can anyone please advise how I can fix this?
This is the text when I copy this alert to the clipboard:
Category: Intrusion Prevention
Date & Time,Risk,Activity,Status,Recommended Action,IPS Alert Name,Default Action,Action Taken,Attacking Computer,Attacker URL,Destination Address,Source Address,Traffic Description
2012-07-06 13:33:17,High,An intrusion attempt by api.ipinfodb.com was blocked.,Blocked,No Action Required,System Infected: Worm W32.VBNA.b Activity,No Action Required,No Action Required,"api.ipinfodb.com (18.104.22.168, 80)",api.ipinfodb.com/v2/ip_query_country.php?key=e4e497e1ec0a03c3e5e49ab8868bdc755b520583cbf4e31605a016d82147ec63&timezone=off,22.214.171.124 (126.96.36.199),"TCP, www-http"
Network traffic from <b>api.ipinfodb.com/v2/ip_query_country.php?key=e4e497e1ec0a03c3e5e49ab8868bdc755b520583cbf4e31605a016d82147ec63&timezone=off</b> matches the signature of a known attack. The attack was resulted from \DEVICE\HARDDISKVOLUME3\WINDOWS\SYSWOW64\CALC.EXE. To stop being notified for this type of traffic, in the <b>Actions</b> panel, click <b>Stop Notifying Me</b>.