Norton Keeps blocking attack every ten minutes

calfaro1 · ‎10-18-2010

Hello,

My norton 360 keeps blocking attacks every ten minutes. This has occurred since last Thursday. In addition, the blue bar (the one where the start button and all the icons are lined up) keeps turning from blue to grey. Because of this, I called Dell and paid good money for them to clean my computer using malwarebytes. However, the problem still persists.

I have windows XP, Norton 360, and only use firefox. Please help. other information that might be useful is: application path/device/harddiskvolume2/windows/system32/svhost.exe

If there is anything else, I should add to this please inform me. I am a college student. I graduate this year. I cannot afford to have my computer crashing at me, so please help

Quads · ‎07-21-2008

What is the information that Intrusion Prevention is giving for what it is blocking, say HTTP.Tidserv.........???

Quads

calfaro1 · ‎10-18-2010

Sorry for not responding earlier. I had a midterm paper. I was forced to use my brother's computer for it.

Eversince the last time, my computer has been directing me to other websides while being here in Norton Community. I contact the [insert company's name] techinitian. They basically had no idea of what I was talking about. They told me to just click on the stop notification button. Then they tried to restore my pogram twice. It was not successful. Finally, they gave up and told me to keep an eye on it.

Now here is the information from that I get from these notifications:

Risk name: HTTPS tidserve Request 2

serverity: High

attacking computer: 91.212.226.5, 443

source address: 91.212.226.5

traffic description: TCP, https

another one

risk name: HTTPS tidserve Request 2

severity: high

attacking computer: 194. 28. 113.22, 443

source address: 194.28.113.22, 443

traffic description: TCP, https

I have basic computer knowledge. Really, basic, so I cannot very complicated things, but please do help me. I need my computer to graduate. Thank you for your time :)

delphinium · ‎11-21-2008

Hi calfaro1:

Quads isn't online at the moment. Try his instructions in this post.

http://community.norton.com/t5/Norton-Internet-Security-Norton/Constant-quot-blocked-quot-attacks-an...

If you have difficulties gett ing to the sites or web pages, let us know. Let us know also what is found and the results.

Under certain circumstances profanity provides relief denied even to prayer.
Mark Twain

calfaro1 · ‎10-18-2010

I ran the first option given and nothing came up. I have a question on the following directions for the second option that quads provided. The directions from TDSSkiller says:

Download the file TDSSKiller.zip and extract it (use archiver, for example, WInZip) into a folder on the infected (or potentially infected) PC.
Execute the file TDSSKiller.exe.
Wait for the scan and disinfection process to be over. It is necessary to reboot the PC after the disinfection is over.

Ok, so which one should I use? TDSSKiller.zip or TDSSkiller.exe?

Also its says extract it into a folder on the infected pac and use archiver. what does this mean? how can i know where to put it. I am sorry I know I am asking probable obvious questions, but I never had this problem before.

Quads · ‎07-21-2008

The .exe is the same as the one in the zip archive, you can download the .exe version which means you don't need to unzip it.

You can run TDSSkiller from you desktop.

An archiver is a program like Winzip etc. that will extract the file from the .zip archive. Though Windows is able to extract from standard .zip archives.

As I said

"http://support.kaspersky.com/viruses/solutions?qid=208280684

You will see that an .exe version is available for download."

Click on the TDSSKiller.exe. on the TDSSkiller site

Quads

calfaro1 · ‎10-18-2010

I ran the TDSSKiller.exe. It found TDL4 Bootkit. What should I do for now?

Also, thank you for your help and time. I am very grateful.

Quads · ‎07-21-2008

After the Scan is run, showing the TDL4 Bootkit, select Cure from the list (See a screenshot on the TDSSkiller site), once cure is selected in the options click continue and TDSSkiller will restart the PC to Cure the MBR.

Quads

calfaro1 · ‎10-18-2010

It has been three hours since the computer rebooted. The pop ups have stopped, and the task bar has not changed colors. It seems the problem has been solved.

floplot · ‎04-11-2009

Hello calfaro1

If you consider your problem to have been solved, please mark the post which gave you the solution. That way everyone wil know that the thread has been solved and will be able to find the solution quickly. Thanks.

Success always occurs in private and failure in full view.