CONSTANT HTTPS Tidserv Request Intrustion attempts from TWO IP addresses

dra · ‎03-19-2010

I am constantly getting a high severity "An intrusion attempt by 188.40.164.237" and also from 91.212.226.63

The risk name is a HTTPS Tidserv Request

This usually shows up along with the info "IPS detection statistical submission"

I'm pretty sure this isn't normal seeing that I've been getting these messages frequently only recently.

Furthermore when I searched "IPS detection statistical submission" on google and tried to click on the links but it redirects me to a variety of different websites!!!!

How do I stop the HTTPS Tidserv Request?! And what's the deal with the IPS detection statistical submission?

PLEASE HELP!

Quads · ‎07-21-2008

You mean similar to this, (Screenshot from my PC)

TDL3 Tidserv.jpg

If So, The screenshot above was due to TDL3 (also known as "Tidserv"" has infected the disk controller and attempting to connect to the I.P. address(es) to update the patch.

With the above screenshot, Norton was able to block the attempt via "Intrusion Prevention" but couldn't detect the infected disk controller, of which ever one your PC is using.

Quads

dra · ‎03-19-2010

yes that is it. does it mean that my computer is still in danger? because i also got my credit card number stolen (see: http://community.norton.com/t5/Norton-Internet-Security-Norton/Trojan-detected-but-credit-card-still...)

which also sort of coincided with the https tidserv requests starting as well...

most importantly how do i get rid of it?

thanks

delphinium · ‎11-21-2008

You will need to choose one of these malware removal forums for expert assistance. Make sure that the name Tidserv is mentioned in the header of your first post.

www.bleepingcomputer.com

http://www.geekstogo.com/forum/

http://www.cybertechhelp.com/forums/

http://forums.whatthetech.com/

Under certain circumstances profanity provides relief denied even to prayer.
Mark Twain

Cheetos · ‎04-13-2010

I've got the same problem, and I guess I'll go through the paces at one of those tech forums. But it sure does seem like a hassle (each user having to be led indivdually through the process.)

Norton can't hire somebody to deal with this for its customers? Makes Norton appear inadequate -- especially because this problem is so common.