• All Community
    • All Community
    • Forums
    • Ideas
    • Blogs
Advanced

Not what you are looking for? Ask the experts!

Kudos0

Attack Help.

Hi. This is my first thread I do not know whether or not I am posting it correct sub-forum.

It seems that I am under attack by some computer pirates. My computer security knowledge is very poor. I cannto understand what they try to do and how they find me. So I need some help. This is the screen-catch of the problem. I do not want to be under their attack often so what should I do?

Thank you.

Labels: ransomware

Replies

Kudos0

Re: Attack Help.

Hello mech-eng

You can visit one of the free malware removal sites where the experts will help you to test out your computer to see if it is infected.. If it is infected, they will help you to get it cleaned up safely. If you have any questions, you can ask them and they will go as slowly as needed. Here is the list of sites.

Please see this link for an up to date description of these sites plus the addition of a newly listed site formed by one of our successful malware remover users who unfortunately has passed away. That site is still being run by a good expert who happens to be one of the other Gurus.  The new site is listed first in this link.

https://community.norton.com/en/forums/malware-removal-forum-recommendations

Please come back and let us know how you made out.

Thanks.




 

Success always occurs in private and failure in full view. Windows 10 Pro 64 bit Norton Core Security Plus 22.18.0.213 Core Firmware 282 I E 11 Chrome latest version.
Kudos1 Stats

Re: Attack Help.

Hi, mech-eng. Was this a one off attack, or are you under constant attack ?

If a one off, I wouldn't be too concerned if everything is running ok.

Norton blocked the attack as it should, with no further action required.

To set your mind at rest, you could run a full scan, to confirm all is ok.

Windows 10 Home X 64
Kudos0

Re: Attack Help.

The attack, as I perceive it, started yesterday evening, but it still going on today morning. It seems strange to me that they continue this. I am not very sure is it because of something hiding in my PC or because they know my IP address. I have made a full system scan and cleaned some viruses and tracking cookies.

What is "attacker url: disorderstatus.ru/order.php"

Thank you.

Kudos0

Re: Attack Help.

This is malware. Do not attempt any more self fixes. Go to one of the free malware removal sites floplot has listed above, where an expert will work with you to clean your system.

Stay with the expert you choose, until your system is declared clean.

Windows 10 Home X 64
Kudos0

Re: Attack Help.

F 4 E:

This is malware. Do not attempt any more self fixes. Go to one of the free malware removal sites floplot has listed above, where an expert will work with you to clean your system.

Stay with the expert you choose, until your system is declared clean.

If this is a malware, why cannot Norton clean it up? And how can you understand that this is a malware and how can I find where is it hiding?

Thank you.

Kudos2 Stats

Re: Attack Help.

Hello Mech-eng

If you Google the attacker url, you will see various sites telling you how to remove it. If all those sites are trying to remove it, it must be malware. However, do not try any of those self fixes. Norton can not fix 100 % of every type of malware out there.

Please visit one of the sites that I have mentioned in that link I gave you. The site will tell you what scans to run to start off and you post the results of the scan in your thread. You will then work 1 to 1 with a malware removal expert. He/she will tell you how and what to run and guide you along the way. They won't tell you to do anything dangerous to your computer without telling you so. If you have any questions you can ask and they will go as fast or as slow as needed. The expert will help you to find the malware and to clean it up. Please stay with the expert until they say your computer is clean. This usually takes place over a couple of days. The expert may create special scripts for you to clean up the malware.

If you try to clean this up by yourself, you may end up making it worse.

Thanks.

Success always occurs in private and failure in full view. Windows 10 Pro 64 bit Norton Core Security Plus 22.18.0.213 Core Firmware 282 I E 11 Chrome latest version.
Kudos0

Re: Attack Help.

floplot:

If you Google the attacker url, you will see various sites telling you how to remove it. If all those sites are trying to remove it, it must be malware.

I would not recommend this as a way to determine if something is malicious or not.  A lot of websites selling shady malware removal products will call just about anything a virus, based on the fact that many malicious files have the same names as legitimate files, and unwary users may not know the difference.  You can get yourself into trouble, for example, if you assume that entries called "how to remove iexplore.exe virus" on a Google search mean that all files named iexplore.exe are dangerous.

I think we can say that the computer in question here is likely infected because Norton IPS is indicating "System Infected," which means the communications being blocked are typical of malware connecting to servers hosting additional payloads or instructions.

Accepted Solution
Kudos1 Stats

Re: Attack Help.

Hello SOJ

I did recommend that the customer should go to one of the free removal sites and so did F 4E. The recommendation was the first thing I did and my suggestion was backed up. The removal site would confirm or deny if it was malware. I also told him not to try any of the self fixes. He was wanting to fix the issue on his own. He had already said that Norton had cleaned some viruses but not that one..

 The sites I saw were not trying to sell programs. SOJ, you are making it sound like I am giving bad advice in the open Forum.. This isn't the location or the method...And I tried to help a brand new customer to this Forum and I told him to do the correct things----- to go to a free malware removal site and not to try any of the free self fixes.

Thanks.

Success always occurs in private and failure in full view. Windows 10 Pro 64 bit Norton Core Security Plus 22.18.0.213 Core Firmware 282 I E 11 Chrome latest version.
Kudos0

Re: Attack Help.

Hello

Here is Virus Total information for that attacker url.

https://www.virustotal.com/en/url/9327dba6048752b51c9d8e1d76cf2b6df7a34efdd4fae7ff51ac4c9e3abe2d8d/analysis/

Thanks.

P.S. To my previous post. I did not Google a file, but rather an attacker url. The customer was asking about a website, not a file or even a name of a virus.

Success always occurs in private and failure in full view. Windows 10 Pro 64 bit Norton Core Security Plus 22.18.0.213 Core Firmware 282 I E 11 Chrome latest version.
Kudos0

Re: Attack Help.

floplot:

Hello

Here is Virus Total information for that attacker url.

https://www.virustotal.com/en/url/9327dba6048752b51c9d8e1d76cf2b6df7a34efdd4fae7ff51ac4c9e3abe2d8d/analysis/

Thanks.

P.S. To my previous post. I did not Google a file, but rather an attacker url. The customer was asking about a website, not a file or even a name of a virus.

It's strange that when we write attacker's url in the browser, the site do not work.

Kudos0

Re: Attack Help.

floplot:

Hello SOJ

I did recommend that the customer should go to one of the free removal sites and so did F 4E. The recommendation was the first thing I did and my suggestion was backed up. The removal site would confirm or deny if it was malware. I also told him not to try any of the self fixes. He was wanting to fix the issue on his own. He had already said that Norton had cleaned some viruses but not that one..

 The sites I saw were not trying to sell programs. SOJ, you are making it sound like I am giving bad advice in the open Forum.. This isn't the location or the method...And I tried to help a brand new customer to this Forum and I told him to do the correct things----- to go to a free malware removal site and not to try any of the free self fixes.

Thanks.

Yes, they try to help but it seems that removing a malware is a tedious, complex and long process. I would like to learn that why antiviruses are not very effective for malwares?

Thank you.

Kudos0

Re: Attack Help.

Hello Mech

That site was popular in 2015. Perhaps it has been taken down. When I did put the url into Virus Total, it did show up as a bad site. You should be glad that the url does not work any more since that domain is a malicious one.

Going to one of the malware removal sites might be a long process, but it is a safe process and it will protect your computer once it is removed. From what I have seen, it is a very persistent site and is difficult to remove. Going to one of those sites will be safer than trying any self fixes. Do one step at a time and you will be able to work through it. The end result will be a clean computer.

Thanks.

Success always occurs in private and failure in full view. Windows 10 Pro 64 bit Norton Core Security Plus 22.18.0.213 Core Firmware 282 I E 11 Chrome latest version.
Kudos0

Re: Attack Help.

Hi,mech-eng. As floplot says, no one program will protect you 100% of the time.

Norton concentrates mostly on antivirus protection, and will normally warn of malicious or phishing sites.

As I said this is malware, and is backed up by the link here from the Avast forum.

https://forum.avast.com/index.php?topic=171110.0

This is why we suggested you avail yourself of the free help offered by the malware removal sites we list.

They are experts, and will clean your computer. Self fixing is NOT recommended.

This is the url check from Sucuri.

https://sitecheck.sucuri.net/results/disorderstatus.ru/order.php

Windows 10 Home X 64
Kudos0

Re: Attack Help.

Hi, I have joined one of the malware removal sites recommended. The one-to-one process is going slow. I think there is exactly something secret in my PC. Reason is that 1. Sometimes norton is giving a notification that there is high disk usage and when I try to determine norton cannot connect to internet. It's like something preventing norton to connect to net to prevent monitoring what causes high disk usage. 2. Free space of my hard disk is changing by itself, especially after some freezing. At this point, what do I do? Is it a good idea that I look at to the task manager to see the working processes? May I ask these process here? My knowledge is limited to understand them?

Thank you.

Kudos1 Stats

Re: Attack Help.

Hi, mech-eng. We can't see your computer so it's best to leave it to the malware forum expert you are with to thoroughly investigate what's happening.

They are good at what they do, so let them check things for you.

Windows 10 Home X 64
Kudos0

Re: Attack Help.

Hello

Ask the person who is helping you any questions you may have. Tell him to go slow with you and to explain everything that they want you to do. As F 4E has said, they are the malware expert removers.

Thanks.

Success always occurs in private and failure in full view. Windows 10 Pro 64 bit Norton Core Security Plus 22.18.0.213 Core Firmware 282 I E 11 Chrome latest version.

This thread is closed from further comment. Please visit the forum to start a new thread.