• All Community
    • All Community
    • Forums
    • Ideas
    • Blogs
Advanced

Not what you are looking for? Ask the experts!

Kudos0

Remote Attacker 2

Hi, just recently got a problem on my laptop Hp envy with windows 10. And I noticed that the next day I started it up it toke forever to boot up. Then once loaded decided to check norton history list to find that I got remote Attacker 2 popping up on port 80 local port 50731 or port 443. Protocol 6. Been trying so hard to get rid of it, Downloaded malwarebytes no good ran norton scan no good norton power eraser still no good. By after that time the laptop just froze. So I turned off my WIFI cause he or she who ever was behind remote Attacker 2 was connected remotely. Then restarted my laptop with WIFI still off. And I noticed it booted up quickly with the internet turned off. Problem is still there when WIFI is turned back on. Turned it back off again. Tried to reset internet explorer the rest passed except reset user customisation settings. Booted in safe mode tried it again reset internet explorer then it finally reseted. Then i finally did the same to google chrome with reset. Booted back into normal startup. My laptop was back to normal and remote Attacker 2 in statistics submission never came up again. Hope this solves the problem if anyone gets this problem. Cause this is just some info of what I did to get rid of it.

Replies

Kudos0

Re: Remote Attacker 2

If Remote Attacker 2 is only showing as a Norton Community Watch statistical submission, then it was probably not actually anything malicious.  Those statistical submissions are, in part, meant to reduce the number of false positives by identifying files that could be mistaken for malware.  Check Quarantine, Resolve Security Risks, and Unresolved Security Risks in Norton History.  If Norton had detected anything actually malicious, it would be listed in one of those categories.  I am not sure why your computer would boot more slowly with WiFi turned on, but there are certainly other system problems besides malware that could be responsible.

Kudos0

Re: Remote Attacker 2

Hi just a reply with a screen shot I taken of this problem after it goes through moderator. of the signature ID of remote attacker 2 ID 23318. But so far the ID signature is not listed in Norton's intrusions signature menu. witch Norton needs to add to the list to stop this from happening in the future to help fight cyberattacks. witch it slows down the computers performance when it gets in planted.

Kudos0

Re: Remote Attacker 2

Again, statistical submissions are just part of Norton Community Watch which submits files to Symantec for analysis.  These are not actual malware detections and do not indicate that there are any problems with your system.

Kudos0

Re: Remote Attacker 2

Hi, SendOfJive, so this mean that remote Attacker 2 thing is not a threat.? Cause every time I download something like nvadia GeForce graphics update file from internet explorer it comes up as remote Attacker 2 making it seem like someone is watching me do something. And windows update is not updating all of the sudden to. So would there be a fix for this.?

Kudos0

Re: Remote Attacker 2

If you are seeing it as a statistical submission, it is not a threat.  If you are seeing it as an antivirus or intrusion prevention block, then it would be a threat.  The former is just a file of interest that is not actually Attacker2, the latter would be the real deal.

Kudos0

Re: Remote Attacker 2

Okay I’m just wondering where it came from cause this hole thing is driving me a bit mad. Just won’t the Attacker gone, I’m starting to see changes to the firewall from a weird IP address of 192.168.137.1 connected to my virtual direct adaptor in windows networks adaptors in firewall 192.168.0.16.138 or 192.168.0.16.137 making changes to the firewall settings. Just don’t want it to be a re-image thing.

Kudos0

Re: Remote Attacker 2

Under what category in Norton History are you seeing these Attacker2 entries?  192.168.137 is a local network address, so it is something on your LAN connected to the router, and not anything from the internet.  So almost certainly a device you own, and not a threat.  Make sure you turn off UPnP in the router to prevent anything from making automatic changes to your router without your knowledge.

Kudos0

Re: Remote Attacker 2

Got a new one Signature ID PRHMD ATTACK DATA. IS this something to worry about.?

Kudos0

Re: Remote Attacker 2

Jakelong91:

Got a new one Signature ID PRHMD ATTACK DATA. IS this something to worry about.?

Not if it is under Norton Community Watch.  These are all just files submitted to Symantec for study.  Check Quarantine, Resolved Security Risks, and Unresolved Security Risks - that is where actual malware detections would be found.

Kudos0

Re: Remote Attacker 2

Hi SendOfJive, Nothing found in quarantine menu section.  What are norton actually studding in Norton Community.? They seem to make it look like I got threats on my laptop with all this offending Ulr link on java setup.151exe.

Kudos1 Stats

Re: Remote Attacker 2

Seriously, it might be better not to worry too much about Security History.  I very rarely check it out on my machines.  If there is anything wrong with you machine's security Norton will let you know.

No good will come from worrying about this stuff.

A little bit of knowledge is... well a little bit of knowledge.
Kudos0

Re: Remote Attacker 2

Hi, krusty13 okay as you and SendOfJive and everyone in this thread says to ignore this notification. And there is absolutely nothing to worry about it. I’ll might just go with that And wait if any if does or not popup. Witch nothing has still not popped up yet in security history. Cause I’ve got Norton Community watch turned off now and remote management In administrative settings in norton On all 3 laptops.

Kudos0

Re: Remote Attacker 2

Yes, turning off Community Watch will stop the submissions, and therefore the log entries.

This thread is closed from further comment. Please visit the forum to start a new thread.