I am constantly getting a high severity "An intrusion attempt by 188.40.164.237" and also from 91.212.226.63
The risk name is a HTTPS Tidserv Request
This usually shows up along with the info "IPS detection statistical submission"
I'm pretty sure this isn't normal seeing that I've been getting these messages frequently only recently.
Furthermore when I searched "IPS detection statistical submission" on google and tried to click on the links but it redirects me to a variety of different websites!!!!
How do I stop the HTTPS Tidserv Request?! And what's the deal with the IPS detection statistical submission?
If So, The screenshot above was due to TDL3 (also known as "Tidserv"" has infected the disk controller and attempting to connect to the I.P. address(es) to update the patch.
With the above screenshot, Norton was able to block the attempt via "Intrusion Prevention" but couldn't detect the infected disk controller, of which ever one your PC is using.
You will need to choose one of these malware removal forums for expert assistance. Make sure that the name Tidserv is mentioned in the header of your first post.
I've got the same problem, and I guess I'll go through the paces at one of those tech forums. But it sure does seem like a hassle (each user having to be led indivdually through the process.)
Norton can't hire somebody to deal with this for its customers? Makes Norton appear inadequate -- especially because this problem is so common.
me too! Wondering if the best thing to do is reformat and reinstall, any advice?