HI all... I have a problem for about month i keep having this message everytime ... i turn on my computer ....Thank you :)

Category: Intrusion Prevention

Date & Time,Risk,Activity,Status,Recommended Action,IPS Alert Name,Default Action,Action Taken,Attacking Computer,Attacker URL,Destination Address,Source Address,Traffic Description

10/06/2018 11:27:02,High,An intrusion attempt by 37.9.175.17 was blocked.,Blocked,No Action Required,

Web Attack: Malicious Executable Download 5,No Action Required,No Action Required,

"37.9.175.17, 80"

,www (dot)forummanazera(dot)sk/cms/sound (dot) exe,  ",37.9.175.17,"TCP, www-http"
Network traffic from <b>www (dot) forummanazera.sk/cms/sound (dot) exe</b> matches the signature of a known attack.  The attack was resulted from \DEVICE\HARDDISKVOLUME5\WINDOWS\SYSTEM32\CERTUTIL.EXE.  To stop being notified for this type of traffic, in the <b>Actions</b> panel, click <b>Stop Notifying Me</b>. 

     [Edit note: Link edited by admin]

Hello Marco

I would suggest that you bring your computer to one of the free malware removal sites and have them help you to diagnose your computer to see if it is clean or infected. If it is infected, they will help you to clean up your computer.

Since you used the site that seems to be infected, I would get rid of that file and stay away from that site. I am not a malware expert, so this is just my opinion.

Have a Good Night and

Thanks.

https://safeweb.norton.com/report/show?url=forummanazera.sk

06-10-16

06-11-18

File: sound.exe
File size: 307 KB (313,856 bytes)
MD5 checksum: 1B5943FF361405F5AC6EAB8997D84249
SHA1 checksum: 6AB99BC44A787C6C6E92E1D66A5DE5298F930E46
SHA256 checksum: BC455B13FB40E47A6307B8D337850CEE84D80B829F7C6861105F685D5E0BC3F9
https://virustotalcloud.appspot.com/nui/index.html#/file/bc455b13fb40e47a6307b8d337850cee84d80b829f7c6861105f685d5e0bc3f9/detection

File: sound32.exe
File size: 275 KB (281,088 bytes)
MD5 checksum: E4E8ACDD14C128E9300D7A8BABD57E72
SHA1 checksum: 159D8B4CBDD7B8062327882F2F07F32B163F7059
SHA256 checksum: A76C0A58202C4326FA9D3D188D9DEB24E58682DB2BFE0682D45B58BE756DFD4E
https://virustotalcloud.appspot.com/nui/index.html#/file/a76c0a58202c4326fa9d3d188d9deb24e58682db2bfe0682d45b58be756dfd4e/detection

Thank you people for your support for now it seems like it work…so thank you very much…

Resetting to factory MAY be a solution, however that would for me personally be a last resort. However since you stated you get this intrusion alert when you boot up, it suggests that you could possibly have a hard drive boot sector infection. If that should turn out to be the case remediation of the infection is priority #1. Run NPE and then MBAM and see what is detected.

Cheers

Thanks you I will try all of it.. when I get time... Now I have message IEcache.exe not found ....so another great thing ... I want to ask would resetting my pc to factory default solve my problem if these steps don't work... thanks.

Hello Marco. You first can run NPE from your Norton dashboard interface under scans.Another recommendation is to download and run Malwarebytes. It is 100% compatible running alongside Norton although I wouldn't set it to load at boot time. Just use it as an on demand tool.

Cheers

http: //www. forummanazera. sk/cms/sound. exe

https://safeweb.norton.com/report/show?url=forummanazera.sk

The process known as certutil.exe belongs to software GeniusBox or Trend Micro Password Manager .
https://www.file.net/process/certutil.exe.html

CertUtil.exe Could Allow Attackers To Download Malware While Bypassing AV
https://www.bleepingcomputer.com/news/security/certutilexe-could-allow-attackers-to-download-malware-while-bypassing-av/

FWIW 

HI all... I have a problem for about month i keep having this message everytime ... i turn on my computer ....Thank you :)

Chat with Official Norton Support

https://www.bleepingcomputer.com/forums/f/22/virus-trojan-spyware-and-malware-removal-assistance/