1. 12-16-12 11:41 AM #1
    capitalist pig
    capitalist pig's Avatar SBR PRO
    Join Date: 01-25-07
    Posts: 4,994
    Betpoints: 346

    computer getting attacked here again this morning...........

    I have no idea what all this means but here is the screen shot

    Category: Intrusion Prevention
    Date & Time,Risk,Activity,Status,Recommended Action,IPS Alert Name,Default Action,Action Taken,Attacking Computer,Attacker URL,Destination Address,Source Address,Traffic Description
    12/16/2012 11:13:17 AM,High,An intrusion attempt by 5.199.175.46 was blocked.,Blocked,No Action Required,Web Attack: Malicious Toolkit Website 9,No Action Required,No Action Required,"5.199.175.46, 80",oplamon.info/local_url/pubsphoto.php?spotlight=900&smiles=469&promos=55&arcade=456&firefox=994,"VALUED-C0DCCC42 (xxx.xxx.x.x,xxxx0"TCP, www-http"
    Network traffic from oplamon.info/local_url/pubsphoto.php?spotlight=900&smiles=469&promos=55&arcade=456&firefox=994 matches the signature of a known attack. The attack was resulted from \DEVICE\HARDDISKVOLUME2\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE. To stop being notified for this type of traffic, in the Actions panel, click Stop Notifying Me.

    later
    Reply With Quote Reply With Quote
  2. 12-16-12 11:43 AM #2
    mynameismud
    mynameismud's Avatar Become A Pro!
    Join Date: 02-13-12
    Posts: 5,461
    Betpoints: 8427

    spyware guy.
    Reply With Quote Reply With Quote
  3. 12-16-12 11:44 AM #3
    Sam Odom
    Sam Odom's Avatar Become A Pro!
    Join Date: 10-30-05
    Posts: 58,063
    Betpoints: 37

    Reply With Quote Reply With Quote
  4. 12-16-12 11:45 AM #4
    capitalist pig
    capitalist pig's Avatar SBR PRO
    Join Date: 01-25-07
    Posts: 4,994
    Betpoints: 346

    Quote Originally Posted by mynameismud View Post
    spyware guy.
    From the SBR website?

    later
    Reply With Quote Reply With Quote
  5. 12-16-12 11:50 AM #5
    Saunders FTW
    Saunders FTW's Avatar Become A Pro!
    Join Date: 03-10-08
    Posts: 986
    Betpoints: 322

    Ok thank you, we are looking into this.
    Reply With Quote Reply With Quote
  6. 12-16-12 12:23 PM #6
    SBR Lou
    SBR Lou's Avatar Become A Pro!
    Join Date: 08-02-07
    Posts: 37,863
    Betpoints: 0

    What site were you browsing when you saw this message?

    There are a couple different kinds of messages. Sometimes, like with what we saw with Google, it is as simple as linking a piece of content from a domain that's flagged as suspicious, even if it's totally clean - when that happens, the alert is normally quickly removed, as it was the other day... but it's just that, merely an alert.

    I'm not sure what you've got there, but there is a host of buggy browser hijacking malware out there. These random PC software companies make millions designing programs to clean. All we can confirm is absolutely no malware or "viruses" exist on the SBR community... there is no correlation between the alert from other day to what I see there.
    Reply With Quote Reply With Quote
  7. 12-16-12 01:04 PM #7
    capitalist pig
    capitalist pig's Avatar SBR PRO
    Join Date: 01-25-07
    Posts: 4,994
    Betpoints: 346

    Lou, all I did was come to sbr players talk and the norton box popped up with the info. This is the same norton message from the same attacking computer I got here several times last week.

    later
    Reply With Quote Reply With Quote
Top
« Previous Thread | Players Talk | Next Thread »