Posted 06 October 2008 - 06:37 PM
Glad to be where the pros are, hopefully someone can guide me in the right direction. Yesterday my internet connection got very slow, then the browser froze up. After restarting my computer, I had the message in the lower right corner similar to "limited or no internet activity". I use Trend Micro PC-cillin Internet Security, and a short time later I got an alert about "cryp_fakeav-2". It was shown in a folder I could not access to delete it, and I restored my computer to an earlier point, which did not help.
I also got an alert about some type of an outgoing attempted connection, so I chose to block it. I had never seen this message before. I just figured out that if I turn off my Trend Micro firewall, I can access the internet. The firewall shows "Last Attack Information" on 10/06/08 at 18:25 (a few minutes ago). It shows the source IP address as 126.96.36.199 and shows an attack type of "Security rule matched".
Where should I go from here? I am concerned that if I continue to operate with the firewall off, it could be harmful since it shows a recent attack within the last few minutes? Is there any way to know the type of attack this is or why it is happening? Thank you very much in advance for any help!!