Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

"A recent attempt to attack your computer was blocked"


  • Please log in to reply
2 replies to this topic

#1 Carfan500

Carfan500

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Local time:11:22 AM

Posted 04 October 2009 - 04:43 PM

Hi, I'd like to thank everyone here for cleaning my computer! :thumbsup:

I have a question regarding my Norton Antivirus. Yesterday it came up with a notice saying that "A recent attempt to attack your computer was blocked". I clicked "view details" and it said that the IP 64.34.178.161, 80 had tried to download an HTTP Acrobat Suspicous Executable File Download from the URL 64.34.178.161/ittp/load.php?id=2. I wasn't on that website though, I was on a well-known safe site. Could someone please explain what happened?

BC AdBot (Login to Remove)

 


#2 garmanma

garmanma

    Computer Masochist


  • Staff Emeritus
  • 27,809 posts
  • OFFLINE
  •  
  • Location:Cleveland, Ohio
  • Local time:11:22 AM

Posted 04 October 2009 - 05:42 PM

Not sure but it could be Adobe Reader or Adobe Flash Player trying to update
Mark
Posted Image
why won't my laptop work?

Having grandkids is God's way of giving you a 2nd chance because you were too busy working your butt off the 1st time around
Do not send me PMs with problems that should be posted in the forums. Keep it in the forums, so everyone benefits
Become a BleepingComputer fan: Facebook and Twitter

#3 Papakid

Papakid

    Guru at being a Newbie


  • Malware Response Team
  • 6,549 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:22 AM

Posted 05 October 2009 - 11:01 AM

I wasn't on that website though, I was on a well-known safe site. Could someone please explain what happened?

Not sure what site you are thinking you weren't on, but can you tell me what was the legitimate site that you were on? Did you download or try to download a PDF file?

I don't use Norton, but best I can tell it was doing its job and blocked a malicious PDF file download.
http://www.symantec.com/business/security_....jsp?asid=23218

However, because they use the word "suspicious", it could also be a false positive. As recommended in the Symanatec article, scan with Norton, and then your other security scanners and see if anything turns up. BTW, ignore their recommendation to turn off System Restore before a scan--it is a ridiculous practice by Norton and other AV companies.

Also go to Adobe's website and make sure you have the latest version of Reader. Older versions are vulnerable to attack so should be kept at the latest version.

The whois for the IP address does not have to be for the particular web page or site you are on. The one you posted resolves to a web hosting company, which is probably where the PDF file is stored and probably was linked to on the site you did visit. Or was somehow redirected there.

Edited by Papakid, 05 October 2009 - 11:03 AM.

The fate of all mankind, I see

Is in the hands of fools

--King Crimson





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users