• Welcome to AlpineZone, the largest online community of skiers and snowboarders in the Northeast!

    You may have to REGISTER before you can post. Registering is FREE, gets rid of the majority of advertisements, and lets you participate in giveaways and other AlpineZone events!

Virus Alerts on AZ

freeski

New member
Joined
Nov 9, 2014
Messages
312
Points
0
Location
Concord, NH
I keep getting Norton virus Alerts here? Category: Intrusion Prevention
Date & Time,Risk,Activity,Status,Recommended Action,IPS Alert Name,Default Action,Action Taken,Attacking Computer,Attacker URL,Destination Address,Source Address,Traffic Description
1/27/2016 7:50:44 PM,High,An intrusion attempt by anticnemioninterring.txvsoutickets.com was blocked.,Blocked,No Action Required,Web Attack: Angler Exploit Kit Website 21,No Action Required,No Action Required,"anticnemioninterring.txvsoutickets.com (188.138.68.11, 80)",anticnemioninterring.txvsoutickets.com/boards/search.php?keywords=1e&fid0=cf8h42h49x32s.157,"OWNER-PC (192.168.1.2, 54136)",anticnemioninterring.txvsoutickets.com (188.138.68.11),"TCP, www-http"
Network traffic from <b>anticnemioninterring.txvsoutickets.com/boards/search.php?keywords=1e&fid0=cf8h42h49x32s.157</b> matches the signature of a known attack. The attack was resulted from \DEVICE\HARDDISKVOLUME2\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE. To stop being notified for this type of traffic, in the <b>Actions</b> panel, click <b>Stop Notifying Me</b>.
 

freeski

New member
Joined
Nov 9, 2014
Messages
312
Points
0
Location
Concord, NH
Happened again. Sometimes there are two attacks one after the other. Category: Intrusion Prevention
Date & Time,Risk,Activity,Status,Recommended Action,IPS Alert Name,Default Action,Action Taken,Attacking Computer,Attacker URL,Destination Address,Source Address,Traffic Description
2/2/2016 6:03:57 PM,High,An intrusion attempt by denunciacionnacifasizma1.nordicinspirations.com.au was blocked.,Blocked,No Action Required,Web Attack: Angler Exploit Kit Website 6,No Action Required,No Action Required,"denunciacionnacifasizma1.nordicinspirations.com.au (204.155.30.173, 80)",denunciacionnacifasizma1.nordicinspirations.com.au/forums/index.php?PHPSESSID=5y&action=986dw835d682d59784.0,"OWNER-PC (192.168.1.3, 60264)",denunciacionnacifasizma1.nordicinspirations.com.au (204.155.30.173),"TCP, www-http"
Network traffic from <b>denunciacionnacifasizma1.nordicinspirations.com.au/forums/index.php?PHPSESSID=5y&action=986dw835d682d59784.0</b> matches the signature of a known attack. The attack was resulted from \DEVICE\HARDDISKVOLUME2\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE. To stop being notified for this type of traffic, in the <b>Actions</b> panel, click <b>Stop Notifying Me</b>.
 
Top