Intrusion attack!

I have this norton AV which often tells me that it has blocked a intrusion attempt from my computer and this particular link opens in my browser.

http://76.74.239.143/zzzzwoeiwoiqi/pdf.php?id=20840&vis=1

Do you guys know whats going on

Find more posts tagged with

SAVE $250 on Your Boot Camp — Use Code "EXAM26"

Exclusively for TechExams members for Infosec Boot Camps starting before April 30, 2026

View Boot Camps

Comments

JDMurray

Lots of hits in Google indicate that it's a known Trojan distribution site. The speculation is that it's trying a known PDF exploit.

nanga

does that mean my machine is infected. !

JDMurray

Update Norton A/V and run a scan.

Ahriakin

Better still **** Norton and get away from that inefficient piece of bloatware...

Turgon

Ahriakin wrote:

Better still **** Norton and get away from that inefficient piece of bloatware...

What do you recommend? I use Norton although it comes free with broadband. What else do you think is *best* commercially or free?

dynamik

I don't want to put words in his mouth, but I bet he'd say something like this:

Ahriakin wrote:

ESET and Kaspersky definitely lead the field. ESET is lighter on resources and a better choice for less intrusive protection (and it has a slightly higher rated AV engine that Kaspersky) but Kaspersky Internet Security has more features (like a full HIPS, SSL interception etc.) that I prefer. Both are great choices though and the only reason I went from freebies back to commercial solutions.

Turgon

dynamik wrote:

I don't want to put words in his mouth, but I bet he'd say something like this:

Ahriakin wrote:

ESET and Kaspersky definitely lead the field. ESET is lighter on resources and a better choice for less intrusive protection (and it has a slightly higher rated AV engine that Kaspersky) but Kaspersky Internet Security has more features (like a full HIPS, SSL interception etc.) that I prefer. Both are great choices though and the only reason I went from freebies back to commercial solutions.

Interesting. I have heard good things about Kaspersky. It's Russian isn't it?

Ahriakin

dynamik wrote:

I don't want to put words in his mouth, but I bet he'd say something like this:
...(snip)....

Right, it's official. Dynamik is simply Johanne's Experimental Forum Database AI getting bored and posting here as an actual person !

And yes Kaspersky is cool

. When you install it you have a simple option to let it ask you for decisions, or operate on it's own in silent mode. The latter I used for the wife's machine and it's never blocked anything it shouldn't or bothered her with a popup dialogue, I chose full control on mine and the granularity of configuration that you do have for each module is great.

shednik

I'm a big fan of comodo internet security myself, I haven't gotten much out of their AV scan but the HIPS and Firewall features are great. Spyware/AV I use a mix of AVG and Spyware Terminator. They are also all free which is nice!

nanga

I am using the Norton Internet security which came along with my machine. It didnt detect anything during the scans as such . I ran the windows defender and a spybot.

Anybody know what is this malware/trojan called specifically. may I can download some tool which might clear this.

JDMurray

Google "PDF Trojan" and read the articles. It's a Trojan that exploits a weakness that has long been in Adobe Reader. The fix is to upgrade Reader to the latest version, or **** it in favor of FoxIt or something similar. I use FoxIt simply because it is faster than AR8 and AR9.

nanga

thanks dude