Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Trojan Backdoor activity 578

Started by spotted jaguar , Oct 15 2022 03:12 PM
trojan backdoor 578

  • Please log in to reply

#1
spotted jaguar
Posted 15 October 2022 - 03:12 PM

spotted jaguar

    New Member

  • Member
  • Pip
  • 1 posts

Hi, 

I'm getting this message repeatedly (every 2 seconds or so)

 

Norton Blocked an attack by: System Infected:

Trojan.Backdoor Activity 578

 

 

When I view details I get:

 

An intrusion attempt by local host was blocked

No action required

 

Date & Time,Risk,Activity,Status,Recommended Action,IPS Alert Name,Default Action,Action Taken,Attacking Computer,Attacker URL,Destination Address,Source Address,Traffic Description
15/10/2022 22:04:26,High,An intrusion attempt by 37.157.197.143 was blocked.,Blocked,No Action Required,System Infected: Trojan.Backdoor Activity 578,No Action Required,No Action Required,"37.157.197.143, 80",http://37.157.197.14...9,"PETER-LAPTOP(192.168.1.176, 62208)",37.157.197.143,"TCP, www-http"
Network traffic from <b>http://37.157.197.14...6b69fdf2419</b>matches the signature of a known attack.  The attack was resulted from \DEVICE\HARDDISKVOLUME3\WINDOWS\SYSWOW64\RUNDLL32.EXE.  To stop being notified for this type of traffic, in the <b>Actions</b> panel, click <b>Stop Notifying Me</b>. 
 

Norton Power Eraser doesn't find anything.

 

I would appreciate help as to how to remove this problem

 

Thabk you


  • 0

Advertisements

#2
RKinner
Posted 15 October 2022 - 06:42 PM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP

Norton's firewall is stopping attacks from what it thinks is an infected PC called Peter's Notebook.  It seems to think that the source is on your local network.  Your PC is not infected and you can either tell Norton to stop telling you about the attacks or get Peter to get his notebook scanned for viruses.  If 37.157.197.143 is not part of your local network then your router's firewall needs to be turned on.

 

If you are still worried then post your FRST and Addition files per Step 3 of the instructions: http://www.geekstogo...before-posting/


  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics


Also tagged with one or more of these keywords: trojan, backdoor, 578

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP