Endpoint Protection

Dear Please,

I am getting this message in my user pcs, i have seen this is only for windows xp computers. help me to solve this issue. how can i stop this kind of issues.

"[SID: 25701] Web Attack: Exploit Toolkit Website 4 detected. Traffic has been blocked from this application: C:\Program Files\Google\Chrome\Application\chrome.exe"

This message mean that symantec Intrusion Prevention Component detected the attack of virus and blocked it.

If you continuously get the message on that system then Check the thread to hide the option

https://www-secure.symantec.com/connect/forums/constant-notification-traffic-has-been-blocked-application-svchostexe

For the Safety you can Run the full scan on System

Check it

http://www.symantec.com/security_response/attacksignatures/detail.jsp?asid=25701

Also Run the SymHelp tool and Submit the suspicious file to symantec

https://www-secure.symantec.com/connect/articles/using-symantec-help-symhelp-tool-how-do-we-collect-suspicious-files-and-submit-same-symante

https://www-secure.symantec.com/connect/articles/symantec-power-eraser-using-symantec-help-symhelp-tool

This means that the IPS component is blocking a malicious attack.

You need to find out what website the machine is attempting to browse to. Is this a user on your network?

This is because the Symantec's IPS is blocking an intrusion attemt on your system. This alert can be caused when you visit any untrusted link. If you are getting this alert while browsing , then your system is safe uptill now. AS a precaution, you can delete your browser cookies to prevent repetation of this trigger.

Hello,

Check this: Web Attack: Exploit Toolkit Website 4

http://www.symantec.com/security_response/attacksignatures/detail.jsp?asid=25701

Do you have any Adobe Applications?

It seems that some of the Applications installed on the machine are not updated with its vendor patches. Please make sure you have these application updated.

Check this:

http://www.securityfocus.com/bid/37331

http://www.securityfocus.com/bid/37331/solution

Would it be possible for you to check on the local machine if all the Products are up to date?

Also, you can Run the SymHelp Utility to check if any suspicious files are found and if there are, submit the same to Symantec Security Response Team.

Using Symantec Help (SymHelp) Tool, how do we Collect the Suspicious Files and Submit the same to Symantec Security Response Team.

Hope that helps!!

Hello,

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Refer this article: http://www.symantec.com/security_response/attacksignatures/detail.jsp?asid=25701

Dear pls help me,

i ve probllem with a malware attack . when i opned my FB account and i want to play game call pool live tour when its loading to play at that time am getting message from norton " An intrusion attempted and blocked by norton"  this is from last three days only from that website remaining website its normal when am browsing. FB is trusted and the game is also trusted how it is possible to attack from a safe website >>

What to do.......????????\

here is the image of norton  contains attack details

......

OS:

windows 7,

Help me plsss///....

Thanks in Advns

The threat is detected by IPS due to a continuous intrusion attempt. This detection triggers when a malicious Advertisement tries to load any malicious script. It is recommended, that you disable any pop-ups and play games over HTTPS service of Facebook to avoid any intrusion attempts.

Thanks for your reply ,, but when i try disable Https service over facebook its saying that U need to enable https service to ensure security ...so what should i do.

https is secure and recommended, why do you want to disable?

hi Brian81 ,, thanks for ur reply...

yes i know that but how to block popups from games in FB..???

after alert msg getting from norton.. and i want to remove the threat from my pc.

i ve scanned full pc three times nothing found ,.

and i used malware bytes no use evrything is normal..

norton power remover showing 0 risk items ..

 i tried  symantec help also nothing wrong with my pc..

but when i want to play that game its loading and alert is asusual .....

attempt blocked by norton ...

i ve checked all progrms they are up to date..

..How to stop that attempt ....?????
 

block the attacking computer 82.113.52.62

Since the threat was already blocked by Norton, so your system is secure. It is advisable to move on HTTPS, or you can selectively block the IP.

ok. i got it but how to do that tell me pls bcoz am new to this ...

how to block that IP address

you have desktop firewall, create a rule to block the IP.

i tried and its not working still getting message from norton "attempt blocked bt norton"

now what??