July 24, 2008 02:18pm pdt

1. rpggamer... 86,966
2. IndiGenus 49,400
3. moh10ly 15,306
4. briancassin 13,000
5. younghv 12,560
6. phototropic 8,760
7. michko 6,432
8. johnb6767 5,530
9. debuggerau 5,150
10. orangutang 4,500
11. war1 4,100
12. Richard_... 3,500
13. flubbster 3,440
14. and235... 3,400
15. willcomp 3,200

1. rpggamer... 123,003
2. IndiGenus 64,715
3. michko 36,302
4. younghv 34,248
5. phototropic 26,270
6. Sheharya... 24,425
7. war1 18,030
8. moh10ly 17,207
9. johnb6767 17,050
10. r-k 16,149
11. briancassin 13,000
12. orangutang 8,500
13. rindi 7,598
14. Jonvee 7,515
15. and235... 7,350

12.30.2007 at 11:54AM PST, ID: 23049938

	[x] Attachment Details

[x]

The Solution Rating System

With so many solutions, how can you tell which solutions are most likely to help you and which ones are not? To provide you with a tool to use, we rate our solutions based on various elements that most accurately determine if a solution is a quality solution. To explain what factors affect the solution rating, here are the elements we take into consideration when formulating our solution rating.

The Grade of the Solution
The Zone Rank of the Expert Providing the Solution
The Number of Author and Expert Comments
The Number of Experts Contributing
The Feedback of the Community

Your Input Matters
Because of the way the system is set up, the most important variable in this equation is you. As a member of Experts Exchange, you are able to cast your vote on the quality of the solutions in regard to how complete, accurate, helpful and easy to understand each solution is. When you provide your feedback, each rating is adjusted accordingly. So, if you see a solution that has a poor rating that you think is a good solution, let us know by rating it. As you do, the rating will be adjusted and will become more accurate for other members of our site.

If you have any suggestions that you would like to make for our rating system, please ask a question in the Suggestions Zone of Community Support.

Thank you!

4.1

May Day! Help - Attacked with mysterious virus!!

Zones: Desktop Anti-Virus, Microsoft Windows Operating Systems, Operating Systems Network Security

Tags: Microsoft, Windows XP, SP2, Installed Norton Anti Virus 2007 and it's Firewall well tuned up.

Hello All,

Since a fortnight, am observing strange problems within Network (clogs) and Virus Attacks on my Internet Cable based connection. This is a 256 Kbps line.

Problem I can see is:

a) A script or attacked is launched from a remote server/machine. It's domain address is 222360.com. Attacks happened from union.222360.com, s.222360.com and now with v.222360.com.

b) Once the scripts is launched (.js script), it gets hooked within my browser (Firefox 2.0.0.11).

c) Then, my internet activity will be disrupted severely for some time!! (can't open any page). I am using "Adblock Plus" within Firebox to block this script off.

d) Is there is no script, an attacked is launched on the open HTTP ports or on Yahoo Messenger.

e) Ultimately, an attack is made in form or Trojan or Exploit to gain access or to steal information from my system.

I can see the following logs from the NAV 2007 firewall.

Connection: v.222360.com: http(80).
from TOPOL-M: 1553.
369 bytes sent.
212 bytes received.
15.375 elapsed time.

Attempted Intrusion "HTTP ANI File Anih Hdr Size BO" against your machine was detected and blocked.
Intruder: v.222360.com(http(80)).
Risk Level: High.
Protocol: TCP.
Attacked IP: TOPOL-M.
Attacked Port: 1511.

I have made a Rule in the NAV 2007 firewall, here it shows the same rule:

Rule "Union Threat" blocked communication.
Local address: All local network adapters(1526).
Process name is "C:\Program Files\Java\jre1.6.0_03\bin\javaw.exe".

Source: C:\Documents and Settings\Sukhoi\Local Settings\Temporary Internet Files\Content.IE5\XJRYFZF7\6[1].gif
Risk category: Virus
Overall Risk Impact: High
Performance: 1
Click for more information about this risk : Downloader
Action taken: Blocked

Source: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\BPDPTW3D\web[1].exe
Risk category: Virus
Overall Risk Impact: High
Performance: 1
Click for more information about this risk : Infostealer.Gampass
Action taken: Blocked

My Question is, how to stop this menace? How to block this attack completely? Please answer.

Start your free trial to view this solution

Question Stats

Zone: Virus & Spyware

Question Asked By: sunilonline

Solution Provided By: the_b1ackfox

Participating Experts: 4

Solution Grade: B

Translate:

Loading Advertisement...