1. rpggamer...104,680
2. xmachine38,776
3. warturtle26,625
4. Admin3k24,968
5. moh10ly21,621
6. David-Ho...14,272
7. greyknigh...14,152
8. optoma13,720
9. johnb676713,454
10. JeremySB...12,316
11. legalsrl11,000
12. michko9,380
13. jimmymcp029,230
14. Jonvee8,010
15. younghv7,964
16. phototropic7,584
17. thinkpads...7,300
18. surfer246,860
19. willcomp6,000
20. jcimarron5,600
21. jhyiesla5,510
22. Computer...4,900
23. MikeHolcomb4,862
24. flubbster4,720
25. vvlada4,700

1. rpggamer...376,650
2. IndiGenus144,654
3. phototropic63,469
4. younghv62,228
5. Admin3k53,383
6. michko50,956
7. moh10ly47,062
8. xmachine38,776
9. David-Ho...34,193
10. Sheharya...33,525
11. johnb676733,092
12. warturtle26,625
13. r-k20,399
14. war119,530
15. Jonvee18,325
16. greyknigh...16,352
17. jimmymcp0216,305
18. briancassin16,000
19. willcomp15,438
20. LeeTutor14,872
21. optoma13,720
22. legalsrl13,600
23. orangutang13,500
24. JeremySB...12,316
25. rindi12,270

	[x] Posted via EE Mobile
	Search, ask, and monitor your questions on the go with EE Mobile. Visit Experts Exchange from your mobile device and never be out of touch again.

12/30/2007 at 11:54AM PST, ID: 23049938

	[x] Attachment Details

[x]

The Solution Rating System

With so many solutions, how can you tell which solutions are most likely to help you and which ones are not? To provide you with a tool to use, we rate our solutions based on various elements that most accurately determine if a solution is a quality solution. To explain what factors affect the solution rating, here are the elements we take into consideration when formulating our solution rating.

The Grade of the Solution
The Zone Rank of the Expert Providing the Solution
The Number of Author and Expert Comments
The Number of Experts Contributing
The Feedback of the Community

Your Input Matters
Because of the way the system is set up, the most important variable in this equation is you. As a member of Experts Exchange, you are able to cast your vote on the quality of the solutions in regard to how complete, accurate, helpful and easy to understand each solution is. When you provide your feedback, each rating is adjusted accordingly. So, if you see a solution that has a poor rating that you think is a good solution, let us know by rating it. As you do, the rating will be adjusted and will become more accurate for other members of our site.

If you have any suggestions that you would like to make for our rating system, please ask a question in the Suggestions Zone of Community Support.

Thank you!

4.1

May Day! Help - Attacked with mysterious virus!!

Asked by sunilonline in Desktop Anti-Virus, Operating Systems Network Security, Microsoft Windows Operating Systems

Tags: Microsoft, Windows XP, SP2, Installed Norton Anti Virus 2007 and it's Firewall well tuned up.

Hello All,

Since a fortnight, am observing strange problems within Network (clogs) and Virus Attacks on my Internet Cable based connection. This is a 256 Kbps line.

Problem I can see is:

a) A script or attacked is launched from a remote server/machine. It's domain address is 222360.com. Attacks happened from union.222360.com, s.222360.com and now with v.222360.com.

b) Once the scripts is launched (.js script), it gets hooked within my browser (Firefox 2.0.0.11).

c) Then, my internet activity will be disrupted severely for some time!! (can't open any page). I am using "Adblock Plus" within Firebox to block this script off.

d) Is there is no script, an attacked is launched on the open HTTP ports or on Yahoo Messenger.

e) Ultimately, an attack is made in form or Trojan or Exploit to gain access or to steal information from my system.

I can see the following logs from the NAV 2007 firewall.

Connection: v.222360.com: http(80).
from TOPOL-M: 1553.
369 bytes sent.
212 bytes received.
15.375 elapsed time.

Attempted Intrusion "HTTP ANI File Anih Hdr Size BO" against your machine was detected and blocked.
Intruder: v.222360.com(http(80)).
Risk Level: High.
Protocol: TCP.
Attacked IP: TOPOL-M.
Attacked Port: 1511.

I have made a Rule in the NAV 2007 firewall, here it shows the same rule:

Rule "Union Threat" blocked communication.
Local address: All local network adapters(1526).
Process name is "C:\Program Files\Java\jre1.6.0_03\bin\javaw.exe".

Source: C:\Documents and Settings\Sukhoi\Local Settings\Temporary Internet Files\Content.IE5\XJRYFZF7\6[1].gif
Risk category: Virus
Overall Risk Impact: High
Performance: 1
Click for more information about this risk : Downloader
Action taken: Blocked

Source: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\BPDPTW3D\web[1].exe
Risk category: Virus
Overall Risk Impact: High
Performance: 1
Click for more information about this risk : Infostealer.Gampass
Action taken: Blocked

My Question is, how to stop this menace? How to block this attack completely? Please answer.

View the Solution FREE for 30 Days

20091111-EE-VQP-91 / EE_QW_2_20070628

May Day! Help - Attacked with mysterious virus!!

Asked by sunilonline in Desktop Anti-Virus, Operating Systems Network Security, Microsoft Windows Operating Systems

Tags: Microsoft, Windows XP, SP2, Installed Norton Anti Virus 2007 and it's Firewall well tuned up.

About this solution