Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

a recent attack to my computer and it's not Malware


  • Please log in to reply
4 replies to this topic

#1 blondiegurl01771

blondiegurl01771

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:02:56 AM

Posted 19 March 2009 - 10:18 AM

I just got an alert from norton saying I have a recent attack. The attack is as follows.:
An intrusion attempt by LESLIE-PC was blocked.
Application path \DEVICE\HARDDISKVOLUME2\
PRPRAM FILES\INTERNET EXPLORER\
IEXPLORER.EXE

Risk Name: HTTP Malicious Toolkit Variant Activity 2
Risk Level: High
Attacker URL: ashoping.com/?sid=aff0048
Destination Address: ashoping.com


I scanned with an undated version of MBAM and these were the result, so I am guessing it isn't Malware


Malwarebytes' Anti-Malware 1.34
Database version: 1870
Windows 6.0.6001 Service Pack 1

3/19/2009 11:11:24 AM
mbam-log-2009-03-19 (11-11-24).txt

Scan type: Quick Scan
Objects scanned: 63300
Time elapsed: 2 minute(s), 30 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

Edited by garmanma, 19 March 2009 - 02:24 PM.


BC AdBot (Login to Remove)

 


#2 cod head

cod head

  • Members
  • 162 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:56 AM

Posted 19 March 2009 - 12:59 PM

I googled ashoping and it is rated red by WOT site advisor.H.P.hosts says it is involved in the distribution of malware.I use avast anti virus and that sometimes tells me a virus as been detected but all I have to do is abort connection usually and thats it.I do not know if Norton is saying it thwarted a attack or has detected a attack as I do not use Norton.Still I would have suggested a full scan with malwarebytes and not a quick one.But from what you are saying Norton seems to be saying it blocked the attack which would mean it stopped it.Thats my take on it anyway.

#3 snowdrop

snowdrop

  • Members
  • 513 posts
  • OFFLINE
  •  
  • Local time:01:56 AM

Posted 19 March 2009 - 02:11 PM

I would suggest you fully update then Malwarebytes program and run another scan with it

Do you also have the Superantispyware tool on board? if so run a full computer scan with it and let us see the results from both it and the new malwarebytes scan for checking :thumbsup:

#4 blondiegurl01771

blondiegurl01771
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:02:56 AM

Posted 19 March 2009 - 06:45 PM

Malwarebytes' Anti-Malware 1.34
Database version: 1870
Windows 6.0.6001 Service Pack 1

3/19/2009 7:44:59 PM
mbam-log-2009-03-19 (19-44-59).txt

Scan type: Full Scan (C:\|)
Objects scanned: 168817
Time elapsed: 1 hour(s), 39 minute(s), 10 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

#5 blondiegurl01771

blondiegurl01771
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:02:56 AM

Posted 20 March 2009 - 01:53 PM

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 03/20/2009 at 02:48 PM

Application Version : 4.25.1014

Core Rules Database Version : 3784
Trace Rules Database Version: 1741

Scan type : Quick Scan
Total Scan Time : 00:12:30

Memory items scanned : 263
Memory threats detected : 0
Registry items scanned : 614
Registry threats detected : 2
File items scanned : 14959
File threats detected : 3

Adware.Tracking Cookie
C:\Users\Leslie\AppData\Roaming\Microsoft\Windows\Cookies\leslie@doubleclick[1].txt
C:\Users\Leslie\AppData\Roaming\Microsoft\Windows\Cookies\leslie@atdmt[2].txt
C:\Users\Leslie\AppData\Roaming\Microsoft\Windows\Cookies\leslie@microsoftwlmessengermkt.112.2o7[1].txt

Adware.MyWebSearch/FunWebProducts
HKCR\CLSID\{9AFB8248-617F-460d-9366-D71CDEDA3179}
HKCR\CLSID\{9AFB8248-617F-460d-9366-D71CDEDA3179}\TreatAs




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users