I'm a bit perplexed by this one.
I checked my firewall at around 1900hrs (kerio 2.1.5) and found in the
connected ports list Gallys.nastydollars.com as a connected port (2x)
but no traffic, no trojans, no worms ,no virus. I performed multiple
checks using my onboard virus and trojan protection/scanners (the usual
Spybot,ad-aware, avg, hi-jack this bho demon,msconfig plus Trend
Housecall, Pest Patrol and am currently running a Security Space scan. I
am behind a nat router. I have tried netstat and this shows the
connection but again no traffic has occurred. I have after a re-boot
found no trace of this connection but I did notice in the earlier check
of the firewall that the connection occurred at 12.49 today but no sign
of anything created or modified at that time is evident.
Could this have been a TSR event that was cleared by the re-boot? Was
there a .js or .vb sitting in memory, holding the connection? Has anyone
experienced anything similar? I was reading some Blogs at around that
time so contamination would have been via my actions but as I say, there
seems to have been no interaction across the net and no install requests
for activex content etc.
"Whale Oil Beef Hooked."
|All times are GMT. The time now is 07:38 AM.|
Powered by vBulletin®. Copyright ©2000 - 2013, vBulletin Solutions, Inc.
SEO by vBSEO ©2010, Crawlability, Inc.