Gallys.nastydollars

Discussion in 'Computer Security' started by Lutze, May 27, 2004.

  1. Lutze

    Lutze Guest

    I'm a bit perplexed by this one.
    I checked my firewall at around 1900hrs (kerio 2.1.5) and found in the
    connected ports list Gallys.nastydollars.com as a connected port (2x)
    but no traffic, no trojans, no worms ,no virus. I performed multiple
    checks using my onboard virus and trojan protection/scanners (the usual
    Spybot,ad-aware, avg, hi-jack this bho demon,msconfig plus Trend
    Housecall, Pest Patrol and am currently running a Security Space scan. I
    am behind a nat router. I have tried netstat and this shows the
    connection but again no traffic has occurred. I have after a re-boot
    found no trace of this connection but I did notice in the earlier check
    of the firewall that the connection occurred at 12.49 today but no sign
    of anything created or modified at that time is evident.
    Could this have been a TSR event that was cleared by the re-boot? Was
    there a .js or .vb sitting in memory, holding the connection? Has anyone
    experienced anything similar? I was reading some Blogs at around that
    time so contamination would have been via my actions but as I say, there
    seems to have been no interaction across the net and no install requests
    for activex content etc.
    --
    "Whale Oil Beef Hooked."

    "Lu Tze."
     
    Lutze, May 27, 2004
    #1
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.

Share This Page