The Mudcat Café TM
Thread #119440   Message #2590458
Posted By: Bruce MacNeill
16-Mar-09 - 05:27 PM
Thread Name: Tech: Alert! Notice
Subject: RE: Tech: Alert! Notice
The fact that the urls end in :443 means that your computer is trying to make a secure connection to the site rather than the standard port 80 conection for HTTP. If you're not trying to acces the pentagon or these other sites, then yes you probably have a worm of some kind that Kapersky can't spot. The fact that Gator is mentioned means that you do have spyware, well particularly obnoxious adware on your machine. By last job, prior to retirement was developing cleaner programs for this sort of thing but I had to leave the tools at my place of employment. With updates, Spybot is generally pretty good at spotting this junk although it may not be able to get rid of it. Spybot runs clean? That's strange. How successful you might be at cleaning the junk depends upon how much of a geek you are. A good place to start is with www.sysinternals.com where there is a process viewer that displays what's linked into what and if you can recognize what doesn't belong, gives you a chance to stop and delete the offending dll's thereby crippling the virus and giving you a better chance to remove it. Unfortunately, virus writers are aware of sysinternal's stuff and may filter their results. Then you have to get into tricks like renaming their program to some other name and running it to see if the results are different than when it is run with its normal name. If you're not a real geek, you need one.