ZoneAlarm blocked outgoing connection

[JorgeA]

Hello,

I installed ZoneAlarm version 6.1.744.001 on my Windows 98 tower last week to replace my long-expired Norton 2005 firewall, and the results have been interesting.

Tonight, ZA blocked, and alerted me to, an attempt to connect to 96.17.161.129. A Web search revealed this address to be associated with Akamai Technologies. Akamai appears to be a Web advertising-related company.

The odd thing is that at the time I did not have a browser open or had any other kind of connection to the 'Net. I of course have the PC hooked up to a router which goes out to the 'Net, but otherwise I wasn't attempting to do anything that involved the Internet. So the questions are: Why would this out-of-the-blue connection attempt happen to take place, and is it a sign of some kind of malware infection?

Avast! 4.8, which I also have installed (and up to date) on that computer, doesn't report any kind of infection. The machine is also protected by Spybot Search & Destroy 1.6.2 (full spectrum of protection modules).

Thanks in advance for any insight you might be able to provide!

--JorgeA

[submix8c]

AKAMAI is also associated with MICROSOFT. Google those two words and see what I mean. You must have SOME piece of software that was running that wanted to "phone home". Akamai does more than just "advertising".

Did it identify the Application that wanted to "reach out and touch"?

Edited May 29, 2012 by submix8c

[JorgeA]

submix8c,

Nope, unlike most other times this one simply gave the IP address, no URL or name to go along with it. It tried twice, first at 96.17.161.129 and then at 96.17.161.139.

Interesting about MS and Akamai, thanks. I will definitely Google them together.

--JorgeA

[submix8c]

Google -

Akamai outbound

https://discussions.apple.com/thread/2367148?start=0&tstart=0

http://social.technet.microsoft.com/Forums/en-US/w7itprosecurity/thread/c9a2020b-5962-49de-a577-d47c583b274b/

You also didn't mention whether the connection was Inbound or Outbound.

Also Google -

Akamai DRM

Again, you MUST have some piece of software you are using AT THE TIME that is attempting to make a connection.

Also Google -

Akamai software Microsoft

http://www.geekzone.co.nz/forums.asp?forumid=65&topicid=22507

I could also venture to say you have (maybe?)...

http://www3.telus.net/dandemar/update.htm

Windows 9X:

Double click "My Computer"

Double click "Scheduled Tasks"

Double click "Windows Critical Update Notification"

You can make selections as desired.

If the option is not available install Windows Critical Update Notification:

1. Go here:

http://windowsupdate.microsoft.com

2. Click "Scan for updates"

3. On the left side click "Windows 98 and Windows 98 Second Edition"

4. Click "Add" by "Windows Critical Update Notification recommended update"

5. Click "Review and install updates"

6. Click "Install Now"

by sheer accident you "installed" it which will no longer work.

Newer Media Player (DRM) MIGHT be causing it. (really unsure...)

[JorgeA]

submix8c,

Wow, it's amazing how much you've dug up about this mysterious issue.

I checked all the links you provided (thanks!) and did the term searches you suggested. The likeliest suspect is the Windows Critical Update Notification. It may have been set up as part of a clean Win98 install I did a year ago (when it was still possible to download Windows 98 updates -- glad I did the reinstall just then and not a couple of months later).

The only media player I have on that machine is Windows Media Player 7.10.00.3074, but the Task Scheduler didn't list any task related to it.

The connection I reported was outbound. As WU no longer serves any purpose, I guess I'll remove it, and then we'll see if ZoneAlarm stops telling us about it.

--JorgeA