ZoneAlarm blocked outgoing connection Sign of an infection?
Posted 28 May 2012 - 10:08 PM
I installed ZoneAlarm version 6.1.744.001 on my Windows 98 tower last week to replace my long-expired Norton 2005 firewall, and the results have been interesting.
Tonight, ZA blocked, and alerted me to, an attempt to connect to 18.104.22.168. A Web search revealed this address to be associated with Akamai Technologies. Akamai appears to be a Web advertising-related company.
The odd thing is that at the time I did not have a browser open or had any other kind of connection to the 'Net. I of course have the PC hooked up to a router which goes out to the 'Net, but otherwise I wasn't attempting to do anything that involved the Internet. So the questions are: Why would this out-of-the-blue connection attempt happen to take place, and is it a sign of some kind of malware infection?
Avast! 4.8, which I also have installed (and up to date) on that computer, doesn't report any kind of infection. The machine is also protected by Spybot Search & Destroy 1.6.2 (full spectrum of protection modules).
Thanks in advance for any insight you might be able to provide!
Posted 28 May 2012 - 10:57 PM
Did it identify the Application that wanted to "reach out and touch"?
This post has been edited by submix8c: 28 May 2012 - 11:00 PM
Posted 29 May 2012 - 08:39 AM
Nope, unlike most other times this one simply gave the IP address, no URL or name to go along with it. It tried twice, first at 22.214.171.124 and then at 126.96.36.199.
Interesting about MS and Akamai, thanks. I will definitely Google them together.
Posted 29 May 2012 - 11:06 AM
You also didn't mention whether the connection was Inbound or Outbound.
Also Google -
Again, you MUST have some piece of software you are using AT THE TIME that is attempting to make a connection.
Also Google -
Akamai software Microsoft
I could also venture to say you have (maybe?)...
Double click "My Computer"
Double click "Scheduled Tasks"
Double click "Windows Critical Update Notification"
You can make selections as desired.
If the option is not available install Windows Critical Update Notification:
1. Go here:
2. Click "Scan for updates"
3. On the left side click "Windows 98 and Windows 98 Second Edition"
4. Click "Add" by "Windows Critical Update Notification recommended update"
5. Click "Review and install updates"
6. Click "Install Now"
Newer Media Player (DRM) MIGHT be causing it. (really unsure...)
Posted 29 May 2012 - 09:16 PM
Wow, it's amazing how much you've dug up about this mysterious issue.
I checked all the links you provided (thanks!) and did the term searches you suggested. The likeliest suspect is the Windows Critical Update Notification. It may have been set up as part of a clean Win98 install I did a year ago (when it was still possible to download Windows 98 updates -- glad I did the reinstall just then and not a couple of months later).
The only media player I have on that machine is Windows Media Player 7.10.00.3074, but the Task Scheduler didn't list any task related to it.
The connection I reported was outbound. As WU no longer serves any purpose, I guess I'll remove it, and then we'll see if ZoneAlarm stops telling us about it.