For approximately six weeks, ZAP has blocked something on my computer that tries usually two times a day to ping remote servers. I've run safe mode and regular security scans with several A/V, anti-trojan and anti-spyware software packages, nothing has been found.
The odd thing about these outgoing IP address pings is that many of them are to either non-existent or reserved addresses. ZAP's reverse IP lookup states that for several "The Internet Assigned Numbers Authority (IANA) has reserved this address for its own use. Unless you are on a network that is actively involved in the development of the system for assigning IP addresses, this address was probably forged in order to hide the identity of the sender." The other addresses are all are within the U.S., several are to AOL servers, corporate servers (not residential users) and one U.S. military server. Usually two pings, one after another, every day.
ZAP s out-going firewall settings are set to High, no outbound communications unless an application is set up and allowed internet access. I installed MailFrontier (anti-SPAM software) around the time this started; it did phone home with spoofed addresses to check a known spammer list. I removed the software after 48 hours and combed both the registry and drive for left behind remnants, as far as I can tell, it's completely gone. I ve installed no other software since last year.
HiJack This scans haven't picked up anything unusual. I ve never loaded any Sony music CDs, last year they installed Rootkits on some of their CDs to prevent unauthorized music copying.
I m searching for answers. I run a tightly protected computer, practice safe computing and internet practices (no internet downloads of "free" unknown software, use Firefox with high security settings, install all Micro$oft security patches, etc.), run the proper security software and sweep the machine regularly for malware. Can anyone recommend a software utility that will search for remnants of uninstalled software? I d appreciate any suggestions you can offer.
ZAP 6.1.774, NOD32, Spy Sweeper, Trojan Hunter, Spybot, Ad Aware, M$ Anti-Spyware, HiJack This
Operating System:Windows XP Pro
Product Name:ZoneAlarm Pro
Message Edited by bohemian_one on 08-16-2006 11:57 AM