Malware and Virus RemovalProblems removing malware/viruses? Get help from our Malware removal experts.
Mission Statement
WindowsBBS is an online community dedicated to easily accessible technical support for those using Microsoft operating systems and other Windows software.
Our goal is to become the leading resource for computer users that require assistance with their day-to-day computer usage, including full support for networking PC's, virus & malware removal, system upgrades and general support questions.
Hi,
Hope someone can help me. I have "deploy.akathechnologies.com" blocked by my firewall but it keeps trying to send data to unknown recipient every hour, I would like to stop it if i can.
I have tried with four of the spyware removal tools but no luck. I have removed it from Hkey_current user\softwarmicrosoft\windows\current version\internet settings\zone map\domains\atatechnologies.com\deploy=4.
But it is back so there must be another re-installing it back, I have blocked all traffic coming in, this deploy.akathechnologies.com wants to send on the hour.
I have done a search on this and the initiator is one of over 1000 servers owned by a company Akamai.net. I have put this and all the alternatives I found on the internet into my blocked site list, any other idears?
Thanks,
Bob.
Didn't find the information you thought to find? Check out these Similar Threads
Download it to it's own folder, for example C:\HijackThis - unzip (double click on zipped folder) - click on the execute - click scan button - click save log and save to the folder you just created *DO NOT FIX ANYTHING* - copy resultant .txt file and paste into your next post.
I have done a search on this and the initiator is one of over 1000 servers owned by a company Akamai.net. I have put this and all the alternatives I found on the internet into my blocked site list
FWIW, Akamai servers are used by Microsoft to deploy updates. One of the side effects of blocking it and it's varients may be blocking MS as well.
Logfile of HijackThis v1.99.1
Scan saved at 11:53:30 AM, on 13/08/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
What apps if any have "server rights" in the firewall? Server rights means giving a program permission to listen for communications from the net which also holds a port open.
I have "deploy.akathechnologies.com" blocked by my firewall but it keeps trying to send data to unknown recipient every hour
Sounds like an attempt at updating. I notice that you have MS AS running resident, as a test, either disable it running or shut down the auto update function if you can - I only use MS AS for scanning.
Hi Charles,
I ran both programmes you recommended and all my ports are stealthed.
I am running a Netgear DG834v2 ADSL router with firewall and all ports are blocked inward and only open when outward traffic occurs, this is my problem with deploy.akamaitechnologies.com, I am unable to stop it opening a port, even closing all ports out to the internet it still opens one to dump data.
This is the log my firewall gives me, every hour. I have block these on a tempory basis but akamaitechnologies.com still opens a port even closed ones.
There are four computers comnnected to my router and a wireless access point and all report this problem. The source is 192.168.0.2 is my server.
Akamai is the world's biggest content hoster, claiming to carry 15 per cent of the Net's traffic. Companies pay it to seamlessly host their website content so files that appear to be at www.microsoft.com are, in reality, hosted at www.microsoft.akamai.net.
I think that the most likely source for the outbound connections are MS processes. And because it's so regular, I think it's either MS AS or Automatic Updates, and a place to begin to narrow this down is going have to be disabling those two from looking for updates. It also could be other apps doing the same thing. Outside of that, I'm fresh out of ideas.
FYI: AU uses a program called wuauclt.exe which piggy-backs out on Generic Host Process for Win32 Services.
If you have AU enabled, which I don't, wuauclt.exe, from what I remember, does appear on a regular basis, at startup, for maybe 5 - 10 minutes, and then at regular intervals, don't remember the interval timing.
Regards - Charles
Last edited by charlesvar; 14th August 2005 at 14:35.
Hi Charles,
Thanks for the help, it gave me a couple of starting points. I have contacted Akami here in Australia and have been told that deploy.akamaitechnologies.com is not thiers and they will investigate as it puts the company in a bad light, I guess bad publisity gets more of a positive reaction than "cap in hand" asking with some companies. Anyway the person I spoke to told me it would take a week or so to get back to me. As my hardware firewall is now blocking all transmission of data, outward from my computer to thier site i can live with that, for now.
Checked update and that side of the programme is clean and have also contacted Microsoft here in Australia about this problem, the first person i spoke to recommended formating the hard drive/s, so I asked for the supervisor, some people have no idea of the impracticallity of formating a set of hard drives (all 4 machines+ 2 are raid mirror pairs+a server)when you are running a business from that number of machines? Again they will get back to me but didn't specify a time.
I will keep you posted.
Bob.
Akamai got back to me briefly and asked me to look in Hkey_current user\software\microsoft
windows
current version\internet settings\zone map\domains\akamaitechnologies.com\deploy=4
The rep asked me to change the =4 to =0 and it has stopped dumping, WONDERFUL, now the rep told me he could duplicate the problem there and this programme dumps it self into four random places, they at Akami are working on a fix but it could take some time, anyway we have the short term fix now.
Akamai.net
Akamai.net
