Would that be an ip of one of your dns servers? In the program winipcfg(9x only, gui based) or ipconfig(NT based systems run it from the command line) you can see your dns servers.
I have also seen the logs show the protocol so it should list it. -- My hourly rates: $25 per hour. $35 per hour if you want to watch. $45 per hour if you want to help. $75 per hour if you tried to fix it, and failed.
On ZA - in the log view panel, this is what it looks like under each column header: Rating: Medium Date/Time: 2003/09/09 23:32:12 Type: Program Access Protocol: - this is blank! - Program: Windows Explorer Source IP: 63.73.20.40:53 Direction: Outgoing (connect) Action Taken: Blocked Count: 402 Source DNS: - empty- Destination DNS: (my network name)
It's not the same IP as ISP's DNS or Gateway or Subnet or anything, not even in the same range.
It started last night, and I did not download anything nor did I visit any unusual websites. It will not stop. I've even blocked the exe for Win Explorer, and it still keeps trying to connect to that IP.
·