Hi, I am reinstalling Windows 7 onto my computer and I was wondering what is the best procedure to follow after Windows 7 is installed?
Should I run Windows Update first and install all 100+ updates? Or should the first thing be to plug in my flash drive with the Mcafee installer and install McAfee Internet Security?
Your help will be much appreciated.
I need help.
I was installing Windows Update since this is a fresh install of Windows 7 SP1 and it doesn't have IE10.
During the downloading of the 117 updates, I noticed two addresses in my Resource Monitor where I was recieving along of connections. One was cds.lax9.msen.net (sp?) and the other was 67-148-47-25.dia.static.qwest.net.
While the updates were installing, I was receiving data from the 18.104.22.168. When I googled this ip, some of the first results were related to VirusTotal.
The second batch of updates, the same thing happened. But the ip this time was 22.214.171.124 and this showed up in VirusTotal too.
Am I at risk or infected already? I was only running Windows Update waiting for it to finish so I could install McAfee.
Someone please help shed some light on those 67.148 ip addresses. I don't want to reinstall my system for the fourth time this week due to screwing up my user accounts.
Is this Incoming Connections you are worried about? Then stop worrying, they are merely a record of incoming attempts and are blocked anyway. I've stated that numerous times thoughout the forums, but the worry persists that something is wrong when it isn't.
If all you are installing are updates and have nothing else running you are OK. That IP number appears to belong to an Akamai server which Microsoft use a lot. I assume your wireless router, if you have one, is fully protected with encrypted protection? That's the only insecure part of a setup often.
These sorts of questions are best answered by the professionals on a reputable Windows help forum. A good one for Windows 7 is: http://www.sevenforums.com/
I don't think you have any need to worry.
By the way, when installing updates en masse I find it best to split them into batches and not install all at once otherwise 7 has a nasty habit of failing to install them all of a sudden. So when WU leaves some unchecked, it's often for a reason and I always install those on a second or third run.
I guess these are incoming connections. But how can they be blocked when I haven't install McAfee?
How do I find out if my router has encrytion protection? I only know it has NAT enabled and a SPI firewall.
Where are you reading all these incoming connections from then?
You'd have to check the router-maker's website or your ISP if they supplied it.
With mine I can actually log into it and alter the settings from my PC. The address is typically http://192.168.0.x/ where x may vary.
If you are using it only as a wired router than you are OK but others could be using your bandwidth if it is also a wireless router and not using WPA2 encryption at least.
Sorry I realised you said Resource Monitor. I wouldn't worry too much about anything there. I don't know too much about how reliable or useful it is, That's more of a subject for a Windows expert.Message was edited by: Ex_Brit on 20/07/13 4:06:47 EDT PM
So I got McAfee install and I was using Firefox to download Malwarebytes Free from the official Malwarebytes site.
I was taken to cnet to download it and then my computer was like frozen, I unplugged my ethernet cable from my router and when Firefox was responding. I shutdown the computer and restarted.
When the computer restarted, I had about 20 Incoming Connections blocked during the time that my computer froze. All of the entries happened at the same time and it varied between 3 IP Addresses.
One of the entry said "The source IP address has apparently attempted to scan your system by sending a large amount of various TCP/IP packets". Was this a DoS Attack? The IP was 126.96.36.199.
All I know is that it's in Hawaii - using any software from there? That's more for a Windows expert forum to answer. Had you waited a bit the connection probably would have freed up.
Once everything is fixed OK I would run a Hijackthis or a DDS scan as suggested lower down that last link in my signature below. Post the log as instructed there on one of the specialist forums.