I've got the messages about risky connection blocked. IP Address blocked connection is 18.104.22.168 What should I do to solve this problem ? This message appeared few times and continue do this further.
Both Trusted Source-McAfee, And Securi has this Ip Address "Blacklisted" and rated as "High Risk". It originates from Bulgaria. Meaning that Your protection is doing it,s job. Their are a few other Domains associated with it as well.
Hayton, and the other Moderators are more informed than I am. Just be self assured that you are being protected. Hope this helps somewhat.....
Have a Merry Christmas.....
CatDaddyMessage was edited by: catdaddy on 12/23/13 5:00:23 PM CST
The IP address is reported to be a Zeus Command and Control server (Group 7). If your PC is trying to connect to it that's not good news; your PC is possibly infected with malware and may be part of one of the Zeus botnets. Depending on which botnet is involved your financial transactions may be at risk, or your login and password credentials may have been stolen.
Download the latest McAfee updates and run a full scan. If nothing is detected don't assume you're in the clear; run at least one other scan as a check - Malwarebytes or Microsoft's Safety Scanner, or one of your own choice.
If anything is detected and quarantined you must assume the worst, especially if you use the PC for financial transactions.
In any case you should change all your passwords as a precaution, since those are invariably targeted.
Thanks Hayton, I seen that the particular Host was sf.ddns.bulsat.com -with that Ip Address. I was wondering myself why the above mentioned PC was attempting to connect ? Therefore is when your vast knowledge of such came in.
Better get off here, Inundated with Family and such.
use a couple of these free scanners or Microsoft saftey scanner as Hayton suggested above. Just adding this to assist you finding them.
Were you on any specific website when you got this alert? McAfee blocks any risky or untrusted connection which is when you should have received this alert.
Security Report has the history of the number of connections that were blocked for the week, month and year. You can go to Security Report from the UI itself but the way to get to Security Report will vary according to the UI version you have.