I hope this is the correct board for this new thread: 3 attacks by a malicious IP were blocked today (not by McAfee but by my other standalone A/M app).
I was one of many home users affected by the recent McAfee DAT file update server "problems" that began on Jan 7 and may only have been resolved yesterday.
During this time, our computers did not always have the most current DAT files, and they were constantly accessing the internet via IE to access the download servers for updates.
As an added precaution during this time, in addition to the OEM McAfee, I installed MBAM Pro 1.44 (Malwarebytes Anti-Malware) several days ago, as suggested by several forum members and a moderator.
Today, upon booting up the system when I returned from work, I got a system tray popup that MBAM had blocked a malicious IP: 184.108.40.206.
The malicious content of this IP has been confirmed by the tech support personnel at Malwarebytes.
I was advised to have my computer fully checked for infections.
1) Since I purchased this computer, McAfee has NEVER ever detected a single infection (except 1 FP months and months ago): I scan EVERY DAY and have never picked up a thing.
2) Daily scans with Counterspy 3.1 (daily quick, weekly deep) have also always been clean (including last night's quick scan).
3) Several quick scans with MBAM Pro (and 1 deep scan) have all be clean, as well, including a quick scan run AFTER the IP block.
4) My OS and browsers and all apps are always fully patched.
5) I always use FireFox with a number of privacy/security extensions, rather than IE as my preferred browser.
6) My IE security was set at med-high until early this week, when the Aurora incident began, at which time I increased it to HIGH, while waiting to install today's patch.
7) I am a VERY safe computer user, and do not visit questionable web sites, use P2P software, games, or other suspect software, or do anything else to compromise my system
8) In addition to software, I am behind a hardware firewall (router).
9) Although the computer seems to be stable, I did note 2 unusual events in the past 24 hours: 1) Upon d/l and install of yesterday's DAT file (5867) last evening, and again several hours later shortly after starting the system (which had been powered down b/c of local storms), for the first time ever I got the "red X"/not protected error message in the GUI, requiring me to "fix the problem". This had never EVER happened to me before and now it happened twice in ~ 6 hours without explanation. and 2) inexplicably this AM, I noticed that my screensaver did not start at the correct time - - when I checked the CP, the setting was "1093 minutes" (when it was supposed to be 10); I reset it and it seems to be working properly, but this has never happened before.
Experience has taught me that coincidences do not occur with computers.
The only "unusual" thing to have happened recently is the McAfee "server problem" that lasted intermittently for nearly 2 weeks, during which time the computer repeatedly accessed the internet via IE8 in order to repeatedly download DAT files countless times over many days.
Given the AURORA situation and the severe "server problems" with McAfee, I can only surmise that these events are somehow related.
WELL, NOW I need to start the whole process of having my computer checked for infections that McAfee has missed.
Moreover, I would not have known, had I not installed the standalone app that detected a problem McAfee missed.
Even under the best scenario (no infection), I will now be spending countless more hours on this problem.
Can someone please advise as to how to proceed with the "malware investigation/removal process"????
What additional standalone AV/AM might I also employ?
How do I proceed with McAfee/AVERT?
I am mentally and physically exhausted by the events of the past 2 weeks trying to deal with the server problems. The lost productivity has been enormous, and I just don't know how I can deal with this potentially disastrous new development.
I am about to start with sequential deep scans using McAfee, MBAM and Counterspy.
Message was edited by: MoxieMomma on 1/21/10 10:05:16 PM CST