Skip navigation
McAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams
3977 Views 1 Reply Latest reply: Jan 22, 2010 6:12 AM by Ex_Brit RSS
MoxieMomma Apprentice 208 posts since
Jan 8, 2010
Currently Being Moderated

Jan 22, 2010 5:06 AM

Inbound events question

Hello:

 

((I am still waiting for help on my thread re: very worrisome, verified attempted attacks by malicious IP 69.64.155.13 that occurred on 1/21 and were missed by McAfee.  See attached MBAM txt log and this:

http://community.mcafee.com/message/110200#110200))

 

In the meantime, I don't know if other events listed in my McAfee event logs are "real" or FPs.

 

As part of my investigation into the event mentioned above, overnight I ran deep scans with all current AV/AM programs currently on this machine (McAfee, Counterspy 3.1 and MBAM Pro 1.44).  Each was clean.  I will install another standalone AV/AM today and scan with it, as well.

 

I have detected no problems with the computer performance in recent hours.

 

However, when digging deeper into McAfee logs, I discovered a series of inbound events that seem to be FPs from my ISP.

 

My McAfee product information is shown in the attached screenshot.

A screenshot of the suspected inbound events is attached (there are 8 pages of events in the log, this is just page 1).

 

The "details" of one such event state: "Source IP: 209.18.47.61. A computer at dns-cac-lb-01.rr.com has attempted an unsolicited connection to UDP port 53447 on your computer."

 

I recognize "dns-csc" as perhaps something related to a DNS server, and "rr.com" may be my ISP's domain (Time Warner Cable/Road Runner).

 

Please forgive my ignorance, since I don't know much about computers or networking, but are these nothing more than harmless events related to my ISP ("false positives")?

 

Any assistance you could provide on this matter and on yesterday's IP blocks would be most appreciated.

 

Thanks,

 

MM


Dell XPS 8100, Intel Core i7-860 @ 2.8  GHz; 8 GB RAM; Win 7 Ultimate (x64); KIS 2011; MBAM Pro; IE8 (patched); FF 3.6.10; TB 3.1.4; Cable HSI (Road Runner)  w/router.

More Like This

  • Retrieving data ...

Bookmarked By (0)

Legend

  • Correct Answers - 5 points
  • Helpful Answers - 3 points