Search the Community
Showing results for tags 'inbound'.
Found 2 results
Have an odd situation. My MalwareBytes Premium is repeatedly showing blocks for an inbound IP address (we'll call it 220.127.116.11 for example) on port 53. I am running this on a personal 2008 server that does have MS DNS running and the server is behind a Cisco router that has an explicit ACL deny for 18.104.22.168/24. I've scanned the inbound connections on both the router and the server and do NOT see that IP address connected nor does the access-list show any matches for that IP being denied. Still, MalwareBytes is repeatedly blocking that IP about 50 times every 15 minutes. Any ideas where I should be digging deeper?
Sometimes your program shows me the notification a connection is was blocked by it. The program spams the notification. If It starts, It would not stop for a period of some minutes. I have tried to look at your log files and detect the process what does this. Unfortunately, the program doesn't report process's Id, only the Process's file, which is, in my case, svchost.exe Please help me remove this spyware (I pretty sure it is a spyware). Thanks in Advance, Mizaro