rexico_n Posted January 7, 2023 ID:1548398 Share Posted January 7, 2023 I've been having constant notifications from malwarebytes ever since i signed up for the trial version saying its blocking inbound requests from various different IP adresses, i went ahead and checked some of the IP's on an online ipchecker and there is mostly russian ones but the recent one was chinese which targeted svchost.exe. It was mostly coming from the 445 port which i did block via the windows firewall, but its now coming through port 135. I've ran ADWCleaner, Kasperkys scan tool, ESETs scan tool, nortons aswell as FRST but i have got nothing from them. The inbound requests keep coming and I literally have no idea what to do about this, not able to purchase malwarebytes premium version currently so i'm very worried about my computers safety once the trial runs out. Link to post Share on other sites More sharing options...
Porthos Posted January 7, 2023 ID:1548399 Share Posted January 7, 2023 11 minutes ago, rexico_n said: its blocking inbound requests from various different IP adresses The blocks are on addresses that are attempting to do a forced attempt to exploit remote-desktop-protocol. The Real Time Protection of Malwarebytes for Windows is actively doing it's job to protect the system. In most cases the attempted probes will automatically stop on their own. If it continues you can add the IP to the local firewall to prevent it from contacting the computer period. If you wish to do so, here is one how-to guidehttps://www.interserver.net/tips/kb/add-ip-address-windows-firewall/ Link to post Share on other sites More sharing options...
Porthos Posted January 7, 2023 ID:1548400 Share Posted January 7, 2023 15 minutes ago, rexico_n said: I literally have no idea what to do about this, not able to purchase malwarebytes premium version currently so i'm very worried about my computers safety once the trial runs out. Are you connected directly to your modem or using a router? Having a router serves as a hardware firewall and usually do not usually have these reach the computer. Link to post Share on other sites More sharing options...
rexico_n Posted January 7, 2023 Author ID:1548431 Share Posted January 7, 2023 i have it plugged into the modem directly. Link to post Share on other sites More sharing options...
Porthos Posted January 7, 2023 ID:1548433 Share Posted January 7, 2023 1 minute ago, rexico_n said: i have it plugged into the modem directly. A router between the modem and the computer should prevent these probes. Link to post Share on other sites More sharing options...
rexico_n Posted January 7, 2023 Author ID:1548434 Share Posted January 7, 2023 9 hours ago, Porthos said: The blocks are on addresses that are attempting to do a forced attempt to exploit remote-desktop-protocol. The Real Time Protection of Malwarebytes for Windows is actively doing it's job to protect the system. In most cases the attempted probes will automatically stop on their own. If it continues you can add the IP to the local firewall to prevent it from contacting the computer period. If you wish to do so, here is one how-to guidehttps://www.interserver.net/tips/kb/add-ip-address-windows-firewall/ i've went ahead and checked remote desktop protocol and it says my version of Windows 11 doesn't support it. Link to post Share on other sites More sharing options...
Solution Porthos Posted January 7, 2023 Solution ID:1548435 Share Posted January 7, 2023 10 minutes ago, rexico_n said: i've went ahead and checked remote desktop protocol and it says my version of Windows 11 doesn't support it. Home versions do not fully support all functions but the functions that are there are not controllable.. A router is going to be your only solution. Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted February 9, 2023 Root Admin ID:1553754 Share Posted February 9, 2023 Glad we could help. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request. This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread. Please review the following to help you better protect your computer and privacy Tips to help protect from infection Thank you Link to post Share on other sites More sharing options...
Recommended Posts