jjw5 Posted September 22 ID:1662554 Share Posted September 22 My Malwarebytes has continuously blocked files that are coming back as RTP compromised. However, when I do a full scan with both Malwarebytes and Windows security, there is never any threats. I have even gone as far as to wipe my pc clean just to be safe. What should I do to stop this? Link to post Share on other sites More sharing options...
jjw5 Posted September 22 Author ID:1662558 Share Posted September 22 Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 9/21/2024 Protection Event Time: 11:17 PM Log File: 9025579a-7899-11ef-a416-047c16530a9e.json -Software Information- Version: 5.1.10.127 Components Version: 1.0.5021 Update Package Version: 1.0.89531 License: Premium -System Information- OS: Windows 11 (Build 22631.4169) CPU: x64 File System: NTFS User: System -Blocked Website Details- Malicious Website: 1 , System, Blocked, -1, -1, 0.0.0, , -Website Data- Category: Compromised Domain: IP Address: 117.35.207.219 Port: 0 (No malicious items detected) Type: Inbound File: System (end) This is an example Link to post Share on other sites More sharing options...
JSntgRvr Posted September 22 ID:1662564 Share Posted September 22 These are inbound connections. The blocks are on addresses that are attempting to do a forced attempt to exploit remote-desktop-protocol. The Real Time Protection of Malwarebytes for Windows is actively doing its job to protect the system. In most cases the attempted probes will automatically stop on their own. If it continues you can add the IP to the local firewall to prevent it from contacting the computer period. You may add the suspect IP addresses into the Firewall block list If you wish to do so, here is one how-to guide https://www.interserver.net/tips/kb/add-ip-address-windows-firewall/ Additionally or alternatively, if this is on Windows 11 and if you do not need or use Remote Desktop, you can turn that off. Enable or Disable Remote Desktop in Windows 11 Tutorial | Windows 11 Forum (elevenforum.com) . Here is how to block a port number in Windows https://thegeekpage.com/how-to-block-ports-in-windows-10-firewall/ How to Change the port number for RDP How to Change the RDP Port on Windows 11 (howtogeek.com) 1 Link to post Share on other sites More sharing options...
Solution Porthos Posted September 22 Solution ID:1662566 Share Posted September 22 Inbound blocks can be stopped by having a router between your internet provider's modem and your computer. The blocks are on addresses that are attempting to do a forced attempt to exploit remote-desktop-protocol. The Real-Time Protection of Malwarebytes for Windows is actively doing its job to protect the system. 1 Link to post Share on other sites More sharing options...
jjw5 Posted September 22 Author ID:1662648 Share Posted September 22 14 hours ago, Porthos said: Inbound blocks can be stopped by having a router between your internet provider's modem and your computer. The blocks are on addresses that are attempting to do a forced attempt to exploit remote-desktop-protocol. The Real-Time Protection of Malwarebytes for Windows is actively doing its job to protect the system. Thank you so much! And sorry for the late response! Link to post Share on other sites More sharing options...
Recommended Posts