Jump to content

I am continuously getting RTP compromised block notifications


Go to solution Solved by Porthos,

Recommended Posts

My Malwarebytes has continuously blocked files that are coming back as RTP compromised. However, when I do a full scan with both Malwarebytes and Windows security, there is never any threats. I have even gone as far as to wipe my pc clean just to be safe. What should I do to stop this?

Link to post
Share on other sites

Malwarebytes
www.malwarebytes.com

-Log Details-
Protection Event Date: 9/21/2024
Protection Event Time: 11:17 PM
Log File: 9025579a-7899-11ef-a416-047c16530a9e.json

-Software Information-
Version: 5.1.10.127
Components Version: 1.0.5021
Update Package Version: 1.0.89531
License: Premium

-System Information-
OS: Windows 11 (Build 22631.4169)
CPU: x64
File System: NTFS
User: System

-Blocked Website Details-
Malicious Website: 1
, System, Blocked, -1, -1, 0.0.0, , 

-Website Data-
Category: Compromised
Domain: 
IP Address: 117.35.207.219
Port: 0
(No malicious items detected)
Type: Inbound
File: System

(end)

 

This is an example

Link to post
Share on other sites

These are inbound connections.

The blocks are on addresses that are attempting to do a forced attempt to exploit remote-desktop-protocol. 

The Real Time Protection of Malwarebytes for Windows is actively doing its job to protect the system.

In most cases the attempted probes will automatically stop on their own. If it continues you can add the IP to the local firewall to prevent it from contacting the computer period.

You may  add the suspect IP addresses into the Firewall block list

If you wish to do so, here is one how-to guide
https://www.interserver.net/tips/kb/add-ip-address-windows-firewall/

Additionally or alternatively, if this is on Windows 11 and if you do not need or use Remote Desktop, you can turn that off.
 

Enable or Disable Remote Desktop in Windows 11 Tutorial | Windows 11 Forum (elevenforum.com)
.

Here is how to block a port number in Windows

https://thegeekpage.com/how-to-block-ports-in-windows-10-firewall/

 

How to Change the port number for RDP

How to Change the RDP Port on Windows 11 (howtogeek.com)

  • Like 1
Link to post
Share on other sites

  • Solution

Inbound blocks can be stopped by having a router between your internet provider's modem and your computer.

The blocks are on addresses that are attempting to do a forced attempt to exploit remote-desktop-protocol. 

The Real-Time Protection of Malwarebytes for Windows is actively doing its job to protect the system.

  • Like 1
Link to post
Share on other sites

14 hours ago, Porthos said:

Inbound blocks can be stopped by having a router between your internet provider's modem and your computer.

The blocks are on addresses that are attempting to do a forced attempt to exploit remote-desktop-protocol. 

The Real-Time Protection of Malwarebytes for Windows is actively doing its job to protect the system.

Thank you so much! And sorry for the late response!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.