***Spyware / Anti-Virus / Firewall - Read Me First*** ***UPDATED***

Discuss all things to do with computing. Please note that we do not allow the discussion of peer to peer (P2P) subject matter.

Moderator: Kryten

Post Reply
User avatar
driver8
Posts: 12416
Joined: Sun Jan 05, 2003 11:24 pm
Location: Malé, Maldives
Contact:

Post by driver8 »

Unless you're upto mischief, dunkle, just stick to Windows Security and Defender, use a password manager and take regular (offsite/cloud) backups.
User avatar
dunkle
Member
Posts: 10697
Joined: Sun Nov 17, 2002 7:01 pm

Post by dunkle »

driver8 wrote:Unless you're upto mischief, dunkle, just stick to Windows Security and Defender, use a password manager and take regular (offsite/cloud) backups.
Cheers.
User avatar
farmroad38
Posts: 4255
Joined: Wed Mar 14, 2001 5:00 am
Location: Between the mountains and the sea

Post by farmroad38 »

Anybody want a free copy of McAfee? It's the Total Protection All Device version, one year code. It came free with this year's Office subscription, but I already have BitDefender.
User avatar
driver8
Posts: 12416
Joined: Sun Jan 05, 2003 11:24 pm
Location: Malé, Maldives
Contact:

Re: ***Spyware / Anti-Virus / Firewall - Read Me First*** ***UPDATED***

Post by driver8 »

Any PC nerds left here ? :)

This is weird - I have MalwareBytes Pro, and have received 4 alerts in the last couple of hours, for blocked websites, even though I only have a couple of simple Edge tabs open.

I can only think that it might be blocking malicious ads ?

5.39.164.206 = RU - and - 89.218.146.134 = KZ - plus 2 more (from BR and BD).

-Blocked Website Details-
Malicious Website: 1
System, Blocked, -1, -1, 0.0.0
Category: Compromised
IP Address: 5.39.164.206
Port: 445
Type: Inbound
File: System

Image
User avatar
shteve_
Member
Posts: 90
Joined: Wed Jun 09, 2021 7:37 am

Re: ***Spyware / Anti-Virus / Firewall - Read Me First*** ***UPDATED***

Post by shteve_ »

https://www.abuseipdb.com/check/5.39.164.206

Looks like it's port scans, so not an advert but and active attempt to find an open port to connect to on your PC (in this case 445 which is the file sharing port). I'm surprised it's getting as far as MalwareBytes before being blocked as your router should be blocking that.
I've got a signature and an avatar but not access to my old account :|
User avatar
driver8
Posts: 12416
Joined: Sun Jan 05, 2003 11:24 pm
Location: Malé, Maldives
Contact:

Re: ***Spyware / Anti-Virus / Firewall - Read Me First*** ***UPDATED***

Post by driver8 »

Thanks shteve, and thanks for that website too.

Yes, weird indeed, and MS firewall/Defender isn't stopping them either - I continue to get several alerts per day, and they all appear flagged on that site. I remember playing with third-party firewalls in the past, but didn't think they were required these days. My router is a Huawei supplied by my ISP.

What would you recommend to secure my network/PC ? And scans to run ? My Win11 is uptodate, and apart from Malwarebytes is standard with MS Defender firewall and periodic scans (no problems in the logs).

Image
User avatar
shteve_
Member
Posts: 90
Joined: Wed Jun 09, 2021 7:37 am

Re: ***Spyware / Anti-Virus / Firewall - Read Me First*** ***UPDATED***

Post by shteve_ »

Run a check from https://www.grc.com/shieldsup (the proceed button in the middle, then the common ports button on the next page). See if your ports are open to the internet. My router is keeping them shielded for me.
I've got a signature and an avatar but not access to my old account :|
User avatar
driver8
Posts: 12416
Joined: Sun Jan 05, 2003 11:24 pm
Location: Malé, Maldives
Contact:

Re: ***Spyware / Anti-Virus / Firewall - Read Me First*** ***UPDATED***

Post by driver8 »

Thanks, I've used that page a long while ago ... still looks unchanged from 1995 !

Half-expected to fail the test, but ...

Image

EDIT - tried these, with the same result -

https://www.whatsmyip.org/port-scanner/server/ = all "Timed-Out"

https://www.hackerwatch.org/probe/hitme.asp = The server was unable to obtain a connection or any traffic from your computer. This generally indicates that your firewall blocked the traffic successfully.
Post Reply