non stop attack to my pc
Hi,
I receive huge quantity of attacks everyday. at least 80-150 atttacks per day.
- bruteforce attack blocked
Multiple failed login attempts were made by 220.121.17.195(change alaways. We blocked the connection to stop the attacker from gaining access to your credentials and compromise your privacy.
2 Bruteforce other type of attack.
Multiple failed login attempts were made by 152.89.198.241 (change alaways using the RDP protocol. We blocked the connection to stop the attacker from gaining access to your credentials and compromise your privacy.
I switch off router to change ip and always some problem. I have Windows 11genuine with all the latest updates. All my software is legal and updated.
What can I do to fix my problem? is it normal?
Comments
-
Hello,
the IP 152.89.198.241 has a low detection impact, so it could also be a false positive:
https://www.virustotal.com/gui/ip-address/152.89.198.241It could also be a legitimate app attempting a legitimate connection and BD blocking it.
Try reporting it here for verification:
Nunzio ·
Bitdefender Plus, Windows 10 Pro-32 Bit, CPU Intel Core2 Duo T7500, RAM 4 Gb - Bitdefender Mobile Security
0 -
Hi,
no I continue to receive attacks from evil ip.
https://www.abuseipdb.com/check/87.251.75.145
Multiple failed login attempts were made by 77.68.119.144 using the RDP protocol. We blocked the connection to stop the attacker from gaining access to your credentials and compromise your privacy https://www.abuseipdb.com/check/77.68.119.144
Multiple failed login attempts were made by 115.243.85.101. We blocked the connection to stop the attacker from gaining access to your credentials and compromise your privacy. https://www.abuseipdb.com/check/115.243.85.101
Multiple failed login attempts were made by 110.10.193.201. We blocked the connection to stop the attacker from gaining access to your credentials and compromise your privacy.Add to exceptions https://www.abuseipdb.com/check/110.10.193.201
Multiple failed login attempts were made by 220.121.17.195. We blocked the connection to stop the attacker from gaining access to your credentials and compromise your privacy.Add to exceptions
Multiple failed login attempts were made by 50.208.207.234. We blocked the connection to stop the attacker from gaining access to your credentials and compromise your privacy.
Multiple failed login attempts were made by 152.89.198.241 using the RDP protocol. We blocked the connection to stop the attacker from gaining access to your credentials and compromise your priva
Multiple failed login attempts were made by 212.70.149.146 using the RDP protocol. We blocked the connection to stop the attacker from gaining access to your credentials and compromise your privacy
Always the same attack. I check all the exeptions in my PC'S, rules, updates and nothing.
What can i do? I turn off and switch my ip from my router many times also.
0 -
Kindly check if the following steps help you:
1) Restart your PC in safe mode. You can follow this guide:
2) Open the Run command and execute the following commands one by one:
temp – delete all the files in the folder.
%temp% – delete all the files in the folder.
prefetch – delete all the files in the folder.
3) Restart your PC in normal mode by unselecting the option to run the system in Safe Mode, then click 'Apply.'
4) Reset your web browsers:
Google Chrome: https://support.google.com/chrome/answer/3296214?hl=en
Mozilla Firefox: https://support.mozilla.org/en-US/kb/refresh-firefox-reset-add-ons-and-settings
Microsoft Edge: https://malwaretips.com/blogs/reset-microsoft-edge/
Opera: https://browsersolution.com/reset-opera-browser
Vivaldi: https://help.vivaldi.com/desktop/install-update/full-reset-of-vivaldi/
Brave: https://support.brave.com/hc/en-us/articles/360017903152-How-do-I-reset-Brave-settings-to-default
5) Reset the Windows host file to default. You can find instructions here:
6) Run Disk Cleanup using this guide:
7) Open the Run command and execute the following commands one by one:
ipconfig /release
ipconfig /flushdns
ipconfig /renew
netsh int ip reset
netsh winsock reset
If issue persists, kindly contact Bitdefender support by visiting
Select, How to's & Troubleshooting Bitdefender products→Troubleshooting→I don't know→Contact Support→ You will get the option of chat, call or email.
Regards
Life happens, Coffee helps!
Show your Attitude, when you reach that Altitude!
Bitdefender Ultimate Security Plus (user)
0 -
Hi.
Only one problem.. restoring ethernet connection I got ethernet connection disabled. After resting connection it works. Strange and suspicious.
I try all exept contacting Bitdefender.
0 -
The reason your Ethernet connection was disabled temporarily after running these commands is likely due to the netsh int ip reset command. This command resets the TCP/IP stack, which can include resetting network interfaces. During this process, network adapters are momentarily disabled and then re-enabled, which can cause a brief disruption in the network connection.
If the Ethernet connection does not get enabled automatically, try to manually re-enable it, open the Run command by pressing Windows Key + R, type ncpa.cpl, and press Enter. This will open the Network Connections dialog box. Select your Ethernet connection, right-click on it, and choose Enable if it is disabled.
To verify and configure the Wired AutoConfig service, open the Run command again by pressing Windows Key + R, type services.msc, and press Enter to open the Services dialog box. Search for Wired AutoConfig, right-click on it, and select Properties. In the Properties dialog box, set the Startup type to Automatic. Then click Start under Service status, and click Apply and OK.
Kindly let us know if this re-enables the Ethernet connection or if you are having any issues.
Regards
Life happens, Coffee helps!
Show your Attitude, when you reach that Altitude!
Bitdefender Ultimate Security Plus (user)
2 -
1) Restart your PC in safe mode. You can follow this guide:done
2) Open the Run command and execute the following commands one by one:temp– delete all the files in the folder.%temp%– delete all the files in the folder.prefetch– delete all the files in the folder.done
3)Restart your PC in normal mode by unselecting the option to run the system in Safe Mode, then click 'Apply.'4) Reset your web browsers:Google Chrome:https://support.google.com/chrome/answer/3296214?hl=en DONEMozilla Firefox:https://support.mozilla.org/en-US/kb/refresh-firefox-reset-add-ons-and-settings DONEMicrosoft Edge:https://malwaretips.com/blogs/reset-microsoft-edge/ DONE5) Reset the Windows host file to default. You can find instructions here:6) Run Disk Cleanup using this guide:DONEclean all. I know the cleaning of system files extra
7) Open the Run command and execute the following commands one by one:ipconfig /releaseipconfig /flushdnsipconfig /renewnetsh int ip resetnetsh winsock resetDONE ALL
I try also to restore ehternet connection. Restoring i found disabled. I try to restore again and works. This thing for me is suspicious. I receive also now attacks.
0 -
Can you tell us exactly what the issues are that you are currently facing, and if possible, could you share screenshots of them? What does 'suspicious' mean here? The links are all provided by Microsoft. Also, below is the breakdown of the commands that were executed as per scenarios to understand them better.
ipconfig /release: Imagine your computer is holding onto a phone number (IP address) for a while. This command tells it to hang up and stop using that number.
ipconfig /flushdns: Your computer remembers website addresses (like a browser history). This command tells it to forget all those addresses, so it starts fresh.
ipconfig /renew: After letting go of its old phone number, your computer asks for a new one. It's like getting a new phone number from the network.
netsh int ip reset: Sometimes, the way your computer talks to the internet gets messed up. This command resets all the talking rules to default settings, like hitting a reset button.
netsh winsock reset: Just like the previous command, this one fixes the way your computer talks to the internet, but specifically for Windows computers. It's like fine-tuning the way it communicates online.
Well, you see, these are the basic commands, and the solution was provided by Intel (https://www.intel.com/content/www/us/en/support/articles/000058982/wireless/intel-killer-wi-fi-products.html)
Regards
Life happens, Coffee helps!
Show your Attitude, when you reach that Altitude!
Bitdefender Ultimate Security Plus (user)
0 -
Hi, I really appreciate your answer. It's also very detailed and useful.
I made a Hard reset of the router Fritz Box 7530AX and the attacks disappeared now. I also apply a light fresh start of Window 11. Now it seems ok, 9 hours without attacks.
Inside the router I found some very weird settings. Something happened, but now it's ok.
1 -
That means the issue was with the router facing a DDoS attack. Resetting it did the job. It's nice to know that everything is fixed now.
Regards
Life happens, Coffee helps!
Show your Attitude, when you reach that Altitude!
Bitdefender Ultimate Security Plus (user)
2 -
Thanks for all Flexx :)
1 -
Exploit attempt blocked10 hours agoFeature:Online Threat PreventionAn attempt to access your device by exploiting a vulnerability was made by 51.8.223.99. We blocked the connection to prevent the attacker from gaining access over your data and system resources.
This is recente. No other attacks. Should I do something?
0
