Open ports on laptop. Concerned about port '12345'. Is it a sign that my computers been compromised?
I'm abit worried about the results that I got from scanning the open ports on my laptop. Especially the port '12345' as I searched it up and came back with results on it being some sort of remote control software that's linked to it.
Plus the names for each port next to '139' and '12345' seem quite similar. So I'm wondering if theres connected in some way?
I'm not very tech savvy so I'm not sure on what it means. And if there would be anyway to close it?
Also how would these ports have opened?
Sorry, if that's a little vague I'm not too sure how to phrase the questions directly. As I dont really know much about ports.
Answers
-
Definitely concerning.
I would assume you are hacked and download an antivirus program that is trusted. TrendMicro, BitDefender. Make sure you uninstall your installed one.
If you have a good one already. Update it.
Then disconnect network.
Then do a FULL scan.
2 -
FYI, I didn’t see you mention using it but there is a trend micro product that uses this port, office scan. So if you do not have what @Lee_Bo mentioned or some other type of IOT control software, get that system scanned asap. By the way, if you have windows firewall enabled on your laptop, you can block that port. See this article.. https://www.ghacks.net/2017/05/19/how-to-block-ports-in-windows/Thats Daphnee, she's a good dog...
2 -
Ahh yeah I've scanned the laptop with the other two softwares and they havent picked up on any threats either.
I did the netstat scan on my laptop and I found the Pid addresses for the ports. That's what the guide said to do.
I got the PId for both of them then it said to match them in the task manager.
When I did that it said they were linked to an application called elevationservice.exe (wondershare) for '12345' and oneapp.IGCC.winservice it was located in the driver store>filerespitory for '808'. Not sure if I missed anything tho.
I then scanned them individually with all of the antivirus softwares but they didnt show up with any threats either.
I'll go look at the article thank you.
0 -
It probably would not spread to your WiFi , but it could spread via WiFi to other devices.
The port closure is not unusual after a reboot as some routers perform a cleanup till the next time a device requests a port be open.
Thats Daphnee, she's a good dog...1 -
@Adre, if its determined that you have been compromised, your only choice if your anti virus products can’t clean this system, is it take it off the wire, wipe it clean (wipe out the hard drive and its data) and reinstall your os and software, being very care to only install software from vendors you trust from locations you trust.Thats Daphnee, she's a good dog...0
-
I noticed that port 1234 when I ran fingdesktop weeks ago but didn't realize its a concern coz fingdesk says everything looks good when I ran vulnerability scan . I use Bitdefender Total software for 2 years now since I had used the Bitdefender Box 2 for a year then disconnected it but continued use of the software on my PC . Ran Bitdefender quick scan when I open PC and ran total system scan everyweek but nothing found .
0
Categories
- 5.8K All Categories
- 2.8K Ask about Connected Technology
- How To...
- 1.1K Devices & Security
- 1.6K Network Troubleshooting & Connectivity
- 114 General Discussion, Weird & Wonderful
- 45 Network Infrastructure
- 5.4K Ask about Fing
- 548 Fing Account Change Request
- 1.1K Fing Desktop
- 1.4K Fing App
- 1.7K Fingbox
- 534 Announcements, Beta Testing & Release Notes
- 160 Community Updates
- 29 Getting started
- 13 Community User Guides