AdvancedSetup

Please make the following change in Malwarebytes if you're using the Premium or Trial version Please open Malwarebytes. Click on the small gear icon to open the Settings and go to the General tab. Then turn off "Always register Malwarebytes in the Windows Security Center" Restart the computer It is highly unlikely that you need to setup exclusions for Windows Defender, however if you experience any issues, please see the following article and setup exclusions between Malwarebytes and Windows Defender Malwarebytes for Windows antivirus exclusions list https://support.malwarebytes.com/hc/en-us/articles/360038522974-Malwarebytes-for-Windows-antivirus-exclusions-list

Hello @bitty_01 Let's go ahead and run a couple of scans and get some updated logs from your system. Please read the entire post below before starting so that you're more familiar with the process Then follow each step in the order provided. Unless otherwise asked, please attach all logs Please make the following system changes: If you have not done so already - Enable System Protection and create a NEW System Restore Point Temporarily disable your antivirus real-time protection or other security software first only if it blocks or interferes with the scans or downloads.. Make sure to turn it back on once the scans are completed Temporarily disable Microsoft SmartScreen to download software below only if needed. Make sure to turn it back on once the downloads are completed Disable-Fast-Startup Show-Hidden-Folders-Files-Extensions Please run the following scans: Click the following link and run a Scan with AdwCleaner Click the following link and run a Scan with Malwarebytes RESTART the computer Click the following link and run a Scan with Farbar Recovery Scan Tool Example image of where to click to attach files when posting your reply Thank you

No ISP provides great blocking. They do block "some" stuff but not much. One really needs a Router with a Firewall or at least a Firewall to truly protect against those type of probes. At this time it does not look like the computer is infected. Inbound threats are typically some bot trying to find a way in to infect or take over your computer so Malwarebytes is doing it's job keeping them out. The current logs do not indicate an onboard threat.

No issues really found. Please run the following Dr.Web CureIt! Please download the Dr.Web CureIt! anti-virus utility https://free.drweb.com/ You will need to send them an email to obtain a link to download the scanner, please do so The downloaded file will normally have a unique name such as: q7a9tr4p.exe Close all open applications and locate the downloaded file and double-click to run it The program will take a moment to launch and bring up the License and Update screen Place a check mark to agree to the terms and then click on the Continue button Click the underlined link Select objects for scanning On the top left click the Scanning objects that should automatically check all objects Click the small wrench and make sure there is a check on Automatically apply actions to threats Then click the large button on bottom right Start scanning Once the scan has completed there will be a link named Open report click that and a log named cureit.log should open in Notepad The log is saved in the folder named Doctor Web in the top of your user profile folders Please attach that log on your next reply

Hello @ItsAbadTime and Let's go ahead and run a couple of scans and get some updated logs from your system. Please read the entire post below before starting so that you're more familiar with the process Then follow each step in the order provided. Unless otherwise asked, please attach all logs Please make the following system changes: If you have not done so already - Enable System Protection and create a NEW System Restore Point Temporarily disable your antivirus real-time protection or other security software first only if it blocks or interferes with the scans or downloads.. Make sure to turn it back on once the scans are completed Temporarily disable Microsoft SmartScreen to download software below only if needed. Make sure to turn it back on once the downloads are completed Disable-Fast-Startup Show-Hidden-Folders-Files-Extensions Please run the following scans: Click the following link and run a Scan with AdwCleaner Click the following link and run a Scan with Malwarebytes RESTART the computer Click the following link and run a Scan with Farbar Recovery Scan Tool Example image of where to click to attach files when posting your reply Thank you

Hello @lwlonewolf and Let's go ahead and run a couple of scans and get some updated logs from your system. Please read the entire post below before starting so that you're more familiar with the process Then follow each step in the order provided. Unless otherwise asked, please attach all logs Please make the following system changes: If you have not done so already - Enable System Protection and create a NEW System Restore Point Temporarily disable your antivirus real-time protection or other security software first only if it blocks or interferes with the scans or downloads.. Make sure to turn it back on once the scans are completed Temporarily disable Microsoft SmartScreen to download software below only if needed. Make sure to turn it back on once the downloads are completed Disable-Fast-Startup Show-Hidden-Folders-Files-Extensions Please run the following scans: Click the following link and run a Scan with AdwCleaner Click the following link and run a Scan with Malwarebytes RESTART the computer Click the following link and run a Scan with Farbar Recovery Scan Tool Example image of where to click to attach files when posting your reply Thank you

The logs indicate that you have Webroot SecureAnywhere installed. Does a scan with that find any issues? Please run the following Dr.Web CureIt! Please download the Dr.Web CureIt! anti-virus utility https://free.drweb.com/ You will need to send them an email to obtain a link to download the scanner, please do so The downloaded file will normally have a unique name such as: q7a9tr4p.exe Close all open applications and locate the downloaded file and double-click to run it The program will take a moment to launch and bring up the License and Update screen Place a check mark to agree to the terms and then click on the Continue button Click the underlined link Select objects for scanning On the top left click the Scanning objects that should automatically check all objects Click the small wrench and make sure there is a check on Automatically apply actions to threats Then click the large button on bottom right Start scanning Once the scan has completed there will be a link named Open report click that and a log named cureit.log should open in Notepad The log is saved in the folder named Doctor Web in the top of your user profile folders Please attach that log on your next reply

Those logs indicate that you're having an INBOUND IP block. That is due to remote systems probing your system looking for open ports or other exploits it can use. If you have a hardware firewall between your ISP and your Computer it should be blocking those. Normally those type of inbound blocks will go away on their own within about a week or so. If you own your own router and are not renting it from your Internet Service Provider Please ensure that you have the user manual for your router. Then perform a factory reset. How To Reset Your Router https://setuprouter.com/networking/how-to-reset-your-router/ Depending on one's preferences and the Router's capabilities please consider the following. Disable acceptance of ICMP Pings Change the Default Router password using a Strong Password Use a Strong WiFi password on WPA2 using AES encryption or Enable WPA3 if it is an option. Disable Remote Management Create separate WiFi networks for groups of devices with similar purposes to prevent an entire network of devices from being compromised if a malicious actor is able to gain unauthorized access to one device or network. Example: Keep IoT devices on one network and mobile devices on another. Change the network name (SSID). Do not use your; Name, Postal address or other personal information. Make it unique or whimsical and known to your family/group. Is the Router Firmware up-to-date ? Updating the firmware mitigates exploitable vulnerabilities. Specifically set Firewall rules to BLOCK; TCP and UDP ports 135 ~ 139, 445, 1234, 3389, 5555 and 9034 Document passwords created and store them in a safe but accessible location.

You can see from the image you posted. The IP: 87.236.176.19 The source is STEAM.EXE your game program. When you look up that IP address you see it is being abused a LOT and that is why Malwarebytes is blocking it. https://www.abuseipdb.com/check/87.236.176.19 The game may or may not be impacted. It could simply be a resource IP used by some portion of the game which in general may not impact the game.

Thank you for the logs, please let me get another set of logs To begin, please do the following so that we may take a closer look at your installation for troubleshooting: NOTE: The tools and the information obtained are safe and not harmful to your privacy or your computer, please allow the programs to run if blocked by your system. Download the Malwarebytes Support Tool In your Downloads folder, open the mb-support-x.x.x.xxx.exe file In the User Account Control pop-up window, click Yes to continue the installation Run the MBST Support Tool In the left navigation pane of the Malwarebytes Support Tool, click Advanced In the Advanced Options, click Gather Logs. A status diagram displays the tool is Getting logs from your machine A zip file named mbst-grab-results.zip will be saved to the Public desktop, please upload that file on your next reply Thank you

Your username and password should not change even if the email address has changed. However if 2FA has been enabled that goes to the email address you'll need to create a ticket to have one of our agents assist you in correcting your account changes. Change my email address in My Account https://support.malwarebytes.com/hc/en-us/articles/360038522894-Change-my-email-address-in-My-Account If you cannot log into your My Account then we will not be able to assist with that on the forums. But, if you have your ID and Key you should be able to use Malwarebytes version 4 to do the install. Consumer Support https://support.malwarebytes.com/hc/en-us/requests/new Please note that it will take about 7+ workdays to get a reply from Support due to high ticket volumes Thank you

It's just an information event. I would not worry about it. If you're concerned then perhaps do a couple of antivirus scans but Trojans and other threats are not well known for documenting their activity, thus I'm sure it's quite normal. If you'd like to run some AV scans though, please let me know. Cheers

Unknown. I gave you advice on resetting the router. That would remove if someone had attacked it. If you're running Ubuntu than we don't have software for you. Malwarebytes does not support Linux

You declined to want to run scans. Please reinstall Windows and that should correct anything caused by the software Clean Install Windows 10 & 11 (2023) https://answers.microsoft.com/en-us/windows/forum/all/clean-install-windows-10-11-2023/1c426bdf-79b1-4d42-be93-17378d93e587 Also, please review the following topic Bypass Microsoft Online Account Creation during installation of Windows 11 https://forums.malwarebytes.com/topic/296613-bypass-microsoft-online-account-creation-during-installation-of-windows-11/

You tell us. If you restart the computer and try to access the wireless or wired do you get an alert blocking from Malwarebytes?