Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

When connected to internet computer stops working, now cannot connect


  • Please log in to reply
14 replies to this topic

#1 Alunny

Alunny

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:10:46 AM

Posted 28 January 2018 - 02:28 AM

The past few days my computer's been going a bit bonkers around the same time (4-5am), it slows down to unmanageable levels and requires restarting. Last night the restart didn't work, in fact it just got worse until I had to disable my network adapters because Malwarebytes lost real time protection in the middle of it. The computer immediately went back to normal behavior when the net was disabled. I ran a deep MB and Avira scan. MB warned me about a game trainer that's been on there for centuries, and Avira had 31 warnings that seemed to be all can't open files (lots of MS stuff) and archive bombs, mostly in games (legally purchased via steam).
 
At this time I noticed MS Lifecam was running in processes, though my cam is not plugged in. I also found an installer file for this in my downloads from the 10th Jan. This program IS used by me but was installed years ago. When viewing the properties of the file it said the original filename was something like SXCAB.exe; I deleted this file and uninstalled life cam in case it was the issue, and I went to go get the filename from recycling bin and it was not there. I ran CCLeaner in case it was trying to hide from me in case that could save me.
 
I felt like now was the time to contact you guys, and tried to enable my LAN....it froze my computer 4 times now to the point of needing to cut the power. I have also tried diagnosing connection issues and clicking solve on the network adapter being disabled and it also froze that way. Malwarebytes keeps starting with real time protection disabled, and takes up to an hour to enable (sometimes fails).
 
Additionally last night when I briefly connected to download chrome (to reinstall it) I got over 30 notifications from MB saying incoming malicious connection was blocked from IP 169.254.191.50 on port 5355 to svchost.exe before I again disabled my LAN/Wireless. Also please note that this was the last time I was able to enable it, which was before uninstalling a heap of old programs, running the scans (nothing quarantined) and removing lifecam.
 
I'm using Windows 7 Ultimate 64 bit. I don't know if I cheesed off the wrong person or if I downloaded the wrong thing or went to the wrong site. Please help.

Edit: I've been offline all day, came back this afternoon around dinner time via wireless (not game enough to try to enable LAN again yet). Uninstalled and reinstalled Chrome. It still slows down quite significantly sometimes but not as bad as before. I also noticed MBAMService.exe was running at 15,000,000 K memory when connected to the net, so I shut it down and it restarted itself and since then has not gone above 200,000 K (have not restarted so unsure if this will stick). I noticed also TabTip.exe using a significant amount also when connected but cannot recall the amount (it was probably close to 10,000,000 K). I have come back online now at 5am and it's acting normal.....does this mean I was under attack or does this mean I might have cleaned up the virus or part of it?

 

Edit 2: I googled the file name the lifecam was and it said it was a trojan that spams your registry and changes security settings. I ran a registry scan in CCLeaner and I have a LOT of entries for lifecam; invalid firewall rules. I did not do anything with these yet.

Invalid firewall rule	{00C33E2E-83F9-41FB-840C-5F7905A4B7A6} - C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe	HKLM\SYSTEM\ControlSet002\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules
Invalid firewall rule	{6C7DA893-1254-41DE-A74F-CACE2E975F5B} - C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe	HKLM\SYSTEM\ControlSet002\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules
Invalid firewall rule	{99AAF361-0D1C-45CA-833F-E64793AA0171} - C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe	HKLM\SYSTEM\ControlSet002\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules
Invalid firewall rule	{B7D46607-4899-4CF4-A648-2BF68818E162} - C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe	HKLM\SYSTEM\ControlSet002\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules
Invalid firewall rule	{05ED0C5F-A481-485B-BE0F-5F1F246FE225} - C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe	HKLM\SYSTEM\ControlSet002\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules
Invalid firewall rule	{0CFC0045-1C7A-43DC-B581-39E0EBEABAD2} - C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe	HKLM\SYSTEM\ControlSet002\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules
Invalid firewall rule	{D25A62D2-ACC7-433A-BD51-2A378B7D3F7F} - C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe	HKLM\SYSTEM\ControlSet002\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules
Invalid firewall rule	{00C33E2E-83F9-41FB-840C-5F7905A4B7A6} - C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe	HKLM\SYSTEM\ControlSet001\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules
Invalid firewall rule	{6C7DA893-1254-41DE-A74F-CACE2E975F5B} - C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe	HKLM\SYSTEM\ControlSet001\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules
Invalid firewall rule	{99AAF361-0D1C-45CA-833F-E64793AA0171} - C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe	HKLM\SYSTEM\ControlSet001\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules
Invalid firewall rule	{B7D46607-4899-4CF4-A648-2BF68818E162} - C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe	HKLM\SYSTEM\ControlSet001\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules
Invalid firewall rule	{05ED0C5F-A481-485B-BE0F-5F1F246FE225} - C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe	HKLM\SYSTEM\ControlSet001\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules
Invalid firewall rule	{0CFC0045-1C7A-43DC-B581-39E0EBEABAD2} - C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe	HKLM\SYSTEM\ControlSet001\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules
Invalid firewall rule	{D25A62D2-ACC7-433A-BD51-2A378B7D3F7F} - C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe	HKLM\SYSTEM\ControlSet001\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules
Invalid firewall rule	{67007FB3-34AC-45F2-A44D-FF13FCAC42CD} - C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe	HKLM\SYSTEM\ControlSet001\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules


Edited by Alunny, 28 January 2018 - 02:09 PM.


BC AdBot (Login to Remove)

 


#2 Alunny

Alunny
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:10:46 AM

Posted 04 February 2018 - 03:28 AM

I am still in need of some help. I now believe I removed the virus but perhaps not the effects of it and perhaps not the whole virus successfully. I believe I got it from a free sprite sheet maker I downloaded to make a game with. I thought it would be safe because it was being given out by its creator....it did not do anything remotely close to what it said it would, it loaded up one sprite and let you recolor it...it was supposed to let you input all your sprite files to make a sheet of them.

 

Also I believe this article is relevant to part of the story so who ever is reading may want to know:

https://www.bleepingcomputer.com/news/security/malwarebytes-update-released-to-fix-high-cpu-and-memory-usage-in-mbamservice-exe/



#3 SleepyDude

SleepyDude

  • Malware Response Team
  • 3,125 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Portugal
  • Local time:11:46 PM

Posted 08 February 2018 - 04:37 AM

Hi,

 

The link you post is most likely the reason for the problems you describe.

 

Can you open Malwarebytes and force the program to Update?

- on the Dashboard click on the word/link next to Updates:

- under Settings click on Install Application Updates


• Please do not PM me asking for support. Post on the forums instead it will increases the chances of getting help for your problem by one of us.
• Posts in the Malware section that are not replied to within 4 days will be closed. PM me or a moderator to reactivate.
• Please post your final results, good or bad. We like to know! Thank you!

 
Proud graduate of GeekU and member of UNITE
___
Rui

 
 


#4 Alunny

Alunny
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:10:46 AM

Posted 08 February 2018 - 08:40 AM

I already solved that issue, but everything else from the first post is still relevant. :)



#5 SleepyDude

SleepyDude

  • Malware Response Team
  • 3,125 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Portugal
  • Local time:11:46 PM

Posted 08 February 2018 - 09:06 AM

In that case please clarify the issues that remain.


• Please do not PM me asking for support. Post on the forums instead it will increases the chances of getting help for your problem by one of us.
• Posts in the Malware section that are not replied to within 4 days will be closed. PM me or a moderator to reactivate.
• Please post your final results, good or bad. We like to know! Thank you!

 
Proud graduate of GeekU and member of UNITE
___
Rui

 
 


#6 Alunny

Alunny
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:10:46 AM

Posted 08 February 2018 - 09:24 AM

...I can't exactly list problems without the history the first post mentions. I have crossed out the irrelevant bits, everything else is still relevant except my computer doesn't slow down at that specific time since partially removing the virus.

 

 

 

The past few days my computer's been going a bit bonkers around the same time (4-5am), it slows down to unmanageable levels and requires restarting. Last night the restart didn't work, in fact it just got worse until I had to disable my network adapters because Malwarebytes lost real time protection in the middle of it. The computer immediately went back to normal behavior when the net was disabled. I ran a deep MB and Avira scan. MB warned me about a game trainer that's been on there for centuries, and Avira had 31 warnings that seemed to be all can't open files (lots of MS stuff) and archive bombs, mostly in games (legally purchased via steam).
 
At this time I noticed MS Lifecam was running in processes, though my cam is not plugged in. I also found an installer file for this in my downloads from the 10th Jan. This program IS used by me but was installed years ago. When viewing the properties of the file it said the original filename was something like SXCAB.exe; I deleted this file and uninstalled life cam in case it was the issue, and I went to go get the filename from recycling bin and it was not there. I ran CCLeaner in case it was trying to hide from me in case that could save me.
 
I felt like now was the time to contact you guys, and tried to enable my LAN....it froze my computer 4 times now to the point of needing to cut the power. I have also tried diagnosing connection issues and clicking solve on the network adapter being disabled and it also froze that way. Malwarebytes keeps starting with real time protection disabled, and takes up to an hour to enable (sometimes fails).
 
Additionally last night when I briefly connected to download chrome (to reinstall it) I got over 30 notifications from MB saying incoming malicious connection was blocked from IP 169.254.191.50 on port 5355 to svchost.exe before I again disabled my LAN/Wireless. Also please note that this was the last time I was able to enable it, which was before uninstalling a heap of old programs, running the scans (nothing quarantined) and removing lifecam.
 
I'm using Windows 7 Ultimate 64 bit. I don't know if I cheesed off the wrong person or if I downloaded the wrong thing or went to the wrong site. Please help.

Edit: I've been offline all day, came back this afternoon around dinner time via wireless (not game enough to try to enable LAN again yet). Uninstalled and reinstalled Chrome. It still slows down quite significantly sometimes but not as bad as before. I also noticed MBAMService.exe was running at 15,000,000 K memory when connected to the net, so I shut it down and it restarted itself and since then has not gone above 200,000 K (have not restarted so unsure if this will stick). I noticed also TabTip.exe using a significant amount also when connected but cannot recall the amount (it was probably close to 10,000,000 K). I have come back online now at 5am and it's acting normal.....does this mean I was under attack or does this mean I might have cleaned up the virus or part of it?

 

Edit 2: I googled the file name the lifecam was and it said it was a trojan that spams your registry and changes security settings. I ran a registry scan in CCLeaner and I have a LOT of entries for lifecam; invalid firewall rules. I did not do anything with these yet.

Invalid firewall rule	{00C33E2E-83F9-41FB-840C-5F7905A4B7A6} - C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe	HKLM\SYSTEM\ControlSet002\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules
Invalid firewall rule	{6C7DA893-1254-41DE-A74F-CACE2E975F5B} - C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe	HKLM\SYSTEM\ControlSet002\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules
Invalid firewall rule	{99AAF361-0D1C-45CA-833F-E64793AA0171} - C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe	HKLM\SYSTEM\ControlSet002\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules
Invalid firewall rule	{B7D46607-4899-4CF4-A648-2BF68818E162} - C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe	HKLM\SYSTEM\ControlSet002\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules
Invalid firewall rule	{05ED0C5F-A481-485B-BE0F-5F1F246FE225} - C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe	HKLM\SYSTEM\ControlSet002\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules
Invalid firewall rule	{0CFC0045-1C7A-43DC-B581-39E0EBEABAD2} - C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe	HKLM\SYSTEM\ControlSet002\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules
Invalid firewall rule	{D25A62D2-ACC7-433A-BD51-2A378B7D3F7F} - C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe	HKLM\SYSTEM\ControlSet002\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules
Invalid firewall rule	{00C33E2E-83F9-41FB-840C-5F7905A4B7A6} - C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe	HKLM\SYSTEM\ControlSet001\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules
Invalid firewall rule	{6C7DA893-1254-41DE-A74F-CACE2E975F5B} - C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe	HKLM\SYSTEM\ControlSet001\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules
Invalid firewall rule	{99AAF361-0D1C-45CA-833F-E64793AA0171} - C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe	HKLM\SYSTEM\ControlSet001\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules
Invalid firewall rule	{B7D46607-4899-4CF4-A648-2BF68818E162} - C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe	HKLM\SYSTEM\ControlSet001\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules
Invalid firewall rule	{05ED0C5F-A481-485B-BE0F-5F1F246FE225} - C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe	HKLM\SYSTEM\ControlSet001\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules
Invalid firewall rule	{0CFC0045-1C7A-43DC-B581-39E0EBEABAD2} - C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe	HKLM\SYSTEM\ControlSet001\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules
Invalid firewall rule	{D25A62D2-ACC7-433A-BD51-2A378B7D3F7F} - C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe	HKLM\SYSTEM\ControlSet001\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules
Invalid firewall rule	{67007FB3-34AC-45F2-A44D-FF13FCAC42CD} - C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe	HKLM\SYSTEM\ControlSet001\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules



#7 SleepyDude

SleepyDude

  • Malware Response Team
  • 3,125 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Portugal
  • Local time:11:46 PM

Posted 08 February 2018 - 09:54 AM

Ok. So can you connect the machine using the LAN without problem or not?

 

The Microsoft LifeCam is a legit program if you download it directly from Microsoft.

 

Please don't use the Registry cleaner part of CCleaner or any other similar program for that manner. You can ignore those firewall entry's or you can reset the firewall if you want.

 

If you are concerned that malware still exists on the machine you can run another scan by doing this:

 

Do a scan using Eset On-line Scanner

Make sure that the option Remove found threats is ticked and the Scan Archives option is also ticked.
Click on Advanced Settings, an check the options:

  • Scan for potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth Technology are ticked.

Click Scan and then wait for the scan to finish (it will take some time).

When the scan ends press the button LIST OF THREATS FOUND, click Export to Text File open the text file and Copy & Paste the contents to your reply.
Press the BACK button.
Press Finish
 

 

The scan can take a long time, to speedup the process disable Avira during the scan.

 

 


• Please do not PM me asking for support. Post on the forums instead it will increases the chances of getting help for your problem by one of us.
• Posts in the Malware section that are not replied to within 4 days will be closed. PM me or a moderator to reactivate.
• Please post your final results, good or bad. We like to know! Thank you!

 
Proud graduate of GeekU and member of UNITE
___
Rui

 
 


#8 Alunny

Alunny
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:10:46 AM

Posted 09 February 2018 - 04:04 AM

Hey SleepyDude :D

 

I can connect now to the LAN, I went into safe mode last night to connect and it's been okay since. Not sure what that was about.

 

Lifecam was installed by me in 2015, I have no idea where I downloaded it from however I did not download it since then so for there to be a lifecam setup file from a few weeks ago in my downloads is highly sus, and for the files properties to say it was renamed from "SXCAB.exe" which is a well known trojan is pretty alarming.

 

Are you sure those entries are okay? Because this trojan is known to create false security settings and mess with your firewall/security stuff in the registry. Also I deleted it and it was gone, it didn't go to recycling bin. AND my cam was running without me turning it on two or 3 times so I know it was messing around. Also the virus scanners (malwarebytes and avira) were showing warnings about the Lifecam folder too until I uninstalled it.

 

Will post my scan results, just want to close the browser so I don't type and accidentally mess with the scan if it pops up. Thank you for that suggestion!

 



#9 SleepyDude

SleepyDude

  • Malware Response Team
  • 3,125 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Portugal
  • Local time:11:46 PM

Posted 09 February 2018 - 05:20 AM

Hi,

 

SXCAB.exe is like a generic name all files compressed as CAB files (format many time used by Microsoft) and then converted to a Self extracted archive will show that.

 

If you download the legit LifeCam from Microsoft using the link I post above you will see on the description the same SXCAB.exe and that the file have a Digital Signature by Microsoft Corporation.

 

Report of the LifeCam3.60.exe checked with 66 Antivirus programs

https://www.virustotal.com/en/file/43363c3f6ff4e7c529834a283818de92d4c665984c92b5e4f17c78091b22195a/analysis/1516665793/

 

Can you open Malwarebytes and retrieve the log that show that detection and copy & paste the report to your post?


Edited by SleepyDude, 09 February 2018 - 05:27 AM.

• Please do not PM me asking for support. Post on the forums instead it will increases the chances of getting help for your problem by one of us.
• Posts in the Malware section that are not replied to within 4 days will be closed. PM me or a moderator to reactivate.
• Please post your final results, good or bad. We like to know! Thank you!

 
Proud graduate of GeekU and member of UNITE
___
Rui

 
 


#10 Alunny

Alunny
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:10:46 AM

Posted 09 February 2018 - 05:55 AM

ESET came back clean...

 

and my Malwarebytes logs don't have anything from the few days following this post when I was finding stuff, none of those logs are there anymore... :/

 

It doesn't have the blocked stuff about "incoming malicious connection was blocked from IP 169.254.191.50 on port 5355 to svchost.exe" either....it's listing actual websites now saying they're coming from Chrome.



#11 SleepyDude

SleepyDude

  • Malware Response Team
  • 3,125 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Portugal
  • Local time:11:46 PM

Posted 09 February 2018 - 09:11 AM

Good.

 

Addresses on the 169.254.x.x range are private IP's (not used on the internet) those requests are from another device connected to your network.


• Please do not PM me asking for support. Post on the forums instead it will increases the chances of getting help for your problem by one of us.
• Posts in the Malware section that are not replied to within 4 days will be closed. PM me or a moderator to reactivate.
• Please post your final results, good or bad. We like to know! Thank you!

 
Proud graduate of GeekU and member of UNITE
___
Rui

 
 


#12 Alunny

Alunny
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:10:46 AM

Posted 10 February 2018 - 09:22 AM

That's interesting too since the slowdowns stopped after we changed our wireless password.

 

And scary what about phones and tablets? They don't have firewalls.



#13 SleepyDude

SleepyDude

  • Malware Response Team
  • 3,125 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Portugal
  • Local time:11:46 PM

Posted 10 February 2018 - 11:50 AM

That's interesting too since the slowdowns stopped after we changed our wireless password.

Maybe someone found the wireless password and connected to your network, then used the access to generate heavy traffic!
 

And scary what about phones and tablets? They don't have firewalls.


If you are connect to the Internet using a home router they all include a firewall that protects your network devices.

• Please do not PM me asking for support. Post on the forums instead it will increases the chances of getting help for your problem by one of us.
• Posts in the Malware section that are not replied to within 4 days will be closed. PM me or a moderator to reactivate.
• Please post your final results, good or bad. We like to know! Thank you!

 
Proud graduate of GeekU and member of UNITE
___
Rui

 
 


#14 Alunny

Alunny
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:10:46 AM

Posted 10 February 2018 - 10:25 PM

Well the firewall didn't work for my computer, my computer had to stop it.

 

I let my neighbour connect for her iPhone...well my partner did he forgot to set the guest network up instead of giving her our password (which I didn't know until the problems). Is it possible her iPhone/mac was just trying to connect to a computer to sync and since mine was on it got and blocked the message? She's not tech savvy enough to hack but she could have had a virus or something possibly.



#15 SleepyDude

SleepyDude

  • Malware Response Team
  • 3,125 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Portugal
  • Local time:11:46 PM

Posted 11 February 2018 - 07:08 AM

The router firewall only protect the machines from accesses originated from the Internet not when is something inside your Network, that is when the firewall on the machine (from Windows or 3rd party) have to do the job.

 

I can't provided a explanation to the last part without more information... Did you have another Windows device connected at this time? I'm asking because Windows machines when fail to get an IP address will auto assign an IP from the range 169.254.x.x and start trying to communicate with the network using that IP, most likely your router uses a different network range, usually something like 192.168.x.x and because it's two different networks Malwarebytes start blocking any requests from the "other network".


• Please do not PM me asking for support. Post on the forums instead it will increases the chances of getting help for your problem by one of us.
• Posts in the Malware section that are not replied to within 4 days will be closed. PM me or a moderator to reactivate.
• Please post your final results, good or bad. We like to know! Thank you!

 
Proud graduate of GeekU and member of UNITE
___
Rui

 
 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users