Jump to content

Wifi anomalies on wireshark and Autoruns red processes

Immanuel

By Immanuel
in Resolved Malware Removal Logs

 Share

Recommended Posts

  • Replies 57
  • Created
  • Last Reply

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

Popular Posts

AdvancedSetup
AdvancedSetup

You can see here that the PLUG entry is from Microsoft https://learn.microsoft.com/en-us/windows/privacy/required-windows-diagnostic-data-events-and-fields-2004   AutoRuns color meaning

AdvancedSetup
AdvancedSetup

These thing are going to happen. There are always bots and people trying to find exploits Please try resetting your router.     If you own your own router and are not renting it fr

AdvancedSetup
AdvancedSetup

It's probably because you keep slicing and dicing Windows files, settings, and registry entries even though you don't have a solid understanding of what is what. Perhaps at this point the best th

Posted Images

Immanuel

Immanuel

Posted
  • Author
Posted

PS C:\Windows\system32> Get-MpComputerStatus


AMEngineVersion                  : 1.1.23100.2009
AMProductVersion                 : 4.18.23100.2009
AMRunningMode                    : SxS Passive Mode
AMServiceEnabled                 : True
AMServiceVersion                 : 4.18.23100.2009
AntispywareEnabled               : True
AntispywareSignatureAge          : 0
AntispywareSignatureLastUpdated  : 11/13/2023 6:30:44 AM
AntispywareSignatureVersion      : 1.401.545.0
AntivirusEnabled                 : True
AntivirusSignatureAge            : 0
AntivirusSignatureLastUpdated    : 11/13/2023 6:30:44 AM
AntivirusSignatureVersion        : 1.401.545.0
BehaviorMonitorEnabled           : False
ComputerID                       : D8CDA9AF-0058-4081-B05E-8C44CFC32C8F
ComputerState                    : 0
DefenderSignaturesOutOfDate      : False
DeviceControlDefaultEnforcement  : Unknown
DeviceControlPoliciesLastUpdated : 1/1/1601 1:00:00 AM
DeviceControlState               : Disabled
FullScanAge                      : 0
FullScanEndTime                  : 11/13/2023 4:03:41 PM
FullScanOverdue                  : False
FullScanRequired                 : False
FullScanSignatureVersion         : 1.401.545.0
FullScanStartTime                : 11/13/2023 2:58:00 PM
IoavProtectionEnabled            : False
IsTamperProtected                : True
IsVirtualMachine                 : False
LastFullScanSource               : 1
LastQuickScanSource              : 0
NISEnabled                       : False
NISEngineVersion                 : 1.1.23100.2009
NISSignatureAge                  : 0
NISSignatureLastUpdated          : 11/13/2023 6:30:44 AM
NISSignatureVersion              : 1.401.545.0
OnAccessProtectionEnabled        : False
ProductStatus                    : 524288
QuickScanAge                     : 4294967295
QuickScanEndTime                 :
QuickScanOverdue                 : False
QuickScanSignatureVersion        :
QuickScanStartTime               :
RealTimeProtectionEnabled        : False
RealTimeScanDirection            : 0
RebootRequired                   : False
SmartAppControlExpiration        :
SmartAppControlState             : Off
TamperProtectionSource           : N/A
TDTMode                          : N/A
TDTSiloType                      : N/A
TDTStatus                        : N/A
TDTTelemetry                     : N/A
TroubleShootingDailyMaxQuota     :
TroubleShootingDailyQuotaLeft    :
TroubleShootingEndTime           :
TroubleShootingExpirationLeft    :
TroubleShootingMode              :
TroubleShootingModeSource        :
TroubleShootingQuotaResetTime    :
TroubleShootingStartTime         :
PSComputerName                   :

PS C:\Windows\system32> reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\Features"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\Features
    TamperProtection    REG_DWORD    0x5
    MpPlatformKillbitsFromEngine    REG_BINARY    0000000400000000
    TPExclusions    REG_DWORD    0x0
    MpPlatformKillbitsExFromEngine    REG_BINARY    2000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\Features\Controls
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\Features\EcsConfigs
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\Features\Troubleshooting
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\Features\UpdateControl

Link to post
Share on other sites
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

We do set Malwarebytes as the default Antivirus on install for Trial or Activation

 

Please make the following change in Malwarebytes if you're using the Premium or Trial version

  • Please open Malwarebytes. Click on the small gear icon to open the Settings and go to the Security tab.
  • Then turn off "Always register Malwarebytes in the Windows Security Center"
  • Restart the computer

image.png.ced4aa64af4718ab767f579cc39014

 

It is highly unlikely that you need to setup exclusions for Windows Defender, however if you experience any issues, please see the following article and setup exclusions
between Malwarebytes and Windows Defender

 

Malwarebytes for Windows antivirus exclusions list
https://support.malwarebytes.com/hc/en-us/articles/360038522974-Malwarebytes-for-Windows-antivirus-exclusions-list

 

 

 

Link to post
Share on other sites
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

Again though, I would HIGHLY recommend that you do a CLEAN install of Windows

 

I'm going to close your topic as there really is no sign of an infection.

Get a clean install of Windows and stop being paranoid after that point. No harm in learning and staying safe but being paranoid of everything isn't good for you either.

 

Link to post
Share on other sites
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

Clean Install Windows 10 & 11 (2023)
https://answers.microsoft.com/en-us/windows/forum/all/clean-install-windows-10-11-2023/1c426bdf-79b1-4d42-be93-17378d93e587

Also, please review the following topic

Bypass Microsoft Online Account Creation during installation of Windows 11
https://forums.malwarebytes.com/topic/296613-bypass-microsoft-online-account-creation-during-installation-of-windows-11/

Link to post
Share on other sites
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

As for the errors in the LAN/WAN image you showed. You would need to check the Router/Modem and verify with your ISP what is going on.

It could be due to wrong driver settings on Windows or it could be something on their end. In either case you may simply need a technician physically come out to your home and assist you.

 

Link to post
Share on other sites
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread.

Please review the following to help you better protect your computer and privacy Tips to help protect from infection

Thank you

 

 

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.