Attacked

Maxi24:

to bad no hit, not sure i am happy or not with that result....

for reassurance...
Maybe, ask Malwarebytes Community to check your machine. 
Just share what happened same as you've shared in opening post. 

Sounds like Norton did it's job.  

Maxi24:

Tried to sign-up for malwarebytes forum but for some reason i am not allowed to use my email.... :/

IDK...I've been Malwarebytes Community member ... years.

If you know the address with .biz that you landed on. 
Please share address with me in private message.  

may be related:

How to Remove Di1.biz Pop-up Ads (Virus Removal Guide)
https://malwaretips.com/blogs/how-to-remove-di1-biz-pop-up-ads-virus-removal-guide/

Maxi24:

1) How to put the address in the autoblock, in my case the the box is blank?

2) Also after a successful scan of malware bytes, i see in norton history that malwarebytes has unauthorized acces blocked to some process files(transelation?), i think norton blocks it. can this effect results?

1) Intrusion AutoBlock address auto populates on Intrusion event.   
2) You may temporarily disable Norton Auto-Protect during Malwarebytes on-demand scan. 
You may temporarily disable Norton Product Tamper Protection during Malwarebytes on-demand scan.
If you were running Malwarebytes Premium real-time.  Malwarebytes suggests adding mutual exclusions. 

I doubt Norton Product Tamper Protection will interfere with Malwarebytes on-demand scan.  

The Unauthorized Access Blocked messages in your security history are logged by Norton Product Tamper Protection when an executable file attempts to read/write/edit/delete a Norton file.  Common Windows processes like svchost.exe, taskmgr.exe, dfrgntfs.exe, etc. as well as executable from third-party software will cause an Unauthorized Access Blocked message to be logged if they touch a file from your Norton installation. Please see post <here> in the Product Suggestions board regarding logging of these blocks. (credit Imacri)

Norton Product Tamper Protection events are not reports of malware.  Unauthorized Access Blocked (Access Process Data) messages in your security history are not reports of malware.  The most common Norton Product Tamper Protection log entries are legitimate Windows processes that Norton is preventing from accessing Norton files or processes.  

Norton Product Tamper Protection events are normal, as legitimate programs and Windows processes frequently try to access Norton files or processes.  Norton blocks attempts by outside agents - even legitimate Windows processes.  There is no need to do anything.  No need to scan with a third-party anti-malware program, no need to change services settings.  These events are not attacks.  They can be ignored.  Unless the actor in the logs is an actual malicious process that does not belong on your PC, these events are totally harmless and routine. (credit SendOfJive)

Maxi24:

Thx for the info, one stupid question. wether its on my system or not. can't i simply putchange my pc to factory settings? clean install...

My urging would be to ask Malwarebytes Forum for reassurance. 

Have you reviewed: 
How to Remove Di1.biz Pop-up Ads (Virus Removal Guide)
https://malwaretips.com/blogs/how-to-remove-di1-biz-pop-up-ads-virus-removal-guide/

Are you sensing odd machine behavior since Norton event? 

After installing Malwarebytes, you’ll be prompted to select between the Free and the Premium version. The Malwarebytes Premium edition includes preventative tools like real-time scanning and ransomware protection, however, we will use the Free version to clean up the computer.
Click on “Use Malwarebytes Free“.

https://malwaretips.com/blogs/scan-malwarebytes-anti-malware-2-0/ 

Maxi24:

In my history there are still keep lines popping up devices using "networkrecources" after each line "firewall updated" like now again "system settings": immersive control panel.

https://www.file.net/process/systemsettings.exe.html 

Maybe, your machine has Immersive Reader?
https://www.thewindowsclub.com/how-to-uninstall-immersive-reader-in-windows-10
Note: thewindowsclub.com has ads

Learning Tools -> Immersive Reader
https://support.microsoft.com/en-us/topic/learning-tools-eff7f7e3-7e21-42f0-a6f1-da7027f98261#Category=Reading

Sure, wish you'd get sign'd up at Malwarebytes Community. 
Malwarebytes Community has helpful experts. 

Maxi24:

When i try to sign-up it sayit says "You are not allowed to use that email address on this site." they have something against Hotmail accounts?

@Maxi24
Please check your Norton Community Inbox.  I sent you PM regarding "something against Hotmail accounts". 
Thanks

Maxi24:

So i hope it fixed it. Let see what happens tomorrow. fingers crossed.

My urging stands. 
Regards w Respect 

PLEASE STOP LOOKING AT THE NORTON FIREWALL LOGS.  These are all things that Norton has already vetted and handled appropriately.  Your PC knowledge may be limited, as you said, but Norton's is not.  You are creating a lot of unnecessary work for yourself and run the risk of accidentally removing something that your computer needs to work correctly.  For example, the attack source, Firefox, only means that a website was launching the attack through your Firefox browser, not that the browser was the attacker.  There are also a lot of weirdly named processes and unfamiliar network connections that you will see and not be able to know if they are legitimate or not.  Norton does know and it will protect you from anything that is malicious.  Once you have gained more experience with your computer, and have learned how Norton responds to various things, you will be better able to tell what is normal and what is something that is out of the ordinary. 

Maxi24:

Yes i use 3 extension for many many years.
- Norton Safe Web
- ublock Origin
- Adblock Plus 

Interesting combo / duplicate filters?
Curious, do you allow Adblock Plus Acceptable Ads?
Curious what caused your "intrusion attempt"? 

Web Push notifications in Firefox
https://support.mozilla.org/en-US/kb/push-notifications-firefox
Curious, whether some default Firefox setting caused your "intrusion attempt"?

Thanks

Maxi24:

Still can't log in on malwarebytes.

Please check your Norton Community Inbox. 

lmacri:

Hi Maxi24:
Are you saying that you can't create a user account on the Malwarebytes forum

Maxi24 created a user account and posted on the Malwarebytes forum.
https://forums.malwarebytes.com/topic/286814-cant-find-di10-biz-threat/ 

Thanks

Maxi24:
what do they mean?

They mean Norton Smart Firewall is doing its job. 

Learn more about Norton Smart Firewall
Please review: https://support.norton.com/sp/en/us/norton-360-deluxe/current/solutions/v1027911

Please review your Norton Traffic Rules (vertical scrollbar)

Maybe, your Network Trust Level is Public
Your computer will be protected from known attacks and all unexpected traffic
Norton recommends this setting if you are not sharing your computer's folders, printers or media 

Network Trust settings
A network typically consists of computers and other devices that share your Internet connection. Network Trust is the trust level set for the network connection to your computer. The trust level determines the default level of access that devices on your network have to your computer. Any device on your network that is not explicitly Trusted or Restricted uses the trust level of your network.
Norton automatically sets trust level for a network based on the configuration of your computer.

Please review: https://support.norton.com/sp/en/us/norton-360-deluxe/current/solutions/v10027746

~~~
Category: Firewall - Activities
Date & Time,Risk,Activity,Status,Recommended Action,Category,Program Name,Program Path,Default Action,Action Taken,Local Computer,Traffic Description
6/2/2022 5:32:37 PM,Info,User logged in.  ,Detected,No Action Required,Firewall - Activities,,,,,,
6/2/2022 5:30:58 PM,Info," Rule \"Default Block Microsoft Windows 2000 SMB \" rejected  TCP(6)  traffic with  (::0  Port (0) )",Detected,No Action Required,Firewall - Activities,,,,,,
6/2/2022 5:30:57 PM,Info," Rule \"Default Block Windows File Sharing \" rejected  TCP(6)  traffic with  (0.0.0.0  Port (0) )",Detected,No Action Required,Firewall - Activities,,,,,,
6/2/2022 5:30:56 PM,Info," Rule \"Default Block EPMAP\" rejected  TCP(6)  traffic with  (::0  Port (0) )",Detected,No Action Required,Firewall - Activities,,,,,,
6/2/2022 5:30:56 PM,Info," Rule \"Default Block EPMAP\" rejected  TCP(6)  traffic with  (0.0.0.0  Port (0) )",Detected,No Action Required,Firewall - Activities,,,,,,
6/2/2022 5:30:45 PM,Info,Firewall rules updated  ,Detected,No Action Required,Firewall - Activities,,,,,,
6/2/2022 4:25:11 PM,Info,No user is logged in.  ,Detected,No Action Required,Firewall - Activities,,,,,,
6/2/2022 3:44:20 PM,Info," Rule \"Default Block Windows File Sharing \" rejected  TCP(6)  traffic with  (0.0.0.0  Port (0) )",Detected,No Action Required,Firewall - Activities,,,,,,
6/2/2022 3:44:10 PM,Info," Rule \"Default Block Windows File Sharing \" rejected  TCP(6)  traffic with  (0.0.0.0  Port (0) )",Detected,No Action Required,Firewall - Activities,,,,,,

~~~
How threat actors are using SMB vulnerabilities
Please review: https://blog.malwarebytes.com/101/2018/12/how-threat-actors-are-using-smb-vulnerabilities/

As a general observation, everything in the history logs sounds bad - but isn't.  The logs are not an action list of things that the user needs to respond to - they are just a record of all the activities that Norton performs in the normal course of business.  if your attention is needed concerning some event, Norton will alert you at the time that it actually happens.  Don't be concerned about stuff in the logs.

The "Block WIndows FIle Sharing" rule prevents outside computers from accessing the files on your computer, and is the default for systems where file and printer sharing is not enabled.  If your computer is set up to share on your network, then Norton will use a rule that allows WIndows File Sharing to supercede the block rule.  Obviously, blocking is always safer, but is not something you want if sharing between computers on your network is necessary, as it is for many families and organizations.  In many cases the default block rule events in your history logs are related to internal system communications, and so would be nothing to worry about anyway.  
(credit SendOfJive)

https://community.norton.com/en/comment/3320753#comment-3320753 

SendOfJive:

LOL, I wrote that?  Pretty good!

Yes, SendOfJive is a writer.  

A technical writer is a professional information communicator whose task is to transfer information between two or more parties, through any medium that best facilitates the transfer and comprehension of the information. 

... technical writers take advanced technical concepts and communicate them as clearly, accurately, and comprehensively as possible ...

https://en.wikipedia.org/wiki/Technical_writer

https://whatosgoingon.biz/

https://safeweb.norton.com/report/show?url=http://whatosgoingon.biz = Caution -> Scam/Questionable Legality | Suspicious 

https://safeweb.norton.com/report/show?url=https://whatosgoingon.biz = Caution -> Scam/Questionable Legality | Suspicious 

-------------------------

Scam/Questionable Legality

Content includes but is not limited to the promotion of get rich quick plans, shady work-from-home opportunities, pay-to-surf, Ponzi schemes and sites offering counterfeit goods for sale. Encompasses sites that facilitate plagiarism by selling questionable educational materials such as term papers. Offering unscrupulous advice such as how to avoid detection by law enforcement or other regulatory bodies or advice on how to contravene prevailing laws or skirt societal standards also fits into this category.

Category Group  Legal Liability

-----------------------------

Suspicious

Sites considered to have suspicious content and/or intent that poses an elevated security or privacy risk. This categorization is determined by analysis of web reputation factors. Also includes sites that are part of the Web and email spam ecosystem. If a site is determined to be clearly malicious or benign, it will be placed in a different category.

Category Group  Security

Category Subgroup  Security Concerns

Maxi24:
Didn't know its so easy to get redirected to a malicious site when the adress is https, verified and and also get a norton safe web green icon.I asumed its relative safe....

Care to share the domain/name of the https site?