Syu_z
-
Posts
6 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Posts posted by Syu_z
-
-
That is good news. There is nothing else. Thank you so much, Aura!
-
-
Hi Aura,
Thanks for your response. Unfortunately, my MalwareByte trial expired a few days ago. So, even if I ran the fixlist, I will not get the pop up notification anyway because my real time protection is gone (I assume that block is due to real time protection). I was hoping this was resolved before it expired so I can see if it works. Is there a chance to extend my trial for a few more days so I can evaluate it more fully from this experience?Anyway, to report what happened after the fixlist is ran.
There is no report that the fix has been completed. There is, however, a white pop up with no words inside, which only has the OK option and once clicked, restarted my computer automatically.
Attached is the fixlog.
Thanks Josh_tBone for trying to help, btw. Appreciate it. -
-
History:
I was infected not too long ago and downloaded Malwarebytes trial to clean it up. Infections are quarantined and removed. Re-run the scan multiple times after, nothing found. There are still occasional pop up on website blocked. Here are the reports from Malwarebytes:
Malwarebytes
www.malwarebytes.com-Log Details-
Protection Event Date: 5/19/17
Protection Event Time: 9:25 AM
Log File:
Administrator: Yes-Software Information-
Version: 3.1.2.1733
Components Version: 1.0.122
Update Package Version: 1.0.1970
License: Trial-System Information-
OS: Windows 10
CPU: x64
File System: NTFS
User: System-Blocked Website Details-
Malicious Website: 1
, , Blocked, [-1], [-1],0.0.0-Website Data-
Domain: d2buh1bf1g584w.cloudfront.net
IP Address: 52.85.133.135
Port: [52170]
Type: Outbound
File: C:\Windows\System32\msiexec.exe(end)
Another instance:
Malwarebytes
www.malwarebytes.com-Log Details-
Protection Event Date: 5/20/17
Protection Event Time: 12:25 PM
Log File:
Administrator: Yes-Software Information-
Version: 3.1.2.1733
Components Version: 1.0.122
Update Package Version: 1.0.1980
License: Trial-System Information-
OS: Windows 10
CPU: x64
File System: NTFS
User: System-Blocked Website Details-
Malicious Website: 1
, , Blocked, [-1], [-1],0.0.0-Website Data-
Domain: d2buh1bf1g584w.cloudfront.net
IP Address: 54.230.141.44
Port: [54283]
Type: Outbound
File: C:\Windows\System32\msiexec.exe(end)
It happens multiple times, about every 3-4 hours. The website blocked is always the same. Port and IP address varies.
Help would be much appreciated. On a side note, I really like Malwarebytes since it caught many things that my antivirus did not. Keep up the good job!
EDIT: uploaded the Farbar Recovery Scan Tool results
Website blocked (Cloudfront) from msiexec
in Resolved Malware Removal Logs
Posted
# DelFix v1.013 - Logfile created 29/05/2017 at 08:52:50
# Updated 17/04/2016 by Xplode
# Username : Syu - SYU-PC
# Operating System : Windows 10 Pro (64 bits)
~ Activating UAC ... OK
~ Removing disinfection tools ...
~ Creating registry backup ... OK
~ Cleaning system restore ...
Deleted : RP #7 [End of disinfection | 05/29/2017 00:50:10]
New restore point created !
~ Resetting system settings ... OK
########## - EOF - ##########
I forgot to copy paste when I ran it the first time. I thought it will create a log. This is the second run.
I think the difference is, it deleted the adwcleaner, FRST, mbar for the removing disinfection tools, and it deleted one system restore called UXThemePatcher (which is a tool to theme windows).
Thanks for all the tips!