Jump to content

daws.azurewebsites.net and stannum-sub.azurewebsites.net


JeSuisFame

Recommended Posts

I'm getting the same constant MWB site blocks.  I have 55 blocks in the last hour, 3 for the "stannum-sub" at the beginning and the remaining 52 for the "daws".

I first tried running the newest update of "AdwCleaner" and after three tries I gave up because each time, after finding 3 - 1 problems, it gives me a Dell blue screen of death and tells me that a critical process died, collects data, and then I have to power-restart twice each time to get my Windows 10 system back up.  (At least it's coming back up ... for now.)

I ran a full MWB Premium scan, including rootkits, and it comes back clean with zero threats detected.  I'm not trying AdwCleaner again, as I am pretty sure it's just going to crash my system again ... BTW, that is the first time I've ever had a crash or issue with AdwCleaner and I've been using it for years.

Now, I'm going to try running MWB's JRT.

Any advice of what else to do??? 

Also,  I'm guessing from some other discussions I'm seeing that there's a chance I picked this up either on Drudge, Yahoo Mail (AT&T) or on Daily Caller.  That is where I was online before this started.

Link to post
Share on other sites

Me too. I've had concerns because it just happens that I had a Dell pc techician come to my home to fix my computer this week. Hence the MWB flag is particularly disturbing for me.

Malwarebytes
www.malwarebytes.com

-Log Details-
Protection Event Date: 7/28/17
Protection Event Time: 11:22 AM
Log File: 
Administrator: Yes

-Software Information-
Version: 3.1.2.1733
Components Version: 1.0.160
Update Package Version: 1.0.2452
License: Premium

-System Information-
OS: Windows 10 (Build 14393.351)
CPU: x64
File System: NTFS
User: System

-Blocked Website Details-
Malicious Website: 1
, , Blocked, [-1], [-1],0.0.0

-Website Data-
Domain: stannum-sub.azurewebsites.net
IP Address: 191.238.240.12
Port: [52494]
Type: Outbound
File: C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe

(end)

 

f

Edited by Yas
Link to post
Share on other sites

Here are my results from my Malwarebytes Junk Removal Tool (JRT) scan/clean:

File System: 1

Successfully deleted: C:\WINDOWS\system32\Tasks\PCDEventLauncherTask (Task)

Registry: 1

Successfully deleted: HKLM\SYSTEM\CurrentControlSet\services\0211241500484558mcinstcleanup (Registry Key)


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Thu 07/27/2017 at 20:37:17.05
End of JRT log

Link to post
Share on other sites

To "tfnine" ... It was actually me that reported that I have found some hits on this with Drudge and Yahoo Mail specifically mentioned.  I added Daily Caller, as I've been there more than any other site today and they use that "Outbrain" source hosting site that also is known and reported as carrying malicious viruses recently.

Link to post
Share on other sites

So, Zynthesist .... Should I take from your response that 1) the web blocks from my MWB Premium are a mistake and being fixed, and 2) that my system blue screens with AwdCleaner is a separate issue, (which would be nice to know, because I've had viruses attempt to disable your software before ... so far they haven't succeeded well), and that I should track the specific thread dealing with the AdwCleaner 7.0.0.0 release separately?

I'd appreciate confirmation on both of those questions.

Thank you for being here to help and being so responsive.  We appreciate that very much.

 

 

 

 

Link to post
Share on other sites

Hi. Yes JeSuisFame I'm getting the daws.azurewebsites.net blocking too now. Thank you very much Zynthesist for looking into this error and for being so prompt. Very much appreciated :) . Cheers.

Malwarebytes
www.malwarebytes.com

-Log Details-
Protection Event Date: 7/28/17
Protection Event Time: 12:45 PM
Log File: 
Administrator: Yes

-Software Information-
Version: 3.1.2.1733
Components Version: 1.0.160
Update Package Version: 1.0.2452
License: Premium

-System Information-
OS: Windows 10 (Build 14393.351)
CPU: x64
File System: NTFS
User: System

-Blocked Website Details-
Malicious Website: 1
, , Blocked, [-1], [-1],0.0.0

-Website Data-
Domain: daws.azurewebsites.net
IP Address: 191.238.8.26
Port: [49813]
Type: Outbound
File: C:\Program Files\Dell\Dell Product Registration\PRSvc.exe

(end)

Edited by Yas
Link to post
Share on other sites

I have been receiving the outbound notifications on Netflix since 3:09 pm pacific time. I just received my most recent one now at 7:49 pm. On netflix it was just the stanum-sub, but since I've been reading this forum and registering to comment I am receiving daws and otbs, about 40 notifications in all. By the way I have a fairly new Windows 10 Dell Inspiron 15 5000 laptop. I hope this gets fixed as it is becoming a real problem 

Link to post
Share on other sites

4 minutes ago, blender said:

Definitions will be released in about 20 minutes to fix this.

Thanks Blender and Zynthesist. I'm sure I speak for most when I say we can tell you are working hard to resolve this issue. Your efforts are very much appreciated. Cheers :) .

Edited by Yas
Link to post
Share on other sites

Same here, the problem persists with the latest package...

 

-Log Details-
Protection Event Date: 7/27/17
Protection Event Time: 10:51 PM
Log File: 
Administrator: Yes

-Software Information-
Version: 3.1.2.1733
Components Version: 1.0.160
Update Package Version: 1.0.2453
License: Premium

-System Information-
OS: Windows 10 (Build 14393.1480)
CPU: x64
File System: NTFS
User: System

-Blocked Website Details-
Malicious Website: 1
, , Blocked, [-1], [-1],0.0.0

-Website Data-
Domain: stannum-sub.azurewebsites.net
IP Address: 191.238.240.12
Port: [51908]
Type: Outbound
File: C:\Program Files\Alienware\Dell Foundation Services\DFSSvc.exe

(end)

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.