Jump to content
JeSuisFame

daws.azurewebsites.net and stannum-sub.azurewebsites.net

Recommended Posts

I'm getting the same constant MWB site blocks.  I have 55 blocks in the last hour, 3 for the "stannum-sub" at the beginning and the remaining 52 for the "daws".

I first tried running the newest update of "AdwCleaner" and after three tries I gave up because each time, after finding 3 - 1 problems, it gives me a Dell blue screen of death and tells me that a critical process died, collects data, and then I have to power-restart twice each time to get my Windows 10 system back up.  (At least it's coming back up ... for now.)

I ran a full MWB Premium scan, including rootkits, and it comes back clean with zero threats detected.  I'm not trying AdwCleaner again, as I am pretty sure it's just going to crash my system again ... BTW, that is the first time I've ever had a crash or issue with AdwCleaner and I've been using it for years.

Now, I'm going to try running MWB's JRT.

Any advice of what else to do??? 

Also,  I'm guessing from some other discussions I'm seeing that there's a chance I picked this up either on Drudge, Yahoo Mail (AT&T) or on Daily Caller.  That is where I was online before this started.

Share this post


Link to post
Share on other sites

Me too. I've had concerns because it just happens that I had a Dell pc techician come to my home to fix my computer this week. Hence the MWB flag is particularly disturbing for me.

Malwarebytes
www.malwarebytes.com

-Log Details-
Protection Event Date: 7/28/17
Protection Event Time: 11:22 AM
Log File: 
Administrator: Yes

-Software Information-
Version: 3.1.2.1733
Components Version: 1.0.160
Update Package Version: 1.0.2452
License: Premium

-System Information-
OS: Windows 10 (Build 14393.351)
CPU: x64
File System: NTFS
User: System

-Blocked Website Details-
Malicious Website: 1
, , Blocked, [-1], [-1],0.0.0

-Website Data-
Domain: stannum-sub.azurewebsites.net
IP Address: 191.238.240.12
Port: [52494]
Type: Outbound
File: C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe

(end)

 

f

Edited by Yas

Share this post


Link to post
Share on other sites

Having the exact same problem over here with both of these - I also own a Dell.  I've been to Daily Caller recently and I still use Yahoo Mail, so maybe Stanleycat's on to something.  Hoping it's a false positive, though.

Share this post


Link to post
Share on other sites

Here are my results from my Malwarebytes Junk Removal Tool (JRT) scan/clean:

File System: 1

Successfully deleted: C:\WINDOWS\system32\Tasks\PCDEventLauncherTask (Task)

Registry: 1

Successfully deleted: HKLM\SYSTEM\CurrentControlSet\services\0211241500484558mcinstcleanup (Registry Key)


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Thu 07/27/2017 at 20:37:17.05
End of JRT log

Share this post


Link to post
Share on other sites

To "tfnine" ... It was actually me that reported that I have found some hits on this with Drudge and Yahoo Mail specifically mentioned.  I added Daily Caller, as I've been there more than any other site today and they use that "Outbrain" source hosting site that also is known and reported as carrying malicious viruses recently.

Share this post


Link to post
Share on other sites

Hello, 

This is being fixed corrected now. There was a link on a sub-domain leading to a paypal phish. 

Edited by Zynthesist

Share this post


Link to post
Share on other sites

Thank you Zynthesist. That is a relief. Not good about the PayPal phishing though (:O !) . Cheers.

Share this post


Link to post
Share on other sites

So, Zynthesist .... Should I take from your response that 1) the web blocks from my MWB Premium are a mistake and being fixed, and 2) that my system blue screens with AwdCleaner is a separate issue, (which would be nice to know, because I've had viruses attempt to disable your software before ... so far they haven't succeeded well), and that I should track the specific thread dealing with the AdwCleaner 7.0.0.0 release separately?

I'd appreciate confirmation on both of those questions.

Thank you for being here to help and being so responsive.  We appreciate that very much.

 

 

 

 

Share this post


Link to post
Share on other sites

Hi. Yes JeSuisFame I'm getting the daws.azurewebsites.net blocking too now. Thank you very much Zynthesist for looking into this error and for being so prompt. Very much appreciated :) . Cheers.

Malwarebytes
www.malwarebytes.com

-Log Details-
Protection Event Date: 7/28/17
Protection Event Time: 12:45 PM
Log File: 
Administrator: Yes

-Software Information-
Version: 3.1.2.1733
Components Version: 1.0.160
Update Package Version: 1.0.2452
License: Premium

-System Information-
OS: Windows 10 (Build 14393.351)
CPU: x64
File System: NTFS
User: System

-Blocked Website Details-
Malicious Website: 1
, , Blocked, [-1], [-1],0.0.0

-Website Data-
Domain: daws.azurewebsites.net
IP Address: 191.238.8.26
Port: [49813]
Type: Outbound
File: C:\Program Files\Dell\Dell Product Registration\PRSvc.exe

(end)

Edited by Yas

Share this post


Link to post
Share on other sites

I have been receiving the outbound notifications on Netflix since 3:09 pm pacific time. I just received my most recent one now at 7:49 pm. On netflix it was just the stanum-sub, but since I've been reading this forum and registering to comment I am receiving daws and otbs, about 40 notifications in all. By the way I have a fairly new Windows 10 Dell Inspiron 15 5000 laptop. I hope this gets fixed as it is becoming a real problem 

Share this post


Link to post
Share on other sites

If you are running MBAM 2 - please ensure you have database 

v2017.07.28.01

MBAM 3 updates are still in progress. I'll reply again which package version you need.

 

Share this post


Link to post
Share on other sites
4 minutes ago, blender said:

Definitions will be released in about 20 minutes to fix this.

Thanks Blender and Zynthesist. I'm sure I speak for most when I say we can tell you are working hard to resolve this issue. Your efforts are very much appreciated. Cheers :) .

Edited by Yas

Share this post


Link to post
Share on other sites

Current Publication Information 

MBAM2 Version: v2017.07.28.01
MBAM3 Version: 1.0.2453
 
Please ensure your databases are up to date. This should fix this web blocking issue.

Share this post


Link to post
Share on other sites

Still having this issue. I have MBAM3 Version 1.0.2453  Not as frequent, but still popping up

 

Edited by sturgis

Share this post


Link to post
Share on other sites

Same here, the problem persists with the latest package...

 

-Log Details-
Protection Event Date: 7/27/17
Protection Event Time: 10:51 PM
Log File: 
Administrator: Yes

-Software Information-
Version: 3.1.2.1733
Components Version: 1.0.160
Update Package Version: 1.0.2453
License: Premium

-System Information-
OS: Windows 10 (Build 14393.1480)
CPU: x64
File System: NTFS
User: System

-Blocked Website Details-
Malicious Website: 1
, , Blocked, [-1], [-1],0.0.0

-Website Data-
Domain: stannum-sub.azurewebsites.net
IP Address: 191.238.240.12
Port: [51908]
Type: Outbound
File: C:\Program Files\Alienware\Dell Foundation Services\DFSSvc.exe

(end)

Share this post


Link to post
Share on other sites
22 minutes ago, sturgis said:

Still having this issue. I have MBAM3 Version 1.0.2453  Not as frequent, but still popping up

 

Me too. I have MWB 3 1.0.2453. Please view attached details FYI. Cheers.

MWB3 version 1.0.2453.pdf

Share this post


Link to post
Share on other sites

Let's try this again.
azurewebsites block should be fixed in:
Current Publication Information 
MBAM2 Version: v2017.07.28.02
MBAM3 Version: 1.0.2454

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.