I’m having roughly the same problem as this person: https://forum.avast.com/?topic=164547.0

It isn’t always from the same domain but reduled.info was the most recent one. I ran MBAM and it found nothing. This seems to always happen to me when I plug in or disconnect my ethernet cord (I use my laptop to bridge internet to my Xbox 360). I still get the notification from Avast even if the Ethernet cord isn’t plugged into anything on the other end so I highly doubt it has anything to do with my Xbox. If this is only a FP is there some way to stop Avast from warning me about all these different URLs? Also I uploaded svchost.exe to virustotal and it found nothing. Thanks in advance.

I’ve attached several logs as recommended by https://forum.avast.com/index.php?topic=53253.0

P.S. I have aswMBR running but it is scanning one item every few minutes. So I’ll upload the log from that if needed when it is complete.

Could you let me know if this stops it

CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:

CreateRestorePoint: CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled. ProxyServer: [.DEFAULT] => http=127.0.0.1:60991;https=127.0.0.1:60991 ProxyServer: [S-1-5-21-2910839485-599712995-3230379840-1001] => http=127.0.0.1:60991;https=127.0.0.1:60991 CHR HomePage: Default -> hxxp://www.v9.com/?type=hppp&ts=1403400773&from=amt&uid=TOSHIBAXMQ01ABF032_14AUT2YZTXX14AUT2YZT&i=psd&t=3447df6bb 2014-12-28 23:23 - 2014-12-28 23:23 - 00000144 _____ () C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat EmptyTemp: CMD: bitsadmin /reset /allusers

Save this as fixlist.txt, in the same location as FRST.exe

https://dl.dropboxusercontent.com/u/73555776/FRSTfix.JPG

Run FRST and press Fix
On completion a log will be generated please post that

Didn’t seem to fix it. This time the URL in question was hxxp://blackled.info/2828/PathModule_142088159818136.dll

It made Avast go off 15 times in a row… as usual. Here is the fixlog if needed.

Edit: though I no longer see threats from the old domain I mentioned in my OP.
Edit2: Also saw one from reddie.net
Edit3: This is what I typically see every time I plug or unplug my Ethernet cable. (Untitled.png)

Something a bit iffy with that fix. Could you download a fresh copy of FRST and run the fix again

Please download Farbar Recovery Scan Tool and save it to your Desktop.

You were right. Seems like it didn’t run correctly the first try. This time it ran and restarted my PC. I no longer see any messages from Avast. Thank you all so much. Just for future reference can somebody tell me what was wrong? FP? Virus that infected svchost?

Also I uploaded the new fixlog. But I’m pretty sure the problem has been solved.

It was a little bit of adware that added a task to the windows BITs jobs

FRST cleared them out for you

Any further problems before I tidy up ?