system
March 16, 2017, 4:17pm
1
I’ve been getting notifications from Avast about a possible threat:
Object
hxxp://sso.anbtr.com/domain/wpad.work
Infection
URL:Mal
Process
C:\Windows\System32\svchost.exe
It seems to be the same issue as in this thread: https://forum.avast.com/?topic=189484.15
Any help would be greatly appreciated. I’ll attach a malwarebytes report file below
Pondus
March 16, 2017, 4:30pm
2
follow instructions here and attach requested logs >> https://forum.avast.com/index.php?topic=194892.0
Malwarebytes scan log
Farbar Recovery Scan Tool diagnostic logs
system
March 16, 2017, 6:53pm
4
@Pondus I attached the malwarebytes scan log and FRST logs.
Pondus
March 16, 2017, 7:00pm
5
Malware expert is notified, he will probably not be online before tomorrow
Please run the following search with FRST.
Right click on FRST on your desktop and select “Run as Administrator…” When the tool opens click Yes to disclaimer.
Type sso.anbtr.com ;wpad;SearchList into the Search Box.
Press the Search Registry button.
It will produce a log called search.txt or SearchReg.txt in the same directory the tool is run from.
Please attach the log file back here.
system
March 27, 2017, 4:06pm
7
Hi, dbrisendine, I apologize for the lack of response.
I’ve attached the search results.
system
March 28, 2017, 4:37pm
9
Attached the log below.
So I hadn’t seen the popup for a while after my message from a few weeks ago. I did see it DURING the Farbar fix, but I haven’t seen it since, although it’s only been an hour or two. I can let you know if I see it again.
system
March 30, 2017, 3:59pm
10
Hey dbrisendine, I just got a notification for this again when logging in today, this time from Malwarebytes. :-\
Pondus
March 30, 2017, 4:34pm
11
jordanwilliamson70 post:10:
Hey dbrisendine, I just got a notification for this again when logging in today, this time from Malwarebytes. :-\
Do you have a malwarebytes log he can see? … protection log
system
April 3, 2017, 4:28pm
13
Okay, I’ve attached a Malwarebytes log for the protection event, as well as fixlog.txt
Please download Farbar Service Scanner to your desktop and double click on the file to run it.
[*]Make sure the following options are checked:
[*]Internet Services
[*]Windows Firewall
[*]System Restore
[*]Security Center
[*]Windows Update
[*]Windows Defender
[*]Other Services
[*]Press “Scan ”.
[]It will create a log (FSS.txt) in the same directory the tool is run.
[ ]Please copy and paste the log to your reply.