Author Topic: Url:Mal - svchost.exe  (Read 2229 times)

0 Members and 1 Guest are viewing this topic.

Offline Gpt306

  • Newbie
  • *
  • Posts: 5
Url:Mal - svchost.exe
« on: July 01, 2015, 10:18:30 PM »
Buonasera,
mi unisco alla schiera di altri che hanno avuto lo stesso problema prima di me.
Come da oggetto da un po' di tempo Avast mi segnala un alert per una minaccia rilevata sul processo C:\Windows\System32\svchost.exe per i seguenti siti:
hxxp://bestdriverstar.net/4242/IncrementModule_142667006342467.dll
hxxp://alwaysisobar.com/4242/TrimModule_142668815531606.dll
hxxp://opticguardzip.net/4242/SustainerPlus_142669299589827.dll

Ho Windows 7 HP e ho effettuato uno scan con Avast 2105.10.2.2218, poi ho usato ADWcleaner, JRT, Malwarebites e HitMan Pro.
Le prime scansioni hanno trovato ed eliminato dei file ma il problema continuava. Ora non rilevano più nulla ma gli alert continuano.
Seguendo dei post simili, ho scaricato Farbar e allego i due file log (sperando di non aver sbagliato nulla), sperando mi possiate aiutare.
Grazie mille.
« Last Edit: July 03, 2015, 09:30:25 PM by Gpt306 »

Offline giogio

  • Avast Evangelist
  • Massive Poster
  • ***
  • Posts: 4113
Re: Url:Mal - svchost.exe
« Reply #1 on: July 02, 2015, 08:32:12 AM »
Ciao,
ho chiesto ad un malware remover specialist di controllare i tuoi log.
Spero ti risponda in giornata
Prima di scrivere sul forum per favore leggi le istruzioni qui https://forum.avast.com/index.php?topic=144453.0
Non inviatemi MP per supporto,grazie-No support PM please
Home: E8400-4GB RAM-500GB HDD-Win10.0.15063x64-Avast! Free 17.3.2291-CryptoPrevent-MBAM 2.2free-Chrome 57(uBlock origin)-TB52
Work: i5-2400-4GB RAM-500GB HDD-Win 7sp1x64-Avast!Business Security 12.3.2515,     
Cloud Console 2.18
-FF52-TB52

Offline Gpt306

  • Newbie
  • *
  • Posts: 5
Re: Url:Mal - svchost.exe
« Reply #2 on: July 02, 2015, 12:01:31 PM »
Grazie mille giogio.
Buona giornata.

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40627
  • Dragons by Sasha
    • Malware fixes
Re: Url:Mal - svchost.exe
« Reply #3 on: July 02, 2015, 04:26:54 PM »
CAUTION :  This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:
 
Quote
CreateRestorePoint:
RemoveProxy:
EmptyTemp:
CMD: bitsadmin /reset /allusers

 
Save this as fixlist.txt, in the same location as FRST.exe

Run FRST and press Fix
On completion a log will be generated please post that

THEN

Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan.
  • After the scan is complete click on "Clean"
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S0].txt as well.

Offline Gpt306

  • Newbie
  • *
  • Posts: 5
Re: Url:Mal - svchost.exe
« Reply #4 on: July 02, 2015, 09:42:46 PM »
Here they are...
Thank you for your help.

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40627
  • Dragons by Sasha
    • Malware fixes
Re: Url:Mal - svchost.exe
« Reply #5 on: July 02, 2015, 10:55:31 PM »
Have the alerts now ceased ?

Offline Gpt306

  • Newbie
  • *
  • Posts: 5
Re: Url:Mal - svchost.exe
« Reply #6 on: July 03, 2015, 09:29:52 PM »
Yes essexboy, it works!
No more alerts since yesterday.
Thank you so much, I really did appreciate your help.
I wish you a pleasant weekend! ;)
Thanks.
Bye!


Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40627
  • Dragons by Sasha
    • Malware fixes
Re: Url:Mal - svchost.exe
« Reply #7 on: July 03, 2015, 09:38:50 PM »
Remove tools

Download and run Delfix
Select the options as shown


Offline Gpt306

  • Newbie
  • *
  • Posts: 5
Re: Url:Mal - svchost.exe
« Reply #8 on: July 03, 2015, 10:01:46 PM »
Done.
Thank you!