Hey All,
Let me start by saying I appreciate any help given! A few days ago I started getting a message saying threat secured/ aborted connection on 172.86.120. 188 infected with URL:MAL.
Threat name: URL:Mal
URL: http:172.86.120.188/current/runtime.exe
Process C:\windows\system32\svchost.exe
Detected by Web Shield
Status Connection aborted
I think I followed the instructions in the sticky post and included my log files. Again, any help will be greatly appreciated!!!