Hi
Built a new pc 2 or 3 weeks ago, have had avast installed the entire time.
In the last week or two, I have been getting occasional viruses blocked in my svhost.exe file.
They are the usual suspects as below:
URL:http://simplesitescan.net/4141/LighterInit_142669556111830.dll
Infection: URL:Mal
Process: C:\Windows\System32\svchost.exe
URL:http://alwaysisobar.com/4141/CutterGeneration_142669028208336.dll
Infection: URL:Mal
Process: C:\Windows\System32\svchost.exe
URL:http://bestdriverstar.net/4141/CutterSystem_142669222915982.dll
Infection: URL:Mal
Process: C:\Windows\System32\svchost.exe
Malware bytes didn’t find anything major and i noticed that anytime this question is brought up there is a big warning not to follow the advice in it due to it being tailored to the individual’s machine.
So can someone help me clear this up?
Edit:
It seems that it may have something to do with Nord VPN, as it happens a lot more frequently if I am connected to the vpn.
Asyn
July 5, 2015, 5:21am
2
Attach your basic diagnostic logs. (MBAM, FRST and aswMBR)
Instructions: https://forum.avast.com/index.php?topic=53253.0
Asyn
July 5, 2015, 6:04am
4
OK, now you’ve to wait a bit…
https://sites.google.com/site/cannedfixes/farbar-recovery-scan-tool/FRST.gif
Fix with Farbar Recovery Scan Tool
https://sites.google.com/site/cannedfixes/home/hosted-images-formatting/icon_exclaim.gif
[B] This fix was created for this user for use on that particular machine.
https://sites.google.com/site/cannedfixes/home/hosted-images-formatting/icon_exclaim.gif
https://sites.google.com/site/cannedfixes/home/hosted-images-formatting/icon_exclaim.gif
Running it on another one may cause damage and render the system unstable.
https://sites.google.com/site/cannedfixes/home/hosted-images-formatting/icon_exclaim.gif
[/B]
Download attached fixlist.txt file and save it to the Desktop:
Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!
[*]Right-click on
https://sites.google.com/site/cannedfixes/farbar-recovery-scan-tool/FRST.gif
icon and select
https://sites.google.com/site/cannedfixes/home/hosted-images-tools/RunAsAdmin.jpg
Run as Administrator to start the tool.
(XP users click run after receipt of Windows Security Warning - Open File).
[*]Press the Fix button just once and wait.
[*]If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
[*]When finished FRST will generate a log on the Desktop, called Fixlog.txt .
Please attach it to your reply.
Good. How is your PC behaving now?
system
July 6, 2015, 10:41am
8
Ni Issues so far, thanks for the help.
Post-cleanup procedures:
Download DelFix by Xplode and save it to your desktop.
[*]Run the tool by right click on the
http://www.imgdumper.nl/uploads6/51a5ce45267c1/51a5ce45263de-delfix.png
icon and Run as administrator option.
[*]Make sure that these ones are checked:
[]Remove disinfection tools
[ ]Purge system restore
[*]Reset system settings
[*]Push Run and wait until the tool completes his work.
All tools we used should be gone. Tool will create an report for you (C:[B]DelFix.txt )
The tool will also record healthy state of registry and make a backup using ERUNT program in %windir%\ERUNT\DelFix
Tool deletes old system restore points and create a fresh system restore point after cleaning.