SVCHOST.EXE process with URL:MAL infection

Hi

Built a new pc 2 or 3 weeks ago, have had avast installed the entire time.

In the last week or two, I have been getting occasional viruses blocked in my svhost.exe file.

They are the usual suspects as below:

URL:http://simplesitescan.net/4141/LighterInit_142669556111830.dll
Infection: URL:Mal
Process: C:\Windows\System32\svchost.exe

URL:http://alwaysisobar.com/4141/CutterGeneration_142669028208336.dll
Infection: URL:Mal
Process: C:\Windows\System32\svchost.exe

URL:http://bestdriverstar.net/4141/CutterSystem_142669222915982.dll
Infection: URL:Mal
Process: C:\Windows\System32\svchost.exe

Malware bytes didn’t find anything major and i noticed that anytime this question is brought up there is a big warning not to follow the advice in it due to it being tailored to the individual’s machine.

So can someone help me clear this up?

Edit:
It seems that it may have something to do with Nord VPN, as it happens a lot more frequently if I am connected to the vpn.

Attach your basic diagnostic logs. (MBAM, FRST and aswMBR)
Instructions: https://forum.avast.com/index.php?topic=53253.0

Hi Asyn,

Attached as requested.

OK, now you’ve to wait a bit…

https://sites.google.com/site/cannedfixes/farbar-recovery-scan-tool/FRST.gif
Fix with Farbar Recovery Scan Tool

https://sites.google.com/site/cannedfixes/home/hosted-images-formatting/icon_exclaim.gif
[B] This fix was created for this user for use on that particular machine.
https://sites.google.com/site/cannedfixes/home/hosted-images-formatting/icon_exclaim.gif

https://sites.google.com/site/cannedfixes/home/hosted-images-formatting/icon_exclaim.gif
Running it on another one may cause damage and render the system unstable.
https://sites.google.com/site/cannedfixes/home/hosted-images-formatting/icon_exclaim.gif
[/B]

Download attached fixlist.txt file and save it to the Desktop:

Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!

[*]Right-click on
https://sites.google.com/site/cannedfixes/farbar-recovery-scan-tool/FRST.gif
icon and select
https://sites.google.com/site/cannedfixes/home/hosted-images-tools/RunAsAdmin.jpg
Run as Administrator to start the tool.
(XP users click run after receipt of Windows Security Warning - Open File).
[*]Press the Fix button just once and wait.
[*]If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
[*]When finished FRST will generate a log on the Desktop, called Fixlog.txt.

Please attach it to your reply.

Hi Eagle,

Attached as requested.

Good. How is your PC behaving now?

Ni Issues so far, thanks for the help.

Post-cleanup procedures:

Download DelFix by Xplode and save it to your desktop.

[*]Run the tool by right click on the
http://www.imgdumper.nl/uploads6/51a5ce45267c1/51a5ce45263de-delfix.png
icon and Run as administrator option.
[*]Make sure that these ones are checked:

[]Remove disinfection tools
[
]Purge system restore
[*]Reset system settings

[*]Push Run and wait until the tool completes his work.
All tools we used should be gone. Tool will create an report for you (C:[B]DelFix.txt)

The tool will also record healthy state of registry and make a backup using ERUNT program in %windir%\ERUNT\DelFix
Tool deletes old system restore points and create a fresh system restore point after cleaning.