Mam problem z wirusem w pliku svchost. Nijak to wpływa na prace komputera ale co jakiś czas Avast “wariuje” wyświetlając komunikaty o wirusie w tym pliku.
Bardzo proszę o pomoc 
Addition http://wklej.to/qIEWV
Shortcut http://wklej.to/oj8pn
Otwórz notatnik systemowy i wklej:
CloseProcesses:
Task: C:\Windows\Tasks\Periodic Synchronize Task.job => c:\programdata\{4083179e-061f-aaf5-4083-3179e0615e78}\hqghumeaylnlf.exe <==== ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.istartsurf.com/web/?type=ds&ts=1432625403&z=a4d3d8b82b1f22226b81e4egaz4c9o5q3o0wac8t1t&from=obw&uid=HGSTXHTS545050A7E680_RBF50AM50X503P0X503PX&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.istartsurf.com/web/?type=ds&ts=1432625403&z=a4d3d8b82b1f22226b81e4egaz4c9o5q3o0wac8t1t&from=obw&uid=HGSTXHTS545050A7E680_RBF50AM50X503P0X503PX&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.istartsurf.com/web/?type=ds&ts=1432625403&z=a4d3d8b82b1f22226b81e4egaz4c9o5q3o0wac8t1t&from=obw&uid=HGSTXHTS545050A7E680_RBF50AM50X503P0X503PX&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.istartsurf.com/web/?type=ds&ts=1432625403&z=a4d3d8b82b1f22226b81e4egaz4c9o5q3o0wac8t1t&from=obw&uid=HGSTXHTS545050A7E680_RBF50AM50X503P0X503PX&q={searchTerms}
HKU\S-1-5-21-2387574662-845847029-2344718013-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2387574662-845847029-2344718013-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM -> {9EF80A2E-BE4C-44A7-B888-0F74B8B68386} URL = http://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {9EF80A2E-BE4C-44A7-B888-0F74B8B68386} URL = http://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
BHO-x32: Dragon Branch -> {d640ce67-58e4-43c2-9adc-6bb959d7c606} -> C:\Program Files (x86)\Dragon Branch\Extensions\d640ce67-58e4-43c2-9adc-6bb959d7c606.dll No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://www.istartsurf.com/?type=sc&ts=1432625403&z=a4d3d8b82b1f22226b81e4egaz4c9o5q3o0wac8t1t&from=obw&uid=HGSTXHTS545050A7E680_RBF50AM50X503P0X503PX
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [697000 2015-05-26] (DTools LIMITED) <==== ATTENTION
R3 MBAMSwissArmy; \\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
U3 McAPExe; No ImagePath
U3 McMPFSvc; No ImagePath
U3 McNaiAnn; No ImagePath
U3 mcpltsvc; No ImagePath
U3 mfecore; No ImagePath
U3 MSK80Service; No ImagePath
2015-05-26 09:30 - 2015-05-26 09:30 - 00000000 ____ D C:\ProgramData\WindowsMangerProtect
EmptyTemp:
Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.
Działa!
Bardzo dziękuje :)
Skasuj folder C:\FRST.