I received a Toshiba Satellite C655D-S5300 laptop from a friend for virus removal. The only virus protection loaded on the laptop was an inactive version of AVG (along with obvious bloatware products), so I promptly installed Avast Antivirus and Spybot Search and Destroy to determine the severity of infection.
Spybot reported many infections and was able to remove all but 1 of them, the infected file being the svchost.exe infection.
I’ve read through the Avast forums post regarding logs to collect for malware advice. Between Avast and Spybot the malware is contained, however as I am an avid PC/networking student I would like some advice from the Avast community about proper removal of this malware.
Tools used prior to discovering this forum: Avast Antivirus (smart scan and boot-time scan), Spybot Search and Destroy, CMD sfc /scannow command. I have also created a custom firewall setting with Spybot that blocks inbound and outbound traffic to the target IP addresses of the malware (deepspacer and spacesoftpro .coms).
I have attached log files from Malwarebytes Anti-Malware, Farbar Recovery Scan Tool, and aswMBR.
Any help is greatly appreciated.
PLEASE NOTE: Upon my first activation of Malwarebytes I ran the update as directed, made sure to check scan for rootkits, and executed the scan. The scan ran as normal and reported that 202(ish) infections were found along with some rootkits. I proceeded to apply the fixes MAMB had suggested, and executed the reboot when I was prompted. I exported the scan log as a .txt to my desktop, however the log file that was created was blank. I executed a 2nd scan which reported no problems found. The uploaded MAMB log is from the 2nd scan.