Posted 06 July 2012 - 06:02 AM
I have been work on backing up, scanning, and attempting to restore my computer for the past 14 hours. After finding out that a factory reset was not an option, I attempted to do my best at removing this infection from my computer. So far I have no luck and am requesting help. I have searched this website and found a possible solution, but in part of the description a certain script was made specifically for the victim's pc So therefor I am hoping to get some help.
Symptom #1 : Malwarebytes periodically alerts me that an outgoing attempt was blocked
Part of huge LOG:
18.104.22.168 (Type: outgoing, Port: 60149, Process: svchost.exe)
2012/07/06 06:55:38 -0400 UNCONVENTIONAL Joe IP-BLOCK 22.214.171.124 (Type: outgoing, Port: 60150, Process: svchost.exe)
2012/07/06 06:55:38 -0400 UNCONVENTIONAL Joe IP-BLOCK 126.96.36.199 (Type: outgoing, Port: 60151, Process: svchost.exe)
Symptom #2: AVG Periodically Alerts me about c:\windows\system32\services.exe
Threat name Trojan horse Dropper.Generic_c.MMI
Symptom #3: While using Firefox, I have a google re director, which will redirect my first 2 google searches. It will also occasionally redirect a new window
I have used tdsskiller, spybot search and destroy, ccleaner, malwarebytes, and msert to scan and attempt to remove said infections. Each time, (including while in safe mode) have failed.