This is my first time posting, and I've tried to do everything correctly, but if for some reason I haven't, please help me out.
My computer seems to be infected with (several) trojan horses. Infecting both "C://Windows/System32/services.exe", and "C://Windows/Assembly/GAC_32[and_64]/Desktop.ini". I have followed the instructions at this link, but my logs (although surprisingly similar) differ somewhat from the logs there. However, even after completing the instructions my problems remained.
OS: Windows 7 (64Bit)[SP1]
Proccessor/RAM: Intel Core i5-2450M CPU@ 2.50GHz, RAM 6.00GB
Machine Make: Lenovo Z570
Chrome, Opera, Firefox, Seamonkey, Internet Explorer
Problem(s) as far as I can tell:
AVG detects "Services.exe" infected with a "TrojanHorsePatched_c.LXT" (MBAM does not).
AVG and MBAM detect "...GAC_32/Desktop.ini", and "...GAC_64/Desktop.ini" infected with "Trojan.Generic15.axla".
All browsers (as AVG detects Services.exe opening) redirect past this link ["http://socket.luckyorange.com/_ylt=3648C868A1DB;c29ja2V0Lmx1Y2t5b3JhbmdlLmNvbS9zb2NrZXQuaW8vMS94aHItcG9sbGluZy9GMVNzWkx6aVBZSXo4djVfOGR4bD90PTEzNDIwNDUzMzA1Nzc=-NTAuNy4yMTMuOTAvYy84enIxMjc5TDhHNXFzU1U0YmI4MDkyZmRkNDE0YmUwNThmMmVlZDkxMDM4NGJkN2IxNms="] to random websites.
Google links (sporadically) redirect past previous link to random websites. This doesn't happen all the time, but usually when I need to find something fast. :-/
All sites have ads (by adchoices) that aren't supposed to be there. (Including Gmail and Facebook.)
Chrome browser (previously) wouldn't allow me to access Facebook, Gmail, Google, or most other https sites due to "insecure connection". (My apologies that I don't have the actual message. Chrome doesn't seem to be having any problems now, so I don't have access to the message.)
All web pages (including all Google sites, and Facebook) are "helped out" by text-enhance. (Annoying links that contain advertisement pop-ups.)
Solutions (not) that I've tried so far:
(Note: These are all the ones that I can remember. I've been trying on my own for several days now.)
All instructions from first link.
DNS Dump (CMD> ipconfig /flushdns)
MBAM (Found Several infections, including before said, fixed/removed all, but problems remained.)
TDSS Killer (Kapersky) Found one infection originally, fixed that infection, but the problems remained.
AVG doing multiple scans. (With and without MBAM installed.) Found services.exe, plus a whole bunch of white-listed "infections" (system files, it called them).
Items that I remember doing before problems occurred (problems occurred after reboot):
Accessed www.passports.org on an insecure 3G network. (Tethered to my phone. Phone not infected.)
Installed DriveIconChanger 1.0
Installed Autoplay Menu Builder
Installed "Digital Clock Screensaver"
Installed 3PlaneSoft Screensavers:
Mechanical Clock 3D Screensaver
One Ring 3D Screensaver (Free).
Windows 7 installed automatic updates, asked me to restart, I did so, problems occurred.
I appreciate any help you can give me, and all the time that you people put into helping the ignorant fix their blunders.
Please note that I'm more available in the evenings than I am in the daytime, so if I don't respond directly after you, I will do so as soon as I'm available. Thanks for your patience!
Edited by Cupka44, 11 July 2012 - 07:48 PM.