I have a customer's computer in the shop that has an infection. I have been unable to remove part of the infection and I am looking for some assistance. Avast finds 2 infections, one is C:\Windows\assembly\GAC_32\desktop.ini and the other is C:\Windows\assembly\GAC_64\desktop.ini. They are both infected with a variation of Sirefef. I cannot repair, remove, or quarantine them. Access is denied.
I have ran TDSSKiller which finds nothing. Also ran Malwarebytes. Any suggestions?