I'm a dabbler so when I found my Wife's computer had been infected I set to work clearing it off. Initially I thought I had a hosts file problem (since I was being redirected and manual attempts to get to sites received 404 errors) but quickly learned my hosts file was fine. It didn;t take much from there to decide it was a DNS issue. I manually changed the DNS entries for the adapter to the comcast addresses but problem remained so at that point I knew I had something not fun at all.
I had a heck of a time getting anything done. MBAM wouldn't install, nor would a number of other utilities. I was able to finally get one (http://www.prevx.com/freescan.asp
) to install and it found the rootkit/trojan but charged me 16 bucks for a one month license to get it to remove it. So, I had it remove the files.
After doing this I was able to actually install MBAM and ran it and it found more vestiges. I also ran ComboFix and I believe it found something as well since removed.
Because it was late and I was frustrated I went and deleted out the quarantine folders and everything still seems fine.
When I then went to return my wife's machine to pull the DNS automatically, she wouldn't have access to the Internet. I went ahead and re-entered the manual values I pulled from the router for the DNS settings and it works but I would prefer to be using automatic in case Comcast decides to change up their DNS servers.
Does anyone know the answer or is there something more I can provide to help get to the root of the issue? I'm posting from work so will not be able to provide any information directly from her system until I return home in the evening (after 7MST likely)