Got a particularly fun infection on a machine at work.
Browser redirects to ad pages about 50% of the time, blocks a bunch of sites such as this one, has a fun learning blocker that, for example, learned to block youtube.com after a search result for MBAS included a youtube video, and browser crashes frequently (IE and FF).
Trying to run CMD will cause explorer to crash, even in safe mode.
Same for regedit.
Tools like SDFix and ComboFix won't run past the initial stuff.
Symantec was throwing up real time protection notices saying it blocked a generic trojan.
I did a lot of digging and I found a fun username.exe in C:\Documents and Settings\ (where username is the name of the user), and was able to kill that off.
Also found and killed off some file in C:\Windows\System32 that was named something like 9735823.exe.
SuperAntiSpyware detected a few things and cleaned them, and now shows clean logs.
Same for MBAS.
Symantec no longer throws up the warnings.
Hijack This logs appear clean.
Pretty much identical to this thread below, which was "solved" mysteriously.http://www.bleepingcomputer.com/forums/t/216540/infected-with-vundu-or-something-similarly-tricky/
I've seen a few other posts scattered across the web with similar issues, and they're all from about within a week or so.
This looks like it's the hot new thing.
I don't have access to the machine again until Monday.
Even if we wipe the machine on Monday and start fresh, I'll try to post an initial DDS log just to see if we can find some common element.