Currently I have Symantec Endpoint 11 unmanaged installed and blocking explorer.exe attempts to go ontact spam IP addresses and Malewarebytes Pro (this program's auto protection service shuts off on reboot due to the infection).
Infection started 4/12/2011 - 4/13/2011
**Detail of infection as it is now: On Google and Yahoo any link you go to from a search goes off to spam sites... Also without having a broswer open explorer.exe tries to contact spam IP addresses constantly... Also audio ad/streams randomly play in the background constantly.**
**Things done: Ran RKILL.exe and unhide.exe so I could migrate enough data to free up space for a System Restore (to a far point so the infection will not be freed by system restore alone). Also ran several scans from Symantec Endpoint, malewarebytes, hijackthis, and RootkitBuster. The anti-virus and spyware come up clean with no infection, but this is false. Flushed DNS and manually changed DNS on the router to an OpenDNS. This is the only computer connected to the router that has a problem. Hosts file were deleted as they were filled with spam sites... the file is stable now and normal.**
**Additional: The SATA HDD alerts were false and caused by the infection... the computer has SSD devices, so hard drive failure would be rare... plus all reports now report back that the device is healthy. **
Any help would be lovely and I do have all the software downloaded and ready to go for the logs you might need.
(Also I will be monitoring this thread closely and should be very fast on turn around)
Thank you in advance.
Edited by Budapest, 14 April 2011 - 06:08 PM.
Moved from Virus, Trojan, Spyware, and Malware Removal Logs ~Budapest