1) When I try to click through to a search link found by Google it always redirects to some bogus page tied to IP address 188.8.131.52.
2) A process spawns (and respawns) in the background identified as PING.EXE *32. This process starts small (2MB) and grows to as large as 738MB. Once it gets running it averages about 30% of all CPU cycles, but spikes up as high as 99% and will run in the 90% range for a couple of minutes. [I should point out that several decades ago I did the network stack part of the PING command for a couple of notable UNIX operating systems. From personal experience I can attest that the real PING client is quite small and the system part is even smaller.]
I'm running 64 bit Windows 7, so I know that my maleware removal options are limited. Here's what I've done:
I've updated and run MalwareBytes (mbam) using both a full and quick scan. Scans first turned up some minor infections, but have since run clean. There have been a couple of cases when I actually was able to successfully click through on Google links. The first was after an mbam run and the system rebooted. I had waited a couple of minutes for everything to start itself up and then brought up Task Manager to kill off the plethora of printer/updater/application agents that don't really need to be running. All seemed well, but the bug eventually did respawn. Also, I tried killing off a couple of "Steam" processes, which seemed to provide temporary relief.
I'm usually pretty good about reducing the risk of infection for this particular computer... limited internet browsing, the use of web mail instead of a name brand email agent, and the installation of only trusted software. The only notable exception is that I've installed a game (Skyrim) on this computer that requires more horsepower the my daughter's computer can provide. Normally this wouldn't be an issue, since most of these PC games are stand-alone. This one, however, uses a service called "Steam" which requires an internet connection so that your accomplishments can be updated and recorded somewhere in the cloud. I see this as a dubious and unnecessary feature, but it seemed that the most obnoxious side effect was the occasional pop-up trying to sell you some other video game something-or-other. While it's possible this is the culprit, I find it difficult to believe that Bethesda Software would risk poisoning their entire customer base. After all, the game rang up over $600 million in sales the first week... that must be at least 10 million customers. I don't know... stranger things have happened.
Thanks in advance for any help.
Edited by hamluis, 03 January 2012 - 09:57 AM.
No logs, moved from Malware Removal Logs to Am I Infected.