That is unrelated to the traffic you experience. And essexboy certainly knows what he is doing. He is the best qualified remover we have here and he is instructor at G2G as well. You cannot get better removal assistance on the Interwebs, believe me!
I am just into website code and IP analysis, and seen loads and loads of issues. That is my specialty. So I think out aloud on an experience basis. Essexboy must drag that baddie out. Trust us, we get to it, we'd find the little b*gger!
pol
PS Just initiate the test you find here:
https://www.grc.com/dns/dns.htm (because av and firewall do not protect)
Give me the results of your DNS Nameserver Spoofability Test
D