So late last week my company's IP was blacklisted on Spamhaus' CBL block list. Says we are infected with the cutwail spambot. So I ran Malwarebytes Pro and Hitman 3.7 Pro on the machine I thought was infected. I also put an access restriction policy in place in DD-WRT to block outbound traffic on port 25 for the machine I suspected, and one other machine that I thought was maybe a problem. Ran fine all weekend, come in today and about an hour in we get blacklisted again. I'm at a loss here. I've never had a problem like this in almost 10years of being in the field.
Right now i'm running malwarebytes pro on 2 of our other workstations just in case.
Some help with this would be great.