After months of tussling with this thing, I have finally come to you, the experts. Or some of the experts, anyway.
Forgive me if this is complicated, I just want to try and give you everything I know, however stupid or silly.
Around March of this year, I ran afoul of what I now believe was at least a VX2/Qoologic virus - I'm not quite sure how that works, as I am only barely techliterate, but it seems to meet all the criteria of what I'm dealing with and some of my spyware killers have ID'ed VX2 before. I ran a battery of programs on this stuff - Spybot, AdAware, HijackThis, Counterspy, Microsoft AntiSpyware - both in Safe Mode and regular, with some good results with the bulk of the trouble. All that's been left, for months now, is some annoying BHOs and intermittent annoying popups. But it is still really annoying.
Recently, I buckled down and decided to ID the problem once and for all, which is what led to me to discover that I think it's the VX2. This then led me to DL Ewido and Killbox (unused so far) - I used Ewido, which found a passel of 'infected' DLL files - I already knew some to be infected or fake, files like 'geeba.dll' and so on that kept respawning or refusing to delete. I was a little rash the first time I used Ewido and let it delete ALL the 'bad' dlls, and so the next time I rebooted I (after a few hours) had big problems with RUNDLL and such (including files like msfv32.dll, com.dll and ps.dll, which seemed to be part of the original OS) which led to a total meltdown. Everything seems okay after a reboot and that's not likely to repeat now, but the virus remains, doing its obnoxious thing.
A half-hour ago I ran HJT again and was shocked to see no evidence of a BHO for the first time in months, and no popups - and then the popups came back after about thirty minutes. So, I dunno what to do here. Forgive me, I wasn't sure whether to post about my problem in here or in the HJT folder, and I will be happy to put my latest (and older) HJT logs in there if asked.
Many thanks for any help. Sorry to go on so long, I just wanted to be as complete as possible. I am running system guards with ZoneLabs, Ewido and Counterspy at the moment.