I also installed all the recommended Windows security updates (including MS IE7) from the Microsoft site. I disabled the Microsoft firewall as running two firewalls simultaneously is supposed to be a bad thing, per the instructions.
The machine has the Google tool bar, and another one from PeoplePC, my current ISP. (OK, I use dial-up at home - no snide remarks, please!)
I've gotten windows that pop up advertising some bogus antivirus product, and on occasion got a red circle-and-slash symbol replacing my cursor that pretty much kept me from doing anything while the malware downloaded, beyond pulling the connection.
I installed Panicware's pop-up stopper (which reduced, but didn't eliminate, the popups) and added AdAware SE, WinPatrol10, Spywareblaster 3.5.1, and Spybot S&D. AdAware found a bunch of stuff (mostly tracking cookies) that I deleted, and Spybot found a LOT of malware. SS&D deleted all but something called "Smitfraud-C.Toolbar888" which remains. I also cleared out the TEMP file.
Last night I was surfing, and all of a sudden my system had a couple of popups which I closed . . . but "something" kept downloading even though I closed my browser. I pulled the connection again, and did a SS&D scan . . . more malware, including the bogus winantivirus garbage. Apparently got rid of it all again except Smitfraud-C.Toolbar888.
Before posting a Hijackthis log in the proper forum I'll follow steps in the guide ("Preparation Guide For Use Before Posting A Hijackthis Log") but was wondering if there's anything else I should do now, like ditching the Trend Micro security and going back to the Norton Antivirus / Zone Alarm combo I was using before on my homebuilt W2K box, which NEVER gave me these problems, or should I do something else?
Needless to say, after clearing things out, my #1 priority will be to prevent re-infection . . .
Edited by John S., 05 December 2006 - 10:36 AM.