I don't know how many of you have had the pleasure of an infestation of the above, but let me tell you that I've never been so frustrated and ready to give up and re-install Windows from scratch as I was late last week.
I've never really had a problem with spam or viruses before - I'm careful with what I open, keep a low profile on e-mail and so on. But a particularly malicious variant of the Sasser worm (one that finds you, then auto-executes) got hold of my laptop last Tuesday overnight.
It took control of parts of my system and my browser. It deleted the Google toolbar and installed something called the Elite Toolbar instead. It hijacked all my searches and put up ad-related links instead. It kept polling a site I think is in China to download "payloads" for the Trojan-horses it was running. Every time the PC rebooted, it would shape-shift into something new, hiding somewhere else (system folder, temporary internet files, my documents - you name it). I had pop-ups galore, many of which I found were actually living on my own PC and running on the clock.
I spent a couple of days taking the measure of the beast. I Googled around on what traces it left, killing what I could see to be rogue software. In the process, I found some pretty useful software available for free on the web, and I got some sterling personal assistance from one of the gurus on Spyware Info.
The weakness in my PC was due to having recently connected this laptop directly to the broadband connection. Previously, it was on my home network, behind a firewall. But my laptop itself was running neither anti-virus nor a firewall when I hooked it up. It didn't take too long for this sleaze to take over my machine.
I bought a copy of Norton 2004 for anti-virus. It's okay, but it just can't see a lot of the spyware stuff, because the spyware stuff is designed to hide from it. And it's crap at solving spyware problems once they're manifest. It takes forever to scan the PC and for things it can't delete it makes you go into Safe Mode. I've spent a lot of time in Safe Mode this past week.
So, I used Ad-Aware in the freeware version available on-line. It found more of the spyware stuff, and told me where it was hiding, but it was not able to rid me of the problem definitively since it kept coming back with every re-boot.
For that, I started running another freeware program called Hijack This. This scans your PC and tells you what's running. By comparing it to what should be running, you (or an expert) can tell you what's malicious and point out how to kill it.
That's where the guy on the "malware" forum at Spyware Info helped out. I posted my HJT log and he held my hand through the process of shutting down the rogueware. I'm not sure it's all gone yet, but it's certainly been neutralised.
And after all that, including lessons in things like editing the registries, I've done what I should have done in the first place and downloaded the latest version of ZoneAlarm, locked down my browser security and am in the process of installing Windows XP Service Pack 2.
I don't purport to being a malware expert, just wiser for the experience. I'm posting this a sort of public service in gratitude for the excellent support I've received (for free) and in the hope that Google might pick it up and point others to the resources I've discovered.