As much as I would have normally lectured my wife about using Internet Explorer, in this case she had to use it to access certain work-related tools, including getting full use of Outlook Web Access. Since she got the same infection on her work computer as well, I’m assuming it was a drive-by of a site she was visiting for work.(A safe assumption given that other people in her office also got infected!)
The disappointing part is that AVG caught nothing, and Vista’s UAC was easily bypassed. (Yeah, I sort of knew that UAC had been pointless already, this just proved it to me.) Luckily, it only affected her profile on the machine so I could log in as myself and access the internet to get all the proper tools to fix it. Malwarebytes did a good job of killing it, and I was able to recognize that it had set IE to use a proxy server and correct that, then follow the instructions linked above to truly clean it.
I wish I could tell you what site’s banner ads had been hijacked, but so far we’re not really sure. So just stay away from Internet Explorer, m’kay? 😉