What was TM doing when you got hacked?
Ostensibly, its job. It detected the initial trojan and claimed to have quarantined it, but I found it running as a process immediately thereafter along with sr882388.exe. It asked me if I wanted to allow sr882388.exe to access the internet, and I of course blocked it, but that didn't stop it running. Nor, apparently, was it able to stop it or something else from accessing the internet, considering my email account was successfully stolen.
It was also updating daily and scanning twice weekly. It found nothing on a scan immediately after the incident, of course. I found siszyd32.exe myself in msconfig when I was trying to figure out what all had gone wrong. I'm assuming it hit a few months ago when TM "quarantined" another trojan. In that case, I failed to look further. I'm not sure what siszyd32 accomplished, but it's apparent both left TM scratching its *** in midfield.
Jim