1: Relating to the fake Trojan.Zlob.G/Defender 2009 alert crap
This was FIXED, but I wanted to know what else I should get rid of that was left behind by it. Some people have mentioned exe files like merman, losi, etc. in Application Data folders, which I have noticed. I'd guess that's about it?
It appeared around December 2008 on the 7th, I think. The main problem files and prefetch were removed on that day or the next, so I haven't had any issues since then.
MBAM seems to have cleared this up, as well as some adware. I ran it as soon as I could.
This one happened a few days ago on the 15th. I was getting junky pop-ups through IE even though I was using Firefox. Norton was blocking things trying to come through, maybe through Vundo, but ended up hanging on something that it couldn't manage. After that, I ran quick and full scans with it, which only caught tracking cookies. Then, I ran MBAM on full scan, and that got rid of things. I ran it a second time (again on full scan) and it found nothing. CCleaner also doesn't list the items in startup anymore.
I just want to make sure that traces of it (and the other) are completely cleared whether they're actually a threat or not. I was considering getting ComboFix, but read that only someone who knows what they're doing should instruct on using it.
Not sure if this is relevant: There was an error that appeared a few times in a row while Vundo was still getting detected by MBAM. I didn't manage to copy down the name because I was trying to steadily get rid of the problem. However, after looking through Prefetch, I think it was icwconn1.
Other Notes: I'm already figuring out what needs to be updated - specifically Acrobat/Adobe which may or may not have been connected to both problems. The dumb thing is I wasn't even using it either time, but I know I saw the process running during the more recent one. I don't know whether I want to switch off to Foxit or install the new version. I think I might need some help on removing all of the older versions of Acrobat files no matter which way I go. Other than that, I did update Java RE, and I'll try Secunia afterward.
Edit: Tried to unclutter it a bit more and fixed some things. Still a little tired, so I hope it makes sense.
Edited by tipped_a, 19 April 2009 - 08:17 PM.