Today, I checked my hidden icons to check the Toshiba PC Health Monitor. When I opened the tray, there was an unfamiliar icon. I moused over it and it said 100%, and when it was opened it was Adobe Updater. I was worried, as I had never seen this program before. After a few searches, I founwd that there was a trojan Adobe Updater. I opened rkill (iexplore.exe). After I okay'd Avast to run in the sandbox, when iexplore opened, after the first messages of "preparing rkill" and "terminating malicious processes", a wall of text with "pestFind" and other information, such as the creator's name (rkill did work, but it only ended an Avast file). I thought it could have nothing to do with rkill, or Avast Sandbox, so I ran it two more times. Same thing, and no files ended for both. On the third try I got three errors stating "Installation failed", then rkill opened. I then went to Task Manager. Opening the file location took me to Program Files > Common Files > Adobe > Updater6, with 5 files, Adobe_Updater.exe, three security certificate files, AdobeAUM_rootCert, AdobeUpdate, and AdobeUpdater. There was also an .exe installer named AdobeUpdaterInstallManager. The fact that they were last modified 2 years ago, 1/8/09, lessened my worries. That is about the same time I downloaded Adobe Reader. Each of these files were scanned individualy by both Avast and Malwarebytes, and then the whole Adobe folder was scanned. No malicious files. On the Properties page for Adobe_Updater.exe, there was even more information than the Softpedia image of the Properties page for the file. However, the copyright was 2002-2008. There were some processes that had no description or username. One (atieclxx.exe) was apparently part of ATI, while the other two are system processes but could be malicious if not in System32. Properties and open file location both won't work on the two files, winlogon.exe and csrss.exe. Am I infected?
Edit: Some system information:
I run Windows 7 Home Premium 32-bit on a Toshiba Satellite L505D-S5983. I have an AMD Athalon II Dual-Core M300 processor. My hard drive is a Hitachi HTS 5450.
Edited by JustAnotherWittyName, 12 March 2011 - 07:36 PM.