A recent rogue cleanup was easier than usual–there was an image backup to restore, and there was time to backup the contents of the infected drive before cleanup, and scan it a few weeks later with the newest, latest greatest antivirus/antispyware definitions. All the “infections” shown below are fake, of course. And WinDefender 2008 is a rogue (fake) security application.

At scan time, here’s what was found (Scan by AVG antivirus 8.0):
Virus:
C:\Program Files\WinDefender 2008\Uninstall.exe
Classified as ‘Trojan horse SHeur.BZLW’

Adware:
C:\Downloads\SetupGamevance.exe
Classified as ‘Potentially harmful program Downloader.QN’
(2 copies found)

I see no proof that Gamevance is pushing WinDefender 2008. Or not. But here’s the scenario: The machine passed all scans the day before the rogue appeared. So either they showed up on the same day, arrived in each other’s company, or were both hidden by active malware. Assuming simultaneous infections is a big assumption. Caution is indicated with any site paid for by installing software, as usual.