Jump to content

Have I been affected?


moetee

Recommended Posts

I received an email from a competing company that I have no quarrel with nor had I interacted with. But, it was an email to an alleged spreadsheet or some sort (not opened) just the email then placed it in the Deleted Folder in my Outlook. (Also email was viewed on my iPhone as well)

I am referring to this incident but I am not too sure if recent my Chrome was updated or maybe my Windows, don't remember. But, I just noticed some green check marks on some of desktop icons and just as I am writing this topic I looked at my desktop icons and now there is a small icon layered on the desktop icon as a 2 person-ed stick image. See attached in this post.

Now I as I am typing the icons now have (not sure if its the original windows iconed style) but have arrows on them, see attached.

 

A few days ago I repurchased ESET NOD32 since I had a cracked version and now have a official registration key. I've always had MWB running with my purchase.

  1. I just ran a Kaspersky TDSSKiller and nothing was found.
  2. ESET NOD32 Smart Security Premium, was scanned nothing found. 
  3. MalwareBytes just ran a scan now, nothing was found. Log attached.
  4. AdwCleaner was downloaded and it I did a scan and it found 3 separate threats. See attached Log. ( I also hit Clean & Repair function )
    1. PUP.Conduit.Heuristic 1 threats 
    2. PUP.Optional.Legacy 3 threats 
    3. PUP.OPtional.WebCompanion 4 threats 

 

Questions:

  1. Could I have been affected through that email even if I didnt open the file?
  2. If not, why did my Windows Desktop Icons change?
  3. Why wasnt Malware Bytes unable to detect anything but Adware did

 

Icons.PNG

Arrowed Icon.PNG

9 11 2018 MalwareBytes Scan Report.txt

AdwCleaner[S00].txt

Link to post
Share on other sites

  • Root Admin

Hello @moetee

Don't see a specific real issue. The icon or desktop view can be changed many ways and have nothing to do with an infection. In general an infected email could potentially by simply clicking on it as the newer mail clients have a preview pane that parses the mail. However, unlikely.

Let me get the following logs please as an attachment.

 

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system.
You can check here if you're not sure if your computer is 32-bit or 64-bit

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply.
  • The first time the tool is run, it also makes another log (Addition.txt). Please attach it to your reply as well.

 

Thanks

Ron

 

Link to post
Share on other sites

47 minutes ago, AdvancedSetup said:

Hello @moetee

Don't see a specific real issue. The icon or desktop view can be changed many ways and have nothing to do with an infection. In general an infected email could potentially by simply clicking on it as the newer mail clients have a preview pane that parses the mail. However, unlikely.

Let me get the following logs please as an attachment.

 

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system.
You can check here if you're not sure if your computer is 32-bit or 64-bit

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply.
  • The first time the tool is run, it also makes another log (Addition.txt). Please attach it to your reply as well.

 

Thanks

Ron

 

Hey Ron,

 

Thanks for the reply man!

I agree with the desktop icons but they changed on its own..that's what I'm worried. Why did it change out of the blue.

Regarding the email panels you mentioned, what ways to prevent that would you suggest or circumvent that? What about the other randoms I mentioned would you say?

Also, here are the attachments you asked for!

Addition.txt

FRST.txt

Link to post
Share on other sites

  • Root Admin

The system crash could have cause the icon issue.

You can turn off the preview pane in Outlook which would help to reduce potential threat escalation but normally the policies on Outlook and other Microsoft Office programs don't easily allow something to auto launch like it used to a few years ago. I wouldn't worry about it too much myself. Between your ESET antivirus and Malwarebytes it should protect much better than native Windows Defender. You don't want to lock a computer down so much that you can hardly use it as that's almost as bad as being infected. Make sure you have good solid backups of your data these days is very important. Highly recommend you read this.

Backup Software

 

As Java seems to get exploited on a regular basis I advise not using Java if possible but to at least disable java in your web browsers
How do I disable Java in my web browser? - Disable Java

A lot of reading here but if you take the time to read a bit of it you'll see why/how infections and general damage are so easily inflicted on the computer. There is also advice on how to prevent it and keep the system working well. Don't forget about good, solid backups of your data to an external drive that is not connected except when backing up your data. If you leave a backup drive connected and you do get infected it can easily damage, encrypt, delete, or corrupt your backups as well and then you'd lose all data.
Nothing is 100% bulletproof but with a little bit of education, you can certainly swing things in your favor.


If you're not currently using Malwarebytes Premium then you may want to consider purchasing the product which can also help greatly reduce the risk of a future infection.

 

Thank you

Ron

 

 

Link to post
Share on other sites

41 minutes ago, AdvancedSetup said:

Sorry, thought I did. The logs don't show any signs of an infection. Only real issue may be Bonjour keeps crashing or cannot schedule a task. Personally I'd just uninstall Bonjour myself.

 

What about the logs I attached with AdwCleaner that picked up 3 threats?

Link to post
Share on other sites

  • Root Admin

Actually that was a Scan. Not a Clean.

Okay, let's just go ahead and run an all new set of scans again to make sure.

 

Please run the following steps and post back the logs as an attachment when ready.

STEP 01

  • If you're already running Malwarebytes 3 then open Malwarebytes and check for updates. Then click on the Scan tab and select Threat Scan and click on Start Scan button.
  • If you don't have Malwarebytes 3 installed yet please download it from here and install it.
  • Once installed then open Malwarebytes and check for updates. Then click on the Scan tab and select Threat Scan and click on Start Scan button.
  • Once the scan is completed click on the Export Summary button and save the file as a Text file to your desktop or other location you can find, and attach that log on your next reply.
  • If Malwarebytes won't run then please skip to the next step and let me know on your next reply.

STEP 02

Please download AdwCleaner by Malwarebytes and save the file to your Desktop.

  • Right-click on the program and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Accept the Terms of use.
  • Wait until the database is updated.
  • Click Scan.
  • When finished, please click Clean.
  • Your PC should reboot now if any items were found.
  • After reboot, a log file will be opened. Copy its content into your next reply.

 

RESTART THE COMPUTER Before running Step 3

STEP 03
Please download the Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system. You can check here if you're not sure if your computer is 32-bit or 64-bit

  • Double-click to run it. When the tool opens, click Yes to disclaimer.
  • Press the Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply.
  • The first time the tool is run, it also makes another log (Addition.txt). If you've, run the tool before you need to place a check mark here.
  • Please attach the Additions.txt log to your reply as well.

 

Thanks

Ron

 

Link to post
Share on other sites

  • Root Admin

In order to reduce the risk on conflicting advice and wasting the resources of multiple support teams I will go ahead and mark this topic as resolved.

You may continue to follow in your other topic

https://forum.eset.com/topic/16770-am-i-affected/

Thank you

 

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.