Suspicious Adobe Files

Rock.87 · 2025-02-08T04:04:51+00:00

There was an error rendering this rich post.

@Alexandru_BD @Flexx @Scott i received an adobe file in my proton mail, downloaded it , but it could not be accessed via adobe/other softwares due to it's corruption, then the sender company sent me another file, this time idm showed that file with a whatsapp icon:

After Downloading it's display was like this:

The other adobe files were also converted to that format.
Right After That i tried to open my whatsapp on my pc (M.S. Store app ), 1st two attempts to open whatsapp returned with this strange window:

On 3rd attempt my whatsapp was opened normally.
i ran a custom scan configured for best possible security measures but it's result showed me strange compresses files which i do not know:

Brave is also appearing with strange icons in my task bar :

Would plz explain what actually happening here? was that a whatsapp hacking attempt or something else?
Best Regards

Find more posts tagged with

Accepted answers

All comments

Gjoksi

Hello.

This is the second time you have issue(s) with file(s) on your device recognized only as WhatsApp file(s).

https://community.bitdefender.com/en/discussion/102802/strange-behavior-of-firefox-recovery-key

And this is really strange.

First, scan (and disinfect, if needed) your PC with Bitdefender Rescue Environment:

https://www.bitdefender.com/consumer/support/answer/29132/

Next, create a log file on your Windows device using Bitdefender Support Tool, by following these steps:

https://www.bitdefender.com/consumer/support/answer/1733/

and

create a log file on your Windows device using BDsysLog, by following these steps:

https://www.bitdefender.com/consumer/support/answer/1922/

Next, contact Bitdefender Consumer Support by e-mail:

https://www.bitdefender.com/consumer/support/help/

with short description of the issue.

After that, you will get an automated reply by the Bitdefender Customer Care Team, with your ticket number.

Now, in reply to that automated reply, you can send the screenshot(s) you already took and the log files you already created in the first step.

Since you are all done, just wait for the support engineers to investigate your issue and find a solution to fix the issue.

NOTE: If any of the log file is larger than 25MB, you can upload the log file here:

https://upload.bitdefender.net/

After the upload is done, you will get a notification with the file's URL and then you can share the file's URL with the Bitdefender Consumer Support.

Regards.

@Alexandru_BD @Flexx @Scott

Scott

https://community.bitdefender.com/en/discussion/comment/349821#Comment_349821

Nice job, as Alexandru would say, nothing more to add here.

Rock.87

https://community.bitdefender.com/en/discussion/comment/349821#Comment_349821

Thanks for taking a deep look into my ongoing issue.

I have already performed Rescue and all other scans using Bitdefender, Malwarebytes, and a few other tools, but nothing worked. I only used other antivirus software for scanning because Bitdefender does not check for rootkits, even in Rescue Scans. This was recommended a long time ago, yet it is still missing from the software, creating a significant security risk. Once malware takes control of a system, later security scans rarely work effectively. I strongly insist that this feature be added to both System Scans and Rescue Scans. Additionally, the System Scan should display all its scanning options so that users know exactly what type of scan they are running and what might be missing. I noticed the absence of a rootkit scan in the Rescue Environment log.

A log file submission option should be available within the Bitdefender software, as seen in some other antivirus programs. The Bitdefender Link Check feature should also be prominently highlighted in the software interface because users cannot access it unless they contact support, which can take a month to resolve issues.

That said, if this were merely a Windows 10 icon-related problem, it wouldn’t have opened WhatsApp when I clicked the downloaded file—correct?
whay the log file is placed in public desktop:

A Chrome extension (Urban VPN Proxy) attempted to gain control of my PC through suspicious activity, which Bitdefender Total Security blocked. After this incident, I uninstalled Chrome using Revo Uninstaller’s extreme deletion option to remove all leftovers. However, uninstalling Chrome corrupted Brave, altering its icons as shown in my screenshot. I also uninstalled Brave with Revo, but multiple re-installations of both browsers did not fix the issue.
These malicious behaviors were found when i was using urban vpn

The Brave icon prb was started after that because i uninstalled chrome with revo uninstalled , uninstalling & reinstalling chrome and brave could not fix the issue. the whatsapp icon prb is older.

Flexx

https://community.bitdefender.com/en/discussion/103140/suspicious-adobe-files

https://community.bitdefender.com/en/discussion/comment/349848#Comment_349848

Your first step should always be to scan the file on VirusTotal.

Secondly, I personally use Revo Uninstaller Pro, which offers more advanced features compared to the free version. Its strength lies in its comprehensive scanning capability, searching extensively for residual files and registry entries left behind after software uninstallation. However, it's crucial to carefully review the files and registry entries it identifies before deletion to avoid removing critical components.

Since Brave is based on Chromium technology, just like Google Chrome, there's a chance that during Chrome's uninstallation, Revo Uninstaller Pro may have mistakenly flagged Brave as a leftover from Chrome. This could potentially lead to unintended issues if Brave's essential files are removed.

Regards

Rock.87

@Flexx yes i suspected it , but i uninstalled chrome and brave through revo pro and then reinstalled them, why still these issues are there? can u guess?
i ran sfc /scan now & DISM /Online /Cleanup-Image /RestoreHealth for any possible windows damage by revo uninstaller but could not find anything.