R
RodCorkum
Guest
I seem to have somehow gotten this virus Trojan:Script/Conteban.A!ml according to Windows Defender. I don't know when/where it came from but was first noticed November 15. I spend a lot of time on various trusted genealogy web sites and that day I had been on Find-a-Grave.com in my messaging center there. I had copied some text from the message center, pasted it into a text file (to remove the formatting), then pasted from the text file into a Word document. I attached that Word document to an email and the moment I hit Send on the email, Windows Defender popped up a "Threats Found" message. I promptly contacted the email recipient to delete and not open my document. Since then I've been trying to find out how to eliminate this without much success. (Somehow I can't believe that it would have come in from that copy and paste from Find-a-Grave - that sounds too much like just a coincidence.) I don't email many Word documents and the last time before that was October 12 that I had emailed one with no problems so I know it was fine way back then.
I have created simple "test" Word documents and scanned them using both Windows Defender and Malwarebytes and both say the document is clean. So then I tested by emailing it to myself and again the moment I hit "send", up comes the "Threats Found" message so I tell it to quarantine it. The same message also pops up when the email comes back in to me. The test document I created was saved on my desktop and if I go to delete it before running the quarantine it won't delete saying it is infected. I don't understand how the virus wasn't in the document before being emailed but was afterward even though this is still the original document and it would have been a copy that was emailed. Whatever this is, it only seems to be affecting Word documents.
Anyway, I've run Windows Defender three ways, Quick Scan, Full Scan, and Offline Scan and none of them found anything. I've also run a full scan with Malwarebytes (that took many hours) and it came up clean too. I even tried doing a System Restore to a restore point from November 12 - 3 days before this appeared but that didn't make any difference either. (That worked for me a few years ago when I got a virus at work but I knew the day I got that and where it came from.) There is one other restore point listed from November 8 if it would be worth trying that one. The only other one showing was when a system image was done 6 months earlier.
I was even considering the possibility of running a "Fresh Start" but that seems quite drastic. I'm not worried about having to reinstall all my programs again but was unsure if that would actually reinstall Windows 10 as the computer is rather old.
I have a Gateway desktop SX2100-ER2 from 2012 that originally came with Windows 7 Home and I updated it to Windows 10 Home just before Microsoft's free update program expired. I'm currently running version 1909. I didn't want to try the "Fresh Start" not knowing if I would actually get my Win 10 reinstalled or if it would go back to the original Win 7. I still use Microsoft Office 2003 (all I need is Word and Excel for home use and it works fine for me. I have to use Office 365 at work and I hate it - can never find what I want in those damned "ribbons".) My desktop email program is IncrediMail that I've been using for many years - no longer available but I still like it. (Hey, I'm 69 and quite comfortable with dinosaur technology. All this newfangled stuff is way too complicated! I've still got a Win XP desktop from my office that I couldn't bear to let them toss out - hardly any mileage on it! Still trying to figure out what I could use it for.)
So after this long winded explanation I guess I'm looking for any suggestions of what to do next. I'm not an IT person but have some computer knowledge so if you want me to try anything really technical, I'll need some step by step "how to" instructions. The other alternative was to go to Malwarebytes forum but since the message popup came from Windows Defender I figured I'll post here first.
Rod Corkum
More...
I have created simple "test" Word documents and scanned them using both Windows Defender and Malwarebytes and both say the document is clean. So then I tested by emailing it to myself and again the moment I hit "send", up comes the "Threats Found" message so I tell it to quarantine it. The same message also pops up when the email comes back in to me. The test document I created was saved on my desktop and if I go to delete it before running the quarantine it won't delete saying it is infected. I don't understand how the virus wasn't in the document before being emailed but was afterward even though this is still the original document and it would have been a copy that was emailed. Whatever this is, it only seems to be affecting Word documents.
Anyway, I've run Windows Defender three ways, Quick Scan, Full Scan, and Offline Scan and none of them found anything. I've also run a full scan with Malwarebytes (that took many hours) and it came up clean too. I even tried doing a System Restore to a restore point from November 12 - 3 days before this appeared but that didn't make any difference either. (That worked for me a few years ago when I got a virus at work but I knew the day I got that and where it came from.) There is one other restore point listed from November 8 if it would be worth trying that one. The only other one showing was when a system image was done 6 months earlier.
I was even considering the possibility of running a "Fresh Start" but that seems quite drastic. I'm not worried about having to reinstall all my programs again but was unsure if that would actually reinstall Windows 10 as the computer is rather old.
I have a Gateway desktop SX2100-ER2 from 2012 that originally came with Windows 7 Home and I updated it to Windows 10 Home just before Microsoft's free update program expired. I'm currently running version 1909. I didn't want to try the "Fresh Start" not knowing if I would actually get my Win 10 reinstalled or if it would go back to the original Win 7. I still use Microsoft Office 2003 (all I need is Word and Excel for home use and it works fine for me. I have to use Office 365 at work and I hate it - can never find what I want in those damned "ribbons".) My desktop email program is IncrediMail that I've been using for many years - no longer available but I still like it. (Hey, I'm 69 and quite comfortable with dinosaur technology. All this newfangled stuff is way too complicated! I've still got a Win XP desktop from my office that I couldn't bear to let them toss out - hardly any mileage on it! Still trying to figure out what I could use it for.)
So after this long winded explanation I guess I'm looking for any suggestions of what to do next. I'm not an IT person but have some computer knowledge so if you want me to try anything really technical, I'll need some step by step "how to" instructions. The other alternative was to go to Malwarebytes forum but since the message popup came from Windows Defender I figured I'll post here first.
Rod Corkum
More...
