How to determine if I received a malicious update or not: check if any ongoing process has an active network connection with known active C&C servers, or see if any of the malware based on the file names we provided in the report is installed in:
C:\ProgramData\Sandboxie\SbieIni.dat C:\ProgramData\Sandboxie\SbieDll.dll C:\ProgramData\LoGiTech\LBTServ.dll C:\Program Files\Internet Explorer\ieproxysocket64.dll C:\Program Files\Internet Explorer\ieproxysocket.dll a file named %LOCALAPPDATA%\Nox\update\UpdatePackageSilence.exe not digitally signed by BigNox.
How to stay safe:
In case of intrusion – standard reinstall from clean media. For non-compromised users: do not download any updates until BigNox notifies that it has mitigated the threat.