Jump to content

Recommended Posts

I'm kinda of a paranoid when it comes to pc so I always double scan my file. I was looking at a peculiar one on virus total and I'd found a weird case
 

By scanning the file no engine detected it staying perfectly clear, but the community score was a whopping -67 telling me that it was malicious. I'm kinda of panicking right know, what should I do? Should I worry? I am in danger ? and if so how can I clean my pc

 

Share this post


Link to post
Share on other sites

Are you sure you are in the right place? This Forum is for macOS users and your reference to "pc" would lead me to believe your are using a Windows computer. If so I can ask that this be moved to the correct forum where it can be.

It would also help to provide the VirusTotal link that you checked.

Share this post


Link to post
Share on other sites

A few comments, based on the VirusTotal scan.

- The -67 score is primarily due to a couple of individuals with a high reputation. Their scores are based on their contribution to the community and are not something they control. Also, those scores are relatively old.

- Looking at the relations tab you can see that that file is used by more than 50 processes apparently malicious processes, almost all being Windows executables. The file itself is listed as an unknown type and probably data. 

You didn't mention how you came about this file and where it was located on your Mac, but it does appear to be used exclusively in a Windows environment, so unless you are also running Windows on your Mac, it is not a threat. Let us know if you are running Windows or routinely exchange files with Windows users.

Share this post


Link to post
Share on other sites

it's location is: Library > Containers > desktop.whatsaap > Data > Library> Application support > Whatsapp > file system > origin

I just simply found it while I was searching other things on finder, I've know Idea how I got it

Share this post


Link to post
Share on other sites

I have that same file. It's only 41 bytes long and looks like this:

957CB9C5 22000101 1A6C6576 656C6462 2E427974 65776973 65436F6D 70617261 746F7202 00030204 00

The ASCII portion reads:

�|��"leveldb.BytewiseComparator

I also have 179 other occurrences of that file name of which 131 are 41 bytes long. There are four more in ~/Library/Containers/desktop.whatsapp/Data/Library/Application Support/Whatsapp/...

Obviously just a relatively common data file used by a variety of different applications.

You got it by installing and running WhatsApp.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.