JK11 Posted October 30, 2023 ID:1597261 Share Posted October 30, 2023 Hi all, I downloaded some retro Windows screensavers last December from a website called Screensaver Planet. I know very little about computer science and cyber security, so I had no idea .scr files were executables. Last month, Bitdefender picked up on one of these and I posted about it on these forums but the conclusion was that it was a false positive. Malwarebytes didn't flag any of these files. I've since gone and run the rest of them on VirusTotal and some of them were flagged as malware. They're in my System32 folder, in case that makes a difference. I just don't know how probable it is that these are threats given that only one of the nearly 70 vendors flagged these .scr files as malware. I have pasted the virus total results below. https://www.virustotal.com/gui/file/32d8b929fe3cf0c55e602e8ba72022545ffc183bb871c9d1475fde73ae982136 https://www.virustotal.com/gui/file/664b4b1da036eb36b13a3bce2fd572e37127223cbf6796adde12cbfb3af0d893 I ran a few as well on a website called hybrid-analysis.com. I don't really know how this website works (again, I am not really savvy with this sort of stuff). Some of the .scr files that were undetected by all Virus Total vendors (0/71) were rated as suspicious or outright malicious by hybrid-analysis.com. The results are pasted below. http://www.hybrid-analysis.com/sample/2431be0bc278225bab741dae6d27b1f56316d7fb8efb74239712394854b0c946 http://www.hybrid-analysis.com/sample/a4976a58e6a767c13499ad8dddf6beca7f703ab93a2ab746c9254042cded9d9a http://www.hybrid-analysis.com/sample/cab56df04ff6cc92c563f167739904fe687e13189052e725049a6945fb62c48f http://www.hybrid-analysis.com/sample/20776bb7d7ddc3d5c8eb59a742e265dde6ccfcbcbaf74f7762642825cf1c1454 http://www.hybrid-analysis.com/sample/32d8b929fe3cf0c55e602e8ba72022545ffc183bb871c9d1475fde73ae982136 http://www.hybrid-analysis.com/sample/664b4b1da036eb36b13a3bce2fd572e37127223cbf6796adde12cbfb3af0d893 Link to post Share on other sites More sharing options...
Porthos Posted October 30, 2023 ID:1597267 Share Posted October 30, 2023 26 minutes ago, JK11 said: I just don't know how probable it is that these are threats given that only one of the nearly 70 vendors flagged these .scr files as malware. I have pasted the virus total results below. They are not threats. Link to post Share on other sites More sharing options...
Solution David H. Lipman Posted October 30, 2023 Solution ID:1597362 Share Posted October 30, 2023 14 hours ago, JK11 said: I just don't know how probable it is that these are threats given that only one of the nearly 70 vendors flagged these .scr files as malware. I have pasted the virus total results below. You weigh that ageist the First Submission date. Both First Submission dates are in 2009. That indicates that the one Detection by Trapmine for each file is a False Positive declaration. Link to post Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now