VirusTotal is Flagging Windows .exe's


  1. Posts : 4
    Windows 10 Pro Retail
       #1

    VirusTotal is Flagging Windows .exe's


    Hello All,

    My first post here so let's hope I'm not breaking any forum rules off the bat (specifically my posting of a Mega video link). I'm pretty keen to get this looked at so I haven't taken the time to read through all the rules yet but will very shortly - sorry if I happen to break any right now.

    Could someone please take a look at the video (link provided following) to see if they have any of the same sort of deal on their computer?

    I am currently running:

    Windows 10 Pro Retail
    Version 1809
    Build 17763.134
    All Windows Updates are current
    Program Version scan with Sumo Lite and all programs patched

    Some but not yet all of my system specs have been filled in for my account to further assist.

    The problem:

    Some of the default Microsoft .exe's are being flagged by Process Explorer with Check VirusTotal.com enabled though they all seem to be running from the right locations being either WINDOWS\System32 or Program Files\WindowsApps.

    This happens regardless of whether I use the 32 or 64 bit Process Explorer.

    I regularly run sfc /scannow which comes up clean - I am also in the habit of running DISM commands including RestoreHealth on occasion (E.g., once every 3-6 months) which also comes up clean.

    I am not running any dodgy software (I.e., cracks) and do not intend on doing so.

    Here is a link to the video I made in OBS showing the results:

    https://mega.nz/#!q1YXnKRC!8gTMwksk8...HlAWdXf-I8Q1h0

    The computer seems to be working fine and all scans I run come up clean whether it be sfc /scannow, DISM, Windows Defender, MalwareBytes, ESET Online Scanner, Trend Micro Housecall and so on.

    I am taking a guess and hoping that these are all false positives(?) at the moment but am not sure and it seems like an awful lot of default Microsoft .exe's being reported - after opinions and/or advice - should I be concerned?

    Thanks.
      My Computer


  2. Posts : 1,952
    Windows 10
       #2

    Basically just rubbish detection engine and/or pointless user rating.

    I would only take any notice of the more well known detection engines.
      My Computer


  3. Posts : 4
    Windows 10 Pro Retail
    Thread Starter
       #3

    That's what I was thinking but then I searched Trapmine at least and they seem to have a reasonable rep, that is, Enterprise-Level and Info Security Products Guide Global Excellence Bronze award - whatever that means.

    ATM I'm of the same opinion taking more note of the better known detection engines and as stated in my first post am seeing these as false positives.

    Besides all of that, I only installed Win 10 Pro about 3 months back now - I downloaded the .iso using the Media Creation Tool to ensure latest version, extracted the content and created an ei.cfg file placing it in the sources directory so as to force Retail Pro and Product Key prompt and hence bypassing Windows 10 Home activation to start as I have a Windows 8.1 Standard embedded BIOS.

    Not saying I have a completely secure system but I'm fairly vigilant - thanks very much for the second opinion Helmut - appreciate it.
      My Computer

  4. Callender's Avatar
    Posts : 4,047
    N/A
       #4

    I see this:

    VirusTotal is Flagging Windows .exe's-processes.jpg

    VirusTotal is Flagging Windows .exe's-vt.jpg

    So nothing to worry about. Files scan clean with onboard AV and secondary Anti-Malware programs.
      My Computer


  5. Posts : 4
    Windows 10 Pro Retail
    Thread Starter
       #5

    Thanks again for another opinion Callender.

    I might even take a look at UVK at some stage - if I'm not mistaken I have seen Britec09 from YT using this in one his vids. It would have been a fair whiles back and I'm sure an earlier version but might DL and see how it looks.

    In the meantime I'll stress less about the detection's and I'll stick to my current routine with Defender, MalwareBytes and some on demand scanners like Eset Online Scanner.

    Currently investigating the usage of the free version of Nessus to check for any vulnerabilities as well - might be a bit of overkill for a home network but you never know I guess. What I do know is that scans with Nessus are pretty invasive, and after running a couple I have managed to make my router crap out on both occasions but I scanned the whole /24. My next plan is to run it over only the LAN IP range of the 19 devices I have connected and leave the router and the Fingbox connected to it out of the equation and see how I go with that.

    Thanks for the reply.
      My Computer


 

  Related Discussions
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd
All times are GMT -5. The time now is 06:54.
Find Us




Windows 10 Forums