Is this really a virus?

[JP Schriefer 5,590]

Somedays ago I downloaded some things on STEX and everything works fine. Today I was doing a back up to my Plugins when Avast warning these three files in the red rectangle as virus. Seeing I downloaded them in 16/07 I know it's from here. Do you know if it is really a virus and I can delete it? Because they are .EXE files and the BATs I downloaded was not .EXE. And they are the same file as you can see, it's like if I had downloaded it three times, it's really strange.

 

  Edited July 22, 2014 by Cyclone Boom  
Topic moved (seeing as this is not directly about SC4).

[APSMS 1,892]

It might be a virus; your web browser should have a history of all downloads to your computer and their source.

 

I would verify the source and check where it was from and what it was supposed to be. In the meantime I'd send them to quarantine or the Recycle Bin until you know for sure, just to be safe.

[Cyclone Boom 16,852]

The prefix "IMG_xxxx" looks like the format of an image taken from a camera. Though I'd be very careful about this. Viruses can sometimes aim to make a file appear as another type, when it's clearly an application. Seeing as you have the Windows setting "hide extensions for known file types" enabled, it'd be hard to change the extension by accident.

Have you tried uploading it to VirusTotal? This will scan the file with multiple virus scanners to give a second opinion.

[MushyMushy 3,617]

Have you tried scanning your computer with a malware scanner? If the files were malware, then they'd most likely pop up during the scan - along with the option to delete them.

[A Nonny Moose 8,261]

Funny files should at least be quarantined until you can get more information.  A screen shot should simply be a PNG or BMP.  I would under no circumstances open them except under special circumstances off-line.

[Duke87 1,070]

They look inherently suspicious and if Avast says they are malicious I would believe it. If Avast has a built-in mechanism to remove such things, use that. Otherwise you can try deleting them manually although that may not completely or permanently remove any damage, depending on how nasty whatever you've got is.

 

If you know or can figure out which specific STEX files you downloaded that day, do please notify the STEX staff about it so they can investigate. If an offending file can be identified, it will be removed.

 

Meanwhile it is also possible that this is a symptom of something which you previously caught from elsewhere, that infected those files after they were downloaded. Note that they were last modified more than 15 hours after the other exe files you have in that folder. Did you download more stuff from the STEX at 2 PM on the 16th, or was it all the night of the 15th?

[meister1235 92]

Do you have a history of which files you downloaded on this day and which sites you visited, otherwise it's impossible to be 100% sure to find the cause.

[JP Schriefer 5,590]

Just clarifying,

 

I downloaded again all files from STEX I downloaded that day and no virus was found \o/, the virus was really in the same time I was on STEX (16 july, 14:07). The other files you saw in image are 'last modify' in 15 july because I just paste them there from my pen drive, I have them a long time.

So, I was checking the historic when I noticed that in the same time I was on STEX I was in a suspicious chat on Facebook, a random user (looks fake) sent me a message with a file in the chat, I didn't opened it, but I'm almost sure it saved on my computer automatically. The last folder I downloadede something was in Plugin folder so the virus installed there, I think that's the unique explanation for it then.

Ckecked in the site Cyclone Boom said and it says it's a dangerous file indeed.

Thank all of you for your attention

and sorry about the confusion

[Indiana Joe 1,750]

It's a good idea to turn off automatic downloads.  As in, the dialogue window should pop up and you manually name and save every file.  That way nothing sneaks in.

 

I also recommend Malwarebytes as a secondary anti-virus program.

[A Nonny Moose 8,261]

Couldn't agree more.  Nothing, but nothing, is automatic on my system when it comes to the Internet, not even emergency fixes.  If I don't control the process nothing gets on my machine.

[T Wrecks 10,209]

And I cannot stress often enough how important it is to deactivate the option "hide extension for known file types". I could slap every single person responsible for this stupid and dangerous default setting (!) to the moon and back a hundred times, and then some. This is nothing but an open invitation to all kinds of fraud, trickery, and computer crime, as is an automatic donwload function or any other kind of auto-run or auto-execution feature. Carefully avoiding these can be more important than an AV software because it prevents problems from occurring in the first place rather than trying to fix what has already happened.

[A Nonny Moose 8,261]

^ Well said, my (now) fine feathered dinosaur.  One of the things I like about Linux is the fact that anything in a file name after a dot is treated the same as the rest of the file name.  It is only some application software that is concerned with silly external "file types".  The system looks at the data, not at the name.

[JP Schriefer 5,590]

Actually I only active automatic download when I need files in STEX. By an unlucky last time that happened.

[A Nonny Moose 8,261]

Strange.  In any case, I hope you won't do any more automatic downloading.