Hi Expert, I'll need help to define on certain behavioral on the screensaver.
I've submitted a screensaver.scr which flag by symantec as Trojan.
I believe because the .src will create folder and cache the .swf in that folder.
Kindly advise if such screensaver behavior is norm?
FYI, the screensaver was created by 3rd party vendor. As such we have to advice the recreation of the screensaver, if need be.
Symptoms
Presence of the following file(s):
%Temp%\scr
%Temp%\scr\screensavername.swf
Technical Description
When executed, the threat performs the following functions.
The following file(s) were created:
%Temp%\scr
%Temp%\scr\NTUC_01 20s_v7 B.swf
(19994b87d6f4baac3582959503dfd192)
The following folder(s) were created:
%Temp%\scr
The following mutex(es) were created:
MutexNPA_UnitVersioning_1452