Urgent Help Needed! .SCR virus?

[★ Coups ★]

So. I clicked a fishy link that I received on steam. I really need help!

 

I downloaded the file of screenshot or whatever the website is called. I never opened the file, and I think I have successfully removed it. I installed it but I cannot find it in my downloads or recycling bin when I cleaned it all out.

 

I thought it was fishy, but I was stupid and curiosity has fucked me over. His profile is private and he just left.

 

CzrC: Hey, we held a competition in the group HoxHud!!!
CzrC: You have been selected one of TEN random winners!!!
CzrC: Choose any 5 item from the list, on the screen

(The link he sent, dont be stupid with it like I was, also, moderators feel free to remove it if necisary)

http://prtnsr.pw/Qd72ui/

 

♈ Chicken Coup ♈: hmm.
♈ Chicken Coup ♈: Can I see your profile please?
♈ Chicken Coup ♈: Hello?
♈ Chicken Coup ♈: Its a virus isnt it?
I then abused "it". I cut that out.

 

 

 

 

I am also running a Mcafee virus scan. Also Mcafee realtime protection didnt pick it up

 

So, my question is; I never opened the file, just downloaded it but I dont know where it has saved to. and I cant open the file path of it from the firefox download menu. (I cleared that)

 

Let me know if you need more information!

 

I will change my steam stuff when I get the file removed or whatever.

Please help me guys!

[★ Coups ★]

Use Malwarebytes along with some better form of antivirus.  Mcafee is crap.

 

Mcafee is good. I have the premium one that we payed a lot for. It has kept me safe for a seriously long time, (Ever sinse I can remember)

 

Also, I did not open the file, I just cannot find where its saved.

[★ Coups ★]

It doesn't detect much, and has caused computers to crash since 2000.  If you wanna keep it, that's fine and your choice.  Personally, I prefer Malwarebytes and Kaspersky or Avast.  Use those 3 for the moment to see if any of them detect it.

 

Im running Malware Bytes and Macafee Scanner at the moment. Also, will Malywarebytes find this file?

[Joe11221]

Mcafee is good. I have the premium one that we payed a lot for. It has kept me safe for a seriously long time, (Ever sinse I can remember)

 

Also, I did not open the file, I just cannot find where its saved.

get norton. I downloaded the file and it instantly deleted it.

[★ Coups ★]

get norton. I downloaded the file and it instantly deleted it.

 

 

It doesn't detect much, and has caused computers to crash since 2000.  If you wanna keep it, that's fine and your choice.  Personally, I prefer Malwarebytes and Kaspersky or Avast.  Use those 3 for the moment to see if any of them detect it.

 

 

Use Malwarebytes along with some better form of antivirus.  Mcafee is crap.

 

 

 

Thanks for the suggestions guys, but I need to find the file location.

[★ Coups ★]

It's gunna hide in either system or system32 calling itself "WINLODR.SRC" if I remember correctly.

 

No items matched when I did CTRL + F in either system or System 32

[Ghostay]

So. I clicked a fishy link that I received on steam. I really need help!

 

I downloaded the file of screenshot or whatever the website is called. I never opened the file, and I think I have successfully removed it. I installed it but I cannot find it in my downloads or recycling bin when I cleaned it all out.

 

I thought it was fishy, but I was stupid and curiosity has fucked me over. His profile is private and he just left.

 

CzrC: Hey, we held a competition in the group HoxHud!!!

CzrC: You have been selected one of TEN random winners!!!

CzrC: Choose any 5 item from the list, on the screen

(The link he sent, dont be stupid with it like I was, also, moderators feel free to remove it if necisary)

http://prtnsr.pw/Qd72ui/

 

♈ Chicken Coup ♈: hmm.

♈ Chicken Coup ♈: Can I see your profile please?

♈ Chicken Coup ♈: Hello?

♈ Chicken Coup ♈: Its a virus isnt it?

I then abused "it". I cut that out.

 

 

 

 

I am also running a Mcafee virus scan. Also Mcafee realtime protection didnt pick it up

 

So, my question is; I never opened the file, just downloaded it but I dont know where it has saved to. and I cant open the file path of it from the firefox download menu. (I cleared that)

 

Let me know if you need more information!

 

I will change my steam stuff when I get the file removed or whatever.

Please help me guys!

Might be a good idea to prevent this, download https://www.mywot.com/ it is an amazing addon, nearly got scammed by some guy who accused me of aimbotting, said he'd submitted a report on the forum, stupid me clicked the link, and WOT stopped me. (In my defense, the only difference was a .co.uk instead of a .com from the actual forum.)

[★ Coups ★]

Might be a good idea to prevent this, download https://www.mywot.com/ it is an amazing addon, nearly got scammed by some guy who accused me of aimbotting, said he'd submitted a report on the forum, stupid me clicked the link, and WOT stopped me. (In my defense, the only difference was a .co.uk instead of a .com from the actual forum.)

 

I've already downloaded it so Its a bit late. Thanks anyway for the advice. I'll take that

 

But I need to find out of its doing anything

[★ Coups ★]

Try it in safe mode.  I heard it can cloak itself well in a normal boot.

 

But, that's where it is supposed to be...

 

I never opened the file, will it still do damage?

[FTPCraft]

You didn't open the file so it can't do any harm unless it has external help from the site itself using plugins or something similar. So i think you're save for now.  

[★ Coups ★]

You didn't open the file so it can't do any harm unless it has external help from the site itself using plugins or something similar. So i think you're save for now.  

 

Can anyone confirm this?

[★ Coups ★]

Delete it, and look for any form of fishy scr files.  Remember that not all scr files are viruses, though.

 

It's most likely not going to do anything if you didn't touch it past deleting it.  In most cases it's just a copy pasta form of cheap malicious code.

 

And, it can depending on the design, but it also might not if you just delete it.  It really depends on the skill and creativity of the asshole/s who made it.

 

 

I dont know if I deleted it tho. I cleared my downloads and recycling bin but I dont remember seeing it

[FTPCraft]

You know, if you can't find the file with a antivirus/malware program you can always do a fresh reinstall of windows. It might not be the perfect option (If you haven't backed up your files you will lose them) but it's waaaaayyyy better than getting personal information stolen.

[FTPCraft]

As the above poster said, if you're that concerned just reinstall windows after backing up your files.  It would be wherever you downloaded it too.  So, check that path.

 

You really shouldn't back up your files AFTER you get infected because those files might just be infected too. You might just carry over the virus to your fresh install. You absolutely have to be sure that your new install doesn't get infected too.

[★ Coups ★]

That depends on the virus, and what you've done.

Is there any way to know if its doing its thing?

[elpiop]

As long as you didn't open the file, I think you should be alright. The file should be detected by MBAM since they seem to be well aware of these sort of scams. You may want to read this: https://blog.malwarebytes.org/online-security/2014/09/steam-threats-what-they-are-and-what-you-can-do-to-protect-your-account/ or this https://blog.malwarebytes.org/fraud-scam/2014/11/rogue-scr-file-links-circulating-in-steam-chat/ for more info. 

[Stuff_]

https://www.virustotal.com/en/file/2634df5d46dab6fcdfa9a3ba533358ef23e28c9afe85311516af94acc871596e/analysis/

Do your analysis from there. 4 scanners detected something.