Thank you for the replies.
Things are not looking great at the moment... I've just found out that some people's accounts (email and steam primarily) has been compromised because of this .scr files. One of the victims were my friend and apparently, he did the exactly the same thing: double clicked the .scr files and nothing happened. However, next day when he checked his computer, teamviewer was opened as well as his browser was opened with his email and steam accounts. More so, his items have been removed from his steam inventory which has been sold to another account.
I'm pretty scared at the moment as I don't when will the perpetrator get hands on my computer/accounts as well. For your information, we received the .scr files (two in zip file) via steam chat. The perpetrator linked the download (uploaded on dropbox.com) and we downloaded the file as we mistakenly thought it was a screenshot.
As a result, when I heard about the files in detail I immediately:
- Changed passwords for my main email, steam, paypal and bank account (these are the most important ones I could think of)
- My main browser is Firefox:
> Deleted saved passwords for all sites
> Deleted login details for all sites
That said, I've just scanned those .scr files by using those three sites and except for one, the rest came out clean.
VirusTotal showed one antivirus detecting the file as malicious as you can see from the screenshot http://imgur.com/zlwhhZR (I would prefer uploading it directly to here though its not letting me)
Really, I'm not sure what to do at this point. I'm pretty sure the small steps I took above will do nothing for the perpetrator to get access to my computer/important accounts.
I would really appreciate it if I could get full support for this case as I would like to get rid of this unknown malware as soon as possible before it's too late.
On the side note, I've found this thread http://www.bleepingcomputer.com/forums/t/511167/scr-virus/ which seems to apply for me as well so I followed all of the steps mentioned in that thread. I have the log files ready so please let me know if you want me to post the details in the next reply.
Also for ESET Online Scanner, I was around 75% finished scanning until the browser crashed and it stopped the scanning. Luckily, it already scanned C drive as I seriously doubt I have infected files stored in my other drivers which I use it mainly for storage (more so, I will almost always find malicious files on C drive). It was able to to find 18 infected items with 16 of them "cleaned". Unfortunately, it didn't give me a opportunity check the boxes and click finish. I've made a screenshot of if you want to see it in detail (http://imgur.com/NyVgKFE).
Edited by kanade, 26 January 2014 - 02:04 PM.