Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Suspicious link asked to download .scr ...


  • Please log in to reply
4 replies to this topic

#1 ithinkimhacked

ithinkimhacked

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:12:21 AM

Posted 19 September 2014 - 04:38 PM

Of course I clicked no after I clicked the link and asked to download it, but is it possible for me to be infected by it regardless?

 

Is it alright if I post the link here so someone can examine it? It was a weird link that had the name "/picturejpg" and yes, there is no picture.jpg so when I clicked it and was asked to download a .scr file, I immediately clicked no.

 

I'm pretty much scared that I'm infected by malware.

 

I've cleaned my computer with Rkill, adwcleaner and currently running MBAM.

 

please help



BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,569 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:21 PM

Posted 19 September 2014 - 07:31 PM

Hello post those log for review if you'd like.

It is possible, not probable.

Post the link like this
your link
http://www.bleepingcomputer.com/forums/t/549068/suspicious-link-asked-to-download-scr/
Altered link
hXXp://www.bleepingcomputer.com/forums/t/549068/suspicious-link-asked-to-download-scr/
Change the 2 tt In http;// to HXXp
That makes the link unclick able and no one gets hurt.
 
 
Also run... ESET.
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

Edited by boopme, 19 September 2014 - 07:33 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 ithinkimhacked

ithinkimhacked
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:12:21 AM

Posted 22 September 2014 - 03:06 AM

i cant find the link anymore :/ i foudn no threats with ESET

 

heres from Rkill

 

Rkill 2.6.8 by Lawrence Abrams (Grinler)

http://www.bleepingcomputer.com/

Copyright 2008-2014 BleepingComputer.com

More Information about Rkill can be found at this link:

http://www.bleepingcomputer.com/forums/topic308364.html

 

Program started at: 09/19/2014 11:39:52 PM in x64 mode.

Windows Version: Windows 7 Ultimate Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* C:\Windows\System32\user32.dll : 1,008,640 : 02/17/2014 04:44 AM : 2c353b6ce0c8d03225caa2af33b68d79 [NoSig]

+-> C:\Windows\SysWOW64\user32.dll : 833,024 : 02/17/2014 04:44 AM : 861c4346f9281dc0380de72c8d55d6be [Pos Repl]

+-> C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll : 1,008,640 : 07/14/2009 03:41 AM : 72d7b3ea16946e8f0cf7458150031cc6 [Pos Repl]

+-> C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll : 1,008,128 : 11/20/2010 03:27 PM : fe70103391a64039a921dbfff9c7ab1b [Pos Repl]

+-> C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll : 833,024 : 07/14/2009 03:11 AM : e8b0ffc209e504cb7e79fc24e6c085f0 [Pos Repl]

+-> C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll : 833,024 : 11/20/2010 02:08 PM : 5e0db2d8b2750543cd2ebb9ea8e6cdd3 [Pos Repl]

 

Checking HOSTS File:

 

* No issues found.

 

Program finished at: 09/19/2014 11:44:17 PM

Execution time: 0 hours(s), 4 minute(s), and 25 seconds(s)


Edited by ithinkimhacked, 22 September 2014 - 03:08 AM.


#4 ithinkimhacked

ithinkimhacked
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:12:21 AM

Posted 23 September 2014 - 04:37 AM

hxxp://melt.li/Shot749jpg

 

heres the link, i put in hxxp



#5 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,569 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:21 PM

Posted 24 September 2014 - 09:47 AM

Yep, the image at that link is infected.. You did not get it though,,, I feel you are clear.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users