Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Steam .scr file hidden keylogger on pc?


  • Please log in to reply
2 replies to this topic

#1 flyingbananacar

flyingbananacar

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:09:52 PM

Posted 07 May 2015 - 05:27 PM

I got this message from a "friend" who added me about wanting to trade he sent me some link and out of my ignorant stupidity i clicked it and it downloaded i opened it thinking it was some screenshot since it had the whole .scr thing at the end and it basically exited me out of steam and brought out the Login screen (the steam log in screen looked slightly differant) by this time i figured it was some kind of key logger so i immediately uninstalled steam logged on my other PC changed my passwords for everything... about a minute after i think my internet went off for 30 secs and wondered why my antivirus or anti malware didn't picked it up till avast finally said it blocked a threat .

 

2iv1jy9.png

as soon as it was quarantined i just deleted it... But i'm still not sure if some kind of keylogger is hidden on this pc. i've ran malwarebytes avast spybot super antispyware none of them detected anything related.

 

i've followed discussions on this 

and tried using google on what the file name was not sure if it's the same thing though it seems so
https://malwr.com/analysis/NmEzZmYzZDI4NTIwNDU5ZTg4ZDRl...
http://www.reddit.com/r/pcmasterrace/comments/2m90a8/st..

 

i've read some comments saying it isn't a keylogger saying it directly controls your steam.exe program as it's running and trades the items from your account in an instant. I just reinstalled steam on the same pc and risked using the account again no items  were traded and no it hasn't loged me out of steam while i leave it on 24/7.  I don't want to have to reinstall windows and everything all over again but if it's the only way to be sure i will what do you guys think.

 



BC AdBot (Login to Remove)

 


#2 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:52 PM

Posted 07 May 2015 - 06:03 PM

Well, lets make sure you are not infected. :)

 

 

Download and run wipe  and system ninja,

 

https://privacyroot.com/software/www/en/wipe.php

https://singularlabs.com/software/system-ninja/

 

Then.....

 

Go ahead and install ccleaner Now that you have the program installed go ahead and run the cleaner function.

https://www.piriform.com/ccleaner/download
kwLN4uv.png


Now that you have cleaned out some temp files, lets go ahead and disable all of the items starting up with your machine except your antivirus. To do this you will need to click on tools then start up select each item then disable.

GjWwvEu.png

Now that you have disabled those un-needed start ups lets go into the settings, we will have Ccleaner run when your machine boots, so that you will never have to worry about cleaning temp files again.

To do this:

  • Hit options.
  • Settings.
  • Place a tick to run Ccleaner when the computer starts.


Lxioao1.png

Now go to the advanced tab, and select close program after cleaning, now run the cleaner again this will close Ccleaner.

SnqZ2JW.png

 

Reboot your machine and then follow the  instructions below.

 

Step 1: eScanAV.

 

Disable your antivirus prior to this scan.

http://www.bleepingcomputer.com/forums/t/114351/how-to-temporarily-disable-your-anti-virus-firewall-and-anti-malware-programs/

Download the eScanAV Anti-Virus Toolkit (MWAV)
http://www.escanav.com/english/content/products/downloadlink/downloadcounter.asp?pcode=MWAV&src=english_dwn&type=alter

 

Source

http://www.escanav.com/english/content/products/downloadlink/downloadproduct.asp?pcode=MWAV
Save the file to your desktop.
Right click run as administrator.
A new icon will appear on your desktop.
Right click run as administrator on new icon.
Click on the update tab.
ZCDJtZN.png
Once you have updated the program, make sure the settings are the same as the picture below.
7DUFn5c.png
Once you have made sure the settings match the picture, hit the Scan & Clean button.
Upon scan completion, click View Log.
ApSVXsQ.png
Copy and paste entire log into your next reply.
Note: Reboot if needed to remove infections.

 

Step 2: Zemana

 

Run a full scan with Zemana antimalware.

http://www.zemana.us/product/zemana-antimalware/default.aspx

Install and select deep scan.

jdmyscF.jpg

Remove any infections found.

Then click on the icon in the pic below.

DOLGyto.jpg

Double click on the scan log, copy and paste here in your reply.

 

 

Step 3: Junkware Removal Tool.
 
Please download Junkware Removal Tool and save it on your desktop.

Source

http://thisisudax.org/

  • Shut down your anti-virus, anti-spyware, and firewall software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or Windows 7, right-click it and select Run as administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log is saved to your desktop and will automatically open.
  • Please post the JRT log.

Step 4: Adware Cleaner.
 
Please download AdwCleaner by Xplode onto your desktop.


  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Scan button.
  • When the scan has finished click on Clean button.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.


#3 hamluis

hamluis

    Moderator


  • Moderator
  • 55,883 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:09:52 PM

Posted 09 May 2015 - 07:48 AM

Same topic is posted on several other forums, see Google .

 

Posting a topic on several different forums involving malware...is probably not going to end successfully, since the techniques, tools used, and suggestions may conflict, IMO.

 

Louis






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users