Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


Opened a .scr file

  • Please log in to reply
2 replies to this topic

#1 MrNY


  • Members
  • 1 posts
  • Local time:10:46 PM

Posted 27 November 2017 - 11:52 PM

I received an .scr file via Skype inside a zip folder. I stupidly unzipped and opened it and at some point was prompted to log into Skype again. I tried to log in using my user name and password but it failed. My Skype account was taken over and they changed my password, added their email address to the account, and removed my email address. I ran a malware bytes scan and a Windows Defender scan. They both are saying everything is clean now. Do I need to worry that my PC is still infected? I'm really scared that their could be a sniffer recording all my keystrokes or something else bad still remaining on my PC. I really don't want to completely wipe my PC because I no longer have a lot of my software installation discs. I'm running Windows 7. How can I know if my computer is safe to use or not?

BC AdBot (Login to Remove)



#2 Unworn_Kilt


  • Members
  • 237 posts
  • Gender:Male
  • Location:Australia
  • Local time:01:46 PM

Posted 29 November 2017 - 03:44 AM

G'day and Welcome,



Please note: I am a Standard Member like you. I am NOT a Trained Malware Removal Expert. If you are worried by anything I suggest please speak to a Staff Member or Moderator. That said, I will do my best to assist you. I have been working on and with computers since the 1970s.



My apologies for the delay in getting to your Topic. Things get very busy around here!



There are a couple of options you have here:





Go to the Virus, Trojan, Spyware, and Malware Removal Logs Section and Follow the Instructions there. Be prepared to wait a quite a while as I know they are Extremely busy at present.





I'm happy to assist you as best I can.



Please bear in mind that the tools I'm permitted to use are not as extensive as those of the Experts. This is for your protection!



If you would like me to assist you, please follow the steps I will outline below. (You may wish to print them out for reference purposes.)


Please remember if you choose this option, if anything is unclear or you have any doubts or concerns, please message me before proceeding. Some of the terminology will likely be foreign to you. Take your time and don't stress. There should be very little that can cause problems if the instructions are followed. If you need help, please ask me. There is no such thing as a "silly question" when troubleshooting!!



For OPTION 2, please continue.........




To Start Off....



Please Download the Security Check Tool (by screen317) from:   HERE   & save it to your Desktop.


  • Right Click on SecurityCheck and Select "Run As Administrator." 
  • Follow the Prompts in the Black Box which will open on your screen.
  • When Security Check is complete, a Notepad Document should open Automatically, called Checkup.txt.
  • Please Copy and Paste the Contents of Checkup.txt into your Next Reply.


Please Note the Following:



If you receive an Unsupported Operating System Error, please Restart Windows and Security Check should Run Fine. Should a problem persist, please post back here and include any Error Messages or Other Information.


Security Check may require you to permit "Dig.exe" to access the internet. Please allow access through your Firewall/AV if necessary.


It is not uncommon for Security Check to generate "false positives" from  some Anti-Virus/Anti-Malware Programs. Please Ignore These If They Occur.







Please download a copy of a Tool called RKill(Courtesy of Grinler at Bleeping Computer) which is available at the links below:

(This program attempts to stop any running malware processes so other tools may function efficiently.)

Save it to your Desktop so you can easily locate it.


(If one won't run, download the other. Malware sometimes recognises RKill.exe and tries to interfere with it.)





RKill as iExplore.exe


  • As you're running Windows 7, you'll need to Right Click RKill and Select "Run As Administrator."
  • Soon after a Black Box will appear while RKill Runs. (This is normal.)
  • When the RKill has finished it will Open a Report in Notepad.
  • RKill will also save a copy of its log to your Desktop called "RKill.log"
  • After RKill has run successfully Don't Restart your computer until the other tools have run.
  • Please Copy and Paste the contents of the Report into your Next Reply.
  • If the RKill will not run in Normal Windows Mode, Restart in Safe Mode and Repeat the above Steps.





Please Ignore any warnings from about RKill containing Viruses or Trojans etc. If necessary, shut down or temporarily disable your Antivirus while RKill runs. Don't forget to Re-enable your Anti-Virus once RKill completes, unless I ask otherwise.



If RKill still won't run, please Post back here and advise me.(After trying both versions and Safe Mode.) Please note any Error messages or other useful information and Include it in your Reply.








Download AdwCleaner from Xplode. 


From here: AdwCleaner.exe


Save to your Desktop so you can easily locate it.



Double click on AdwCleaner.exe to run it.


  • Before starting Ensure you've Saved Anything You Have Open that you Wish to Keep!!
  • As you're running Windows 7 Right Click AdwCleaner.exe & select "Run As Administrator"
  • Please Click on the Tools Menu. There should be 2 Tabs; Options & Advanced.
  • In Options under Delete, Select Tracing Keys(Usually pre-selected,) and, under RESET select all Options on the Right Hand Side.
  • Do not select any other Options with Square Boxes.
  • There should be Options for Mode and Debug. You can leave these at their Defaults. Press OK.
  • Next, you should see Two main Buttons, Scan and Logfiles. Please Press Scan.
  • AdwCleaner will Start to Update the Database if required. This may take a little while.
  • The Progress Bar will gradually move to the right as the scan progresses. It can take a while.
  • Next you should receive a Popup Notification advising of the Scan Result.
  • Under the Popup there will be a Log. Please Copy and Paste the Contents into your next Reply.
  • Select any Items AdwCleaner may have found for Deletion, or, Deselect anything you may wish to keep.
  • Next, if required, Select Clean. This will require you to reboot the machine. Please do so.
  • Once the computer has rebooted, a second Log should appear. Please Paste into your Reply as well.
  • If you need to access Logs again, Open the Tool and Click the LogFiles Button. They are stored there.



The Logs can be a tad confusing at first. They all contain a number such as [S0] which is Log One. They are also accompanied by a date to the left side column. The lower the number in the square brackets, the earlier the Log. For example, I have Logs; AdwCleaner[S0].txt (Earliest) to AdwCleaner[S27].txt (Most Recent.) Double Click a Log to Open it.















Download a copy of EMSISoft Emergency Toolkit from here:  EMSISOFT EMERGENCY KIT  and Save it to your Desktop.



Once the Download is complete Right Click Setup.exe on Your Desktop to Start the Tool.



Follow the Instructions Here: EMSISOFT EMERGENCY KIT



  • Make sure you Update the Definitions.
  • Run a FULL SCAN.
  • Please Post the Scan Log in your Next Reply.




If you encounter any issues with any of these steps please advise me PRIOR TO PROCEEDING!



Good Luck!







Kilt.  :thumbup2: 



Please Note: If you do not hear back from me within 48 hours of posting a response, please send me a P.M.

Edited by Unworn_Kilt, 29 November 2017 - 03:46 AM.



I am only a Standard Member,  NOT a Trained Malware Removal Expert. If you have ANY concerns regarding any advice I may give, please contact a Member of Staff before making changes.





** Walk Softly and Carry a Big Stick **




#3 boopme


    To Insanity and Beyond

  • Global Moderator
  • 72,470 posts
  • Gender:Male
  • Location:NJ USA
  • Local time:11:46 PM

Posted 29 November 2017 - 10:50 AM

Hello, I feel it a bit extreme to run the Emergency Kit at this point.

  • Please download MiniToolBox, save it to your desktop and run it.
  • Checkmark the following checkboxes:
    • Flush DNS
    • Report IE Proxy Settings
    • Reset IE Proxy Settings
    • Report FF Proxy Settings
    • Reset FF Proxy Settings
    • List content of Hosts
    • List IP conf[iguration
    • List Winsock Entries
    • List last 10 Event Viewer log
    • List Installed Programs
    • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
  • Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool. Vista/Windows 7/8 users right-click and select Run As Administrator
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
And finally I'd like us to scan your machine with ESET OnlineScan:
  • It is recommended to turn off your antivirus program. Click on the E5rfZI9.png button to see which antivirus is currently enabled:
  • Turn off your antivirus program. See here how to do this.
  • Check the option beside: Enable detection of potentially unwanted applications.
  • Now click on Advanced Settings and make sure that the option Clean threats automatically is NOT checked, and select the following:
Enable detection of potentially unsafe applications
Enable detection of suspicious applications
Scan archives
Enable Anti-Stealth Technology
  • Click on the Change button and select only Operating memory, Autostart locations and drive C:\ to be scanned.
  • Push the dtoGjAL.png button.
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes a list of found threats will open automatically (if any malicious files are found).
  • Push thecRhRYZ8.png button and save the file to your desktop using a unique name, such as ESETScan.txt. Include the contents of this report in your next reply.
  • Push the 9IjfdXq.png button.
  • Check the box beside RHzfZB1.png to uninstall the application when closed.
  • Push Vc3btaC.png and the close the application clicking the X in upper right corner.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users