If you downloaded SCR …

On the guides pages that involve moving your database, I recommend that you download a small file SCR. It’s a very useful bit of code and one I have used for a while without problem. However … there is [not] a problem.
A routine scan by Spybot S&D showed this entry in the registry:

SC-KeyLog: Settings
HKEY_LOCAL_MACHINE\Software\SoftCentral

KeyLog … doesn’t look good eh ? I checked that it was in fact SCR doing this (this machine gets scanned at the very most weekly for malware). The Keylogger bit was worrying, but my firewall neither says that ‘scr.exe’ wanted to phone home nor that any processes had been changed since before it’s installation. To check this, I uninstalled the firewall, completely obliterated all settings then reinstalled – nothing asks to phone out that should not do. To further check, I posted about this to the newsgroup alt.privacy.spyware and a scan performed by someone there shows it is clean (while you could say I cannot trust that one person, what I can certainly trust is everyone else to make a noise should that poster be wrong). Additionally, while that file has been installed (it still is in fact), I have run adaware, avast and the Microsoft tool – nothing else reports a problem.
So, if you have SCR and when you run Spybot S&D it will show a problem. To the very best of my knowledge, it is a false positive, not a problem and nothing you should worry about.

2 September : Update – with the scr.exe file running as a process, I also ran the online scan from http://www.ewido.net and did a full system scan from their download file too. It too finds nothing.
As the author also makes and openly sells a Key-Logger program, I suspect that the Registry entry is a hangover from that rather than any malicious code.

3 thoughts on “If you downloaded SCR …

  1. Jotti Malware Scan Results:

    File: SCR.exe
    Status: OK
    MD5 0ccdf0d6ed549a2724b68f1dd3319397
    Packers detected: –
    Scanner results
    AntiVir Found nothing
    ArcaVir Found nothing
    Avast Found nothing
    AVG Antivirus Found nothing
    BitDefender Found nothing
    ClamAV Found nothing
    Dr.Web Found nothing
    F-Prot Antivirus Found nothing
    Fortinet Found nothing
    Kaspersky Anti-Virus Found nothing
    NOD32 Found nothing
    Norman Virus Control Found nothing
    UNA Found nothing
    VBA32 Found nothing

    Not conclusive, but then what is ?

Leave a Reply

Your email address will not be published. Required fields are marked *