Photo.scr Virus


The number of the users negatively affected by Photo.scr is growing on a daily basis. That is why we have assembled the article below to thoroughly review this virus and give some advice about its removal. All you need to do is to go through the following paragraphs carefully to find out all you need to know about Trojans in general and this particular one here – Photo.scr Virus. 

Photo.scr Virus

The Photo.scr Virus might harm your computer systems elements.

The attached guide is here to assist you in dealing with this malware once and for all.

The Photo.scr Virus

The Photo.scr virus, is a member of the group of malicious programs responsible for the largest number of cyber infections recorded so far. This malware family is the one of the Trojans. In the paragraphs below we will share the most important details about them in general, such as ways of spreading, ways of acting and ways to remove them.

Why are these viruses given that common name?

In fact, the name “Trojan” comes from the Ancient Greek myth about the Trojan War. These programs are called the way they are, because of the way they normally act. They do so exactly as the wooden horse supposedly did in the city of Troy. All these viruses infect a system silently and ask for no permission (direct or indirect). Then they stay hidden, sometimes for a long time, until the right moment for them to act comes. After that, they perform whatever they have been programmed to perform on your PC. Usually their activities have destructive, corruptive and harassing nature.

What could such a virus be programmed to do on your computer?

These viruses are typically programmed to damage your system in some way. For instance, the hackers that create such malware might program it to delete files and format drives. In this way the victim user loses important data. Another possible usage Photo.scr might have is to keep track of all of the victim user’s personal information that they enter online. No password or account is safe in such a case. As a result of this virus’ activity you may end up broke and all your social media accounts might be hijacked, modified or used for dishonest activities by the hackers. Another awful thing that any Trojan might have been programmed to perform is to drain your system resources. Your computer might be turned into a bot and all its resources could be exploited by the hackers for distributing spam and other forms of malware. All of its potential usages are horrible and, honestly, you don’t want to become a victim of some of the aforementioned harassing activities.

Where could you come across a typical Trojan horse virus?

These malware versions have as many possible means of distribution as their potential purposes. You may get to know such a virus personally if you are not careful while handling your electronic mail. Any suspicious letter or strange attachments (even images and text documents) might be a source of Trojans. Also, the fake online advertisements, generated everywhere on the Internet, might redirect you to a place infected with malware and you may catch it instantly as a drive-by download. Another possible source is any illegal website, sharing movies, videos, software or other content (usually for free). Typically, Trojans could also come to you from non-genuine updates. So, be extremely careful when you agree to update your system. Take a look at the request and see whether it is exactly like the system-generated ones, because the difference between a fake and an original one could really be subtle and remain unnoticed.

What about prevention?

We advise you to develop some habits when it comes to browsing the web. The most useful piece of advice is to question everything on the Internet. Trust only a few software sources with a good reputation, for example. Open only letters from recognized senders and do not download any attachments in case none are expected. Stay away from every suspicious torrent, movie, web page or program. Luckily, we know what you should do to get rid of this program. Simply scroll down and take a look at our guide. We have assembled all the steps necessary for the successful removal of Photo.scr, but be sure to follow the instructions very closely to avoid deleting the wrong files.


Name Photo.scr
Type Trojan
Danger Level  High (Trojans are often used as a backdoor for Ransomware)
Symptoms This virus usually sneaks into your PC unnoticed and harms it in the same way – without giving a clue about its activities.
Distribution Method Everything on the web might be a possible source – fake ads, contagious emails, torrents, video and shareware-streaming pages.
Detection Tool

Keep in mind, SpyHunter’s malware detection tool is free. To remove the infection, you’ll need to purchase the full version.
More information about SpyHunter and steps to uninstall.

Remove Photo.scr Virus 

Photo.scr Virus

Some of the steps will likely require you to exit the page. Bookmark it for later reference.

Reboot in Safe Mode (use this guide if you don’t know how to do it).

Photo.scr Virus

Hold together the Start Key and R. Type appwiz.cpl –> OK.

Photo.scr Virus

You are now in the Control Panel. Look for suspicious entries. Uninstall it/them. If you see a screen like this when you click Uninstall, choose NO:

Photo.scr Virus

Type msconfig in the search field and hit enter. A window will pop-up:

Photo.scr Virus

Startup —> Uncheck entries that have “Unknown” as Manufacturer or otherwise look suspicious.

  • Remember this step – if you have reason to believe a bigger threat (like ransomware) is on your PC, check everything here.

Photo.scr Virus

Hold the Start Key and R –  copy + paste the following and click OK:

notepad %windir%/system32/Drivers/etc/hosts

A new file will open. If you are hacked, there will be a bunch of other IPs connected to you at the bottom. Look at the image below:

Photo.scr Virus

If there are suspicious IPs below “Localhost” – write to us in the comments.

Photo.scr Virus

Press CTRL + SHIFT + ESC simultaneously. Go to the Processes Tab. Try to determine which ones are a virus. Google them or ask us in the comments.


  • This step is very important, because you can catch other threats (like Ransomware and Spyware) while looking for the Adware process.

Right click on each of the virus processes separately and select Open File LocationEnd the process after you open the folder, then delete the directories you were sent to.

Photo.scr Virus

Type Regedit in the windows search field and press Enter.

Once inside, press CTRL and F together and type the virus’s Name. Right click and delete any entries you find with a similar name. If they don’t show this way, go manually to these directories and delete/uninstall them:

  • HKEY_CURRENT_USER—-Software—–Random Directory. It could be any one of them – ask us if you can’t discern which ones are malicious.
    HKEY_CURRENT_USER—-Software—Microsoft—-Windows—CurrentVersion—Run– Random
    HKEY_CURRENT_USER—-Software—Microsoft—Internet Explorer—-Main—- Random

Photo.scr Virus

If all the prior steps fail to help you or you have reason to believe your system is exposed to threats like Ransomware, we advise you to download a professional scanner and remover.

Remember to leave us a comment if you run into any trouble!


About the author


Maria K.

Leave a Comment