No, it is not.

Sounds like the "Steam" Bitcoin malware I've been hearing about.

http://steamcommunity.com/discussions/forum/1/35221584425122691/

By the user Tizaki:

The new "\AppData\Roaming\Steam\Reversed\steam.exe" BitCoin malware: How to detect and remove it
What is it?

There's some new malware going around that uses your GPU to mine for BitCoins. Even while idle, you'll see spikes around 90-95% in GPU usage. During games, this can be devastating and reduce your performance to almost nothing. In my case, League and TF2 were both dropping to around 30FPS thanks to VSync. Without VSync, they'd stutter horribly between 20 and 50. Another user claims to have been infected with it the same day I had: http://steamcommunity.com/discussions/forum/1/35221031685365357/

What does it do?

It somehow installs itself and mines for BitCoins. That's pretty much it. It's pretty easy to know when it's on your system because it's barely usable. I don't know how it gets there because I wasn't using the computer at the time of infection.

How do I find it and remove it?

Navigate to \AppData\Roaming\Steam\Reversed. Once there, delete it. It doesn't appear in msconfig as far as I can tell, so you'll have to manually remove it from the directory. Once removed, run a scan with free antimalware such as ComboFix or Norman Malware Cleaner or AVZ: http://support.kaspersky.com/common/service.aspx?el=1698#block2, and MBAM(uncheck pro trial): https://www.malwarebytes.org/mwb-download/. Heck, run all of them.

Edit: It also stores itself in your System32/Tasks folder: http://www.cyberforum.ru/viruses/thread1242413.html. You'll have to delete these as well to prevent it from updating and re-installing if your scan doesn't catch these.

More information, translated from russian: http://www.google.com/translate?hl=en&sl=ru&tl=en&u=http%3A%2F%2Fpchelpforum.ru%2Ff26%2Ft140072%2F&sandbox=1

引用自 Spawn of Totoro：

No, it is not.

Sounds like the fake "Steam" Bitcoin malware I've been hearing about.

There is also version.dat inside the WinRar folder

Which ones should I delete? The whole WinRar folder?

Any idea where I might have gotten it from?

I just turned on my computer and updated a few games, Path of Exile (done), and Warframe (in progress)

I had not installed any new software since before my previous on/off cycle so I am really confused.... is it known to be dormant for a while before activating itself?

It was asking to connect TCP to 5.61.33.146 which is in Germany

I updated my post with information another user game on how to remove it.

There are many ways to get it, so I couldn't say how you got infected.

Ok I see the additional info now... Thanks a lot Totoro you just saved me alot of trouble :)

Since it is not a actual WinRar folder, yes you can delete the whole thing. I had this stupid thing once before and it was under the exact same false folder. This thing caused Runtime R6025 Pure Virtual Function Call Errors and caused ultra bright light in some games with AAA turned all the way up, LOL, This thing is a real pain. It was also causing Max Payne 3 to run like crap on Ultra settings. And I knew something was wrong then when my old 650 Ti could almost max out Max Payne 3. I almost thought my V-Ram on my R9 270 was starting to fail until I had GPU-Z log my GPU functions and I noticed it still running at over 90% while running no game, So I looked in to see what file was doing it and that is how I found it. I am so sick of lazy xxxxxx leeching off people! Buy your own xxx hardware and ruin it and leave my stuff alone! You can slap my face and call me anything you want, But when you mess with my RIG you messed up big!

引用自 bla：

引用自 Spawn of Totoro：

No, it is not.

Sounds like the fake "Steam" Bitcoin malware I've been hearing about.

There is also version.dat inside the WinRar folder

Which ones should I delete? The whole WinRar folder?

Any idea where I might have gotten it from?

I just turned on my computer and updated a few games, Path of Exile (done), and Warframe (in progress)

I had not installed any new software since before my previous on/off cycle so I am really confused.... is it known to be dormant for a while before activating itself?

It was asking to connect TCP to 5.61.33.146 which is in Germany