Join 3,438 readers in helping fund MetaFilter (Hide)


How Do You Deal With An .SCR File That's A Likely Virus?
May 24, 2009 3:12 PM   Subscribe

I downloaded a .scr file that was probably a virus. I was at least smart enough to trash the file instead of opening it, but is it likely that my computer is infected, anyway; that the file is executed merely by downloading it? (NOTE: This happened on a Macbook Pro.)

Tragicomically Stupid Aspect, Offered For Your Amusement, You Helpful Ones:

I just got out of a bad relationship, and this .scr file was from a very dumb, desperate and ill-conceived foray into craigslist casual encounters.
posted by ProfLinusPauling to Computers & Internet (9 answers total)
 
No. The .scr is a Windows screensaver and downloading is not going to infect your computer.
posted by rhizome at 3:13 PM on May 24, 2009


If you still have the file (maybe it's still in your trash), zip it up and send it to me. I'll analyze it on my sandbox and tell you what it is. (Unlikely it's really a virus or trojan, but without more information, it's hard to say). Contact info in my profile.
posted by mrbarrett.com at 3:15 PM on May 24, 2009


Mr. Barrett, I just emailed you the file. Thanks so much!
posted by ProfLinusPauling at 3:21 PM on May 24, 2009


While my virus scanners don't recognize this file, I am quite positive that it's a Win32 executable file. It cannot infect Mac OS X because it can't execute on Mac OS X. Consider yourself safe.
posted by mrbarrett.com at 4:13 PM on May 24, 2009


Assuming you aren't running Windows on your Macbook Pro, you could download as many viruses as you like and try as hard as you can to open them, nothing will happen. *

* Well... I wouldn't try too hard, since you might end up running it in VMware or Crossover Wine or something.
posted by floam at 5:20 PM on May 24, 2009


floam: Assuming you aren't running Windows on your Macbook Pro, you could download as many viruses as you like and try as hard as you can to open them, nothing will happen. *

* Well... I wouldn't try too hard, since you might end up running it in VMware or Crossover Wine or something.


This is preposterous; there are any number of viruses built especially for Apple computers, more every day, and because Apple is so very bad at security (chiefly because their guard is down) the likelihood that there will be a major outbreak increases constantly.
posted by koeselitz at 11:48 PM on May 24, 2009


more every day
Citation needed. There's yet to be a single virus that's actually spread any amount. If you could show me some examples of in the wild viruses that have actually spread, or the backing up the fact that there's actually new ones every day, I'll eat my hat.

And, I'd like to point out the whole security vs safety aspect. OS X may have less effective security than Vista does at the moment, but the fact is it's still safer to use.

Also I was specifically referring to Windows viruses like the one she was sent. They're harmless on anything that's not Windows.
posted by floam at 11:55 PM on May 24, 2009


"Every day" might be overstating it; but there was a Mac botnet uncovered earlier this year. And it's universally agreed amongst the types of people that like to hack into things that Macs are easier to hack. This means that it's really only a matter of time; and there are really no tools on a mac for fighting viruses, so the OP's concern is probably the best thing in the world for a Mac user. Hacking Macs is really a power trip, from what I can tell, for a lot of the malicious coders out there.

Also, he was sent a Windows file, but there's essentially no way on a Mac OS to tell if hidden code is exploiting a gap in the minimal security to run programs that are disguised (that is, there's nothing prevention expoits). So: hiding a Mac virus inside a Windows file would actually be a good idea, I think.
posted by koeselitz at 12:11 AM on May 25, 2009


I'm a big fan of uploading suspicious files to VirusTotal. They scan the file with multiple AV scanners and report the results.
posted by jbroome at 8:48 AM on May 25, 2009 [4 favorites]


« Older What is your experience using ...   |  How did my internet connection... Newer »
This thread is closed to new comments.