Help with malicious file download!

[Blu101]

Alright, my sister's e-mail got hacked (again ), but looked legit so I opened her e-mail and clicked on the link there, which took me to another site that was blank, but immediately upon entering the site, a file called "supor....exe" or something was downloaded into the Downloads folder. I immediately sent it to trash and cleared the trash. Should I be worried? Are downloaded files executable upon the download or while in the folder?

Opening the e-mail in my parent's PC, Microsoft Essentials blocked the download as "malicious".

I was using Safari. MBP works fine but I'm afraid it got infected with spy ware or key logger trojan or something.

 

[GGJstudios]

.exe files are Windows executable files and cannot run on Mac OS X.

Mac Virus/Malware Info

Are downloaded files executable upon the download or while in the folder?

Keep this box unchecked in Safari > Preferences > General:

​

 

[appleguy123]

exe files will do nothing to a Mac. I'd say that you're pretty safe.

 

[spinnerlys]

.exe files can not run on Mac OS X as they are Windows executables, thus no harm can be done to Mac OS X.

 

[Blu101]

phew just a pc flashback

 

[Blu101]

Keep this box unchecked in Safari > Preferences > General:

View attachment 257927​

Hi,

I'm revisiting this issue to see if there's any way I can improve security with Safari.

I'll check this check box to make sure it's off when I get home later, thanks for the tip.

Now, is there any way to have Safari stop any automatic download upon entering a site and prompt me first? How does Chrome work in this regard (I use both browsers)? Does Chrome also download automatically like Safari? If the download is malware, can it implant itself on my MBP just by being downloaded to the Downloads folder? Or am I safe by deleting it without ever opening it from the Downloads folder?

And the million dollar question - I've read here that OS X doesn't have an autorun feature like Windows, is this true and does it mean that even when something gets downloaded to the Downloads folder, it will not automatically open or run without my permission (100% of the time - failsafe)?

 

[MisterMe]

....

I'll check this check box to make sure it's off when I get home later, thanks for the tip.

...

In Mac parlance, a "safe" file is a file that is not masquerading as something that it is not. All of the file types included in the list are data file types. They are not executable. Neither Safari not any other Mac application launch executable files upon the completion of a successful download. The only executables that can be launched by Mac internet applications are other applications that you installed previously.

 

[Blu101]

In Mac parlance, a "safe" file is a file that is not masquerading as something that it is not. All of the file types included in the list are data file types. They are not executable. Neither Safari not any other Mac application launch executable files upon the completion of a successful download. The only executables that can be launched by Mac internet applications are other applications that you installed previously.

Well, there was just some news the other day about some famous hacker from Russia that was retiring (supposedly, he's faked it before to go underground and get some heat off his back). I was reading about how he or someone else was working on a key logger than hid itself, or part of itself, however it worked, in a Word doc.

Either way, I just don't want something that's automatically downloaded to open without my say so. At least then I can only blame myself.

 

[Consultant]

Turn off Java and don't launch exe (if you got vmware etc) and you'l be fine.

 

[Blu101]

Turn off Java and don't launch exe (if you got vmware etc) and you'l be fine.

Both "java" and "javascript"?

Will that mess up some web pages?

 

[GGJstudios]

Both "java" and "javascript"?

Will that mess up some web pages?

No, just Java.

 

[MisterMe]

Well, there was just some news the other day about some famous hacker from Russia that was retiring (supposedly, he's faked it before to go underground and get some heat off his back). I was reading about how he or someone else was working on a key logger than hid itself, or part of itself, however it worked, in a Word doc.

...

If there were even the slightest chance that this malware could work on the Mac, then this site and others would have been inundated with cries that the End has come. MacOS X is susceptible to viruses after all. The fact that you are trying to recall a vague memory is tantamount to proof that there is nothing to it.

If such malware exists, then it certainly cannot run on Word 2008 because Word 2008 cannot execute VBA macros. Word 2004 can run VBA macros as can Word 2011. However, no VBA-based malware has ever been known to work on MacOS X. This is different than the case of Windows where VBA has the run of the system.

 

[tablo13]

Wirelessly posted (Mozilla/5.0 (iPod; U; CPU iPhone OS 4_1 like Mac OS X; en-us) AppleWebKit/532.9 (KHTML, like Gecko) Version/4.0.5 Mobile/8B117 Safari/6531.22.7)

Chrome automatically downloads too, but asks to "save" or "discard" for executable files.

 

[Blu101]

I'm liking the mac more every day