If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|
Thread Tools | Rate Thread | Display Modes |
#1
|
|||
|
|||
SCR attack
Just a note about a current attack. I just got an email
with an attached .SCR. No message. Screensaver! I'd forgotten those existed. I changed HKCR\.scr default value to "txtfile" and deleted HKCR\scrfile\ I don't know of any reason for screensavers to still exist. I certainly don't use them. |
Ads |
#2
|
|||
|
|||
SCR attack
"Mayayana" on Mon, 2 Dec 2019 15:59:49 -0500
typed in alt.windows7.general the following: Just a note about a current attack. I just got an email with an attached .SCR. No message. Screensaver! I'd forgotten those existed. I changed HKCR\.scr default value to "txtfile" and deleted HKCR\scrfile\ I don't know of any reason for screensavers to still exist. I certainly don't use them. You don't, but I'm sure that there are someones who still use them. Default, habit, "no reason" not too. -- pyotr filipivich Next month's Panel: Graft - Boon or blessing? |
#3
|
|||
|
|||
SCR attack
On 12/2/19 2:25 PM, pyotr filipivich wrote:
"Mayayana" on Mon, 2 Dec 2019 15:59:49 -0500 typed in alt.windows7.general the following: Just a note about a current attack. I just got an email with an attached .SCR. No message. Screensaver! I'd forgotten those existed. I changed HKCR\.scr default value to "txtfile" and deleted HKCR\scrfile\ I don't know of any reason for screensavers to still exist. I certainly don't use them. You don't, but I'm sure that there are someones who still use them. Default, habit, "no reason" not too. I like the slideshow! I downloaded some fantastic (to me) wall papers, and I've got good monitors. :-) -- Ken MacOS 10.14.6 Firefox 70.0.1 Thunderbird 60.9 "My brain is like lightning, a quick flash and it's gone!" |
#4
|
|||
|
|||
SCR attack
Mayayana wrote:
Just a note about a current attack. I just got an email with an attached .SCR. No message. Screensaver! I'd forgotten those existed. I changed HKCR\.scr default value to "txtfile" and deleted HKCR\scrfile\ I don't know of any reason for screensavers to still exist. I certainly don't use them. Did you scan it on virustotal for fun ? Paul |
#5
|
|||
|
|||
SCR attack
In message , Ken Springer
writes: On 12/2/19 2:25 PM, pyotr filipivich wrote: "Mayayana" on Mon, 2 Dec 2019 15:59:49 -0500 typed in alt.windows7.general the following: [] I don't know of any reason for screensavers to still exist. I certainly don't use them. Certainly, the common reason - inherent in the name - went with CRTs; I think an LCD _can_ develop burnin if driven hard for a _long_ time, but it's a very minor effect. (I suspect plasma displays are more susceptible, but I don't think many people use those now, outside sports stadia and CSI.) You don't, but I'm sure that there are someones who still use them. Default, habit, "no reason" not too. I like the slideshow! I downloaded some fantastic (to me) wall papers, and I've got good monitors. :-) And people like the animations; some are quite works of art. Not to mention spending time teapot-spotting when you were supposed to be working! Until the spoilsports at Microsoft took them out, I think between '9x and XP. A lot of the older 'savers wouldn't work on each new version of Windows (and I don't think it was just 16/32/64 bitness). I did have a utility that made them still work - I think it made '9x ones work under XP - but I haven't bothered looking for similar for 7. 7 does still come with 7 savers, but I'm not aware of anyone writing extra ones, either free or paid. (Yes, people used to actually pay for them!) -- J. P. Gilliver. UMRA: 1960/1985 MB++G()AL-IS-Ch++(p)Ar@T+H+Sh0!:`)DNAf If something works, thank an engineer. (Reported seen on a bumper sticker.) |
#6
|
|||
|
|||
SCR attack
On 12/2/2019 4:25 PM, pyotr filipivich wrote:
"Mayayana" on Mon, 2 Dec 2019 15:59:49 -0500 typed in alt.windows7.general the following: Just a note about a current attack. I just got an email with an attached .SCR. No message. Screensaver! I'd forgotten those existed. I changed HKCR\.scr default value to "txtfile" and deleted HKCR\scrfile\ I don't know of any reason for screensavers to still exist. I certainly don't use them. You don't, but I'm sure that there are someones who still use them. Default, habit, "no reason" not too. There is no need to download a screen saver program, as a screen saver is part of Windows 10 Personnalization Background one of three choices in that window. I use to use a screen saver when I would leave my desktop on for extended periods. Because of life changes, I turn it off when not in use. I have always used my own pictures for wall paper. When I get tired of the wall paper, I look at my old pictures and change to something else. When we go some where like a vacation I always am thinking of what would make goood wallpaper when I am taking photos. |
#7
|
|||
|
|||
SCR attack
Mayayana wrote:
Just a note about a current attack. I just got an email with an attached .SCR. No message. Screensaver! I'd forgotten those existed. I changed HKCR\.scr default value to "txtfile" and deleted HKCR\scrfile\ I don't know of any reason for screensavers to still exist. I certainly don't use them. How many users lock their computer before leaving it powered? A screensaver can be configured to lock the workstation after an idle timeout. A password is required to exit the screensaver. No need to go through a power cycle. Protects against forgetful users that walk away from their active sessions. Yes, users could hit Win+L to lock their session before they walk away, but few do. Think of it as a delayed automatic lock on your house or car door. Still affords some protection, and is better than no protection. If you are far from the monitor but can still see the monitor, it is unlikely that anything displayed on it has any value. You'll be too far away to see your Calendar, Word, Outlook, web browser, or other program and its content. But a large clock display that can be seen across the room still has the computer afford something of value to you when you're not at the computer. Just because you have done so, the screensaver generates an event on which scheduled events can trigger. That is, when the screensaver fires, and event gets recorded. You can define an event in Task Scheduler to fire on that event. For example, I don't like being awakened during the night by sounds made by my computer, like for new e-mails. When the screen lock occurs, my Task Scheduler event will mute the speakers. That way, I'm not interrupted while sleeping. Yes, I could schedule when the speakers get muted, but that assumes I'm an automotron that keeps fixed hours of waking and sleeping. No, my hours vary all over the place. The only way to know that I haven't been using the computer for awhile is by the screensaver's idle timeout whereupon the speakers get muted. I have another Task Scheduler event that watches for the unlock event to unmute the speakers. I don't have to remember to mute the speakers before walking away, nor have to remember to unmute them upon my return. Oh, by the way, burn in was a problem with CRTs, but it did not completely disappear with LCDs. It just became longer before burn-in got effected on an LCD monitor. https://en.wikipedia.org/wiki/Screen..._OLED_displays https://www.techhive.com/article/314...d-display.html https://lifehacker.com/is-burn-in-st...nitors-5982108 https://lifehacker.com/remove-lcd-image-burn-in-146469 I've seen temporary burn-in with LCD monitors. You see the ghost for awhile, but it fades over time, like hours or days. Remember that the twisting of the lens (polarizer) for a pixel is a mechanical stress. There's memory to that mechanical stress. This is why I may use a clock for the screensaver, but the clock moves around. Perhaps most users like to have light shining in their eyes. I can't see how it is comfortable to have a flashlight in your eyes all the time. I prefer dark themes. The light theme is traditional based on paper books that had black ink on white paper (cheaper cost for ink, and white paper is cheaper to produce than black). So monitors emulated the contrast used by books, yet most documents or window are whitespace which means light shone into your eyes. I find dark themes more relaxing on my eyes, and I will more likely see ghosting than someone using a light theme. I use a dark theme on my desktops, laptops, and smartphones. Not all apps obey the OS configured theme, so you have to check if they have their own dark theme, or if you can configure their colors. CRTs had a burn-in problem because they used a chemical (phosphor) to produce light. LCDs don't have burn-in, but they can be afflicted with image persistence. |
#8
|
|||
|
|||
SCR attack
Mayayana wrote:
Just a note about a current attack. I just got an email with an attached .SCR. No message. Screensaver! I'd forgotten those existed. I changed HKCR\.scr default value to "txtfile" and deleted HKCR\scrfile\ I don't know of any reason for screensavers to still exist. I certainly don't use them. An .scr is an executable file, just like an .exe file. A screensaver file contains executable code. The only reason .scr was used as a filetype was to allow Windows to search on that extension and presented is a candidate screen saver program. As such, your e-mail client, if properly configured, should have blocked the dangerous .scr attachment, or any other executable attachment. A .scr file is a program aka app[lication]. As I recall, MS Outlook used the registry to list which extensions were dangerous. Other e-mail client should still have a similar feature (integral, ini file, or registry entries) to denote which extensions (level 1) for attachments it considers unsafe. No one has been able to send me an .exe or .scr file for a long time, like decades. Hell, the e-mail provider should already do the blocking (and, if so, afford an override option). Some users think a black (blank) screensaver consumes less power than an all-white screensaver. They don't know how LCDs work. All all-black screensaver consumes an itty bitty more power than an all-white screensaver, because of the lack of having to apply power to twist the polarizer to block the light from the LED. The backlamp is always on. Whether you see it for a pixel depends on whether or not the polarizer is energized. An energized polarizer consumes more power than a relaxed polarizer. Lots of users like to use their computers for entertainment. Many screensavers are for entertainment. Instead of, say, playing a video game, they want to watch a fireplace, aquarium, a light show, or flip through a bunch of pictures (slideshow). After all, there are TONS of tweaks to Windows that having absolutely nothing to do with using the OS, but are for personalization (i.e., fluff). Screensavers, for those users, would become worthless when wallpapers also become worthless. |
#9
|
|||
|
|||
SCR attack
On 2019-12-02 17:34, VanguardLH wrote:
I don't know of any reason for screensavers to still exist. I certainly don't use them. How many users lock their computer before leaving it powered? A screensaver can be configured to lock the workstation after an idle timeout. Vanguard has a point. And it is also part of by PCI (Payment Card Industry) requirements SAQ-C 8.1.8 If a session has been idle for more than 15 minutes, are users required to re-authenticate (for example, re-enter the password) to re-activate the terminal or session? A "no" fails you. I set the screensaver to 10 minutes with a five minute grace period before re-authenticate. That way when the customer sees the screen saver come on, he can wiggle the mouse and not have to re-authenticate if he gets to it quick enough. It cuts down on the frustration. Anyone who wants the directions on how to set up a grace period, ping me on the subject line. And on regular customers, I set up the screensavers because they JUST LIKE IT. It feels like it is "their" computer after they get to see endless pictures of their kids/grand kids and/or their cars. Me? Mine are endless pictures of trout. Now that feels like it is MY computer (that and I build it with my own two hands.) |
#10
|
|||
|
|||
SCR attack
On 2019-12-02 14:29, Ken Springer wrote:
I like the slideshow!Â* I downloaded some fantastic (to me) wall papers, andÂ*I'veÂ*gotÂ*goodÂ*monitors. :-) No trout? I am heart broken! Okay, maybe not .... |
#11
|
|||
|
|||
SCR attack
VanguardLH wrote:
Just because you have done so, ... Oops. Should be "Just becasue you have not done so, ..." ^^^ |
#12
|
|||
|
|||
SCR attack
"Paul" wrote
| Did you scan it on virustotal for fun ? | No. I saved it and converted the base-64 code, rather than open the email. I opened that in HxD, to see that it was an EXE. If I remember correctly screensavers are EXEs, anyway. Once I saw that I just deleted it. I don't think I've ever actually used a screensaver. These days I just put it on standby if I'm taking a break. |
#13
|
|||
|
|||
SCR attack
"VanguardLH" wrote
| How many users lock their computer before leaving it powered? A | screensaver can be configured to lock the workstation after an idle | timeout. News to me. I've never worked in an office or needed a computer anywhere but home. If I'm using it it's on. If I take a break it's on standby. Otherwise it's off. In none of those situations would a screensaver be relevant. I've also never had a computer configured to go into standby or activate a screensaver after a period of inactivity. I never used a screensaver with a CRT, either, but I didn't leave it turned on. There was no reason to do so. But I can see how it might be different if you're not at home. |
#14
|
|||
|
|||
SCR attack
On Mon, 2 Dec 2019 15:59:49 -0500, Mayayana wrote:
Just a note about a current attack. I just got an email with an attached .SCR. No message. Screensaver! I'd forgotten those existed. I changed HKCR\.scr default value to "txtfile" and deleted HKCR\scrfile\ I don't know of any reason for screensavers to still exist. I certainly don't use them. I'd suggest not associate it with `txtfile`, since by default, it will be opened using Notepad, and Notepad can be very slow when loading a binary file. If the file is about half MB or more, you'll just get a frozen Notepad - and you'll end up having to use Task Manager to terminate it. So, either remove the SCR file association, or associate it with a non existing program, or a program which simply display a message dialog saying that it's not allowed to be run. |
#15
|
|||
|
|||
SCR attack
JJ wrote:
remove the SCR file association Run "assoc .scr" in a command shell. Should point at the 'scrfile' handler. In the registry, it's the following key: HKEY_CLASSES_ROOT\scrfile under which the shell - open - command key says to load using: "%1" /S That means the .scr file is handled like an executable, passing the program to the command interpreter along with the /S switch. If you try to run the .scr like an .exe file (or rename .scr to .exe), nothing happens. The /S switch is needed. Do a find on .scr files in your Windows instance. One is mystify.scr. Copy elsewhere (e.g., C:\Temp). Open a command shell and navigate to C:\Temp. Run: mystify.scr /S and the screensaver runs ... just like any program. You could use "assoc .scr=" to remove the filetype association, but that won't prevent from running an .scr file as a program - which is what is an .scr screensaver file. Only because of a change in some later version of Windows that requires the /S command-line switch are users prevented from accidentally double-clicking on an .scr file to run it. I don't know which version of Windows added the /S requirement. file.scr Does nothing, or displays a list a settings dialog for the screensaver. file.scr /S Runs the code inside the .scr file. See more command-line switches at: https://en.wikipedia.org/wiki/Screen...rosoft_Windows. Because screensavers are executable code, old screensavers may not run because the WOW (Windows On Windows) emulator is missing. You cannot, for example, run 16-bit code on a 64-bit Windows. 32-bit Windows can run 32-bit apps, or 16-bit apps using the WOW32 emulator. 64-bit Windows can run 64-bit apps, or 32-bit apps using the WOW64 emulator. |
Thread Tools | |
Display Modes | Rate This Thread |
|
|