Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Can I get infected


  • Please log in to reply
16 replies to this topic

#1 Virtumonde

Virtumonde

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:05:18 AM

Posted 21 January 2009 - 07:45 AM

Hello!

I have a question.
Can I get infected if I download a trojan .exe file and I dont run it?

Edited by Virtumonde, 21 January 2009 - 07:46 AM.


BC AdBot (Login to Remove)

 


#2 Animal

Animal

    Bleepin' Animinion


  • Site Admin
  • 34,563 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Where You Least Expect Me To Be
  • Local time:08:18 PM

Posted 21 January 2009 - 03:00 PM

The short answer is, yes. The term 'self extracting' comes to mind. :thumbsup:

The Internet is so big, so powerful and pointless that for some people it is a complete substitute for life.
Andrew Brown (1938-1994)


A learning experience is one of those things that say, "You know that thing you just did? Don't do that." Douglas Adams (1952-2001)


"Imagination is more important than knowledge. Knowledge is limited. Imagination circles the world." Albert Einstein (1879-1955)


Follow BleepingComputer on: Facebook | Twitter | Google+

#3 PropagandaPanda

PropagandaPanda


  • Malware Response Team
  • 10,433 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:18 PM

Posted 21 January 2009 - 03:34 PM

Hello.

I don't agree with Animal. Unless there is a command given to run the file, it cannot infect the computer.

With Regards,
The Panda

#4 Virtumonde

Virtumonde
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:05:18 AM

Posted 22 January 2009 - 01:00 AM

Ok, thanks.

#5 Virtumonde

Virtumonde
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:05:18 AM

Posted 22 January 2009 - 07:24 AM

But which answer is the right one?
Can someone else answer too

#6 Animal

Animal

    Bleepin' Animinion


  • Site Admin
  • 34,563 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Where You Least Expect Me To Be
  • Local time:08:18 PM

Posted 22 January 2009 - 11:20 AM

The way this particular question is asked, and without a little more specifics to the situation. I can see the possibility of both answers being correct under their, certain circumstances.

This is how I saw it. If you take the question literally. I think PP is correct. If you read into it, as I did, and the potential ways that .exe could be 'packaged' and downloaded, my answer has the potential to be correct.

The Internet is so big, so powerful and pointless that for some people it is a complete substitute for life.
Andrew Brown (1938-1994)


A learning experience is one of those things that say, "You know that thing you just did? Don't do that." Douglas Adams (1952-2001)


"Imagination is more important than knowledge. Knowledge is limited. Imagination circles the world." Albert Einstein (1879-1955)


Follow BleepingComputer on: Facebook | Twitter | Google+

#7 snowdrop

snowdrop

  • Members
  • 513 posts
  • OFFLINE
  •  
  • Local time:10:18 PM

Posted 22 January 2009 - 06:55 PM

Could you maybe explain a bit further?

Unless you are trying to infect a VM, are you maybe actually asking the question that you have knowingly downloaded a trojan exe and are not sure how to clean it

I recall MY AV program going crazy when I rather unwisely clicked on a trojan EXE on a google search ;surely your AV program will recognise and block the trojan exe?

#8 Platypus

Platypus

  • Moderator
  • 13,716 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Australia
  • Local time:01:18 PM

Posted 22 January 2009 - 08:54 PM

Both the animals ( :D ) are correct in particular circumstances.

An .EXE file must be run in order for code contained within it to do anything on the computer. While the file is in the process of being downloaded, it's a series of TCP/IP packets, once it is reassembled and exists only as a file stored on a hard drive, it's not being executed.

PropagandaPanda is right to say "Unless there is a command given to run the file, it cannot infect the computer."

But you asked "Can I get infected if I download a trojan .exe file and I dont run it?" Animal is right to answer yes, because something else could run it unknown to you.

The website you are downoading it from for example could have a watch on that file and run an applet to start the trojan.exe

As snowdrop says, whether the system gets "infected" depends on how it is protected.

Edited by Platypus, 22 January 2009 - 08:55 PM.

Top 5 things that never get done:

1.


#9 Virtumonde

Virtumonde
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:05:18 AM

Posted 23 January 2009 - 07:21 AM

Ok I explain.

So I download a trojan .exe file. (as an example its a backdoor) And its not a self-extracting. I dont run it.
Can I get infected by the backdoor?

But you asked "Can I get infected if I download a trojan .exe file and I dont run it?" Animal is right to answer yes, because something else could run it unknown to you.

But if I put the .exe in a .rar archive, the "something else" can't run it, right?

#10 PropagandaPanda

PropagandaPanda


  • Malware Response Team
  • 10,433 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:18 PM

Posted 23 January 2009 - 08:05 AM

Hello.

But if I put the .exe in a .rar archive, the "something else" can't run it, right?

Add a password to that, and it can't be run for sure.

With Regards,
The Panda

#11 xblindx

xblindx

  • Banned
  • 1,923 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:18 PM

Posted 23 January 2009 - 10:01 AM

Why would you knowingly install a trojan unless you are going to put it on a VM?

#12 extremeboy

extremeboy

  • Malware Response Team
  • 12,975 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:18 PM

Posted 23 January 2009 - 03:38 PM

Hello.

Why would you knowingly install a trojan unless you are going to put it on a VM?

This question refers to "if" he somehow gets or accidentally download a trojan file, will it infect his system if he doesn't run it. You wouldn't know if that file is a trojan do you? Some times AV can detect it but not always. My AVG sometimes does a bad job on detecting some threats (I won't go into details with that). That's usually how people get there system infected. Not because they deliberately download a malicious file and infect there system...

So I download a trojan .exe file. (as an example its a backdoor) And its not a self-extracting. I dont run it.
Can I get infected by the backdoor? But if I put the .exe in a .rar archive, the "something else" can't run it, right?

I always think of it this way, if you download a file and don't run it to let it install, then it cannot infect your system, but then as Animal have said self-extracting can be done. Yes, if you put in an archive it will be difficult to run it but I can't say it's impossible. Malware is so advanced that almost anything can happen. Putting a password as PP said will prevent that though.

With Regards,
Extremeboy
Note: Please do not PM me asking for help, instead please post it in the correct forum requesting for help. Help requests via the PM system will be ignored.

If I'm helping you and I don't reply within 48 hours please feel free to send me a PM.

The help you receive here is always free but if you wish to show your appreciation, you may wish to Posted Image.

#13 snowdrop

snowdrop

  • Members
  • 513 posts
  • OFFLINE
  •  
  • Local time:10:18 PM

Posted 24 January 2009 - 08:31 AM

Another , somewhat more unsavoury, aspect of this came to mind which I felt worth mentioning

although you would deliberately download a trojan exe to purpously infect a VM



however, having seen people with a malicious intent do it >>
another reason might be to pass on the infection to another person

BUT if you have an active and Real- Time working AV program it should surely warn you OF the download>>> and block it?

#14 Virtumonde

Virtumonde
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:05:18 AM

Posted 24 January 2009 - 11:12 AM

Thanks for the replies. But now I have a new question.
If there is a torrent, which infects your computer if you download it,
can you get infected by the .torrent file if you dont "run" it with a torrent client?

#15 Virtumonde

Virtumonde
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:05:18 AM

Posted 24 January 2009 - 02:06 PM

Also, can a rar or zip file infect my computer?

Edited by Virtumonde, 24 January 2009 - 02:07 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users