can a virus execute by itself?

9

1

is there any type of viruses can execute by itself after download then on the HDD without clicking on it??

if there is ..... can you refer me to any sites about them?

Eyla

Posted 2009-12-24T07:28:24.680

Reputation:

Answers

14

I think it's more accurate to say 'a virus can't execute itself, unless it has the cooperation of the Operating System and/or software bugs and/or the user.

If the OS allows files to be executed automatically because of their name or location (for example an email attachment) then a virus can masquerade as a legitimate file and be executed by the OS without user intervention. This used to be the default behaviour in early email clients.

Also, if the OS or specific software has errors that a virus can exploit to run its code, then a virus can start itself.

But users are most often the means for a file to be executed. I was surprised recently when a work-colleage told me she thought her computer had a virus after she opened an attachment in an email from a complete stranger. I thought she would have known better.

pavium

Posted 2009-12-24T07:28:24.680

Reputation: 5 956

Especially when I recognise that name. Thanks for your help. – pavium – 2009-12-24T10:31:18.420

2

The closest example I can think of was the W32.Nimda virus.

One of its prorogation methods was via open windows file shares. From memory, it copied itself as an .eml file to open network shares.

I can't remember the exact details, (and can't find a link in the time I have), but from memory, the file needed very little interaction via Windows Explorer for the code to be executed on the target computer. (I seem to recall just having the file displayed in Windows Explorer was enough for the code to execute).

Bryan

Posted 2009-12-24T07:28:24.680

Reputation: 1 563

offhand, i'd guess that it was taking advantage of Win Explorer's preview functionality for that filetype. – quack quixote – 2009-12-24T09:39:13.970

2Yes, as per Pavium's answer, the weakness has to exist either in the operating system or running applications. I remember that an attempt to right click and delete a nimda .eml file was certainly enough to execute the code. – Bryan – 2009-12-24T09:42:00.500

1

Yes, in the context of the browser, since unintentionally you're executing the page without clicking on anything. Such viruses are capable of downloading themselves to your hard disk without your cooperation.

The propagation vector here can be JavaScript, Java, ActiveX, Flash and other plugins. Many such attacks are carried out through cross-site scripting.

You can find lots of information about Web attacks on the site of the popular Firefox extension NoScript.

harrymc

Posted 2009-12-24T07:28:24.680

Reputation: 306 093

You don't know what you're talking about. JavaScript in browsers doesn't have permissions to write on your disk. Java and ActiveX need your approval to execute and Flash is considered deprecated nowadays. – m93a – 2016-09-08T11:52:27.387

@m93a: I don't think you know enough about the subject to give this remark. JavaScript is a well-known propagation vector. – harrymc – 2016-09-08T13:40:36.577

OK, after reading more I have to agree that μTorrent's localhost server had a severe security issue, which allowed downloading files without the user noticing. However this bug could be used just with the <img> element – without any JavaScript. But no JavaScript code can access the disk by itself without user cooperation. And exploiting settings to localhost is a bad bad idea!

– m93a – 2016-09-08T20:47:50.747

0

Yes there is something called Silent Java drive by (SJDB) that can download and install a virus when you just visit a web page !

You can protect your self from this attack by not installing Java environment or by running the browser sand-boxed.

Alexander

Posted 2009-12-24T07:28:24.680

Reputation: 1

-2

I'm unsure ofwhat definitions are standards, but from my limited school level training - no, they cannot by definition. Viruses specifically require the user to run them.

Worms, however, can and do run on their own. And they can do whatever the hacker has managed to do. Whether or not thy can corrupt OS files depends on what vulnerabilities the hacker finds.

Any antivirus maker should have information about them, here are a few (if you think you are infected, please scan your computer)

http://www.eset.com/onlinescan/

http://free.avg.com/gb-en/homepage

http://www.avira.com/en/pages/index.php

http://www.kaspersky.co.uk/kaspersky_anti-virus

..amongst many, many others.

Make sure your O/S is up-to-date, and then you are more or less as protected as you will reliably be without taking extreme measures.

Dmatig

Posted 2009-12-24T07:28:24.680

Reputation: 1 622

Why are you voting negatively to this answer? @Dmatig is absolutely right. Virus needs the user intervention, if no, they are not virus, they are "other different thing". Check the definitions! – OscarAkaElvis – 2016-12-19T14:28:39.303

1A worm does not always run on its own. And yes, a virus or worm can install itself without user intervention in case of software bugs or a stupid OS... – Arjan – 2009-12-24T09:29:47.200

3sadly, i think the distinction between viruses & worms is purely academic. they're all viruses to the uninformed. – quack quixote – 2009-12-24T09:53:10.150

1I guess I was wrong in my earlier comment: it's quite likely that a worm, by definition, executes itself (as part of its self-replicating) without any user intervention at all. – Arjan – 2009-12-24T11:05:20.190

@Arjan My understanding was that worms in some way are self-replicating/spreading. (Whereas "virus" usually refers to something that entrenches itself in only one system) – RJFalconer – 2010-01-12T19:09:53.110