Right click on infected file in Windows 10

0

I've right-clicked on a very-likely infected .jpg file in Windows 10.

I did it for running a virus scan with Avira (in the context-menu), and later I deleted it. Only after I realized that when a file is right-clicked it is "opened" somehow to get information about size, preview etc.

I hope I'm just paranoid :) , but I want to be sure since there are important data on that machine.

user1403546

Posted 2016-04-13T09:52:30.963

Reputation: 113

2

Possible duplicate of How can I remove malicious spyware, malware, adware, viruses, trojans or rootkits from my PC?

– DavidPostill – 2016-04-13T09:55:15.907

My question was specifically about right-click, which I don't see in the linked page :) – user1403546 – 2016-04-13T09:59:18.393

1And the linked question tells you how to remove viruses, if you're paranoid ;) – DavidPostill – 2016-04-13T10:12:39.577

There is no question. :D – Kamil Maciorowski – 2016-04-13T10:42:41.800

Your anti-virus software should take care of the file (real-time protection). The AV would scan it when you right-click the file and Preview it, and remove or quarantine the file if found infected.

Moreover, when right-clicking on the file, it doesn't get executed. Only the relevant context menu handlers load for that file class. So, as long as the real-time protection is enabled, no problem. – w32sh – 2016-04-13T11:20:19.863

All the Lovely faces (¬‿¬) – NetworkKingPin – 2016-04-14T11:05:19.687

Answers

1

There are 3 basic types of malware:

  1. Malware that exploits the user
  2. Malware that exploits bugs
  3. A combination of 1 and 2

Your type of malware is at least 2 or 3 so in order to actually do anything, it needs something to exploit.

The file is opened for reading and some code is executed parsing the file. Thus, in theory, if the virus exploits a bug in the file-opening or reading/parsing code, yes it could hijack that process without being actually run and do whatever it wants with the rights of the one who right-clicked it.
But this was probably not the only time the file was opened & read:

  • Your AV has hopefully scanned the file
  • Possibly Windows opened it to read some data it displays even without you right-clicking, such as some Exif-data or a thumbnail

But given that file reading and parsing are quite basic things that are even essential to AVs it's quite likely that most bugs are ironed-out of this part of the OS, otherwise your Virus would pretty much be the "Super-Virus" no AV could do anything against.

All in all I doubt that the virus is exploiting such a critical bug but more likely something more sophisticated and specific for JPG-display that's triggered when eg. rendering the file in program X.

larkey

Posted 2016-04-13T09:52:30.963

Reputation: 1 590

Asked: 2016-04-13T09:52:30.963

Viewed: 154 times

Active: 2016-04-14T11:00:39.903