No.*
It needs to be run to execute any code, and then it needs administrative access (Default on XP and lower, UAC requires you to hit an accept button) to get deep into your system. And scanning doesn't execute the code, it just reads it and matches heuristics.



*There are automatic execution scripts, but that's usually done through a site that has an exploit that has been compromised and even then the code is still being run.

 

I only have Avira free. I seriously can't afford to buy a good one.

Lol, I could torrent it, but nah... Not safe.

 

There are unfortuantely ways that a file can potentially infect your computer even if you don't execute it directly. Though the way those work assumes you don't have a fully patched system. One way was that selecting the file caused Explorer to scan it, which triggered the virus. I also recall that right clicking to get context on the file was also another vector. Though I'm not sure how much in the wild these kinds of exploits are, and they aren't valid if your system is up to date as well.

My suggestion is to do what I do, download stuff to a sandboxed VM. Scan before install, install, then scan again. Doesn't guarantee you won't get infected but does give you some protection. Always keep your AV and system up to date as well to ensure you aren't vulnerable to older shell based exploits.

 

I have TinyXP. Maybe I should try downloading files onto that.

 

It's as good as any 'consumer' grade AV/firewall, which is to say it's not that great in terms of performance. Consumer level AV stuff are in general resource hogs and are pretty slow. If you can't get your hands on any corporate versions of popular AV software, then MS Essentials is just as good as any other free AV. Just don't expect too much from it.

 

You can use the free version of Sun's VirtualBox. Works fine in XP and has some basic snapshot functionality you can use to roll back anything you feel went 'bad'.

 

I personally think MSE is worse than Avira Free...
It's definitely lighter on resources, but it missed a few files I knew were infected (as in ACTUALLY infected and not just false positives).

Also, Eugene Kaspersky is a prick (I wish I still had the article).

 

I think you're confused as to what some of these posters are referring to.

"Opening a file" is different from code execution. While the former generally leads to the latter, its a specific action which takes places on a user interaction level, rather than code execution which is a generic term which can refer to many things.

 

Sure... the data would be downloaded as that, but when the Torrent program checks the information it would most likely throw those parts out.
If it DIDN'T throw them out, good luck having it be injected so that it executes normally and doesn't just crash.

 

Because it's the most common way of sending virus'?
If you mean other executable files, then replace ".exe" with ".whatever".

I suppose you could try to get them into a video or a picture, but I think those rely more on player/viewer exploits than actual execution of code.