Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

can a virus infect a dvd rom if you don't write new files on it?


  • Please log in to reply
30 replies to this topic

#1 computerererer

computerererer

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Local time:04:21 AM

Posted 26 December 2013 - 12:21 AM

I had my files already backed up onto a dvd rom from a computer (computer no. 1) that had broken a year ago and which wouldn't stay on or more than 10 minutes.

 

I didn't bother actually transferrig the files onto the new computer (computer no.2) but would just use them from the dvd. As a result when that computer got a virus I had it in the cd-tray of the infected computer but didn't put anything new on it once the infection happened, but still used the files from dvd on the infected computer (computer no.2) for a while. Could the virus have written itself to the dvd automatically the same way viruses write themselves to usb drives and ipods? Can I safely use this DVD on my new clean computer(computer no.3)?


I also had the kaspersky boot scan on a dvd rom and used it on the infected computer to no avail. Can a writable dvd rom that has stuff on it safely be put into an infected computer and looked at and it's files used without being infected as long as you don't write new files on it? Or do I have to make a new bootable cd in case I need one again?

 

 



BC AdBot (Login to Remove)

 


#2 jonuk76

jonuk76

  • Members
  • 2,157 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Wales, UK
  • Local time:05:21 AM

Posted 26 December 2013 - 03:38 AM

Best practice would be to run a virus scan on the DVD to check for any infected files. Then you'll know. However I think if its been burnt in the manner of a write once dvd-r - i.e. a collection of files put together and burnt in one session, then it's unlikely to be infected with a virus if used on an infected computer. If it,s been prepared for packet writing - generally this means formatting a Dvd-rw so that you can use it in the same manner as any other disk drive, then a virus could infect that as it would be able in theory to overwrite files on the disk.

7sbvuf-6.png


#3 Cauthon

Cauthon

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:11:21 PM

Posted 26 December 2013 - 03:53 AM

Really interesting question. I would like to see a hardware solution to problems like that. I suspect that the answer to your question is that if the computer can write to the dvd then some viruses can, too. But if you had a manual switch to enable the drive to write, you could leave that disabled most of the time - especially at times like this. The minor inconvenience would be the lesser evil. Good luck:-)

#4 computerererer

computerererer
  • Topic Starter

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Local time:04:21 AM

Posted 26 December 2013 - 04:35 AM

Best practice would be to run a virus scan on the DVD to check for any infected files. Then you'll know. However I think if its been burnt in the manner of a write once dvd-r - i.e. a collection of files put together and burnt in one session, then it's unlikely to be infected with a virus if used on an infected computer. If it,s been prepared for packet writing - generally this means formatting a Dvd-rw so that you can use it in the same manner as any other disk drive, then a virus could infect that as it would be able in theory to overwrite files on the disk.

 

Really interesting question. I would like to see a hardware solution to problems like that. I suspect that the answer to your question is that if the computer can write to the dvd then some viruses can, too. But if you had a manual switch to enable the drive to write, you could leave that disabled most of the time - especially at times like this. The minor inconvenience would be the lesser evil. Good luck:-)

 

 

 

The problem is no antivirus could find anything on the infected computer. so a clean scan result for the DVD mightn't necessarily mean it's clean.

 

I knew I had something because I couldn't go on bleepingcomputer or antivirus software sites and my computer was slow. I tried literally every scanner there is but couldn't find anything at all. I tried all the rootkit scanners too and everything came up clean. That's why I decided I would just have to dump it and buy a new clean PC.

 

It is a multi session rewritable DVD so I suppose from what you're saying it isn't worth the risk?

 

I suppose documents and photographs could be printed from a new cheap computer and printer which could be thrown away afterwards (computer no.4) and then the pages couild be scanned to the clean one (computerno.3)?

 

Maybe the music could be recovered by line in recording using an mp3 player? Would that be safe?

 

Hypothetically , although very time consuming, I suppose you could transfer video files to VHS through your infected computer to your tv, and then back to digital from your tv to your clean computer?

 

I'm just thinking out loud here.


Edited by computerererer, 26 December 2013 - 04:58 AM.


#5 MichaelLynn

MichaelLynn

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:12:21 AM

Posted 26 December 2013 - 04:44 AM

 

Best practice would be to run a virus scan on the DVD to check for any infected files. Then you'll know. However I think if its been burnt in the manner of a write once dvd-r - i.e. a collection of files put together and burnt in one session, then it's unlikely to be infected with a virus if used on an infected computer. If it,s been prepared for packet writing - generally this means formatting a Dvd-rw so that you can use it in the same manner as any other disk drive, then a virus could infect that as it would be able in theory to overwrite files on the disk.

 

Really interesting question. I would like to see a hardware solution to problems like that. I suspect that the answer to your question is that if the computer can write to the dvd then some viruses can, too. But if you had a manual switch to enable the drive to write, you could leave that disabled most of the time - especially at times like this. The minor inconvenience would be the lesser evil. Good luck:-)

 

 

 

The problem is no antivirus could find anything on the infected computer. so a clean scan result for the DVD mightn't necessarily mean it's clean.

 

I knew I had something because I couldn't go on bleepingcomputer or antivirus software sites and my computer was slow. I tried literally every scanner there is but couldn't find anything at all. I tried all the rootkit scanners too and everything came up clean. That's why I decided I would just have to dump it and buy a new clean PC.

 

It is a multi session rewritable DVD so I suppose from what you're saying it isn't worth the risk?

 

Is mightn't a word?



#6 computerererer

computerererer
  • Topic Starter

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Local time:04:21 AM

Posted 26 December 2013 - 04:48 AM

 

 


 

Is mightn't a word?

 

 

According to the Cambridge online dictionary it is.


Edited by computerererer, 26 December 2013 - 04:56 AM.


#7 jonuk76

jonuk76

  • Members
  • 2,157 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Wales, UK
  • Local time:05:21 AM

Posted 26 December 2013 - 12:14 PM

 

Best practice would be to run a virus scan on the DVD to check for any infected files. Then you'll know. However I think if its been burnt in the manner of a write once dvd-r - i.e. a collection of files put together and burnt in one session, then it's unlikely to be infected with a virus if used on an infected computer. If it,s been prepared for packet writing - generally this means formatting a Dvd-rw so that you can use it in the same manner as any other disk drive, then a virus could infect that as it would be able in theory to overwrite files on the disk.

 

Really interesting question. I would like to see a hardware solution to problems like that. I suspect that the answer to your question is that if the computer can write to the dvd then some viruses can, too. But if you had a manual switch to enable the drive to write, you could leave that disabled most of the time - especially at times like this. The minor inconvenience would be the lesser evil. Good luck:-)

 

 

 

The problem is no antivirus could find anything on the infected computer. so a clean scan result for the DVD mightn't necessarily mean it's clean.

 

I knew I had something because I couldn't go on bleepingcomputer or antivirus software sites and my computer was slow. I tried literally every scanner there is but couldn't find anything at all. I tried all the rootkit scanners too and everything came up clean. That's why I decided I would just have to dump it and buy a new clean PC.

 

So you've never actually diagnosed what was causing the problem then?

 

It is a multi session rewritable DVD so I suppose from what you're saying it isn't worth the risk?

 

If it's a disc that has been formatted as a live file system that you can use like a USB flash drive, then yes potentially a virus which spread by file infection (and not all malware spreads like that) could spread to the DVD, as it would possibly be seen as just another disk drive.  The difference between a live file system and mastered dvd's is explained here - http://windows.microsoft.com/en-gb/windows/format-cd-dvd#1TC=windows-7

 

I suppose documents and photographs could be printed from a new cheap computer and printer which could be thrown away afterwards (computer no.4) and then the pages couild be scanned to the clean one (computerno.3)?

 

Not without losing quality.  Photograph files would be most unlikely to be used as a way of installing malware, and while documents could be infected with malicious macro's, these should be detected by competent AV software.  Malware is far more likely to be in compressed archives (e.g. zip, rar, 7z files) or executable files (.exe, .pif, .scr and so on) than in photos or documents.  And no offence, buying a new computer only to throw out seems more than a bit paranoid and illogical.  I can't think of any reason why you would you need to "throw out" any computer because of malware!  Malware operates at the software level and does not permanently infect computer hardware.  In a lot of cases it can be removed without destroying the operating system installation.  In cases where it is so severe and so entrenched into the OS that it cannot be realistically cleaned (e.g. some rootkits) a re-format and clean install will be the only 100% certain way to get rid of it.  See http://www.bleepingcomputer.com/forums/t/287710/how-malware-spreads-how-did-i-get-infected/ for some more general background info on malware.

 

Maybe the music could be recovered by line in recording using an mp3 player? Would that be safe?

 

Again not without losing quality.  Straightforward music files (.mp3, .aac etc.) as far as I know cannot be used to carry out malware infections.  A common "trick" is to disguise a file as another type  for example music.mp3.exe could arrive by some method and actually carry malware, while an unsuspecting user could be fooled into thinking it was a music file.

 

Hypothetically , although very time consuming, I suppose you could transfer video files to VHS through your infected computer to your tv, and then back to digital from your tv to your clean computer?

 

Again you will lose a lot of quality and again it's likely to be a waste of time, because straight video files (.avi, .mp4, .mkv, .wmv etc.) cannot be used to install malware, as far as I know.  A far more likely scenario for video's to spread malware would be for a dubious video streaming site to insist you install a codec to watch a video, which could be used to install malware.

 

I'm just thinking out loud here.

 


Edited by jonuk76, 26 December 2013 - 12:20 PM.

7sbvuf-6.png


#8 computerererer

computerererer
  • Topic Starter

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Local time:04:21 AM

Posted 26 December 2013 - 09:29 PM

 

 

Best practice would be to run a virus scan on the DVD to check for any infected files. Then you'll know. However I think if its been burnt in the manner of a write once dvd-r - i.e. a collection of files put together and burnt in one session, then it's unlikely to be infected with a virus if used on an infected computer. If it,s been prepared for packet writing - generally this means formatting a Dvd-rw so that you can use it in the same manner as any other disk drive, then a virus could infect that as it would be able in theory to overwrite files on the disk.

 

Really interesting question. I would like to see a hardware solution to problems like that. I suspect that the answer to your question is that if the computer can write to the dvd then some viruses can, too. But if you had a manual switch to enable the drive to write, you could leave that disabled most of the time - especially at times like this. The minor inconvenience would be the lesser evil. Good luck:-)

 

 

 

The problem is no antivirus could find anything on the infected computer. so a clean scan result for the DVD mightn't necessarily mean it's clean.

 

I knew I had something because I couldn't go on bleepingcomputer or antivirus software sites and my computer was slow. I tried literally every scanner there is but couldn't find anything at all. I tried all the rootkit scanners too and everything came up clean. That's why I decided I would just have to dump it and buy a new clean PC.

 

So you've never actually diagnosed what was causing the problem then?

 

It is a multi session rewritable DVD so I suppose from what you're saying it isn't worth the risk?

 

If it's a disc that has been formatted as a live file system that you can use like a USB flash drive, then yes potentially a virus which spread by file infection (and not all malware spreads like that) could spread to the DVD, as it would possibly be seen as just another disk drive.  The difference between a live file system and mastered dvd's is explained here - http://windows.microsoft.com/en-gb/windows/format-cd-dvd#1TC=windows-7

 

I suppose documents and photographs could be printed from a new cheap computer and printer which could be thrown away afterwards (computer no.4) and then the pages couild be scanned to the clean one (computerno.3)?

 

Not without losing quality.  Photograph files would be most unlikely to be used as a way of installing malware, and while documents could be infected with malicious macro's, these should be detected by competent AV software.  Malware is far more likely to be in compressed archives (e.g. zip, rar, 7z files) or executable files (.exe, .pif, .scr and so on) than in photos or documents.  And no offence, buying a new computer only to throw out seems more than a bit paranoid and illogical.  I can't think of any reason why you would you need to "throw out" any computer because of malware!  Malware operates at the software level and does not permanently infect computer hardware.  In a lot of cases it can be removed without destroying the operating system installation.  In cases where it is so severe and so entrenched into the OS that it cannot be realistically cleaned (e.g. some rootkits) a re-format and clean install will be the only 100% certain way to get rid of it.  See http://www.bleepingcomputer.com/forums/t/287710/how-malware-spreads-how-did-i-get-infected/ for some more general background info on malware.

 

Maybe the music could be recovered by line in recording using an mp3 player? Would that be safe?

 

Again not without losing quality.  Straightforward music files (.mp3, .aac etc.) as far as I know cannot be used to carry out malware infections.  A common "trick" is to disguise a file as another type  for example music.mp3.exe could arrive by some method and actually carry malware, while an unsuspecting user could be fooled into thinking it was a music file.

 

Hypothetically , although very time consuming, I suppose you could transfer video files to VHS through your infected computer to your tv, and then back to digital from your tv to your clean computer?

 

Again you will lose a lot of quality and again it's likely to be a waste of time, because straight video files (.avi, .mp4, .mkv, .wmv etc.) cannot be used to install malware, as far as I know.  A far more likely scenario for video's to spread malware would be for a dubious video streaming site to insist you install a codec to watch a video, which could be used to install malware.

 

I'm just thinking out loud here.

 

 

 

That's disappointing to hear that I would lose quality, particularly with line in recording which seemed like the perfect solution. Although I wouldn't particularly care about a minute loss of quality to documents it would be annoying with music and photographs.

 

It's not the files themselves carrying viruses I'm worried about, it's how to get them from a possibly contaminated DVD to my clean computer without spreading a possible infection.

 

You're saying I'm paranoid? I 100% had a virus, PC ran slow, couldn't go on sites like this or AVG etc. I ran every single anti virus scanner I could find, avg, avira, mbam etc, and then all the rootkit scanners I could and I couldn't find anything. I ran them in safe mode and I used scanners like Kaspersky boot scanner that have their own self contained operating system. Nothing. To me that would indicate that there was a very sneaky rootkit that cannot currently be detected and whose payload could be literally anything at all. I've read that you can't even do a clean install of windows in this scenario as rootkits can actually store themselves in BIOS and other hardware.

 

How could I use my credit card to buy things knowing those details could be logged by a keylogger? How could I log into my email knowing all my contacts could be contaminated by a hacker? A hacker could be using my PC as the base of doing something against the law for all I know. Do you really think I'm being paranoid?


Edited by computerererer, 26 December 2013 - 09:35 PM.


#9 Crazy Cat

Crazy Cat

  • Members
  • 808 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Lunatic Asylum
  • Local time:04:21 PM

Posted 27 December 2013 - 12:55 AM

Yes, by the autorun.inf infection method http://www.bleepingcomputer.com/forums/t/517993/can-you-get-viruses-from-device-drivers-installing-from-a-usb-windows/#entry3238300


 

Two things are infinite: the universe and human stupidity; and I'm not sure about the universe. ― Albert Einstein ― Insanity is doing the same thing, over and over again, but expecting different results.

 

InternetDefenseLeague-footer-badge.png


#10 jonuk76

jonuk76

  • Members
  • 2,157 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Wales, UK
  • Local time:05:21 AM

Posted 27 December 2013 - 02:29 AM

Any conversion and re-encoding of media loses quality. It's like the old tape to tape decks - the copy would never equal the quality of the original.

To be concerned about computer security is not paranoid in the slightest. To be considering buying a computer just to throw out afterwards, on the basis that it might get infected with a BIOS infecting root kit while copying files from a dvd - when there is no evidence the DVD is even infected in my view is excessive . If you're worried, use a live copy of Linux to scan the DVD for viruses and do the copying work. Even the worst case scenario of a BIOS infecting root kit (which would have to be designed to attack a certain type of BIOS - there is no one size fits all...) relies on vulnerabilities in Windows to initiate the attack in the first place. It would not be able to run in Linux.

7sbvuf-6.png


#11 computerererer

computerererer
  • Topic Starter

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Local time:04:21 AM

Posted 27 December 2013 - 02:41 AM

 

 

If there is no autorun.inf file would that mean the DVD is definitely clean?

 

Any conversion and re-encoding of media loses quality. It's like the old tape to tape decks - the copy would never equal the quality of the original.

To be concerned about computer security is not paranoid in the slightest. To be considering buying a computer just to throw out afterwards, on the basis that it might get infected with a BIOS infecting root kit while copying files from a dvd - when there is no evidence the DVD is even infected in my view is excessive . If you're worried, use a live copy of Linux to scan the DVD for viruses and do the copying work. Even the worst case scenario of a BIOS infecting root kit (which would have to be designed to attack a certain type of BIOS - there is no one size fits all...) relies on vulnerabilities in Windows to initiate the attack in the first place. It would not be able to run in Linux.

 

Well you can buy second hand 7 inch monitor laptops for $75 online so would it really be that excessive?

 

The problem I have is that I don't know what infection I had, it could have been literally anything at all, so I think I have to assume the worst. Are you suggesting I use Linux from now on? Or that I boot from linux and then use the possibly infected DVD and then write the files to a new DVD safe in the knowledge that a virus couldn't attach write itself to the new DVD from linux?



#12 Crazy Cat

Crazy Cat

  • Members
  • 808 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Lunatic Asylum
  • Local time:04:21 PM

Posted 27 December 2013 - 05:04 PM




Yes, by the autorun.inf infection method http://www.bleepingcomputer.com/forums/t/517993/can-you-get-viruses-from-device-drivers-installing-from-a-usb-windows/#entry3238300

 
 
If there is no autorun.inf file would that mean the DVD is definitely clean? 
Make sure you can view hidden files and hidden system files. Then goto the root of the CD/DVD and see if there is a autorun.inf file. You can view the contents of the autorun.inf file with Notepad, or any text editor, to see what .exe files are being executed.

NO "autorun.inf" file means NO auto-start, so therefore clean.

However, there is another method that doesn't require the autorun.inf file. If I explain how-it's-done or proof-of-concept, it's against forum rules.
 

Two things are infinite: the universe and human stupidity; and I'm not sure about the universe. ― Albert Einstein ― Insanity is doing the same thing, over and over again, but expecting different results.

 

InternetDefenseLeague-footer-badge.png


#13 computerererer

computerererer
  • Topic Starter

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Local time:04:21 AM

Posted 28 December 2013 - 01:55 AM

 

 

Yes, by the autorun.inf infection method http://www.bleepingcomputer.com/forums/t/517993/can-you-get-viruses-from-device-drivers-installing-from-a-usb-windows/#entry3238300

 
 
If there is no autorun.inf file would that mean the DVD is definitely clean? 
Make sure you can view hidden files and hidden system files. Then goto the root of the CD/DVD and see if there is a autorun.inf file. You can view the contents of the autorun.inf file with Notepad, or any text editor, to see what .exe files are being executed.

NO "autorun.inf" file means NO auto-start, so therefore clean.

However, there is another method that doesn't require the autorun.inf file. If I explain how-it's-done or proof-of-concept, it's against forum rules.

 

 

Ok, well then would opening the DVD in Linux like Jonuk76 recommended and copying the files onto the clean computer from Linux be safe? Can I be certain that the MP3 files, image files, document files and video files I transfer over would be clean and that because it's Linux no autorun.inf infection will transfer across? Or does this other method you refer to involve infecting the files themselves?


Edited by computerererer, 28 December 2013 - 01:59 AM.


#14 jonuk76

jonuk76

  • Members
  • 2,157 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Wales, UK
  • Local time:05:21 AM

Posted 28 December 2013 - 03:16 AM

I was suggesting using a live version of Linux http://en.m.wikipedia.org/wiki/Live_CD because you can have certainty that any Windows based malware that may or not be on the DVD cannot affect it. If you wanted to go ahead and install it permanently, well that would be up to you. I do use it myself and would recommend it, but appreciate not everyone wants to learn a new OS.

You can use it to scan the DVD as well. For example in Ubuntu linux you have a fully functional OS running from CD or Flash drive, it's possible to install tools like ClamAV into the live environment just by adding it through the software center. Also it's worth noting online tools like Virus Total. This checks files using multiple (40+) AV engines. While likely to be impractical and undesirable to upload lots of personal files to an online service, you can use it to scan samples of files that you are comfortable sending across the internet. Hopefully a clean result will give a degree of confidence that they are genuinely clean.

7sbvuf-6.png


#15 computerererer

computerererer
  • Topic Starter

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Local time:04:21 AM

Posted 28 December 2013 - 04:22 AM

I was suggesting using a live version of Linux http://en.m.wikipedia.org/wiki/Live_CD because you can have certainty that any Windows based malware that may or not be on the DVD cannot affect it. If you wanted to go ahead and install it permanently, well that would be up to you. I do use it myself and would recommend it, but appreciate not everyone wants to learn a new OS.

You can use it to scan the DVD as well. For example in Ubuntu linux you have a fully functional OS running from CD or Flash drive, it's possible to install tools like ClamAV into the live environment just by adding it through the software center. Also it's worth noting online tools like Virus Total. This checks files using multiple (40+) AV engines. While likely to be impractical and undesirable to upload lots of personal files to an online service, you can use it to scan samples of files that you are comfortable sending across the internet. Hopefully a clean result will give a degree of confidence that they are genuinely clean.

You said before that virus can't turn document, video, image or mp3 files themselves imto  viruses but instead used other methods to spread themselves like the autorun method, based on that my question is If I use the linux method would the files definitely be clean?

 

I just don't have confidence in scanners because absolutely nothing was able to detect the virus.


Edited by computerererer, 28 December 2013 - 04:23 AM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users