i was discussing this with my roommate. i say you cannot get a virus from running a downloaded video file like avi or mpeg, he says you can. so, can you get a virus, trojan, ect from running a downloaded video file?
Closed Thread
Results 1 to 30 of 90
-
Originally Posted by bazooka
While any AVI (for example) could technically carry the code for a virus, either embedded in the pixel values or as extension chunks - this isnt going to do anything unless the media player extracts the code and runs it, which it isn't going to do unless embedded executable code is a recognized feature of that media format: and I would hope that no codec designer is that stupid in this day and age. Certainly this isn't an option in MPEG1, MPEG2 (dont know whats in MPEG4), nor any of the MPEG audio formats, nor does this feature exist in any popular AVI codec.
Of course, you can have one file type masquerading as a completely different file type (so you double click a file with an AVI extension that turns out to really be an exe file), but I don't think that was the question.
Also, if you downloaded some weird AVI codec plus an AVI file which demonstrates this codec, then its possible that the codec itself is a trojan, or that it supports embedded executable code: but this would almost certainly be due to deliberate malicious intent, and you would only get caught by it if you are the type that gets caught by any other virus and trojan, ie. if you are in the habit of downloading unverified executable files and running them on your PC.
-
No only executable files can carry virii, trojans, spyware etc. such as .exe, .vbs, etc. NOT .avi, mpeg. or even .mp3 which are compressed files that are not executable they require an exe to run.
What happens is someone will rename a file song.mp3.exe and if windows is configured on defeault "Hide Extentions To Known File Types" it is displayed as song.mp3 and users get infected. I reccomend you configure windows properly to see all extentions.
-
Well since image files can carry "virus", why not a video file? All that's required ís some unsuspecting buffer for you to overflow. But it'd require the victim to use a specific viewer and/or decoder for the exploit to work.
/Mats
-
there is metadata in mp3 file and some avi files ..
im no virus expert - but when there is meta data , im sure it can be used in a bad way (speccially on mp3 files - where it would be VERY easy to call up a url (hidden) and either report home or download a file) ... the report home has been done for sure ..
im not going to bother - but i bet a search will turn up mp3 virii"Each problem that I solved became a rule which served afterwards to solve other problems." - Rene Descartes (1596-1650)
-
Originally Posted by tvideo
Some types of video file (wmv in particular) can contain a URL and cause a web page to open when you play the video. If this web page contains a malicous active X control with a forged signature (for instance), you could get infected with a virus this way. So the video itself may not contain the virus, but playing such a video can cause you to get infected.
-
I do NOT think you're making this up.
There was a .vbs virus going around in 99/00 that "currupted" mp3 files but the mp3 could not carry a virus and spread it to another file. All that did was re-write the headers so the mp3s didn't work.
My guess is the system was infected by another virus (since this person probably downloaded a lot more than just mp3s) or as I said windows was configured by the "default" settings and the file was NOT an mp3 file and he ran it thinking it was.
-
mp2 and mp3 files can carry the VBS.LoveLetter and variants virus's .. i just checked ..
and the mp3 and mp2 and mpeg files are not destroyed but the VB code is just tagged to the end of the file ..
http://securityresponse.symantec.com/avcenter/venc/data/vbs.loveletter.a.html"Each problem that I solved became a rule which served afterwards to solve other problems." - Rene Descartes (1596-1650)
-
It changes the files to a .vbs file
" The worm also appends the .vbs extension to each of these files. For example, image.jpg becomes image.jpg.vbs. However, files with .mp2 and .mp3 extensions are merely hidden and not destroyed."
However not sure what they mean about the MP2 and MP3 extentions being "hidden"? So name.mp3 becomes name.vbs ?
-
"Files with extensions of .mp2 and .mp3 will be hidden from the user by setting the hidden directory attribute."
If windows is configured correctly "Show hidden files" you will not be fooled...again this is a .VBS worm, clever it re-writes the data and actually changes it into a .vbs file.
-
Will all due respect, I call bullshit.
It is a hoax.
http://www.sophos.com/virusinfo/hoaxes/mpeg.html
http://www.f-secure.com/hoaxes/mp3.shtml
A worm can 'overwrite' a mp3 but then it isn't an mp3 is it !
][
-
Originally Posted by BJ_M
The worm also appends the .vbs extension to each of these files. For example, image.jpg becomes image.jpg.vbs.
The recent virus as a part of a JPG set a new precendent, where non-executable files could have a virus (the macros in a Word document make it an executable). However, the JPG style virus is because of a security flaw in IE, and does not exist in other image viewers (e.g. Netscape, Photoshop, etc). There have not been any similar security flaws reported in Windows Media Player (or the like), and those things tend to get noticed.
Just my thoughts, I could be wrong...
-
I wasnt going to get into this.. BUT i couldnt resist.. mpg jpg mp3 avi cant and dont have the actual virii BUT the can and have had imbeded urls that when played will take you to a web page.. if you are like most and use IE you will then have active x or what ever dl the virii and wam.. thats just one way.. but this has been talked about for years and it all ends the same way.. some people are 100% sure that they are right.. the people that are so sure that you can get one thru one of these files.. please post a link or fwd one of the files to be checked.. not trying to insult anyone.. but actualy trying to have people show facts not just hearsay..
I have have seen these types of video files.
i have also seen files that were named. filenam.mp3.1000spaces.exe or what ever. so you know that since even if you do have show extentions in the file name your not going to see the actual extention with all those spaces in the name.
The video file that opens a url i have seen only happens for me anyway when i use VLC (videolan) im not sure if it happens with WMP but it may. i can look on my computer to see if i can find one.. they are usualy 1 or 2 min porn clips or some crap.
Similar Threads
-
How do I remove/repair AVI video file virus?
By paulywalnuts in forum Newbie / General discussionsReplies: 6Last Post: 7th Feb 2011, 20:40 -
Question about virus so terrible that Ghost restore did not kill the virus
By jimdagys in forum ComputerReplies: 24Last Post: 27th Apr 2010, 10:58 -
VIRUS,VIRUS, Getting blocked accessing antivirus sites
By G)-(OST in forum ComputerReplies: 11Last Post: 10th Apr 2009, 02:40 -
Virus in video
By zoobie in forum Newbie / General discussionsReplies: 11Last Post: 10th Feb 2008, 00:54 -
virus internet suites and video capture advice sought.
By DBenz in forum Capturing and VCRReplies: 1Last Post: 20th Sep 2007, 20:19