Can video downloads from Web infect?

  • Thread starter Thread starter jack34
  • Start date Start date
J

jack34

I was downloading a video from a web site when my AV popped up and said
that a dll in the program I was using to download the video was
infected. The downloading program was one I have used for a long time,
a legitimate piece of software. So is it possible that the download
site somehow infected the dll or the downloader program? I never did
get the video.

?
 
I was downloading a video from a web site when my AV popped up and
said that a dll in the program I was using to download the video
was infected. The downloading program was one I have used for a
long time, a legitimate piece of software. So is it possible that
the download site somehow infected the dll or the downloader
program? I never did get the video.

?
Click to expand...

AVG has replied to the "infected" dll file I sent them. It was a false
alarm. I neglected to state that I had just updated the downloading
program I was using. It was the first time I used it since updating it.

I am still interested in the answer to the original question: Can a Web
site infect you when you download a legitimate video file? I use the
term "legitimate" because there are many videos up there. I have
downloaded from it many times before with no problem. Could the person
who uploaded that video have tinkered with it a bit? Or is it simply
possible to send a virus/trojan down along with the video?
 
From: "jack34 said:
I was downloading a video from a web site when my AV popped up and said
that a dll in the program I was using to download the video was
infected. The downloading program was one I have used for a long time,
a legitimate piece of software. So is it possible that the download
site somehow infected the dll or the downloader program? I never did
get the video.
Click to expand...

There are trojans (ex: wimad) that exploit Windows DRM in media files.

There are illegitimate video and/or audio CODEC files that are actually trojans.

As for your software specifically, it may be a case of a False Positive noted by your
stating you have used it for a long time.

Without specific information that's about all I can respond with.
 
There are trojans (ex: wimad) that exploit Windows DRM in media
files.

There are illegitimate video and/or audio CODEC files that are
actually trojans.

As for your software specifically, it may be a case of a False
Positive noted by your stating you have used it for a long time.

Without specific information that's about all I can respond with.
Click to expand...

I just received an answer from my AV company. It was a false positive.


As far as I know, it was not a DRM protected file.

Codec files aside, is it possible to download a virus/trojan when
downloading a video file? I'd like to know for future reference.

P.S. Ignore the MarcusT post. I got my "nicks" crossed up. :o)
 
jack34 said:
I was downloading a video from a web site when my AV popped up and said
that a dll in the program I was using to download the video was
infected. The downloading program was one I have used for a long time,
a legitimate piece of software. So is it possible that the download
site somehow infected the dll or the downloader program? I never did
get the video.

?
Click to expand...

Possible, yes, if the mystery downloading program is vulnerable and the
mystery website is serving exploits for that vulnerability.

Any time a program on your machine consumes data from elsewhere there is
a chance to be infected. You mystery AV might alert to the mystery
exploit and give you a mystery malware name with which to investigate
the mystery further.

It is also possible that your mystery AV is making a false positive
declaration of the mystery malware and interfering with your video
download for some mysterious reason.
 
From: "jack34 said:
I just received an answer from my AV company. It was a false positive.

As far as I know, it was not a DRM protected file.

Codec files aside, is it possible to download a virus/trojan when
downloading a video file? I'd like to know for future reference.

P.S. Ignore the MarcusT post. I got my "nicks" crossed up. :o)
Click to expand...

What do you mean "download a virus/trojan when downloading a video file?"

Like I already provided, audio and video media files can be malicious such as in the case
of a Wimad trojan.

Are you asking if I download a MP3 can I also be subjected to an EXE ? If that is your
question, no.
 
What do you mean "download a virus/trojan when downloading a video
file?"

Like I already provided, audio and video media files can be
malicious such as in the case of a Wimad trojan.

Are you asking if I download a MP3 can I also be subjected to an
EXE ? If that is your question, no.
Click to expand...

I clicked to download a video using a video downloading program.

AVG immediately came up and said a file in the downloading program
was infected with a trojan. AVG said the infected dll had trojan
horse sheur3.cncq. (AVG had not alerted on this file an hour or so
earlier when I had installed the update for the downloader.)

No video had even started to download. The infection message came as
soon as I had entered the URL and tried to start the downloading
program to get the video.

The "infected" file was placed in AVG's Virus Vault. It was later
sent to AVG for analysis. According to AVG's results, it was not
infected. It was noted as a false alarm.

Within hours, I again downloaded the update of the downloader
program and AVG did not alarm on the same file it had alerted on
earlier.

I'm not about to go back to that site and try to download that video
again. Once bitten.... I doubt if there is a vulnerability built
into the downloader, since AVG gave the "infected" file a clean bill
of health.

I'm not going to give the name of the downloader program because I
don't think it was the program's fault. I don't want to start a
rumor affecting the sales of the program.

The whole thing doesn't quite make sense to me.
 
From: "jack34 said:
I clicked to download a video using a video downloading program.

AVG immediately came up and said a file in the downloading program
was infected with a trojan. AVG said the infected dll had trojan
horse sheur3.cncq. (AVG had not alerted on this file an hour or so
earlier when I had installed the update for the downloader.)

No video had even started to download. The infection message came as
soon as I had entered the URL and tried to start the downloading
program to get the video.

The "infected" file was placed in AVG's Virus Vault. It was later
sent to AVG for analysis. According to AVG's results, it was not
infected. It was noted as a false alarm.

Within hours, I again downloaded the update of the downloader
program and AVG did not alarm on the same file it had alerted on
earlier.

I'm not about to go back to that site and try to download that video
again. Once bitten.... I doubt if there is a vulnerability built
into the downloader, since AVG gave the "infected" file a clean bill
of health.

I'm not going to give the name of the downloader program because I
don't think it was the program's fault. I don't want to start a
rumor affecting the sales of the program.

The whole thing doesn't quite make sense to me.
Click to expand...

It was a False Positive (FP) declaration on a DLL associated with a media player. When
you downloaded, or attempted to download, a media file it initiated the un-named media
player and thus the On Demand scanner of AVG generated the FP declaration of a trojan in
that DLL.

As for starting a rumour affecting the sales of the program. It isn't going to happen.
Since it is a False Positive declaration the un-named media player isn't at fault.
 
Back
Top