anybody know a am that scan's videos

Discussion in 'other anti-malware software' started by tree1, Mar 5, 2010.

Thread Status:
Not open for further replies.
  1. tree1

    tree1 Registered Member

    Joined:
    Mar 5, 2010
    Posts:
    5
    does anybody know a am program that scan's videos? its hard to find one. Avast is the only one i can find
     
  2. kjdemuth

    kjdemuth Registered Member

    Joined:
    Jul 29, 2005
    Posts:
    2,960
    Location:
    Boston, MA
    Like scans a certain file extension or more like a web cam for keylogging?
     
  3. Espresso

    Espresso Registered Member

    Joined:
    Aug 1, 2006
    Posts:
    975
    What does Avast scan for? Videos don't usually contain malware. It's usually a protected file that tries to download a license or codec containg malware, so it would need a blacklist of urls, I guess.
     
  4. tree1

    tree1 Registered Member

    Joined:
    Mar 5, 2010
    Posts:
    5
    scan's videos. avi's, wmv's, mov etc
     
  5. tree1

    tree1 Registered Member

    Joined:
    Mar 5, 2010
    Posts:
    5
    videos dont contain malware? im shocked my whole life i thought videos contain malware
     
  6. mvario

    mvario Registered Member

    Joined:
    Sep 16, 2008
    Posts:
    339
    Location:
    Haddonfield, IL
    The only video exploit that I'm aware of is a trojan for .wmv/.wma files that exploits the drm info. When played on Windows Media Player it will prompt you to install a codec though if you say yes it will download a malware executable.

    I don't believe there are any exploits for .avi's, .mpg's, .mp4's or any other video formats on any players.

    I'm not sure what AV programs will look for that, but I would be surprised if most don't. Just make sure your AV is configured to check .wma and .wmv files. Or better yet, don't use Windows Media Player, us something good like VLC or SMplayer.
     
  7. ratwing

    ratwing Guest

    mvario said:

    "I'm not sure what AV programs will look for that, but I would be surprised if most don't."


    Yes,me also.

    PS# I also agree VLC gets the job done. I block mine from auto-update via firewall,
    and run it forced in Sandboxie,but I am Paranoid.
     
  8. mvario

    mvario Registered Member

    Joined:
    Sep 16, 2008
    Posts:
    339
    Location:
    Haddonfield, IL
    p.s. or do you mean streaming Flash video? A few AV folks have made claims to protect against Flash Video exploits...
    http://www.rising-global.com/Information/News-Events/Rising-provides-the-security-you-need-against-Adobe-Vulnerability.html
    http://download.zonealarm.com/bin/free/pressReleases/2008/pr_4_1.html
    though I couldn't tell you how true they are, or whether those that don't make that particular claim are any less effective against it.
     
  9. mvario

    mvario Registered Member

    Joined:
    Sep 16, 2008
    Posts:
    339
    Location:
    Haddonfield, IL
    A did some Googling and found that there is also a .mov exploit that works with Apple Quicktime (seems .mov and quicktime support embedded JavaScript.
    http://www.f-secure.com/v-descs/js_quickspace_a.shtml
    so you might want to scan .mov files also if you use Quicktime player.
     
  10. tree1

    tree1 Registered Member

    Joined:
    Mar 5, 2010
    Posts:
    5
    Most of my videos are avi's so i guess im safe. I still scanned them with avast so i feel more secure in moving in my old videos to my new computer.

    What about mp3's, music files and pictures are these areas that can't be effected or are very unlikely to be effected
     
  11. mvario

    mvario Registered Member

    Joined:
    Sep 16, 2008
    Posts:
    339
    Location:
    Haddonfield, IL
    Not that I am aware of. Ideally apps and data are separate and data, such as video, music, and picture files, aren't executable. But then some vendors want to add more features so Microsoft creates wmv's that can pull down installable codecs that can execute, or Apple puts Java capabilities into .mov files. The big problem with .pdf files that make them an avenue for attack is because they can contain javascript. But the other side is the the vulnerabilities, while present in the data file, are only workable in specific applications... the .wmv thing is only an issue with MS Media Player, the .mov thing is a problem with Quicktime. If you use VLC, or mplayer, or something else you don't have the problem. That's the reason I don't use Adobe Acrobat for .pdf's.
     
  12. tree1

    tree1 Registered Member

    Joined:
    Mar 5, 2010
    Posts:
    5
    so most malware including viruses of course come from executable files? .exe
     
  13. mvario

    mvario Registered Member

    Joined:
    Sep 16, 2008
    Posts:
    339
    Location:
    Haddonfield, IL
    Not necessarily .exe files, but they have to execute in some way. That can be a straight .exe file, or it can be a script, or a macro, or a piece of executable code injected via buffer overflow, or executable code written into a boot loader by a trojan, or a lot of different things. It doesn't have to be an exe binary, but it has to be a set of instructions (i.e. "program"), whether binary, or macro, or script, or javascript, etc.) that is run (or autorun).

    The issue with certain files like .wnv and .mov is that they aren't pure data files. Like Word docs and the old Word macro viruses, they can also contain instructions that can be run if they are opened in applications that support those "features".
     
Thread Status:
Not open for further replies.