We help IT Professionals succeed at work.

How to run a program from a DVD with Run command to Avoid Autorun Virus?

Dear Experts,

In a DVD I have good files and bad files (malware). I had disable Autoplay, I want to avoid Autorun Virus, I want to run:

D:\Programs\DVD II\Sandbox\Sandboxie\SBIE V. 3.60\SandboxieInstall.exe

I know is clean, using  Start -> Run Which are the parameters?

Could a DVD-CD been infected with the Autorun Virus or this is just for the USB and memory cards?

If I had installed sandboxie, I will not worry.
I will open SandboxieInstall.exe in sandboxed mode and copy to my HDD, then deleting Contents

My Windows XP SP3 is not up-to-date until October 2011, (ONLY OPTIONAL Software Updates)
Critical Updates is up-to-date until October 2011, that is why I want to run in this way sandboxie in order to download the optional software updates and save to a blank CD-DVD to install in later without download from MS WU

Or if you have another solution I will more than happy
Comment
Watch Question

Commented:
Ummm....maybe I'm missing something here....

Start -->
Run -->
D:\Programs\DVD II\Sandbox\Sandboxie\SBIE V. 3.60\SandboxieInstall.exe


Your install program will launch.


Sure, a CD or DVD can have a virus or malware.  Either poor QA by the manufacturer or a disgruntled employee putting it there intentionally.  But not specifically a "Autorun" virus.  Remember that the autorun file simply tells the comptuer what to kick off.  So the actual infection will be in one of the executable files started by the autorun.

Author

Commented:
So if I open D:\Programs\DVD II\Sandbox\Sandboxie\SBIE V. 3.60\SandboxieInstall.exe

from Run it will install sanboxie?


How-to-run-a-program-from-a-DVD-.JPG
DarinTCHSenior CyberSecurity Engineer
BRONZE EXPERT
Commented:
yes
that is they way we have been doing it for many many years before an autorun was even available

Author

Commented:
and if other files are infected in the same CD-DVD, installing this way a program, I know is clean my computer is safe for any infections?

Author

Commented:
yes
that is they way we have been doing it for many many years before an autorun was even available

Can I browse for the file in order to avoid infections? or do I have to enter the full path?
Browse-searching-the-file.JPG

Author

Commented:
someone please?
SILVER EXPERT
Distinguished Expert 2019
Commented:
what i would do is copy the the contents of the DVD to your system in a folder -then scan is with AV scanner, mbam, and what you like to be sure it contains no virus
then make the DVD again - so you're sure to have a clean one

Author

Commented:
Hi Nobus,

I am making the DVD again, but I had another idea, since I download everything with getright

I have the log file:

GetRight Download Log For AdbeRdr1000_en_US.exe
--------------------------------------------------
URL:      ftp://ftp.adobe.com/pub/adobe/reader/win/10.x/10.0.0/en_US/AdbeRdr1000_en_US.exe
To:      C:\Adobe\AdbeRdr X\AdbeRdrX V. 10.0.0\AdbeRdr1000_en_US.exe
--------------------------------------------------
Start:      2011/10/20 23:16:58 at byte 0
Finish:      2011/10/20 23:19:26
--------------------------------------------------
Size:      36,791,704
Time:      0:02:28
Speed:      242.8K/sec
--------------------------------------------------

I use a Yahoo account collecting all the URL I want to dowload NEXT
I send an email (only text) to my POP3 account
Run Getright sandboxed and I start to download the URL's

What do you think about this solution?

THE PROBLEM HERE is I have in the same DVD old programs that I know they are clean such as NERO Version 6.6.X. that there are no longer at their site ready to download.
In the same DVD I have Shadow Defender the bad one (malware) just an example, I have more programs that are malware, so for now my question is  
Can I browse for the file in order to avoid infections? or do I have to enter the full path?
dbruntonQuid, Me Anxius Sum?  Illegitimi non carborundum.
BRONZE EXPERT
Commented:
>>  Can I browse for the file in order to avoid infections? or do I have to enter the full path?

Yes, you can browse for the file.  As long as you don't try and run or open up the infected files you will be alright.

Note that some anti-virus applications (if you have them on your computer) might possibly find the infected files while you are browsing.
SILVER EXPERT
Distinguished Expert 2019

Commented:
if you put the files first on your disk and scan them - no problem as said

Author

Commented:
ok nobus, I understood the idea I had, is not the best way to making the DVD, i will follow your Expert comment
DarinTCHSenior CyberSecurity Engineer
BRONZE EXPERT

Commented:
ps
why not dowload a free A/V
and run it against a disk if to satisfy yourself the disk is clean
Commented:
OK, so here is my bottom line thought.  You are making this way too difficult -- overthinking it if you will.  From what you have written I am assuming that you know that CD/DVD you are currently using is infected with virus or malware.  THROW IT AWAY!  You do not want something like that floating around your office even if you can bypass the infected components.

Now go out to the Internet and download a clean copy of sandboxie from a good source that you trust.  Because you did download it from the Internet, do a scan just to be sure (this means download the program on a computer that is already protected).

Now make your DVD from that clean copy.

Wala!  No more worries!

Commented:
Oh, by the way...for the programs that are no longer available to download like Nero (I am of course assuming that this is a legally obtained copy of Nero or upgrade to a legal copy that you will be installing only on the computer to which it is licensed -- my anti-piracy caveeot)....

Copy them from the CD to your hard drive before you throw the infected disk away.

Author

Commented:
@DarinTCH
I do not need a free AV, since I have ESS V.4.X please take a look at my Tags, I scan my CD-DVD with ESET
In other machine I did a anothe scan w/AVIRA 2012, MBAM, SAS, S&D, and Prevx 3.
For security reason I format "the other machine" and recover my OS and apps with a clean Acronis image.

I know which folder contains malware in the DVD

The problem is the DVD was clean, until I burn more programs, most of them malware

@mds-cos
>Now go out to the Internet and download a clean copy of sandboxie from a good source that you >trust.  Because you did download it from the Internet

Here is my Sandboxies Log

GetRight Download Log For SandboxieInstall.exe
--------------------------------------------------
URL:      http://www.sandboxie.com/SandboxieInstall.exe
To:      C:\Sandbox\Sandboxie\SBIE V. 3.60\SandboxieInstall.exe
--------------------------------------------------
Start:      2011/10/12 23:55:52 at byte 0
Finish:      2011/10/12 23:56:10
--------------------------------------------------
Size:      2,123,536
Time:      0:00:09
Speed:      225.6K/sec
--------------------------------------------------

My MBAM Log

GetRight Download Log For mbam-setup-1.51.2.1300.exe
--------------------------------------------------
URL:      http://data-cdn.mbamupdates.com/v0/program/data/mbam-setup-1.51.2.1300.exe
To:      C:\Antivirus\MBAM\MBAM V. 1.51.2.1300\mbam-setup-1.51.2.1300.exe
--------------------------------------------------
Start:      2011/09/12 18:53:10 at byte 0
Finish:      2011/09/12 18:53:58
--------------------------------------------------
Size:      9,852,544
Time:      0:00:38
Speed:      253.2K/sec
------------------------------------------------

The programs that are no longer available to download like Nero ARE my nightmare, and those programs are clean, Nero is not the only program that is not longer available to download.
The DVD contains old versions that rocks!  I am very sad for this, all the programs I paid for.
I contacted with some vendedors and they ask me to UPGRADE, UPGRADE to their newest version, No Discount, like as buying the original program again.
The DVD does  NOT contain any kind of KEYGEN, PATCH or illegal software

>assuming that this is a legally obtained copy of ... or upgrade to a legal copy that you will be installing only on the computer to which it is licensed -- my anti-piracy caveeot

Yes all the programs are legal, perhaps I did not buy for 3 computers, I really do not remember, but it if you can find at http://www.oldversion.com/about_us.php for my is ok, the problem with this site is I do not trust the software hosted in their server, they said the software does not contain maiware, but "I have a bad feeling" about this site  

About the anti-piracy caveeot
Let's face who has ALL the programs in their computer legal? I am also against piracy, more piracy most expensive software.

Well back to my problem, Yes I know I am making this way too difficult, but I want to learn also, that is why I am proud member of EE, with excelent Experts, my case is ordinary, but If I have to recover information from my company then I will need more knowledge, maybe working in conjuction with Sandboxie, Returnil, AV Rescue CD I do not know..

I know I can only ask one question it is EE rules, if you experts do not want to comment, no problem, I wrote this as background for futher reference

Regards

Commented:
You don't actually need to explain any of the licensing stuff to me.  I just had to throw in my caveeot to be sure nobody thinks I might be supporting piracy!

Honestly, the greatest learning item I can give you here is what I said earlier.  Copy from the DVD the stuff you want to keep that you know is clean, or download fresh copies from the Internet.  Burn those to a new DVD.  Throw away the infected DVD.  Seriously.

As it sounds like you made the DVD yourself, I'm curious about the autorun file.  Did you set up your own autorun.inf, or did it get added to the DVD somewhere along the line?  If you made it yourself you know what it should be doing.  You can open that file in notepad to see exactly what it is going to launch.

For your original question, best answer is if you want to run sandboxie (or any other program on the disk), just type in full path to the setup executable.  That will only access the specific setup program that you specified -- malware software will not be accessed (but again, the right thing to do is get rid of it so you prevent any accidental infections).


Hope that helps!

Author

Commented:
No, I am sorry I NOT Build a new DVD with autorun file, I am just triying to collect all the good software, in the correct folders (orderly) and yes the best solution is
Throw away the infected DVD
Type in full path to the setup executable sandboxed

I am out of the town tomorrow I will accept a solution, sorry about this
 
Commented:
Your choice -- but that is still my final recommendation :-)  I used to keep a few infected disks around for testing purposes, but they were red and labled with big skull / cross-bones!  They also did not leave my test lab!  Yes, I am paranoid.

As far as the original question goes, I think we have thoroughly answered.  The bottom-line solution is:

In run box, type D:\Programs\DVD II\Sandbox\Sandboxie\SBIE V. 3.60\SandboxieInstall.exe.  Only Sandboxie.Install will be run.  Other infected programs on the DVD will not be executed.

Author

Commented:
>Your choice -- but that is still my final recommendation :-)  I used to keep a few infected disks around >for testing purposes, but they were red and labled with big skull / cross-bones!  They also did not >leave my test lab!  Yes, I am paranoid

LOL GREAT IDEA, I will do the same, labled with a big Darth Vader :) I am paranoid also

Author

Commented:
THANK YOU EXPERTS

Commented:
Darth Vader -- even better!  ;-)

Hmmm...Vader turned good in the end.....possible parallel?

Explore More ContentExplore courses, solutions, and other research materials related to this topic.