Is it safe to download and burn a disc image on an infected PC?
My PC is infected. If I download and burn linuxmint.iso on the infected PC, will the CD become infected also?
It is almost certainly technically possible that malware could intercept and modify an ISO being downloaded, and also give a false report to any tools designed to verify hashes of the downloaded file.
But I would rate this threat as extremely improbable.
- The malware would have to recognize an ISO is being downloaded and that it was bootable. It would then probably need to modify the bootloader on the ISO image to include a copy of the malware that will run before any OS is functional. To evade detection it would also need to keep track of the blocks that were in a valid file, and then lie to any hash checking tools that examined the file, or CD-ROM.
This simply isn't something common malware would be designed to do.
So, if you happen to be trying to build weapons of mass destruction, you might need to worry about this type of threat. If you are a typical home user, this is just not something that would ever be part of common malware.
Woah. Using an infected machine for this is dangerous and not likely to be a good idea. What you are considering doing is poor security hygiene. If you are using the CD for anything security-critical, you definitely should not do this.
"Will the CD become infected?" is not a question that can be answered. You can't know what the malware might do.
Could the CD become infected? Yes, absolutely. It would be totally feasible for malware to automatically infect all bootable images written to a CD. In fact, remember those floppy boot viruses, that used to spread from PC to PC via floppy discs, way back in the 90's? Well, that's exactly how they worked. So we're not talking about something crazy far-fetched or rocket science here; there's plenty of precedent for something like this happening.
Is it likely to happen to you? That's something we can't answer, in the absence of detailed knowledge about things like: (a) who you are, (b) who your enemies might be, (c) who might have an incentive to try to attack you, (d) what widely deployed malware kits do, etc. Odds are that even you don't know the answer to all of those, and certainly you haven't provided that information in the question. So there is very little basis for making a prediction about how likely it is to happen to you.
Is burning a CD from an infected PC good practice? No way. Absolutely not. This is definitely bad practice. If your PC is infected, you absolutely cannot trust anything burned on it. You can't trust an infected PC. It might do any old thing.
No, your CD should be fine if you download Linux mint and burn it. The ISO image would very unlikely be targeted by your infected PC (Never heard of this happening on a fresh ISO), assuming your PC is in good enough shape to accomplish this task. Then you can boot from that CD, reformat the drive, and install Linux Mint and it'll be like new.
But if you're not confident about the virus or if you think that the image got compromised, you can check the MD5 checksum, generally the Linux distros shows in their webpages this info, so you can compare this info with your own ISO copy.
Or better yet, if this is an option at all just grab a flash drive or CD and grab the link via a friend's computer quick, then reformat and install. This would eliminate any of these rare issues mentioned.
You also didn't mention what your infected computer's "symptoms" are, which could be really helpful. If you do install and still have these "symptoms", the more likely reason than an infected ISO would be a virus at the BIOS level or even in your modem or router. And yes, I have had an infected computer once that I reset only to find out it was the modem. Let us know what you find out, and best of luck.