JPEG Virus spreading through AOL Instant Messenger

Welcome to Bleeping Computer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.
Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Important Announcement: The winners of the BC Million Post contest have been announced. You can read who the winners are at this post.

- BleepingComputer Management

BleepingComputer.com > General Topics > News

JPEG Virus spreading through AOL Instant Messenger

Options

Grinler View Member Profile	Oct 1 2004, 02:13 PM Post #1
Bleep Bleep! Group: Admin Posts: 29,367 Joined: 24-January 04 From: USA Member No.: 3	Experts at SysAdmin Audit Network Security, or SANS, have been receiving reports of a new virus using the GDI+ JPEG Exploite spreading via AOL Instant Messenger As of right now there are two reported messages that people are receiving: Check out my profile, click GET INFO! hi you. Look at my new profile. click on GET INFO! When a user clicks on the links in the message it will attempt to infect you with the virus. It is very important that you make sure you have all your Windows Updates. I also recommend that you read my tutorial on using GDIScan in order to remove this vulnerability from your computer. A link for that tutorial can be found below. Link: SANS Diary Link: GDI Scan Tutorial and how to fix the GDI+ JPEG Vulnerability Link: Windows Update Link: Office Update -------------------- Lawrence

georgia View Member Profile	Oct 6 2004, 02:55 PM Post #2
Senior Member Group: Members Posts: 514 Joined: 28-July 04 Member No.: 1,719	I have followed all of the steps above reviewed the MS04-28 and the MS04-27 (M$ Office) and followed all the instructions ...applied patches and downloaded updates. I used my Office CD when required. Performed a SANS scan after and still had the same vulnerabilities show up. I had a tech check the work that I did and he said it was fine. I am not the only one there are 3 others in my group that have this same dilemma. i look forward to comments as the tech said it is very unclear as to whether the computer is secure from the vulnerability or not. If the SANS still says it is still there he said he would believe it still is. Comments please. -------------------- Talent is a flame. Genius is a fire.

Grinler View Member Profile	Oct 6 2004, 04:15 PM Post #3
Bleep Bleep! Group: Admin Posts: 29,367 Joined: 24-January 04 From: USA Member No.: 3	Post a log and I will see if I can give you some advice. Have you read this tutorial? http://www.bleepingcomputer.com/forums/topic3077.html -------------------- Lawrence

georgia View Member Profile	Oct 7 2004, 02:54 PM Post #4
Senior Member Group: Members Posts: 514 Joined: 28-July 04 Member No.: 1,719	Yes I did read this and used it as a base to do the tasks required to get rid of the vulnerability. Now the problem is that I am such a novice I do not know how to create a log and then get it to the posting stage ....you probably find this foolish. I tried google and could not find the process and so I thought I should submit this post. I am new to forums and thus don't really understand how to correctly go about resolving this issue by tools that are used by members in order that they may help. For this I apologize and ask for your patience. . I document new information that I learn in a journal so that I won't foolishly have to ask the question again. Thankyou -------------------- Talent is a flame. Genius is a fire.

Jacee View Member Profile	Oct 7 2004, 03:15 PM Post #5
Bleeping entraÎner Group: HJT Team Coach Posts: 1,700 Joined: 24-September 04 Member No.: 2,990	Hi georgia Follow this tutorial...it's how to use HijackThis! And it tells you how to save a log and post it: http://www.bleepingcomputer.com/forums/ind...torial=42#intro Make a permanent folder for HijackThis! Click My Computer, then C:\ In the menu bar, File->New->Folder. That will create a folder named New Folder, which you can rename to "HJT" or "HijackThis". Now you have C:\HJT\ folder. Put your HijackThis.exe there, and double click to run it. -------------------- *MS MVP Windows-Security 2006-2008* *Member of UNITE, the Unified Network of Instructors and Trusted Eliminators* Admin PC Pitstop

Grinler View Member Profile	Oct 7 2004, 04:20 PM Post #6
Bleep Bleep! Group: Admin Posts: 29,367 Joined: 24-January 04 From: USA Member No.: 3	Hi jacee...i think Georgia wants to post the gdiscan.exe log. Georgia...run the gdiscan.exe program and then click on the clipboard button. Then make a reply to this post, and right click in the message area where you normally type, and right click and click on paste. That should put your gdiscan.exe log into a reply here -------------------- Lawrence

Jacee View Member Profile	Oct 7 2004, 06:46 PM Post #7
Bleeping entraÎner Group: HJT Team Coach Posts: 1,700 Joined: 24-September 04 Member No.: 2,990	Ahh, it looks like I've missed my comprehensive reading class -------------------- *MS MVP Windows-Security 2006-2008* *Member of UNITE, the Unified Network of Instructors and Trusted Eliminators* Admin PC Pitstop

« Next Oldest · News · Next Newest »

1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)

0 Members:

Display Mode: Standard · Switch to: Linear+ · Switch to: Outline

Track this topic · Email this topic · Print this topic · Subscribe to this forum

Lo-Fi Version

Time is now: 22nd November 2008 - 07:29 AM

Advertise \| About Us \| Terms of Use \| Privacy Policy \| Contact Us \| Site Map \| Chat \| Tutorials \| Uninstall List
Discussion Forums \| The Computer Glossary \| Resources \| RSS Feeds \| Startups \| The File Database \| Malware Removal Guides