Infected page...

Rules, posting instructions and the latest news.
User avatar
Halbert
Member
Posts: 239
Joined: Tue Apr 07, 2009 4:19 pm

Infected page...

Post by Halbert »

Hello, twice today I visited the topic "Dear John Hall" page 7, and on both occaisions got this from my virus protection software:
thisthread.PNG
User avatar
8mileshigher
Senior Member
Posts: 4871
Joined: Tue May 23, 2006 12:34 pm

Infected page...

Post by 8mileshigher »

Yes -- the same thing happened to me on that same page....
:( :( :evil:
User avatar
pehayes2
Junior Member
Posts: 136
Joined: Mon Mar 24, 2008 10:16 am

Re: Infected page...

Post by pehayes2 »

Happened to me twice also.
User avatar
winston
Membership Admin
Posts: 11010
Joined: Mon Jul 11, 2005 5:00 am

Re: Infected page...

Post by winston »

It also happened to me.
“We can't solve problems by using the same kind of thinking we used when we created them.” - Albert Einstein

"You do not really understand something unless you can explain it to your grandmother" - Albert Einstein
User avatar
jps
RRF Consultant
Posts: 37132
Joined: Wed Feb 12, 2003 6:00 am

Re: Infected page...

Post by jps »

Hmm.........I think I will avoid that thread until further notice. :shock: Perhaps given the nature of that thread it should be deleted, anyway?
User avatar
winston
Membership Admin
Posts: 11010
Joined: Mon Jul 11, 2005 5:00 am

Re: Infected page...

Post by winston »

jps wrote:Hmm.........I think I will avoid that thread until further notice. :shock: Perhaps given the nature of that thread it should be deleted, anyway?

For a variety of reasons I don't think that is an option at the moment Jeff. Besides I have asked Gil to look at that JPG file.

Maybe then we can take a look at the thread in the cold light of day to see if it truly needs some further attention.
“We can't solve problems by using the same kind of thinking we used when we created them.” - Albert Einstein

"You do not really understand something unless you can explain it to your grandmother" - Albert Einstein
User avatar
winston
Membership Admin
Posts: 11010
Joined: Mon Jul 11, 2005 5:00 am

Re: Infected page...

Post by winston »

Gil has deleted the virus laden JPG. Thanks for bringing this matter to our attention guys. :D
“We can't solve problems by using the same kind of thinking we used when we created them.” - Albert Einstein

"You do not really understand something unless you can explain it to your grandmother" - Albert Einstein
fireglo67

Re: Infected page...

Post by fireglo67 »

Me too. Really messed up my PC yesterday, and it took me a whole day to get it sorted. :evil:
User avatar
cjj
RRF Moderator
Posts: 10900
Joined: Tue Jul 22, 2008 6:17 pm
Contact:

Re: Infected page...

Post by cjj »

Glad to hear it's fixed.

So, what sort of mischief did it do? I loaded the page many times (even after the notice about the virus just to see if I got a message :oops: :roll: ) and never got any sort of indication anything was amiss.

I ran a scan on my disk afterwards just in case and saw nothing there either, so hopefully I'm OK...
I have NO idea what to do with those skinny stringed things... I'm just a bass player...
User avatar
jps
RRF Consultant
Posts: 37132
Joined: Wed Feb 12, 2003 6:00 am

Re: Infected page...

Post by jps »

I didn't know that a virus can be attached to a JPG. How is this so? :?
User avatar
Halbert
Member
Posts: 239
Joined: Tue Apr 07, 2009 4:19 pm

Re: Infected page...

Post by Halbert »

Browsers load pages and images into memory called buffers. The browser must be responsible for loading only the amount of data for which memory has been allocated. Sometimes, objects such as images can be manipulated to load into a buffer for which there hasn't been enough space allocated. They call that condition a "buffer overrun". Clever exploitation can be used to actually execute code contained in the overrun part of the data.
User avatar
weemac
Veteran RRF member
Posts: 2735
Joined: Tue Mar 26, 2002 1:28 am

Re: Infected page...

Post by weemac »

Halbert wrote:Browsers load pages and images into memory called buffers. The browser must be responsible for loading only the amount of data for which memory has been allocated. Sometimes, objects such as images can be manipulated to load into a buffer for which there hasn't been enough space allocated. They call that condition a "buffer overrun". Clever exploitation can be used to actually execute code contained in the overrun part of the data.
E'rr, My cat's breath smells like fish!

Eden.
User avatar
cjj
RRF Moderator
Posts: 10900
Joined: Tue Jul 22, 2008 6:17 pm
Contact:

Re: Infected page...

Post by cjj »

One common method, that uses JEG images, doesn't directly run from the image itself. A JPEG image is a data file and is never actually executed. But, it can contain data fields that are not interpreted by most browsers or image viewers.

But, if one happens to click on some attachment or other such "normal" way to get infected by a virus, that code will modify the JPEG handler and drop a special extractor on the system that will then run the malicious code that comes attached to a JPEG image. This means that the malicious part of the image will only run on a system that is already "infected". A clean system won't have the code to run the JPEG attachment, but you may not know it's there until you happen to come across an infected image file...
I have NO idea what to do with those skinny stringed things... I'm just a bass player...
User avatar
weemac
Veteran RRF member
Posts: 2735
Joined: Tue Mar 26, 2002 1:28 am

Re: Infected page...

Post by weemac »

You have to wonder why people create these things, what is the point of a computer virus? Do they do it just for kicks?

Eden.
User avatar
cjj
RRF Moderator
Posts: 10900
Joined: Tue Jul 22, 2008 6:17 pm
Contact:

Re: Infected page...

Post by cjj »

From what I've read, it's a power trip sort of thing, feeling like you have control over the people who are too stupid to avoid or fix the virus.

I do vaguely understand the feeling. Way back when, when some friends and I used to hack into various systems, there was quite a good feeling when you finally beat the system and got in. But we were never into the destructive vandalism type activities that seem to have become so pervasive these days...
I have NO idea what to do with those skinny stringed things... I'm just a bass player...
Post Reply

Return to “Rules and Questions for Admin ONLY”