DPChallenge: A Digital Photography Contest You are not logged in. (log in or register
 

DPChallenge Forums >> Hardware and Software >> NEW VIRUS THREAT....this one's bad
Pages:  
Showing posts 1 - 25 of 48, (reverse)
AuthorThread
 01/02/2006 08:00:28 PM · #1
Ok, here's the article:

//msnbc.msn.com/id/10684853/

Basically, this virus is hidden in image files, and can take over your machine simply by viewing it.

Be cautious. This is a live one.

Message edited by author 2006-01-02 20:00:44.
 01/02/2006 08:12:42 PM · #2
Thank you,

Sent it to everyone I know
 01/02/2006 08:17:42 PM · #3
Grisoft the makers of AVG anti-virus provide a free anti-virus software for the public to download.

For those that need an anti-virus software.

Free Anti-Virus By Grisoft.

I've been using it for a couple of years now and never had a problem. Update servers are pretty fast. Check all files at 3:00am or when ever you set it. Checks files before they are opened up in any program. Overall very good program to use.
 01/02/2006 08:17:56 PM · #4
* shakes head *
 01/02/2006 08:23:30 PM · #5
more of a I.E problem
use firefox & dont open wmf files ,,,..

msnbc is a bit short on details
 01/02/2006 08:53:49 PM · #6
Originally posted by Baron152:
Thank you,

Sent it to everyone I know

The virus or the warning? :D
 01/02/2006 08:53:49 PM · #7
This exploit is even more dangerous than previously reported. It is NOT dependent on the browser you're using, and disabling viewing of WMFs is not adequate to prevent the exploit from succeeding. In fact, if someone creates a malicious WMF file called LOOKATME.WMF, then renames it to LOOKATME.JPG, windows will still recognize it as a WMF file by its contents and interpret it as such, so the exploit still works! Now, you cannot just disable all JPEGs, so what CAN you do?
If you're running XP you don't need to deal with WMF files in the short term (or at all), you can disable the DLL that interprets them, defeating the exploit, no matter what the file name. To do so:

Start ==> Run, type, regsvr32 /u shimgvw.dll and press Enter.

to reenable the DLL, after a patch becomes available:

Start ==> Run, type, regsvr32 shimgvw.dll and press Enter.


01/02/2006 08:59:48 PM · #8
i just want to know what is the purpose of viruses anyway
 01/02/2006 09:02:20 PM · #9
thanks for the fix kirbic
 01/02/2006 09:03:37 PM · #10
Originally posted by kirbic:
This exploit is even more dangerous than previously reported. ...

Don't you mean 'could be more dangerous'. The potential of it being done was demonstrated, a few isolated cases and the media and security 'experts' (you know, those that make thier money on hysteria) ran away with it.

The scanning software companies are updating their definitions, and Microsoft is closing the hole -- the world is not going to end. ;)

David
 01/02/2006 09:03:38 PM · #11
Would running antivirus software prevent this being a problem? PC-cillen on mine.
 01/02/2006 09:03:56 PM · #12
Thanks for the fix kirbic!

I was browsing a site the other day and all of a sudden "Windows File and Picture Viewer" or whatever it's called popped up about 5 times, and my antivirus went crazy. The 5 instances of the program all crashed out after my antivirus had stopped. I don't remember the file name but is this the WMF thing?
 01/02/2006 09:16:19 PM · #13
kirbic, thanks for the instructions. I did it, now I hope I remember to undo it whenever...bump this or start a new thread when there's some news!
 01/02/2006 09:17:27 PM · #14
Originally posted by Konador:
Thanks for the fix kirbic!

I was browsing a site the other day and all of a sudden "Windows File and Picture Viewer" or whatever it's called popped up about 5 times, and my antivirus went crazy. The 5 instances of the program all crashed out after my antivirus had stopped. I don't remember the file name but is this the WMF thing?

Which site? I would like to check it out.
 01/02/2006 09:21:15 PM · #15
I dunno, I was just following links around looking for some noCD patches for some video games, so that when I take my PC off to university I don't need to take loads of game boxes with me, and then it just happened. Needless to day I left the site straight after that and cleared my temp internet files never to return :)
 01/02/2006 09:22:11 PM · #16
Mentioned this last week but seemed only a venue for smart-ass comments.
 01/02/2006 09:28:03 PM · #17
Originally posted by BradP:
Mentioned this last week but seemed only a venue for smart-ass comments.


Mac recommendation tourette's. :/

Message edited by author 2006-01-02 21:28:12.
 01/02/2006 10:00:37 PM · #18
I'm sorry I missed this post last week and I am glad it was posted again. Where I work many photos and those wmf jokes are always flying .. not anymore!!! Thank you!! :)
 01/02/2006 10:04:43 PM · #19
Thanks Kirbic!
 01/02/2006 10:07:21 PM · #20
Originally posted by melodee:
i just want to know what is the purpose of viruses anyway


They keep IT security people gainfully employed
 01/02/2006 10:09:12 PM · #21
Boy am I glad I'm on a mac...
 01/02/2006 10:13:11 PM · #22
FWIW, I became aware of the fix through an e-mail from a friend, the original source of the fix was a Watchguard LiveSecurity Update. Best to save the "undo" step as a text file on your desktop as a reminder to reenable the DLL after applying whatever patch becomes available.
 01/02/2006 10:22:09 PM · #23
That would be me!! IT Manager for 50 computers, 8 servers and 2 remote offices!! I was on vacation last week and didn't hear about the virus ... I'm back tomorrow and first thing will put blocks in place and run that little DLL fix on every machine via a policy!!

Originally posted by LoudDog:
Originally posted by melodee:
i just want to know what is the purpose of viruses anyway


They keep IT security people gainfully employed
01/02/2006 10:25:18 PM · #24
I too was hit by the same thing as Kirbic. I was browsing for Pocket PC apps via google and hit a bad link. Popped up Windows Picture and Fax viewer.

Within seconds, Avast started freaking out and eventually did not win the battle. I was infected with Spyaxe rogue anti-malware. Because it is set up as anti-virus software (DON'T BUY THIS PROGRAM!!!!!!!), it creates conflicts with other existing programs and impairs their ability. It has a specific fix called Smitrem.exe by noahdfear. No AV program fixes it. Spyware Doctor claims to be able to, but I found it to be too suspicious as it found things that were not viruses and insisted that I must pay for a registered version to get rid of them... even after my computer was clean.

It took me a considerable amount of time to get clean from that one because it was new years weekend and all of the security forums were dead and nobody had time to give me a hand.

Very insidious.

I was seriously worried for several hours that I would lose all of my pictures and wouldn't have anything left to enter in the Best of 2005 challenge.

If a Windows Picture and fax viewer pops up unexpectedly, hit the PANIC button immediately.

Message edited by author 2006-01-02 22:32:55.
 01/02/2006 11:05:52 PM · #25
Thanks for the protection tip Kirbic, but now I don't see thumbs in explorer... Is that what the 'fix' does?

Message edited by author 2006-01-02 23:06:11.
Pages:  
Current Server Time: 06/13/2025 04:20:32 PM

Please log in or register to post to the forums.


Home - Challenges - Community - League - Photos - Cameras - Lenses - Learn - Help - Terms of Use - Privacy - Top ^
DPChallenge, and website content and design, Copyright © 2001-2025 Challenging Technologies, LLC.
All digital photo copyrights belong to the photographers and may not be used without permission.
Current Server Time: 06/13/2025 04:20:32 PM EDT.