This is funny, what with my recent posts about ZA and all, but my families computer at home (I am at school) was just creamed. It had no virus scan or firewall running.

My brother plays ultima online and was ICQ'ing a guy he knew on the game. Well the guy said he was sending a pic via ICQ file transfer, my bro swears it was .jpg, when my brother opened it it was nothing. Doesn't ICQ have some security issues? I guess so. Anyway, the guy hacked his Ultima account first somehow and wreaked havoc with it. The next day my brother was ICQ'ing him about him doing that. The guy said something along the lines of "talk to ya later dumbass" and the computer froze. When he tried to reboot it said command interpreter not found. HD all gone. Guess what I get to do while I am home over the weekend for my birthday? I will tell you one thing, it doesn't invole reinstalling ICQ! I had planned on securing that computer while I was home for the summer but I guess I get to do it early now. Oh well.

Sorry to hear this, Gomer http://www.sysopt.com/forum/frown.gif

As your brother found out, it's never a good idea receive/open any file from someone you aren't POSITIVE you can trust. Even then, it's always safer to run a couple of updated scans on the file before opening.

ICQ does have some holes, but it can be a useful tool and safer to use when used in conjunction with a firewall/intrusion detection, and by practicing caution and safety. Searching for ICQ security issues will give you alot of info.




[This message has been edited by socalgal (edited 04-07-2000).]

i recieved one called cutey.exe when run it tries to connect to the net. So Zone alarm caught it. I ran a trojan detector called the cleaner i think from moosoft.com it found two of them which were taken care of very quickly !! be warned !!

Dont blame yourself for anything like this. I got a real nasty virus from a poster on here about a year ago on a ongoing problem with his machine and we were E-Mailing back and forth over it. He sent me what he called a screen shot of the error message and like a dumb nut I opened it. Never opened another thing until I scan it for virus.
Bleep

Happened to me too, 2 PCs were destroyed in ONE month (good thing I could return them back to store)and not long ago got a "picture" in my Inbox, opened it, and...You know what happends next http://www.sysopt.com/forum/frown.gif

pcnerd...just what kind of viri can destroy a puter????

Having your computer hacked and crashed sucks gomer,but how can a virus file with the extension .jpg work? i thought it had to be the correct file extension for the file to be executed, if it had the jpg extension, wouldn't windows have tried to open the default viewer for images and then shown a error about an unrecognizable format variant or something to that effect?

or am i wrong?

dos7

[This message has been edited by dos7 (edited 04-07-2000).]

With the extent to which some people go to find holes in programs, I'm sure someone found a hole in a few pic veiwers (Internet Explorer is a lot of people's default) that when it attempts to open the .jpg it winds up telling internet explorer what to do to crash the system, or something like that... I wish I knew what made killing someone else's PC fun. I still yearn for my youth pouring salt on slugs and daring girls to touch worms <G> ...

Incidently, I have no idea where, but I've found a few 3rd party programs (met a guy who wrote one) that plug some of it's security issues. And McAfee VirusScan 5.01 is here, and seems to do a pretty good job of actively scanning downloads and email attachements. It found a worm in an email attachment I got a few weeks ago, so that email was eradicated...oh well, big loss, eh?

i have been told that you can put a batch file into a jpg...never seen it done, but a .bat file with the right entries could do a lot of damage....

Like I said, he said it was a .jpg I wasn't there. I think somehow the virus was transmitted along with the picture through ICQ file transfer. That computer was quite unsecure. It sounds like it was subseven or a variant. Whatever it was the person hacking us was keyboard logging because the ultima password he obtained wasn't cached. Also, My younger brother said that mouse buttons kept reversing and windows color scheme was changing all the time. After my brother found out his Ultima account had been comprimised, he asked the guy if he had hacked him, and the guy said yeah, you had it coming. At that moment the computer froze never to see the light of day again.

The way that people disguise an executable as an image is to make the file name look like this...

file.jpg<lots of spaces, 20 or 30>.exe

So the filename is "file.jpg" with many spaces after it, and ".exe" is still the extension. So it appears to be an image because you can't see the ".exe" with that many spaces before it.

hey smokey,,that's pretty slick,,i had never thought of that,,sounds like it would work also........ yikes.....

I've also seen some files named something like pic.jpg.js. This is a javascript file, which can do some damage. There are some folks who wouldn't know the difference between that and pic.jpg.

I use The Cleaner and have been very pleased with it. It is frequently updated. The tray app caught a trojan as soon as I foolishly opened the .exe, which my outdated virus scanner had approved.

Virii can easily destroy a computer. There are a few out there that corrupt the BIOS, and unless you have a ROM burner, you are SOL.