Hi here is a copy of an E-mail my Brother sent me today. If you havn't already seen this please look into it read it you'll see why....... ------------------------------------------------------------- Hi Dave - Since you guys are heavily into graphic-y stuff, I thought this would be of interest to you... Apparently, there's a new virus going around that infects JPEG files. It apparently unpacks and dumps it's own executable file onto the hard disk, which is contained as some sort of appendage to the main file. It also modifies the registry to enable it to automatically run next time that an infected file is detected, and also so that it can infect other files... Doesn't look like it's a hoax, so be careful of any JPEGs you get from the internet, etc, in the future... I guess it was only a matter of time before some fool exploited picture files, somehow. Check out this link for more information. http://vil.mcafee.com/dispVirus.asp?virus_k=99522 The only good thing at the moment is that it doesn't appear to carry a dangerous payload, being a proof of concept, but I guess it's only a matter of time. Just thought I'd let you guys know, in case you haven't seen it on your own! Andy ----------------------------------------------------- see what i mean Dave

This appears to be a 2-part virus. It requires not only the JPG file, but also an external extractor. As long as the extractor is not on the infected machine, the "infected" JPG appears harmless, and just random noise on the picture. Not as alarming as it seems, but still interesting.

thanks for the info, I will go look into it...Sharen :-)

I suppose that infected MP3s will be next.

Hi I read the description and it seemed to me that the extractor part came with an infected jpeg this then waited for another to activate the body of the virus, but perhaps I read it wrong! I did send a note to one of the admins sugesting a global note to all forums to get virus checkers updated. anyway just tring to be helpful see you later Dave

Attached Link: http://features.slashdot.org/features/02/06/14/1343223.shtml?tid=166

Hi, It's bogus, (kind of) I posted a link about it earlier, the gist of which is this. Viruses are executable, jpg's are not. They are also compressed, so even if they could be run, they'd need to be decompressed first... It's a scare tactic, other wise known as FUD (Fear, Uncertainty & Doubt) to get you to buy more virus protection, I'll repost the link here. later jb

Attached Link: http://news.com.com/2100-1001-935994.html

Yup, You heard it right, MS are giving stuff away again... :) "Microsoft accidentally sent the virulent Nimda worm to South Korean developers when it distributed Korean-language versions of Visual Studio .Net that carried the virus, the company acknowledged Friday." later jb

W32.Perrun is a virus that appends itself to JPEG files. The malicious content of files that it alters will not spread to other computers. Indications of infection are that .jpg files will have increased in size by approximately 11KB, and the presence of the file Extrk.exe. Variants: W32.Perrun.dr Type: Virus Infection Length: 11,780 bytes Systems Affected: Windows 3.x, Windows 95, Windows 98, Windows NT, Windows 2000, Windows XP, Windows Me

Great link praxis. Unfortunately most of the media is buying into this hoax hook, line, and sinker. I saw a story on CNN about it last night and I remember thinking that it sounded kind of hinky. Personally I don't use Windows or Outlook express and I have all my anti-virus software turned off. I have never even seen a Mac virus in almost 7 years of being online. Maybe the SEC should look into these guys.

geee, can use camoflage to put exe or anything else into an image file. just type the virus name into the location bar of netscape, they actually keep up fairly well and will have several refernces about it. I'm sure ie will do the same..but since I dfon't trust anything from M$ to work right I'll never know.

The virus on the Visual Studio stuff is a great example of Linux folks getting all bent out of shape about nothing. A third party contractor made a mistake and left a virus file on the Visual Studio disk for Korea. Interestingly, the virus is not possible to get through the installation or use of the Visual Studio product. You would have to go find the file by hand and execute it. The virus itself can only infect systems with IE5.5, but Visual Studio installs and requires IE 6.0. All the files used by the product were virus scanned y MS and came up clean... tehre was simply one file that is no threat accidently included on the disk. FUD indeed :)