Hi!
Just a quick clarification, for what its worth... ;)
It would appear that the .jpg file was actually a renamed Word .doc
file. It was infected with the now infamous Melissa Trojan. At least at
this point (;)) it is not be possible to spread a virus through the use
of any non-executable file / macro.
If you had tried to view it with a graphics viewing program, 1 of 2
things would have happened. It is possible, although unlikely, that the
screen would have displayed graphical garbage. Unless someone went
through the trouble of attaching a JPEG header to it, option 2 would
probably occur. Option 2 is that your program would display an error
message to the effect of "Unrecognized Format". In the first case, you
would be unable to open the (corrupted) document in Word. In the second
case, you would have to manually open it up in Word in order for it to
spread. In either case, viewing it with a graphics viewing program such
as ACDSEE, etc. will not infect your computer as long as the program
does not 1. recognize that is a misnamed document file and 2. attempt to
launch Word to read it. (I do not believe any graphics programs right
now have the ability to do 1.)
HTH! :)
**Digression Starts Here**
On a side note, I actually have been curious as to how Melissa would be
classified. One one hand, it works like a Trojan Horse. That is, it
pretends to be something useful / desireable in order to get you to open
it. Once opened, it does something nasty -- e-mailling itself to the
first 50 people on your Outlook Address Book. Thus, it has spread itself
to the e-mail boxes of 50 more people. Of course, they must now open it
with Word, but... ;) My best guess at classification right now would be
a Trojan, but...?
**End Digression** (Phew! Sorry about that!)
Have a great day everyone! :)
Andrew Berg
Linda Aldridge wrote:
>
> Here is a new one!!!
>
> Someone has posted the Melissa Virus as an attachment on some of the ng's,
> it's entitled:
> "netdiag.jpg", that's correct!!! the extension is .jpg. The latest Virus
> Definitions of the Major AV Programs will detect and clean it. I sent it to
> Symantec (Norton), and here's their response:
>
> > We have analyzed your submission. The following is a report of our
> > findings for each file you have submitted:
> >
> > filename: C:\Windows\Desktop\netdiag.jpg
> > machine: <snipped>
> > result: This file is infected with W97M.Melissa.A
> >
> > The attached file is a self extracting zip containing updated virus
> > definitions for Norton AntiVirus to successfully detect and repair
> > this virus.
> >
> > Developer notes:
> > C:\Windows\Desktop\netdiag.jpg is a word document that contains macros.
> > C:\Windows\Desktop\netdiag.jpg is detected and repaired by the latest
> definitions.
>
> This is the first time I've ever heard of a virus being contained in
> something other than an executable or a "macro", and I honestly don't know
> what would have happened if I attempted to open it. I "cleaned" it with
> Norton, changed the extension to ".doc", and found that it contains a list
> of Adult Porn Sites with passwords for them. I wonder how many "kids" have
> figured out how to open it, and thereby infected themselves and many others?
> I also checked it with a "hex" editor, and it's for real. Please be careful
> folks.
>
> Linda Aldridge
>
> Curious about the people moderating your
> messages? Visit our staff web site:
> http://nospin.com/pc/staff.html
--
Andrew Berg
______________________
[log in to unmask]
Curious about the people moderating your
messages? Visit our staff web site:
http://nospin.com/pc/staff.html
|
