Virus warning ! - read this immediately -

There is nothing there but a bunch of images. There is no way you can get a virus by viewing an image.

 

Log in or Sign up to hide this ad.

Sorry for being so late to the thread. My computer nor my images are infected. searches for bloodhound turn up zero. I am getting ready to run a malware sniffer just to be on the safe side however those programs bug me out because you have to turn off the protection. lol


I just downloaded an image an image from photobucket and ran a scan on it, and it shows NOTHING! I might add that Norton 360 scans all downloaded files automatically.

Thankfully others here know a little something about computers, than the people running the show here. talk about facts.... lol


FWIW - Here is a simple screenshot of my virus protection that runs in the background all the time.

Hosted on tinypic for all you paranoids!



Do I need to post a shot of how aggressive my settings are...


Doug - Please produce the screen shot you are getting with your virus warning and maybe some of us can help you with what ever problem you are having otherwise without a screen shot - There is no choice left but to view this thread bunch more needless unsubstantiated factless blustering.

 

Never the less, there is something wrong at photo bucket, This site gives a little insight, and of course they wouldn't say if their area has been attacked or not, but I do not think it is coincidence that they have been running a long maintenance on certain servers. IMO

http://www.customerservicenumbersblog.com/2011/04/photobucket-is-undergoing-maintenance.html

http://www.greybloomdesigns.com/2011/04/photobucket-maintenance/

and many more if you google. the problem is not just paranoia on this board, there is a problem. PBucket isn't saying what.

Jim

 

From photobucket's facebook page:

"Hey PB peeps - just got an update on the maintenance issue - looks like after 12am MDT (-6 GMT) for things to get back to normal. Thanks for your patience in this matter as we get the small percentage of users back to normal. Our sincere apologies for the inconvenience.

The Photobucket team."

 

Actually, GDI+/JPEG Vulnerability allows miscreants to embed a code into a functional .jpg file that will exploit a vulnerability in windows file gdiplus.dll, which can lead to infection. It is a few years old issue and users should have their Windows updated long ago, but still, just saying it is possible. BTW, media files like MP3 and WMF can also be malicious on outdated Windows systems.

 

I gotta Mac. Whew!!!

 

Suave guy. That was really suave.......

 

That's a different issue altogether. Like I said, you ABSOLUTELY CAN NOT imbed the bloodhound virus into a jpeg image, it HAS to come from an executable file. Also the problem you describe does not apply to "drive by" viewing of images hosted at photobucket or anywhere else. You would have to download the file to your computer and then open it.

 

Definately a problem with PB. I heard other people complaining on a different, non-coin related forum as well. I suspect the problem is with their web page code that was likely hacked.

 

Read again what i posted. What is embedded into the jpg file is a special code that overflows the memory stack of Windows DLL file. After the initial exploit of DLL, a second part of the code embedded directly into system memory. That code instructs the system to download an executable from a remote location (usually some hacked website) and runs it inside Windows, which only then leads to actual infection.

FYI, every image you see on your screen is being downloaded by the system, it just happens without user involvement. Images you see are being downloaded into cache folder of your browser, parsed by the appropriate graphics engine of your system and then displayed inside the web page in your browser. This is the only way your browser knows how to show you images.

 

We're not talking about that particular vulnerability though; we're talking about the bloodhound virus. This has nothing to do with that. The bloodhound virus can't be imbedded in a jpeg.

 

Of course we are not talking about this particular vulnerability, i don't even know if it is indeed a vulnerability. I am just explaining the general idea, which says that ANY virus, including bloodhound, can be downloaded through a specially crafted image file. But it seems you refuse to understand my explanations, so i`m done.

 

This is from Dell SecureWorks. You are wrong. ANY virus can't be imbedded and spread in a true(meaning undisguised) jpeg file.

 

I really wish people would stop doing this! Just because you have a Mac doesn't mean that you are immune to viruses! Virus protection is available for Macs as well because they are also susceptible. Apple did a wonderful job promoting the fact that (as recently as a few short years ago) there were no known viruses for Mac. This was an awesome selling point, but what it also did was basically lay down the gauntlet to any and all malicious programmers to start writing malware for Macs because a) there were, at that time, no virus protection programs for Mac, and b) the overwhelming majority of Mac users believe that they are impervious to malware simply by virtue of using one.

This type of misinformation and complacency is what happens right before something big blows up in people's faces.

I'm not sayin... I'm just sayin...

 

This is from Microsoft TechNet:

JPEG Vulnerability - CAN-2004-0200:

A buffer overrun vulnerability exists in the processing of JPEG image formats that could allow remote code execution on an affected system. Any program that processes JPEG images on the affected systems could be vulnerable to this attack, and any system that uses the affected programs or components could be vulnerable to this attack. An attacker who successfully exploited this vulnerability could take complete control of an affected system.

How could an attacker exploit this vulnerability?
Any program that processes JPEG images could be vulnerable to this attack. Here are some examples:
•An attacker could host a malicious Web site that is designed to exploit this vulnerability through Internet Explorer 6 and then persuade a user to view the Web site.
•An attacker could also create an HTML e-mail message that has a specially crafted image attached. The specially crafted image could be designed to exploit this vulnerability through Outlook 2002 or Outlook Express 6. An attacker could persuade the user to view or preview the HTML e-mail message.
•An attacker could embed a specially crafted image in an Office document and then persuade the user to view the document.
•An attacker could add a specially crafted image to the local file system or onto a network share and then persuade the user to preview the directory by using Windows Explorer.

http://www.microsoft.com/technet/security/bulletin/ms04-028.mspx

(This means any code can be run, and it can be run inside a browser.)

This is from US-CERT:

Vulnerability Note VU#290961
Microsoft Windows GDI+ ICO InfoHeader Height division by zero vulnerability
Overview
Microsoft Windows GDI+ fails to properly handle ICO files, which could allow a remote, unauthenticated attacker to cause a denial-of-service condition.
I. Description
Microsoft Windows Graphics Device Interface (GDI+) is an application programming interface (API) that provides programmers the ability to display information on screens and printers. GDI+ includes the ability to process ICO (icon) image files. There is an integer division by zero vulnerability in the way the ICO parsing component of GDI+ (Gdiplus.dll) handles ICO files with a Height value of zero in the InfoHeader section of the ICO file. By introducing a specially crafted ICO file to the vulnerable component, a remote attacker could trigger an integer division by zero denial-of-service condition.

Windows Explorer has been shown to be vulnerable, however any application that uses the GDI+ library may be vulnerable.

http://www.kb.cert.org/vuls/id/290961

(This means there is another vulnerability in GDI+, in ICO files, and whoever wrote that on Dell SecureWorks, should stop writing on topics he does not understand. Consider researching yourself, instead of trusting someones "simple details").

 

Taxidermist, thanks for doing the legwork on this. I wanted to point out that yes, you very well can get hit by malware just by viewing a JPEG, but I didn't have the references at hand.

It's worth noting that even Macs were vulnerable to certain JPEG exposures in the past, but I'm not aware of any widespread exploits in the wild. We're still perceived as a smaller and lower-value target than the Windows community.

I have no input on the malware Doug apparently detected, nor why he would see it and others wouldn't. I will say, though, that false positive detections are definitely a problem in general.

 

1st, Doug, thank you! and I mean that sincerely. It helps to see what triggered all of this. Certainly that was not the first time you clicked on one of my pictures? That in itself should have told you that it is a photobucket problem or something new with your virus protection update that does not like in the Photobucket images.

Anyways, I have multiple layers of protection. I have a small network of 6 computers and wireless between the laptops and phones, some are hard wired like the master and a slave in my office, 2 file servers.



I take the issue of viruses seriously - I prefer to pay for services, not much different than the reason I sent money in support of CT - I think it is good Karma and the right thing to do??

I paid $100 for software protection just about a year ago. I have 41 days left. (even though Comcast, my ISP offer what looks like the same virus protection for free. ( I also have an upgraded Internet account with Comcast) - It only seems to help upload speeds.

I recently fell victim to a FireFox Google redirect virus - 10/10
*Norton360 did not catch/stop that redirect virus.
*Noton - Telephone support and opening my computer to them, did not fix the problem.
THEY WANTED $100 MORE from me for special services to TRY and fix. what was the point of the 1st $100?? I don't surf porn sites or any other questionable sites.

*Paying for software that did not catch that common redirect virus taught me that Norton does not (apparently) support FireFox browser issues.

It was an easy solution in my mind, I dumped FireFox and installed CHROME.. no more Google redirects. I use GOOGLE a lot as does my other half. We watch TV and google stuff all the time for conversation and education, current events, health issues and entertainment. TMI but in the interest of full disclosure, why not?

The point is: THat I pay for virus protection and I pay Photobucket for hosting my images. If something that originated from me is causing a problem..... then I most certainly want to know about it. I am essentially paying for services that don't work/perform as intended.

I ran a full 3 hour scan last night after getting your email and there is nothing on my computer nor in the images: Bloodhound is 2 years old since first found. This is a screenshot from a couple minutes ago. - tinypic.com hosts this image (Is this image infected)




Doug when talking to PB - (while they may know this) I have an upgraded account. Meaning that I pay money for it.

Does anyone else here pay Photobucket for hosting?

I am curious about something. Doug, you know the picture I have post of the boxed proof sets? That picture was shot with a different camera, uploaded to photobucket by a different computer, back when I had the basic (free) photobucket account. Could you see if you get that warning on that picture?