Results 1 to 3 of 3

Thread: Yahoo Messenger Worm

  1. #1

    Thread Starter
    Frenzied Member zynder's Avatar
    Join Date
    Nov 2006
    Location
    localhost
    Posts
    1,434

    Question Yahoo Messenger Worm

    Hi guys,

    My friend got this worm from YM by clicking a link sent out by one of her friends.

    Now I'm fixing her computer. To my surprise, I cannot run an exe except for Firefox.

    I cannot install Hijackthis. I cannot run msconfig or any anti virus. The worm closes it automatically.

    Any input is greatly appreciated.

  2. #2
    PowerPoster Nightwalker83's Avatar
    Join Date
    Dec 2001
    Location
    Adelaide, Australia
    Posts
    13,344

    Re: Yahoo Messenger Worm

    No sure if this will help or not?
    when you quote a post could you please do it via the "Reply With Quote" button or if it multiple post click the "''+" button then "Reply With Quote" button.
    If this thread is finished with please mark it "Resolved" by selecting "Mark thread resolved" from the "Thread tools" drop-down menu.
    https://get.cryptobrowser.site/30/4111672

  3. #3
    Discovering Life Siddharth Rout's Avatar
    Join Date
    Feb 2005
    Location
    Mumbai, India
    Posts
    12,001

    Re: Yahoo Messenger Worm

    Yes the name of the worm is W32.Yimfoca. All that I wanted to say about that worm is already in that link by NW.

    Few more things that I would like to add... (Which I didn't see in that link... Ignore the below if it is already mentioned)

    This worm copies itself to %WinDir%\infocard.exe, then it adds itself to the Windows Firewall List, modifies registry keys, and stops the Windows Updates service...The worst part is that it keeps on dropping software onto infected computers that can be used to turn them into zombies on a botnet!!! Also the most scariest part is that it adds itself to the Windows Firewall List there by creating a back door...

    It is usually transmitted via yahoo as zynder suggested...

    You might think that it is an image from a face book profile or from My Space.. It looks something like this...

    http://blahblah.com/image.php

    What makes it worse is that most of the times it comes from an ID which you already know

    One should be careful while downloading stuff from IM's. Ensure that your anti virus is updated always and if you do NEED to download something from IM then simply don't directly click it... Right click on it and do a "Save As". Your anti virus will automatically scan it when the download is over but if it doesn't then my recommendation is to scan that file manually by right clicking on it and selecting the option "Scan with <your antivirus>"

    Hope this helps...
    A good exercise for the Heart is to bend down and help another up...
    Please Mark your Thread "Resolved", if the query is solved


    MyGear:
    ★ CPU ★ Ryzen 5 5800X
    ★ GPU ★ NVIDIA GeForce RTX 3080 TI Founder Edition
    ★ RAM ★ G. Skill Trident Z RGB 32GB 3600MHz
    ★ MB ★ ASUS TUF GAMING X570 (WI-FI) ATX Gaming
    ★ Storage ★ SSD SB-ROCKET-1TB + SEAGATE 2TB Barracuda IHD
    ★ Cooling ★ NOCTUA NH-D15 CHROMAX BLACK 140mm + 10 of Noctua NF-F12 PWM
    ★ PSU ★ ANTEC HCG-1000-EXTREME 1000 Watt 80 Plus Gold Fully Modular PSU
    ★ Case ★ LIAN LI PC-O11 DYNAMIC XL ROG (BLACK) (G99.O11DXL-X)
    ★ Monitor ★ LG Ultragear 27" 240Hz Gaming Monitor
    ★ Keyboard ★ TVS Electronics Gold Keyboard
    ★ Mouse ★ Logitech G502 Hero

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  



Click Here to Expand Forum to Full Width