Updated - August 17, 2010
In my last blog, I listed some of the FREE computer security programs that I use and recommend. What I didn't post in that blog was the question that prompted my answer. Also, see that blog for any updates I have done and may do about "Some Computer Security Programs That I Use And Recommend".
Since then, more and more of my Yahoo Messenger (YM) friends have become infected and then their YM program starts sending out IM's with a malicious link and if any of their friends click on the link, they can then become infected if their computers are not properly secured.
Below, is the original question in the Yahoo Messenger Yahoo Group, http://groups.yahoo.com/group/Yahoo_Messenger, and my reply...
-----Original Message-----
From: Yahoo_Messenger@yahoogroups.com
On Behalf Of
Sent: Sunday, July 25, 2010 7:43 PM
To: Yahoo_Messenger@yahoogroups.com
Subject: [Y!M] virus I think
Every time I use messenger I get a window popping up giving a message, Is this your picture and a address (link)... This same thing is going to everyone in my address book for the messenger.. The address does not open up anything but it keeps duplicating itself.
How do I find out if this is a virus and help to get rid of it?
AND MY REPLY:
-----Original Message-----
From: LNVTM1 - Lenny Vasbinder
Sent: Sunday, July 25, 2010 8:23 PM
To: 'Yahoo_Messenger@yahoogroups.com'
Subject: RE: [Y!M] virus I think
DO NOT CLICK ON THE LINK.
Whoever is sending you those IM's is infected by having clicked on the link and now their YM is sending out malicious IM's to everyone on their friends list... and probably every other person out there as well.
If you've already clicked on the link, you are likely infected as well, unless you are absolutely, positively sure that your computer is super secure.
Since I do keep my computers super secure, I did test the link when I got one of those IM's from someone on my friends list and it immediately tried to start downloading a file which my security software promptly stopped and alerted me to the malicious attempted download.
If your computer security programs did not alert on the file and allowed the file to download, then you are infected.
You should update all of your computer security programs (antivirus, antispyware, antimalware, etc.), disconnect from the internet, re-boot your computer into safe mode and run scans until you have removed or quarantined all traces of the infection.
With Yahoo Messenger and EVERY other IM program that I've ever used, you will get a certain number of malicious IM's, mostly from strangers but occasionally from infected friends. If you get an IM with a link, DO NOT CLICK THE LINK without first asking your friend if they sent the link and ask them what the link is to (usually they have no clue they are infected and their YM is sending out these malicious IM's). When they say "Huh???", you know they are infected and you can forward these same instructions to them.
The prevalent use of URL shortening services is making this even more of a problem as hackers who start these virus campaigns can use a URL shortener so folks don't even know the real URL that they will be sent to. I ONLY use http://TinyURL.com and use the PREVIEW mode so when I click on a TinyURL link, it will open to a TinyURL page that shows the full sized link and then I can choose to go to that link once I know where it will be sending me.
BTW, there is no need to spend a single penny on security programs. ALL of the *good* companies make their programs available to home users at no charge, either by a fully or mostly functioning download or as an online scan.
I use and recommend:
Comodo Internet Security http://www.comodo.com/ as a FREE and fully functioning security suite that has a professional featured, award winning firewall, good antivirus with real-time and scheduled scanner and good real-time antimalware protection.
MalwareBytes http://www.malwarebytes.org/ as a backup scanner for when needed or folks that surf the net wildly, they can do weekly scans just to make sure that their main security didn't miss anything. NO SINGLE PROGRAM IS 100% EFFECTIVE.
SuperAntiSpyware http://www.superantispyware.com/ as another backup scanner for when needed as above.
a-Squared FREE http://www.emsisoft.com/en/software/antimalware/ as another backup scanner for when needed as above.
SpywareBlaster http://www.javacoolsoftware.com/spywareblaster.html - This doesn't do any scanning or use any system resources. You simply download the updated definitions on a weekly basis and enable them to protect your computer from LOTS of malicious websites, adding them to your Hosts file, and also block LOTS of malicious drive-by software.
Spybot http://www.safer-networking.org/ - I really only use the Immunization feature on this program although it does have a scanner as well. The Immunization feature will build a nice Hosts file to supplement the one with SpywareBlaster and also further protect your Registry. I do use the scanner from time to time to look for Flash Cookies that CCleaner might miss.
I haven't used this next program but I have read lots of good reviews about Microsoft Security Essentials. I think Comodo is TEN TIMES better especially as far as the firewall since MSE only uses the standard Windows Firewall which I find to be NOT very good. You can get MSE for FREE and also use the FREE online scan from Microsoft, called Windows Live OneCare. http://onecare.live.com/site/en-us/default.htm - RUN the FULL SCAN once a month and it will check your system online for virus/malware and also do a cleanup and tune-up of your computer, repair your registry and also defrag your hard drive.
NOTE - See the UPDATE that I did to my main blog about security programs that I use and recommend here http://lennythecomputerguy.blogspot.com/2010/08/some-computer-security-programs-that-i.html
HTH!
Lenny Vasbinder
________________________________
From: vera murad <vmurad42@yahoo.ca>
To: Yahoo_Messenger@yahoogroups.com
Sent: Tue, 17 August, 2010 5:25:28 AM
Subject: [Y!M] display image
hello,
i am new in this group, and i am looking for help with my YIM
during 2 years i have a permanent problem : nobody from my contacts can see my photos from my display image, and instead they see a black box, but all yahoo pictures and avatars from my display image can be seen by all of them
i did everything i could, i downloaded an optimized IE8, FireFox, and updated to the last adobe, i tried to uninstall and install different YIMs, to delete the icons caches, to delete the icons folder, the profiles folder, etc. i followed all reasonable instructions, but nothing worked...
i suspect that something happened to my files responsible for showing my photos, they could be corrupted, changed, deleted, or misplaced because i noticed that my YIM is often hacked
i hope someone can help
vera
-----Original Message-----
From: Yahoo_Messenger@yahoogroups.com [mailto:Yahoo_Messenger@yahoogroups.com]
On Behalf Of Kevin Armstrong
Sent: Tuesday, August 17, 2010 2:26 AM
To: Yahoo_Messenger@yahoogroups.com
Subject: Re: [Y!M] display image
Hi Vera
What do you mean "my YIM is often hacked" ?
If you go into chat rooms, you will inevitably be blasted by numerous 'bots' .. electronic messages not from real people .... these will continue even after you sign out. This is hardly 'hacked'.
I have been using Yahoo IM for many years .. and only one problem ... I clicked a link sent to me in an IM chat message - and unfortunately I had disabled my virus protection. NEVER click a link in chat IM ... NEVER !
Kevin
-----Original Message-----
From: Lenny Vasbinder
Sent: Tuesday, August 17, 2010 10:25 AM
To: 'Yahoo_Messenger@yahoogroups.com'
Subject: RE: [Y!M] display image
Well, I don't know about "NEVER" but one should definitely proceed with caution with links in any IM program or emails also... especially if their computers aren't very secure.
When I get an IM with a link from someone and were weren't chatting already, I don't click on the link until I start chatting with the person first and ask them if they sent the link... unless it's a link to a benign site like a YouTube link or their blog or something like that. If it's a link to a shortened-url type website those are very suspicious since you can't see where you're going first.
Now that said, if I'm chatting with someone and we're showing each other articles or websites for information, then if they send me a link, unless the link is a shortened-url type link, I'll click on it without worry, especially if it's a full URL where I can see where it's going to bring me.
Of course, I keep my computers pretty secure... probably in the upper 95% of computers on the net, IMO... so I'll even click on suspicious links sometimes just to see what they try to do and to make sure my computer's security is working like it is supposed to work. I do daily backups of my important files and weekly to monthly cloning/imaging of my hard drives so if I should ever muck things up by clicking something I shouldn't have, it won't be a disaster for me.
I do agree with you about "being hacked" though. ;-)
Lenny Vasbinder
Phone - 504-667-5111
Skype - LennyTheComputerGuy
YM - LennyTheComputerGuy
http://lennythecomputerguy.blogspot.com/
My Yahoo Messenger related blogs:
http://lennythecomputerguy.blogspot.com/search/label/Yahoo%20Messenger
FREE and automatic online remote backup of your documents, photos and files... https://mozy.com/?ref=SY4ZSI Check out how simple and secure it can be to use the Mozy remote backup system. Mozy will back up your most important files and folders every day/night while you aren't using your computer.
Here is Yahoo's official answer about this virus...
Yahoo! Messenger Sending Messages Automatically
http://help.yahoo.com/kb/index?page=content&y=PROD_MSNG&id=SLN110
-----------
Please click the "Yahoo Messenger" link (under Labels) on the left side panel for more blogs about Yahoo Messenger.
Please click the Comments link below to leave a comment OR if you need help with any of the above programs.
No comments:
Post a Comment