Well when i went to this site, it didn’t even ask me for my passowrd. It was just some pictures of some skinny chicks in bikini’s. I’ve virus scanned and spybot scanned, and nothing has shown up. Any chance I’m infected with anything?

My Yahoo Instant Messenger has been signing me out for a few days not, saying I was logged in on another device, or computer. I wonder if it is a hack, piggybacking on YIM, because I have Norton Internet Security and Personal Firewall installed, and they have shown nothing. I was chatting with a scammer from Nigeria, told them off, and they said they were going to get their friend from India to hack my Yahoo password. I wonder if it actually happened?

This has been happening to several of the people in the Yahoo group I am in, http://groups.yahoo.com/group/romancescams, which fights back at the criminal scam element, mostly Nigerian.

recently, while I’ve been chatting on YIM, I get automatically logged out with no dialogue box explaining why

i have been affected by the same thing and now i cant access my mail.It says that my password is invalid.Please help!!!

Are any of you using the Meebo IM service?

hello people!im glad to see some discussion going on about this common problem which all of us seem to have come across lately. Infact, i didnt even suspect that it could be some sort of bug until i came across the similar offline a few days later.The first time i came across it, as soon as i relaised that the said geocities link took me to my own yahoo fotos i called up the id of my friend whom i received the link from n asked him why did he send something so stupid n he told me he never sent anything like that in the first place.thatz when i found something was Phishy…i dont think personally i was affect by it till now as im able to log in n out of my messenger n mailbox normally but i feel it is rather safe to change our passwords beforehand as Raj has suggested in the last post than regret later like him.Thank u n sorry for you at the same time pal coz i understand how it must be to lose all the info n address as i have all my contacts saved on yahoo too…bubyee

I never received a url but when I try to use Yahoo! IM, it logs me out and says “you are already logged in on another computer or device”. It almost looks as if it logs me in twice on my computer when I open it up. Does anyone know if this can be fixed??

OK… I changed my yahoo password… but what damage may have already been done to my computer, and how can I tell? I’m having trouble with my Spybot Search and Destroy, and my Outlook programs… could it be cause by whatever this Yahoo thing is?

i m using analox proxy s/w for internet sharing,
when i am trying to log in from any machine in my lan it gives me following error:

you are signed out because you are signed in on a different computer or device

sometime i can log in, but while entering in chat room it gives me same problem & i get signed out of messenger,
plz help me,
contact me at dj82_2006@yahoo.com

thank you,

guys, any body have a removal tool for this stuff,,
its spreding from my yahoo

Friends

i got a phishing url
http://www.geocities.com/dont_try_this_a
t_home_14/ which will take you to the yahoo flickr page and if u login using ur yahoo account your password is hacked. i lost my password and luckily recovered my password. i had a look at the phising page. it seems that the guy with email jackedurname@gmail.com is doing the trick and the information is posted to url “http://www2.fiberbit.net/form/ma
ilto.cgi” (its somewhere in japan).

I haven’t been able to log on to my messenger most of the day. Within the past day or two, my messenger is not showing me when I have mail, or it’s showing I have mail when I don’t. What’s the problem?

As of today I am unable to access Messenger or my email…help! In the past I have been able to reload my messenger with dll and winzip and I have simply used the refresh button access my yahoo email. I am refreshing my AVG virus protection……but what can I do to correct this problem?? Thank you for you input…..

I received the link to the geocities website. I didn’t suspect anything when i log in using my username and password. Now, i can’t access my yahoo email…:(
I have been using this account for about 10 years and i couldn’t remember the particulars i’ve entered. Thus, i’m unable to get a new password.

Can Yahoo or some one pls help.

Hi Friends,

I am another victim of this virus.I have this account from last 10 years and whole information was gone.

I would be grateful if anybody advice me on how to fix it.

regards
Murthy

Discovered: April 23, 2005
Updated: June 26, 2005 04:24:19 PM PDT
Also Known As: Backdoor.Win32.SdBot.gen [Kaspersky Lab], W32/Sdbot.worm.gen.j [McAfee], W32/Sdbot-Fam [Sophos], WORM_SDBOT.GEN [Trend Micro]
Type: Worm
Infection Length: 33,739 bytes
Systems Affected: Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003, Windows XP

The following instructions pertain to all current and recent Symantec antivirus products, including the Symantec AntiVirus and Norton AntiVirus product lines.

1. Disable System Restore (Windows Me/XP).
2. Update the virus definitions.
3. Run a full system scan and delete all the files detected as W32.Velkbot.A.
4. Delete any values added to the registry.

For specific details on each of these steps, read the following instructions.

1. To disable System Restore (Windows Me/XP)
If you are running Windows Me or Windows XP, we recommend that you temporarily turn off System Restore. Windows Me/XP uses this feature, which is enabled by default, to restore the files on your computer in case they become damaged. If a virus, worm, or Trojan infects a computer, System Restore may back up the virus, worm, or Trojan on the computer.

Windows prevents outside programs, including antivirus programs, from modifying System Restore. Therefore, antivirus programs or tools cannot remove threats in the System Restore folder. As a result, System Restore has the potential of restoring an infected file on your computer, even after you have cleaned the infected files from all the other locations.

Also, a virus scan may detect a threat in the System Restore folder even though you have removed the threat.

For instructions on how to turn off System Restore, read your Windows documentation, or one of the following articles:

* How to disable or enable Windows Me System Restore
* How to turn off or turn on Windows XP System Restore

Note: When you are completely finished with the removal procedure and are satisfied that the threat has been removed, reenable System Restore by following the instructions in the aforementioned documents.

For additional information, and an alternative to disabling Windows Me System Restore, see the Microsoft Knowledge Base article: Antivirus Tools Cannot Clean Infected Files in the _Restore Folder (Article ID: Q263455).

2. To update the virus definitions
Symantec Security Response fully tests all the virus definitions for quality assurance before they are posted to our servers. There are two ways to obtain the most recent virus definitions:

* Running LiveUpdate, which is the easiest way to obtain virus definitions: These virus definitions are posted to the LiveUpdate servers once each week (usually on Wednesdays), unless there is a major virus outbreak. To determine whether definitions for this threat are available by LiveUpdate, refer to the document: Virus Definitions (LiveUpdate).
* Downloading the definitions using the Intelligent Updater: The Intelligent Updater virus definitions are posted daily. You should download the definitions from the Symantec Security Response Web site and manually install them. To determine whether definitions for this threat are available by the Intelligent Updater, refer to the document: Virus Definitions (Intelligent Updater).

The latest Intelligent Updater virus definitions can be obtained here: Intelligent Updater virus definitions. For detailed instructions read the document: How to update virus definition files using the Intelligent Updater.

3. To scan for and delete the infected files

1. Start your Symantec antivirus program and make sure that it is configured to scan all the files.
* For Norton AntiVirus consumer products: Read the document: How to configure Norton AntiVirus to scan all files.
* For Symantec AntiVirus Enterprise products: Read the document: How to verify that a Symantec Corporate antivirus product is set to scan all files.
2. Run a full system scan.
3. If any files are detected as infected with W32.Velkbot.A, click Delete.

Note: If your Symantec antivirus product reports that it cannot delete an infected file, Windows may be using the file. To fix this, run the scan in Safe mode. For instructions, read the document: How to start the computer in Safe Mode. Once you have restarted in Safe mode, run the scan again.

After the files are deleted, restart the computer in Normal mode and proceed with section 4.

Warning messages may be displayed when the computer is restarted, as the threat has not been fully removed at this point. Please ignore these messages and just click OK. These messages will not appear when the computer is restarted after the removal instructions have been fully completed. The messages displayed may be similar to the following:

Title: [File path]
Message body: Windows cannot find [file name]. Make sure you typed the name correctly, and then try again. To search for a file, click the Start button, and then click Search.

4. To delete the value from the registry
Important: Symantec strongly recommends that you back up the registry before making any changes to it. Incorrect changes to the registry can result in permanent data loss or corrupted files. Modify the specified subkeys only. For instructions refer to the document: How to make a backup of the Windows registry.

Note: If the Registry Editor does not open, the worm has made changes to the registry that prevent it from running. To fix this, download and run the Tool to reset shell\open\command registry keys, which also fixes this problem.

1. Click Start > Run.
2. Type regedit
3. Click OK.

4. Navigate to the subkeys:

HKEY_LOCAL_MACHINE\Software\Microsoft\Ole
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Lsa
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\
RunServices

5. In the right pane, delete the value:

“Windows Messenger Messenger” = “winmsg.exe”
6. Navigate to the subkeys:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System
7. In the right pane, delete the values:

“DisableRegistryTools” = “Invalid dword value”
“DisableTaskManager” = “Invalid dword value”

8. Exit the Registry Editor.

Writeup By: Kaoru Hayashi

Same thing happened with me , but it was from my best friends id, so i opened it and, which opened yahoo 360 and asked my login, i entered my username and password, nothing was there… Last day i got a mail from yahoo in my alternate email that my yahoo password has been changed.
Now the issue is that I dont remember the initial registration details without which I am not able get back into my account.
Any help on this is welcome

i have been told by my friends that the email the people have got is a virus. http://www.geocities.comcheck_out_my_latest_pics39

Anyone tried to click on “forgot your ID or password” in yahoo mail? You may be able to reset it if you can give the right answers and info it asks.

The same thing happened to a friend of mine and she couldn’t opened her account. We were able fix it by getting a new password.

Hope it works for all of you.

Mine were stolen too lastnight. I got up this morning and it said I was signed out on to another location and I could get in either of my accounts

ok when ever i log into yahoo as soon as my list of friends appear i get a message that says “Yahoo! Messenger quit unexpectedly. So plug-ins have not been reopened. Double-click each plug-in’s title bar to reopen it. Then i can chat to my friends but when ever i want to put one of the smileys in my conversation or left click on the messenger buddy list it, all my yahoo im windows and the buddy list dissapears and i’m logged off. It does this everytime and i dont seem to know whats the problem. But when i switch to my other account on my laptop the yahoo messenger on that account doesnt do that. Has anyone else seen or heard of this problem? And do u know what it is?

Hello Friends,

First of all i would like to tell you that, most of the people are right here about their doubts regarding phishing.

The spyware was detected on my computer by the NOD32 antivirus system so i wud recommend people to install that software. Also wud recommend the microsoft antispyware tool available from microsoft.com which also would solve the problem.
It has been stated that a virus called yhoo32.explr gets installed into your system when you click the link and hence it sends the link again from your id to others too.

Even though this solves the problem, there are a few cases in which the problem persists.

Get the latest updates for Spybot S&D too. They too have recieved information about an virus by that name so they might have found a solution for that.

And lastly, prevention is better than the cure so

Please do not click on any links on yahoo before confirming them with your friends, whom supposedly sent them, as there are many more viruses also being sent through yahoo messenger and other IM’s these days.

So if it works out please do tell me on sudhakar.vemuri@rediffmail.com.

If it does not, then also tell me, so that i can tell you of a better solution.

You can get NOD32 at flmsdown.net

Here is the latest one that just hit me and now everyone in my friends list. I was not thinking and clicked on the link and then I entered my username and password. I changed my password in time though.

pss piss
http://www.geocities.com/watch_my_funny_pics1 : )

hi friend when i open my yahoo id directly it sing out i dnt knw whats the prob but thats ma best and lucky id plzz help me friendz if u can plzzz