Jun 1, 2010

Memorial Day Facebook Virus Attack!

This is an email I edited from a fellow peer.
For you Facebook users, there are one or more serious viruses floating about. A link describing them is below. I've cleaned several computers in the last 3 days of the same virus; all of them are avid Facebook users.

Click here to go to it direct Article or read below
Article content:
A warning to Facebook users, a clickjacking worm is spreading quickly through the social networking site. It infected hundreds of thousands of unsuspecting users over this past Memorial Day weekend.

This malware works by placing interesting stories with links on Facebook accounts. When you click on these links, you are taken to a third party website that says “Click Here To Continue”. Clicking anywhere on this page loads a virus onto your system and adds the story to your own Facebook page.

Messages currently being used to entice clicks include:
“LOL This girl gets OWNED after a POLICE OFFICER reads her STATUS MESSAGE.”
“This man takes a picture of himself EVERYDAY for 8 YEARS!!”
“The Prom Dress That Got This Girl Suspended From School.”
“This Girl Has An Interesting Way Of Eating A Banana, Check It Out!”
“20 Chuck Norris Facts You Probably Didn’t Know.”

If you have become a victim, delete any of these spam messages off your Facebook feed to avoid spreading it to your friends. It can also show up on your interests page, so check there as well. You should also update your anti-virus software and then do a system scan to remove this Troj/Iframe-ET virus from your computer.

Be mindful what links you click and what sites you visit in general.


Update June 15, 2010

I forgot to post the tools and process that I used to clean the computers. I would download Malware Bytes Free edition but I would recommend for you to purchase the full version as it will automatically update and scan your computer. I believe it is only $25 but the best money you spend on Anti-Spyware/Malware tools. Click on link to download direct Malware Bytes.

In Normal Mode:

Disable System Restore:

  1. Left click on "Start" on the lower left of your computers desktop.

  2. Right click "My Computer" and select "Properties".

  3. The "System Properties" window will open, select the "System Restore" tab, Left click on the box next to "Turn off System Restore on all drives", and then Left click on "OK" at the bottom of the "System Properties" window. It could take a few minutes for the "System Properties" window to close.
Installing MalwareBytes
  1. Download, install, and update definitions after you install MalwareBytes.
  2. Now run the first scan. Leave it on "Perform Quick Scan" then click on the button label "Scan".
  3. After the scan is complete it will automatically check mark everything that it detected and Notepad will open to display the scan results. You can close that since it is just for your records.
  4. Select to remove all. MalwareBytes may inform you that it needs to reboot to complete the clean up.
  5. Reboot the computer into Safe Mode even if it doesn't say that it needs too.
Entering Safe Mode:
  1. To enter "Safe Mode" reboot your computer and as it displays information in the "Black Screen" start tapping F8 with a slight pause (less than a second) several times. If you get a selection list with "Safe Mode", "Safe Mode with Networking", etc you have performed the steps to start the computer in "Safe Mode".
  2. Select "Safe Mode" and you will see alot of things loading on your screen.
  3. After a minute or 2 you will see a pop-up stating that you are running in "Safe Mode".
  4. Login to your desktop if it doesn't already startup at your desktop.
  5. Open MalwareBytes and run another "Perform Quick Scan".
  6. After the scan is complete and you remove any infection found, you should have a clean computer.