Posted on 06/11/2009 8:49:43 PM PDT by MeneMeneTekelUpharsin
Was downloading a video from the internet (Kung Fu movie) when my Avast anti-virus software first warned me of a trojan (from the find site) and then a worm. I deleted both. Both Avast and Trend Micro House Call show no infection. However, on my Facebook account, something sent an ugly message with an even uglier link (which also warned on a virus) to everyone on my Facebook. I do not automatically log in to Facebook, I put in my password every time. How did it do that?
Sure it was a Kung Fu movie?
ROFL I was just going to ask that!
Do you remember the name of the worm or virus ?
Sorry can’t help, I have a mac.
First thing to try: system restore
(start/progs/access/system tools/system restore). You attempt to restore your computer to a previous date. You won’t lose data files, but might need to reinstall anything that you may have installed since the date of restore.
Many viruses immediately delete restore points.
Try www.malwarebytes.org. My kids just did something similar tonight looking up song lyrics. Malwarebytes worked and only required a reboot.
However, I was working on a computer for a client who got a virus off of some sort of facebook video last week and it was the worst I’d ever seen. Any geek squad would have slicked the hard drive. Hopefully you won’t be in that boat. I spent over 12 hours saving her computer from a necessary format.
The symptoms for the “nasty” virus: malwarebytes will detect the virus and then crash when trying to clean.
My resolution: note each and every occurrence on paper. Clean all registry keys and delete all infected files that you can manually. Then, use an XP disk and boot to recovery mode. Delete any infected files in the windows directories that you were unable (because they were in use) in normal mode. Boot to safe mode and scan again. Repeat the process until you get a clean scan.
If it’s that deep, system restore is probably infected as well.
Nothing but Mac since 1986. I know zero about PC.
I had terrible trouble when koobface got to my computer via Facebook. None of my usual fixes worked. What finally solved things for me was the Kaspersky antivirus program:
http://usa.kaspersky.com/downloads/
Might work for you. I’d give the 30 day home version a try.
I’m guessing it attacked once you logged onto Facebook, not before that. Unless you have some evidence that says otherwise...
There are a couple of possibilities that I can think of (but I am by no means a Windows Virus/Worm/Trojan expert, as I am an Apple user):
First - are you 100% certain it was your installed Anti-virus that was “alerting you” with a pop-up? One of the biggest and most successful ploys to get folks to install trojans is to use a pop-up that masquerades as a message from some anti-virus and installs, with your permission, when you click it.
Another possibility, as someone else pointed out, is - are you sure you downloaded what you think/say you did?
And finally, from within facebook itself, some people put up nefarious links claiming to be something else of interest - you may have clicked one of those - thus opening yourself to a trojan or worm that used your facebook account info, generating those horrible messages for all your friends to be spammed with (and some will likely fall for it and get hit themselves).
About once per month, someone on my friend list gets something like that.
I am so glad those bugs don’t affect Apple’s OS X operating system. IT would upset me pretty seriously if something like that were to be posted under my name.
Wrong - the security by obscurity myth doesn't fly - there have been operational worms and viruses written for FAR more obscure operating systems than Apple's OS X.
A better analogy would be deploying a bioweapon in an area where the inhabitants all have incredible immune systems where no-one has been sick from a virus or other infection in 15+ years. Not going to say you CAN'T make them sick, but the effort to come up with a bug that will actually make one sick and be contagious too is more trouble than it is worth.
Oh - and there have been several attempted viruses/trojans for OSX - but none have successfully made it to the "wild" in a form that poses any risk or danger to users.
I recently was hacked by a website I found chasing the news.
Got a message from my virus program that I had a trojan, but it would not remove it.
Used every tool I had in my tool box, and I have been chasing this stuff for many years for others, nothing worked.
Every time I removed the Trojan and rebooted it would come back. Then I rebooted without the network cable attached and the trojan did not return. It was being downloaded from the web at each reboot. When I reattached the network cable it immediately downloaded the Trojan again.
Called my company’s IT tech and he suggested a small fast free utility. It is a command line tool that is used in Safe Mode, but it did the trick.
Called SmitFraudFix
Download at:
http://siri.urz.free.fr/Fix/SmitfraudFix_En.php
Cannot predict the results, but it fixed the problem and nothing else I used did.
I think it was either attached to the WinSoc or in the Start-up boot sequence.
The people who invent these viruses are twisted individuals who need to get a life.
Trend Micro said it was Trojan_bredolab.bn, Trojan_download.xt and Worm__Koobface.id. Avast just said trojan and worm and gave option to delete them, which I did. However, worm warning came up again last night.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.