- slide 1 of 2
“You look just awesome in this new movie.”
If you received this message in your Facebook inbox, it’s not hard to imagine your curiosity getting the best of you. Unfortunately messages like this are typically spam crafted to trick you into unknowingly installing a trojan or virus.
In the case of the above example, the virus is called Koobface and primarily targets social networks such as Facebook and Myspace. After receiving a message similar to the one above, users clicking the link will be taken to a new web page that appears to host a flash video (Figure 1). Users click on the error message to supposedly update their Flash player and suddenly are infected with the Koobface worm.
This type of infection technique is called Social Engineering. The virus writer just had to convince you enough that you were missing out on something special so you’d click on a link and essentially infect your own computer. You can read more about Social Engineering in my article “Understanding Social Engineering – Techniques Used.”
If you fell victim to this Facebook “virus video”, you’ll be happy to know most popular antivirus applications can detect and remove Koobface. In the next section, I’ll walk you through performing some clean up.
- slide 2 of 2
The first step to do after contracting a virus is to contain it. Don’t visit any other sites that require you to log in as the virus may have the capability to capture this data. If you don’t have an active and up to date anti malware package installed, you’ll want to quickly remove the Trojan. I recommend using the free Microsoft Malicious Software Removal tool (MSRT). You can download the tool here. After downloading and running the executable, the MSRT will start and give you the ability to scan for known malware. Note that the MSRT only scans a small subset of “popular” malware so it shouldn’t be seen as a replacement for a regular anti malware application. Assuming the MSRT found Koobface, allow it to clean up the infection and reboot. Additional details on running the MSRT can be found in our MSRT Guide.
Next, I would highly recommend running another scanner to look for any remaining bits of the virus. Oftentimes a single scanner won’t clean every piece of a virus. Using multiple tools will increase the odds of completely getting rid of the infection. One tool I recommend is the BitDefender online scanner available here. It’s free, speedy and doesn’t require installation (Figure 2).
The last step is to get yourself a permanent anti malware package. Luckily there are several free (high quality) options that exist. One such tool is Microsoft Security Essentials. Security Essentials performs real-time and scheduled scans to ensure you don’t get infected. You can find more information in our guide to Security Essentials. Other free programs include AVG, AntiVir and Avast. You can read about these three in a great 3 part Free Anti Virus Review on Brighthub.
With that, your computer should be back to normal. Just be sure to keep your anti malware application up to date to ensure you are protected against the latest threats – including any future Facebook video viruses.
Figure 1: McAfee Avert Labs
Figure 2: Screenshot by Ryan Tetzlaff