Koobface Facebook Virus Defeated

Yesterday as I was opening my mail in Facebook, I received a message from a friend which contains a video. This friend became a friend of mine because we both were members of a MLM group. When I opened the video, it says my Flash Player is not updated hence I couldn't view the said video. When I clicked on the video, it prompted me to update my Flash Player and so I downloaded the program. I was shocked when it downloaded so fast and when I opened it, it did not respond.
Video with Virus in Facebook!

Copy of the message that I got from my friend from Facebook. It says it contains a "Cool Video". Cool indeed, it had me typing the captcha phrase over and over again after every 5 minutes!

Minutes later, my monitor dimmed and a pop-up box prompted me to type in the catcha phrase. If I don't my computer monitor will not be restored to its normal mode or worse, since it has a timer of 2 minutes, it will shut down my system. So what I did was type in the phrase and click on "OK". You see, it has no other options! No "x", no "Cancel" just "OK.

Virus Attack!

This catcha phrase bar keeps on popping-up every after 5 minutes after I downloaded the file which claims to upgrade my Flash Player. I had to type the phrase on the box or my computer will remain in darkness.

Another screenshot of the virus that wants me to enter the catcha phrase or it would continually dim my monitor

I thought that was the end of it, every after 5 minutes, the pop-up box would appear after freezing my applications and work for about 2 seconds then it dims my monitor then I need to type another set of catcha phrase. And so the malicious programs continued to disturbe me from what I'm doing until this early today.

I thought of reformatting my drive C: since all my Downloaded programs from the internet were stored there. But then I remembered that I have an anti-virus in place. I ran the avast! Home edition and waited. It scan the whole drives including my Recyle Bin, C: and D:

It tooks several minutes before it says there was a virus detected and unlike most cases, it does not have an option of "Repair" or "Move to Chest". So, that was it? It detected there was a virus in my system without even offering help on how to prevent it from destroying, duplicating or whatever its purposes on my files. While I was doing the scan, the pop-up was invincible. It keeps on bugging me over and over again.

When I was trying to install the Norton AntiVirus, I had to retry the installation because I think the malicious software was preventing it. As powerful as most people say Norton is, it persisted and I was able to install the trial version of it. So when I run the scan disk and set all the protection settings, I saw the viruses and trojan horses that Meagan have been enduring. Good thing about Norton was it really fights all these viruses and prevents them from harming further.

Norton AntiVirus Scan Result

Here's a screenshot of the viruses and Trojan horses that has infected my computer. Take note that Norton AntiVirus was able to defeat them all. Now, I can work without the distraction from the pop-up catcha phrase!

So Facebook users, beware of viruses being spread in the said social networking media by people who wish to maim the said site or its users. These viruses can be spread through the third-party applications aka games that you always love to play, photos, videos, or even messages from those you thought your "friends" sent. These viruses were of course, sent without their knowledge.

I kept on searching and even asking friends what AntiVirus to install since avast! didn't do its homework. Then a friend told me that Norton sure to work! I've read about it in Wikipedia, blogs and forums and decided to give it a try. Well I said if it won't work, I will just reformat Meagan. Guess what? I gotta say hands down to the newest Norton AntiVirus! It sure delivers what it promises and be able to defeat the Facebook viruses and many others. If you'd like to download the 15-day trial version of it, go here.

Characteristics of the Facebook Video Virus:

1. It freezes your applications for a few seconds then a box with catcha phrase will appear. It requires you to type in the phrase that you will see in the box. Note though what I noticed was even if the catcha phrase was (e.g Facebook 101), I tried entering just F(space) 1, it accepted it. When I typed just F, it says "Wrong Catcha!"

2. It appears after every 5 minutes. The cycle repeats and expect the virus to appear after every 5 minutes. Imagine what a disturbance would it give!

Those are just the attributes or characteristics that I've observed in this virus. Norton considers it severity as High because fewer than 100 users have used this file.

Lessons Learned

1. Do not trust every single software or program that you can "freely" download. They may turn out to be malicious programs, password stealer, spyware or any program that may harm your computer.

2. Scan the files, disks or websites that you're about to open, download, or visit using your anti-virus program. I've tried using avast! and AVG before but they're not as powerful as Norton.

3. Next time you open or click on something, think AGAIN! Remember, many attacks are pinpointed to social networking sites, so be careful! Attackers areso cunning that they use the social networking site's messaging system to send you a message and make it appear as if from someone you know like brother, mother, or anyone you'd trust and open the link. Do not trust anything right away and don't blame it to the site.

4. Don't panick, install a much better antivirus program if your old one does not seem to combat the attacks.

Update: I've just learned that this virus has been around for quite sometime. It's called Koobface because it's made to attack Facebook users due to its high volume of users. Virus developers use it to obtain vital financial information from you.