# Trojan Worm Infecting Facebook



## MA-Caver (Jan 8, 2012)

Well those arsehole virus writers are at it again. Now infecting accounts on FB masking as user profiles. Not creating new but actually getting INTO the profiles and posting virus laden videos designed to catch the unwary and stupid. 
Other geeks have recommended using AVG to remove the worm. 
Tell others so that they can either remove or protect themselves. 

Need a coalition to hunt these dicks down and cut off their hands so they can't create anymore of this crap. It's gotten old ages ago.


----------



## Bob Hubbard (Jan 8, 2012)

I ran Vipre on the PC. Running Sophos on the mac.  

As to FB, lock down your account, check your authorizations for stuff you don't recognize and be careful what apps you ok.


----------



## MA-Caver (Jan 9, 2012)

Downloaded, installed and ran a "quick-scan" of Malawarebytes and this is the result... it found only 2 "problems" or "infections" 
Pretend I don't understand what it all means... (copy/paste from the report/details of scan -- just the 2... everything else read zero) 



> Registry Data Items Detected: 2
> HKCR\scrfile\shell\open\command| (Broken.OpenCommand) -> Bad: (NOTEPAD.EXE %1) Good: ("%1" /S) -> Quarantined and repaired successfully.
> HKCR\regfile\shell\open\command| (Broken.OpenCommand) -> Bad: (NOTEPAD.EXE %1) Good: (regedit.exe "%1") -> Quarantined and repaired successfully.



it's the first part and then where it says "bad" I'm like huh? Notepad?  Just trying to figure out the code/jargon/gobbily-gook as the language is far too greek or geek for me. 
thanks in advance...


----------



## Bob Hubbard (Jan 9, 2012)

Means the infection may have over written or compromised notepad.


----------



## MA-Caver (Jan 9, 2012)

huh? of all the stuff that malware could choose to infect it goes after... notepad? either it's very stupid or it's very clever in hiding in there...


----------



## Bob Hubbard (Jan 9, 2012)

It's a heavily used part of Windows. What better way to ensure it gets executed a lot?


----------



## MA-Caver (Jan 10, 2012)

Ah yes... I forget... copy/paste where is it copied and pasted to/from... silly me... well... am thinking about shutting my FB account down and starting over... hate to do it dammit but ...


----------



## Bob Hubbard (Jan 10, 2012)

Change your password.
Check the approved apps and remove what you don't recognize.
(starting over won't fix the problem, it'll just move it to the next one.)
(1) Down Triangle thingy - Account settings.  
(2) Look on left for Apps.
Clean out the cruft.
Heres a screen shot of mine.


----------



## Bob Hubbard (Jan 10, 2012)

I don't play games, I don't do quizes, I don't click on any 'check out this link' links that suddenly start popping up everywhere.
See this also


> [h=3]Remove unwanted Facebook apps[/h] It&#8217;s possible your Facebook woes are coming from a rogue app that you  accidentally installed or were tricked into installing. Every Facebook  app has certain permissions to your account. Some of these permissions  you can modify, while others you cannot.
> Your best bet is to remove all the Facebook apps you find suspicious.  If you don&#8217;t know how to do so, you can refer to the following guide: How to clean up your Facebook apps.
> If cleaning out your apps fixes your Facebook problems, tell your  friends they should do the same (chances are the app asked your friends  to install it as well). If this doesn&#8217;t fix the problem, try the next  step.


http://www.zdnet.com/blog/facebook/facebook-virus-or-account-hacked-heres-how-to-fix-it/5339


----------

