“The Facebook Team” has sent you a virus!

Yet another email is floating around out there trying to get you to download a file that’s really a virus. It’s sent from “The Facebook Team” and says something like “for security reasons your password had to be reset” and it tells you to download the .zip or .exe file that is attached (Facebook_Password_4cf91.zip or Facebook_Password_4cf91.exe).

If you look at the email closely enough, it probably isn’t even addressed to you. My Aunt got this email and the name they used referring to her, in the body of the email, was just a bunch of random letters. That, the random letters at the end of the file name and the fact that there is even an attachment at all should throw up red flags. But there will always be people who fall for this kind of thing or just don’t pay attention and download it anyway, which is why there are geeks like me around to fix things when this happens. Unless you reset your password yourself and triggered a confirmation email, you will not get these kind of emails, period.

My Aunt flipped out because she thought she may have saved the file on her computer so this prompted me to do a bit of research on what this virus is. I found the virus total report that shows which scanners are able to locate and eliminate the virus. Only 14 out of the 41 scanners are able to detect it – my Aunt happens to have Symantec, which if you notice is not one of those 14. I’m currently running F-Secure’s online scan and will run Microsoft’s Security Essentials since both of those are listed as being able to detect it.

Here’s the page on F-Secure’s website about the virus. There isn’t a whole lot of information on it. But it does list a registry key that is installed.

HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\”RunGrpConv” = “1”

If you’re comfortable working with computers you can check the registry yourself for that key. If not then I suggest running the F-Secure online scan on complete mode, if you have time to let it sit for awhile, and also running Microsoft Security Essentials. They are both user-friendly and free. Just be sure to remove security essentials once you’re done if you do have another anti-virus currently installed. Having more than one can really slow the computer down.

The good news is, from what I’ve read it looks like it’s just another virus that causes messages to pop up telling you that you need to pay to download a fake anti-virus in order to fix your computer.  So it doesn’t appear to be something that is terribly difficult to get rid of.

, ,

  1. #1 by ariie on April 30, 2011 - 9:59 PM

    Hey ! can you help me ? my facebook acounts has been hack by -taiko-

    im begging you , please help me 😦

  2. #2 by noor moon on January 27, 2011 - 1:36 PM

    help me pls

    • #3 by jen3ral on January 28, 2011 - 10:08 PM

      What do you need help with?

  3. #4 by NuttymcNutNut on May 23, 2010 - 11:05 AM

    My mum got a few of these emails, and she doesn’t even HAVE a Facebook account! I say that if they’re going to send a virus, they really shouldn’t be such idiots about it. Now, I don’t know anything about how to create viruses, but I DO know that if one would want to email something to random people while posing as a social site, they should AT LEAST email them to people who actually have an account on the social site in question. Not that I ever did this, but it’s just common sense, y’know?

    Furthermore, the emails I’ve seen that carry this virus are just plain text. As a Facebook user, I know they don’t just use plain text in their emails. And a normal email from Facebook says “Facebook” in the From field, not “The Facebook Team”! And a real “Password Reset” email wouldn’t have an attachment that did it, it would have a link! Going across teh interwebz, I’ve seen an example of a scam email for MySpace that would steal your account. It all looked professional, and it even used some JavaScript or something to change the address in your web browser to the legit thing while it led you to a fake log-in page! Don’t remember where I saw it, but I did see it. To be honest, compared to that, I’d say these guys are amateurs, just preying on the people who are beginners when it comes to computers.

    Speaking of emails, I’ve been getting a ton of spam from casinos lately… and I’m not even old enough to gamble. Most of it was pointless, but there was a funny April Fool’s one that said they were giving away a casino-branded goat…

  4. #5 by Ronard Escleto on November 9, 2009 - 12:45 AM

    oohh… thanks for the info… if i will have this i already got the idea of what is it all about.. great post.. keep posting!!

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: