The virus spreads itself though FaceBook and other social networks.
Basically there is no risk unless you do not pay attention to mailings you get from your FaceBook friends, connections you made on facebook. You will receive a mail to play some file on youtube - which is spelled differently - and when clicking on the link a compatiibility problem is mentioned, for which you should install an update of a program/plugin.
It seems that a lot of different versions exist ... so be carefull also for similar scenario's.
How to remove.
The installation of the PC was not finished yet and therefor the pc got infected. I guess that if the Security Soft had been installed this woul not be happening. Although ... it seems the virus spreads very fast ...
The following is a list of things I needed to do to be able to even perform an update of AVG which we use:
- in the AVG folder, executeables were renamed from .exe and .dll to .exe.old and .dll.old. Other versions were put in place (avgupd and avginet)
- the host file contained a line with an address definition which was rather strange.
- it was not possible to go to fhe avg.com site anymore. Also updates from AVG could not find new defitiion files.
To solve the problem, go to the website of AVG on an other non-infected computer and find the virusdatabase files. (Normally the following link should work: http://www.avg.com/ww-en/download-update )
By some means get them on the infected computer into a random folder. (use an usb stick, use a network drive ... )
Then launch AVG user interface and press the update section button.
In my case the definitions servers can not be reached.
You can cancel the update by clicking on cancel in the lower right corner of the screen.
In the Tools menu you will find an item "update from directory". Select this item en specify the directory where you had put the files earlier on.
The update will be launched and you will be asked to confirm the installation of the new versions of the files.
After updating perform a full scan of the pc.
In my case it found now the KoobFace virus and removed it.
After this perform yet an other update and reboot the system with rescan.
This should fix the problem.
PS ... the update from directory will only work if no other scan is running at that moment.
No comments:
Post a Comment