Severity scale:  

Facebook Message virus. How to remove? (Uninstall guide)

removal by Lucia Danes - -   Also known as Facebook virus | Type: Malware

Facebook Messenger virus sending messages on user's behalf should be removed

Examples of Facebook Message virus

Facebook Message virus is malicious software that compromises victim's Facebook account and sends messages containing a malicious link to all of his/her friends. Spam messages deliver a shortened link that appears to be a video. Once clicked, the malicious URL redirects to a phishing website offering to install a dangerous browser extension or a fake Flash Player Update. Once installed, it compromises user's account and starts spreading the link further.

The malicious virus works as a Trojan horse and belongs to the wide group of the Facebook virus. The virus has been active since 2013 and updated several times. The latest version emerged in August 2017 – criminals are distributing malicious link with a short phrase “[name of the recipient] Video :o” to lure victims to click on it.

The purpose of the virus is to hack victim’s Facebook account. In order to do that the virus attacks people via chat window: it pops up as a message from an individual who seems to be your friend and shows a link to some website.[1]

If you click on this link, you will likely get redirected to a fake copy of Youtube or some other site which will suggest installing a browser add-on or software in order to view the content. If the victim agrees, the PC gets infected with malware, which additionally blocks security software in order to prevent its elimination.

What is more, it starts sending the same fake message to victim’s contacts via the same Facebook chat windows. Please, ignore all suspicious messages that come to your inbox. Even more, contact the sender and ask about the picture or video.

In 2016, French[2] computer users were attacked by A Facebook Messenger Trojan named “Eko”[3] that can spy on users and collect personally identifiable information. The same year English-speaking computer users suffered from the wave of messenger spam spreading a video virus. There were two examples of messages asking: “You are in this video? ” and “This is your video? .”

Last year a variant of Locky ransomware had been distributed with the help of Messenger too.[4] Criminals send a message with a picture in SVG format. Once people clicked on it, they were redirected to a website that asked to install fake Chrome extension. Installation of this application leads to infiltration of a dangerous file-encrypting virus.

Another thing, which is usually done by Facebook Message virus, is the continuous distribution of itself via victim’s social media account. You may ask why scammers create such viruses. It has been revealed that the virus helps to steal personal information, such as logins, banking data, and passwords, and controls the machine.

Facebook Messenger virus 2017 continued the work of previous variants. Victims receive a fake YouTube link from their contacts.[5] Once a person clicks on it, the virus redirects to a fake website that looks identical to Facebook. Here people are asked to enter their login details. As a result victim’s account is taken over by the hackers and the malicious message is forwarded to the whole victim’s contact list.

However, if you clicked on a malicious link, you should remove Facebook Message virus immediately and change your account’s password. If you cannot set a new password, you should report about hacked account Facebook via Support Centre. What is more, you should also change passwords of other accounts, especially if you use the same one.

For Facebook Message remover we suggest using Reimage. This anti-malware will find all malicious components on the system and eliminates its entirely.

Updated on October 27, 2017. Facebook Messenger video virus emerges in a new form, and this time it delivers “its you? (target's name) :|” and similar messages. The deceptive messages contain a link to a video on a phishing web page. If the victim clicks on the link, s/he visits the malicious domain and then receives a notification asking to install “required software” to watch the video.

In case the victim fails to identify a scam and installs the suggested application or update, his computer gets entirely compromised, and the Facebook account gets hacked to send messages with the malicious video link to all of the victim's friends.

If you noticed Facebook Messenger video virus 2017 affecting one of your friends, do not ignore it! Let them know and suggest them to scan their computers to detect the malware. Also, consider advising them to post a message on their wall, asking people not to open the video. Spreading the knowledge is the only way to put an end to Facebook scams and viruses that promote them.

Updated on August 25, 2017. A new wave of the malicious virus was spotted. This time, the scammers are distributing shortened link with a short note “[name of the recipient] Video.” Once clicked, the link redirects the victim to a Google Doc page, which contains a picture that was automatically taken from victim's social media page.

The picture looks like a movie, so the victim will likely click on the play button to start it. Sadly, the virus then redirects the victim to websites that determine victim's browser type, geolocation, and other details.

Depending on victim's operating system, another redirect occurs. Kaspersky reports[6] that Firefox users get redirected to a site offering fake Flash Player update, while Chrome users receive a prompt to install a malicious extension. People using Safari on Mac will receive a suggestion to install “the latest version of Media Player.”

After installing the malware, user's account could get compromised and start sending the virus link to all friends automatically. However, it is yet unclear how exactly the virus spreads. The attackers might be using clickjacking attacks or spying software to steal victims' login details.


The malware compromises user accounts to promote itself via Facebook Messenger

The virus can easily infect your computer with the help of infected message that shows up on person-to-person chat. Typically, it offers to see a “shocking picture” or “exciting video.” Many users of this social network have been tricked by this scheme because this message looks like it was sent by one of the victim’s contacts.

Once a person clicks on the infected link, the virus enters the system. What is more, the same message is usually spread further to the victim’s contact list and tricking other users. Therefore, it’s a chain reaction that is nearly impossible to stop.

We want to remind that the only way to protect your PC, Facebook account and personal details are not to click suspicious links sent from your friends, colleagues or family members. If you suspect that the content of the message seems suspicious, you should ask your friend if this link or file is safe to open.

Keep in mind that cyber criminals tend to reply to victims. However, if you know the person, it won’t be hard to identify that you are talking with a different person. Otherwise, you should ask yourself if a person you haven’t spoken in years actually wants to share a video or picture with you. Most likely not.

Remove Facebook Messenger virus and protect your account

Nevertheless, virus on Facebook seems like spam; you should still check your computer’s state. Scanning computer with an anti-malware program is especially recommended if you have clicked on a suspicious link or downloaded unknown content.

In order to remove Facebook Message virus, we suggest scanning the computer with Reimage, Plumbytes Anti-MalwareWebroot SecureAnywhere AntiVirus or Malwarebytes Anti Malware. You can use other security software. However, you should not forget to update your preferred program.

Another important Facebook Messenger virus removal step is to change your password. If hackers took over your account, they might get credentials to email, bank, and other accounts. Thus, in order to protect your privacy, you should set a strong password. Keep in mind that good password:

  • is at least 12 characters long;
  • has numbers;
  • has capital and lower-case letters;
  • has symbols (if allowed);
  • does not have your name, surname and other personal information included;
  • is not a dictionary word.
We might be affiliated with any product we recommend on the site. Full disclosure in our Agreement of Use. By Downloading any provided Anti-spyware software to remove Facebook Message virus you agree to our privacy policy and agreement of use.
do it now!
Reimage (remover) Happiness
Reimage (remover) Happiness
Compatible with Microsoft Windows Compatible with OS X
What to do if failed?
If you failed to remove infection using Reimage, submit a question to our support team and provide as much details as possible.
Reimage is recommended to uninstall Facebook Message virus. Free scanner allows you to check whether your PC is infected or not. If you need to remove malware, you have to purchase the licensed version of Reimage malware removal tool.
More information about this program can be found in Reimage review.
Press mentions on Reimage

About the author

Lucia Danes
Lucia Danes - Virus researcher

If this free removal guide helped you and you are satisfied with our service, please consider making a donation to keep this service alive. Even a smallest amount will be appreciated.

Contact Lucia Danes
About the company Esolutions


Removal guides in other languages

  • Senda Ayari


  • senda ayari.


  • Shakeel buneri

    I want to remove sms in shakeel buneri account

  • koert

    ik heb virus op mijn Facebook ben er hal 9 uur mee aan de gang en wat ik ook doe de virus komen terug maar mijn vrienden niet kwijt nu 678