Severity scale:  

Facebook virus. How to remove? (Uninstall guide)

removal by Jake Doevan - - | Type: Malware

Facebook virus is a term used to describe various scams on this social giant

Facebook virus image

Facebook virus is a malware that has been spreading via this social network by using different shapes. This is a common term that includes a vast of malicious programs designed to attack the users on this social media platform. The primary goal of the malware is to generate profit for the criminals by stealing sensitive data, credit card details, infiltrating the system with the malicious digital currency miners or other dangerous cyber threats.

According to the experts, there are numerous malicious programs still spreading across this social network and it doesn't seem that hackers are going to stop. Users are still suffering from the type of Facebook virus asking if the receiver's video is real.[1] However, the latest scams noticed on this social network are redirecting to Amazonaws domains after clicking on ads offering free Disneyland tickets or discounts on RayBan glasses. Beware that these scams are often used to collect personal information or even credit card details.

Questions about Facebook virus

The Amazonaws Facebook virus has been actively used to redirect users to fake websites impersonating Youtube, Twitter, or official domains offering users to update their “Adobe Flash Player”. Unfortunately, the file “flash player.dmg” was found to be infected.[2] Because of the Youtube name mentioned in the alert, this variant was named as Youtube Facebook virus.

Name Facebook virus
Type Malware
Danger level High

Malicious texts via Messenger; infected links on unreliable pages; software-bundles; malicious spam emails, etc;

Most dangerous versions
    • Facebook Malware warning;
    • Facebook Messenger virus;
    • Facebook video virus; “Congratulations!
    • Your profile has been selected by Facebook” virus; 
    • Facebook Ray Ban virus;
    • Facebook Amazonaws virus.
Removal  You can not only uninstall Facebook virus because it is a term used to describe specific issues on this social network. After fixing your account, install Reimage to protect your system in the future

In 2017 Facebook virus reached another peak as it started spreading Digmine Monero cryptocurrency-mining botnet via Facebook Messenger.[3] The botnet was spread as a file which is actually an executable of the miner. All in all, this is the most dangerous campaign related to this social network.

Undoubtedly, Facebook video virus is the most popular version of malware that spreads via Messenger. With the help of a compromised account, criminals have been spreading a link named after the video_[random_characters].zip path. However, receiving files called, or similar is a clear sign that your contact’s account was victimized and the content provided in these files is harmful.

Facebook malware has numerous versions with different features, including:

  • Distribution of spam messages to contact lists;
  • Promotion of fake contests used to obtain users' private information;
  • Distribution of malware.

Scammers also take advantage of users using hoaxes by giving them hope to win two free Ryanair tickets and suggesting to purchase various things. Even if the announcement on Facebook claims that the offer is recommended by the reputable financial guru Martin Lewis, you should not fall for such Facebook scam. Also, people can be redirected to sites promoting iPhone for 1 Euro. This may happen after clicking on infected Google's search results. This way, scammers are trying to get personal information, including full name and credit card details. 

Unfortunately, but serious viruses have also been noticed spreading on the social network – users have already been infected with a notorious Locky virus[4] which has been finding its way to target systems with the help of Nemucod downloader. This cyber threat was found hidden under SVG Image file using photo_[random numbers].svg name. If you happen to see files, such as photo_4837.svg, photo_999.svg or photo_8470.svg, in your Facebook Messages, make sure you stay away from it because its aim is to infect you with Locky ransomware.

If you don't take care of Facebook virus removal, you can infect your friends and encourage this malware for the future crimes. Every user who clicks the malicious link is involved in the distribution scheme. Steps that you can use to fix your account and prevent the distribution of malware are provided below this post. 

After fixing it, don't forget to scan your computer with a reliable security software to see if there is anything malicious on your computer. Reimage can help you to see if you are infected. Keep in mind that security experts have already reported about the relation between Facebook redirect virus and ransomware-type viruses, trojan horses, and similar threats.

The list of Facebook malware versions

Facebook Malware warning

Facebook Malware warning is the scam which aims to infiltrate the system by using malicious or potentially unwanted programs (PUPs). Some time ago it was the most active version of the Facebook virus which was attacking people from all over the world. At the moment, virus activity seems to be decreased.

This type of Facebook malware is designed to deliver fraudulent messages about system's infection. Once the users are intimidated, they are offered to purchase and run a full system scan with an antivirus. Unfortunately, such programs only promote useless or even potentially dangerous software and should never be trusted. 

Suspicious software offered by Facebook Malware warning might actually be:

  • Expensive and ineffective optimization tool;
  • Ransomware;
  • Banking Trojan;
  • PUP.

Even though there are some reports about Facebook Malware warning 2017, it gained its popularity in 2018. Therefore, users are advised to use a professional malware removal tool which is downloaded from official websites only. This way, you will avoid any fake programs and protect your system.

Facebook Messenger virus

Facebook Message virus is another variant of the Facebook virus which has been spread thru the chat window of this social network. No matter that the virus is relatively old, it is still actively affecting users by using a tricky scheme which uses the victim's profile picture, the name, and a link offering to check a specific video. The message creates an image that the video is saved on YouTube and that it is somehow related to the victim. As a result, this scam has affected numerous users worldwide.

Unfortunately, the link included to the fake Facebook Message does not lead to Youtube. It reroutes unaware PC users to fake sites either requiring to connect to your Facebook account again or offering to enter your answers to some survey. Beware that this method has been actively used to swindle users' personal information, such as logins, passwords, and similar data. Besides, there is a huge possibility of being infected with malware.

Facebook messenger virus has also been used to promote a fake browser add-on causing serious malware's infiltration. According to PC experts, this threat disables security software and prevents its removal from the affected computer.

Facebook video virus

Facebook video virus is a malicious virus that controls victim's Facebook account and automatically posts “My private video,” “My video,” “Private video” and similarly entitled malicious links on victim's timeline. What is more, it tags random victim's Facebook friends in these posts to draw their attention and invite them to click on the link.

Private video Facebook virus also sends messages including the malicious link directly to the victim's friends. We strongly advise you NOT to click on these links as it can automatically download malware to your computer.

The main danger related to Facebook video virus is its ability to redirect victims to malicious websites. Beware that the content you can be redirected to can end up with malware. There is also a possibility that your computer will be included to the botnet sending spam all around the network. Finally, a malicious file can also be installed just by clicking on this link. As a result, you can get infected with ransomware, rootkit, worm or a Trojan horse.

OMG Facebook game virus

OMG Facebook Game virus is a malicious strategy used via OMG Facebook game. This is an instant game platform that gained popularity recently. However, users have experienced issues which have already been reported as playing the OMG game on Facebook resulted in the monetary loss. Fortunately, in this particular incident, the victim got the money back because she contacted Google Play's customer service.

As the victim stated, she was playing the game on Facebook and clicking around the application. The game contained various advertisements and clicking on them resulted in redirects to suspicious websites. However, quickly after that, notification about successful payment via Google Play Account was delivered. 

Beware that clicking on various third-party advertisements can result in various cyber infections, so you should keep in mind this fact even while browsing on social media and playing in-website games. The OMG creators reported that this sudden charge has nothing to do with the app and that the game is free and doesn't ask for any payment and that the data collected and used by this program include public information only. They stated that the issue is noted and they are working on improving the experience of Facebook Games.

The examples of Facebook video virus

Facebook “iPhone for 1 Euro” scam

At the beginning of February 2018, researchers revealed a new wave of Facebook scam. This time, scammers tried to trick people by using false offers to buy iPhone for 1 Euro. According to Phil Tully, a researcher from ZeroFox,[5] any free or cheap iPhone offer should be marked with a red flag. This way scammers may try to extort people's personal information, including full name and credit card details.

“iPhone for 1 Euro” scam has been spreading via infected Google search results used to redirect victims to a Facebook site with a fake iPhone offer. If you happen to come across this Facebook iPhone scam, please report it to Facebook's support immediately. Besides, check your web browser for unwanted extensions and run a scan with an anti-virus program.

Faceliker virus 

Faceliker is a click-fraud Trojan that can infect the victim's computer as soon as he/she visits a compromised web page. The deceptive virus gets access to the account, but, instead of hacking it, it silently uses it to like very specific content. The malicious software redirects the victim's clicks on “Like” buttons and likes completely different content instead. This way, Faceliker Trojan operators can fraudulently promote pages, links, fake news, and other content.

In case you suspect the presence of Faceliker, immediately check your activity log on Facebook. In case you see some unauthorized likes on posts, links or pages that you didn't authorize, scan your computer with a powerful anti-malware software to remove Faceliker virus for good.

Facebook “Following Me” scam

The scam seeks to promote the post offering you to identify strangers who are following you. At the moment, the network allows unknown people to follow you by clicking the “follow” button, but it does not identify them.  According to the scam note, once you enter Settings, Blocking and then Block and then type following Me,” you will see the list of secret followers[6].

In reality, Facebook delivers you the names of people whose names comprise of the “following me” letters. Fortunately, this hoax does not have negative effects as in other cases, when you are tempted to visit infected websites and install corrupted apps. Note that Facebook does not grant such privilege of revealing your followers. 

Facebook virus example

Facebook Money Scam 

Facebook Money scam was found in August 2017 while seeking to swindle the personal information from naive users, such as credit card numbers, money or even identity, by using the name of famous and reputable people. One of these people involved was a well-known financial advisor and the founder of website Martin Lewis. According to a video which was published on Twitter,[7] people should be careful with such hoaxes that give fake recommendations or use the picture of Lewis illegally.

One of these scams is claiming that Martin Lewis invested half a million pounds into cloud trading scheme because it’s the best what you can do with your money. However, it’s not true. Fraudsters also use his picture for boiler cover incentives, heating incentives and PPI companies that Lewis has nothing in common with them.

However, if you find a Facebook advert using his name and offering to invest or purchase some products, do not get tricked and report about such advert to Facebook. The financial guru clearly stated that he does not do Facebook adverts or endorsements unless it’s charitable activity.

Facebook Ryanair scam

The purpose of this scam is to trick users that they can win two free tickets to fly with airlines on their 35th anniversary. However, the company is only 32 years old. The Ryanair scam has been first noticed in 2016; [8] however, it continues spreading further.[9]

The post includes the picture of a boarding pass with Ryanair logo. However, vigilant people noticed a ridiculous seat arrangement or an unusual usage of QF code. This post also redirects to numerous fake website, for instance, “”

On the scam website, users have to enter a bunch of personal information which is accessible to cybercriminals. Some reports also claim that some of these fake sites are infected and spread malware. Therefore, users are advised to stay away from such posts on Facebook. The official Ryanair Facebook account is verified. It means that it has a “blue tick” icon. Hence, if you see other accounts spreading such contests, it’s a clear sign that they are fake.

Facebook Ray Ban virus 

If you are a Facebook user, you probably noticed Ray Ban spam on your timeline at least one time. Criminals are using hacked Facebook accounts to promote illegal and fake Ray-Ban online shops offering the famous eyewear brand products for a fraction of their original price. Ray-Bans on sale? This social engineering trick can attract everyone who desires to obtain these fashionable eyeglasses for less. Sadly, attempts to buy them for a ridiculously small price lead to unexpected consequences.

The victims of Facebook Ray Ban virus usually have a password-stealing malware installed on their computers. As soon as frauds find out victim’s Facebook login details, they access the account and use it to post images promoting fake Ray-Ban deals, tag victim’s friends in them, create groups, events and take other illegal actions.

These phishing websites will never provide any glasses to potential buyers because their only purpose is to rob the victims and steal their credit card details. If you bought something from those fake websites, you should contact your bank ASAP and cancel the transaction. You should also change all of your bank passwords and take other steps to protect your privacy.

In case you noticed that your friend posts these Ray-Ban related posts and tags others into them, you should contact him/her and tell them to check their computer with an anti-malware software to remove Facebook Ray Ban virus. The culprit might be an obfuscated keylogger set to steal all of the passwords and login details.

At the same time, they should change their password and go to Settings > Account Settings, then to Security and log in and disconnect all devices that are logged into their Facebook account. Victims should also untag themselves from such posts.

If your Facebook account was hacked by Ray-Ban virus, you should go to Facebook Hacked page and report a compromised account.

Facebook Disneyland scam

Facebook Disneyland scam offers an opportunity to win free passes for the Disneyland theme park. Unfortunately, Disney is not giving away any free tickets to their theme park. People who accessed the provided link and then entered their personal information such as email addresses, cell phone numbers got scammed and put themselves into the risk of identity theft.

Being spread by using various Facebook posts, the scam redirected its victims to a page asking them to answer survey questions about different products or services. Additionally, the victims were tricked into agreeing to receive calls and text messages from salespeople. Besides, the victims were asked to provide their email address, full name, and similar data.

We should also add that there is yet another version of the scam stating that Disneyland celebrates 110 years of service and offers free tickets to 500 families. However, Disney was not sponsoring any of this. The scam offering 5 free tickets was taken for real because of the artwork similar to Disneylands' trademark used in it. When users clicked on the picture, users were presented with the following message:

Congratulations! You have been selected to take part in our short survey to get 2 free Disneyland tickets.

The “winner” was announced after three questions but there was no prize given. People who participated and “won,” were tricked into liking the message and sharing it with their friends on Facebook. By using this strategy, scammers.

Jayden K. Smith scam 

In the middle of summer'17, new Facebook hoax emerged. This time, a fake message is circulating the social network, urging users not to accept a friend request from someone named Jayden K. Smith. The fraudulent message states that the victim's account will be hacked as soon as one accepts the friend request from this so-called “hacker.”

On top of that, the message suggests forwarding the news to all of the user's friends to help spread the knowledge about the non-existing person. This apparently accelerates the spread of this Facebook hoax.

The truth is, there is no Jayden K. Smith, and there's no reason to worry about him. As always, remember that you should never accept friend requests from strangers because your social media account and your friends' lists can provide scammers a lot of valuable information about you.

Congratulations! Your profile has been selected by Facebook

“Congratulations! Your profile has been selected by Facebook” virus is malvertising technique created a scam based on the old trick – fake lottery notifications. After getting infected with this adware, you will be bothered by regular pops up stating that you have won an iPhone. In order to retrieve the prize, you need to click on the indicated “Select” button.

Needless to say, that you will not receive any prize at all. In fact, you might be asked to provide such confidential details as credit card number, verification codes, email, and shipping addresses. Such data serves as a valuable material for cybercriminals to improve their hacking techniques. In the best case scenario, your computer screen and email Inbox will be crammed with personal spam messages.

Otherwise, you might be infected with a more serious threat. This adware spreads the same way as other samples of the same category. “Your profile has been selected by Facebook” virus might infect your computer via a recently installed freeware or a plug-in. Illegal file-sharing domains might also deliver this virtual annoyance. If you notice these notifications, ignore them, scan your PC with an anti-spyware program and reset the settings.

Facebook hahaha virus

Facebook “hahaha” virus is yet another version of Facebook virus. It is a serious malware which is spread via this social network and used for turning the computer into a bitcoin mining machine.

Once it tricks its victims into downloading a malicious .zip file, it starts initiating serious system's slow downs and similar issues. Please, don't let this malicious software stay on your computer because you can never know what malicious activities it can be used for.

Facebook French Tech Support virus

New Facebook spam campaign has just been launched, this time, focusing on the French-speaking Facebook users. The hackers are now modifying Facebook ads and using fake news articles to redirect victims to a malicious Tech Support scam page located on the “hxxp://” domain.

Once the users land on this page they are “greeted” by a BSoD imitating window and a 29-second audio file (1.mp3) reading out a text in French. Users are being threatened that their computers have been infected with Zeus virus and the only way to protect their banking information and other sensitive details from leaking to the hands of hackers is to call Microsoft support technicians by the given number.

It is yet unknown what follows after calling this number, but we can only presume that this Facebook scam works like any other Tech Support scam and the scammer are trying to convince the callers to purchase questionable software or get remote access to their computers.

Be careful with the ads leading to the following domains: hxxp://; hxxp://; hxxp://; hxxp://; hxxp://; hxxp:// and hxxp:// 

Facebook stalker virus

Facebook Stalker virus is a dangerous FB application which is actively spread on this social network. It belongs to scammers and it is used for stealing personal users' information, not for helping people to find out who is secretly watching their FB profile.

If you happen to all for the FB Stalker app, you can be redirected to a malicious site which looks like a typical login page of the Facebook. Please, do NOT enter your personal information on it because you will lose your personal information and Facebook's account!

Your page will be unpublished scam

“Your page will be unpublished” virus campaign started in 2016 when scammers started creating bogus Facebook pages titled as Advert Solution, Ads-Info., Ads Department Social, Team Advert, and similar.

All these pages find pages that belong to business owners, and try to scare them by sharing any of their posts and adding such message to the post: “WARNING: Your Page will be unpublished! Your account has been reported by others. Our system has received the following reports […] To prevent fraud, please re-confirm your Account to avoid blocking here: [link to a phishing Facebook page].”

If some suspicious-looking page has shared your post stating that your page will be disabled, ignore it, and report that person/page to real Facebook staff. If you provide your login details to these scammers, they are going to hack your account immediately and use it for malignant purposes, for example, scam your friends asking them to lend money.

Facebook suspension virus

Facebook Suspension virus comes in the form of an official message alerting the victim of the account suspension. In the email, the hackers claim that due to the violation of certain terms of use, the requisite account is to be suspended. However, if this message is sent by a mistake, the user should verify his or her account by clicking the indicated link.

Do not click on it as you may accidentally download a trojan or enable the full hack of your account. There is also a possibility that you might be misled to the infected domain after clicking the link.

Hackers did a pretty good job impersonating the official support team by giving credentials, However, you might still notice type and grammar mistakes. The sender's email might raise suspicions as well. This version can be eliminated with the help of anti-spyware and anti-virus programs.

Facebook Invite virus

Invitation Facebook virus is a different kind of virus that has been spreading on Facebook for years. It spreads via emails and Facebook's message board and announces about a great danger on this social network.

To be more precise, it foolishly warns its victims about the Facebook threat that comes as a message with an attachment called Invitation Facebook and “opens an Olympic torch and will take the whole hard disk C of your computer.” However, our security experts have revealed that this message includes trojan horse and other types of viruses. You should remove this scam letter as soon as you receive it.

Facebook Automatic wall post virus

Facebook Automatic Wall Post virus is a cyber infection created for increasing the traffic to specific domains. Besides, it may negatively affect your computer's security and try to steal your personal information.

This virus makes people visit the website by showing a tricky message which claims “Sexiest Video ever” and includes a link leading to an unknown website. Besides, it automatically makes a post on your wall and spreads in this way. If you see such message, which seems like it has been posted by your friend, you should remove it from your wall immediately.

Facebook friend request virus

Facebook Friend Request virus is a dangerous threat which sends friend requests from user's account to unknown people or, even worse, the ones who have been already blocked by a user. It has been reported that sometimes this virus manages to send more than 100 invites to random people.

The point of creating and using this hasn't still been revealed. However, some experts claim that this threat may be used for taking over computers, shutting down their anti-virus programs and similar activities.

Facebook Change color virus

Facebook Change Color virus is a sneaky variant of the Facebook virus relying on a message offering to change your social network's background to pink, red, black or another color.

Just like other types of this threat, it may come to your inbox from one of your contacts which has also been tricked by this scam message. Typically, it includes a malicious link helping for scammers to drive more traffic to their online survey. If you click on this link, you will send this scam message to all your contacts.

Facebook Child Porn virus

Facebook Child Porn virus is a dangerous application, which is circulating on Facebook in a form of pornographic video. It may seem that the message, which has this video attached, was sent by your friend and it is safe. However, after opening it, it becomes clear that it's related to child pornography.

Some victims report that it contains a phrase “watch this if you're curious.” Once opened, virus automatically attaches to your Facebook account and shares this video with all of your Facebook friends.

The picture of Facebook virus
You can also get infected with Facebook virus after being convinced that someone is laughing at your picture.

Facebook Ray Ban scam is another trick by criminals which is still present in 2018

Facebook Ray Ban scam is currently one of the most popular versions of FB virus on the Internet. Users report that they have received suspicious offers on the social media platform to purchase Ray Ban glasses half the original price. We want to warn you that there is a similar hoax, known as Virus Ray Ban Instagram

Ray Bans on sale? This social engineering trick can attract everyone who desires to obtain these fashionable eyeglasses for less. Sadly, attempts to buy them for a ridiculously small price lead to unexpected consequences.

The victims of Facebook Ray Ban virus usually have a password-stealing malware installed on their computers. As soon as frauds find out victim’s Facebook login details, they access the account and use it to post images promoting fake Ray-Ban deals, tag victim’s friends in them, create groups, events and take other illegal actions.

These phishing websites will never provide any glasses to potential buyers because their only purpose is to rob the victims and steal their credit card details. If you bought something off those fake websites, you should contact your bank ASAP and cancel the transaction. You should also change all of your bank passwords and take other steps to protect your privacy.

In case you noticed that your friend posts these Ray-Ban related posts and tags others into them, you should contact him/her and tell them to check their computer with an anti-malware software to remove Facebook Ray Ban virus. The culprit might be an obfuscated keylogger set to steal all of the passwords and login details.

At the same time, they should change their password and go to Settings > Account Settings, then to Security and log in and disconnect all devices that are logged into their Facebook account. Victims should also untag themselves from such posts.

If your Facebook account was hacked by Ray Ban virus, you should go to Facebook Hacked page and report a compromised account.

Locky ransomware is distributed via Facebook Messenger

One of the versions of the Facebook virus is designed to send deceptive messages via Facebook Messenger to infiltrate the system with Locky ransomware. Usually, the person receives an innocent looking text and a link which can appear as photo_4837.svg or photo_8470.svg. As soon as the user clicks on it, the system is infected with a file-encrypting virus.

Additionally, the criminals are trying their best to make the message seem convincing, so they add the following phrases:

  • Look at this video; 
  • My newest video; 
  • OMG! I can't believe this!, etc.

We should also add that the most of these links look like they were sent to you by one of your friends, so there is no surprise that the latest attack of Facebook virus (it was initiated on the end of September 2016) managed to infect more than 800,000 users[10]. It is unknown how many users were tricked in November 2016 attack, but the number is suspected to be similar.

By clicking such link, you infect your Facebook account and start spreading Facebook virus yourself. Besides, such malware can easily infect your computer with the most dangerous computer viruses that are active during the distribution.

Besides, such threats have actively been used for acquiring sensitive information, such as logins, financial information, and other data which is considered confidential. Unfortunately, hackers have already managed to release multiple versions of this threat. All of them are listed below.

If you think that you are dealing with problems on your Facebook account, you might be infected. Check your wall for spammy posts, go thru your Messages for misleading links. If you can remember clicking them, you must remove Facebook virus ASAP. There are several ways to fix your Facebook account and the affected PC system. One of them is to run a full system scan with Reimage.

Image of malicious messages that spread Facebook virus
Facebook virus has been spread with the help of fake messages trying to convince victims that there is a video related to them spreading on this social network.

Video virus is successfully infecting computers in 2018 as well

Facebook video virus is a tricky scam which is particularly created to distribute potentially unwanted programs (PUPs) or even malware via messages on Messenger. Experts noted that it is still active in 2018, so people must be extremely cautious. Those who have been infected say that they have received a direct text from one of their Facebook friends which includes several elements and a suspicious link:

  • targeted victim’s name;
  • word “video”;
  • random emoji.

When a user clicks on the infected link, the virus starts spreading the same message to all victim’s contact list. Therefore, it works like a chain reaction. Therefore, it is also reported that the virus can send messages in a different language. For instance, in the Netherlands, these messages are written in the Dutch language.[11]

The recent version of Facebook video virus is suspected to be spreading via Google Chrome extensions. However, it is designed to prevent victims from removing it easily. This happens when the malware does the following:

  • Performs arbitrary modifications on the browser;
  • Blocks user’s access to browser’s extensions;
  • Might close Chrome when a user tries to open them.

After the attack, users are advised to reset Google Chrome by following these steps: open Chrome Settings > go to Advanced > Reset and click “Reset” option. However, this may not work. If you Facebook friends continue on reporting about messages sent from your account, you have to uninstall Chrome from your device.

What is more, if your account was hacked, you should also set a new Facebook password and change other accounts passwords. It’s unknown what information cybercriminals can access and what damage they might cause to the personal user’s information. Therefore, victims are suggested to protect sensitive data.

The malware has spread worldwide

Facebook virus is a dangerous cyber threat which has already infected computers all across the globe. Cybersecurity specialists have reported about the Facebook Youtube video version of the malware. At the end of 2017, this virus has tried to deceive credulous people and open a malicious link. It has also spread via Messenger with the following elements:

  • Link to the video;
  • Profile picture of the receiver;
  • Ohh! det är verkligen du?” (“Oh! Is it really you?”) message.[red en-13]

The link directed victims to a YouTube page. It asked you to download a specific plug-in to play the video. Though it may seem more credulous, note that once a proper video link is attached in a Facebook chat window, it displays the icon of the video with a screenshot of the video content.

In this scam, the link does not reveal anything except the YouTube brand name. Like previous versions, the scam is spread to all the contacts of an infected user. The developers of this scam might have set up a few fake accounts as well to keep the distribution of the scam. 

Unfortunately, Facebook virus revealed its new capabilities in December 2017. First of all, it started attacking new countries, such as Vietnam, Netherlands, and Spain. The virus still tries to spread around as Youtube-related video, so make sure you ignore messages that use “video_ (4 random numbers)” name. 

After clicking this message, you can run into two different scenarios:

  • Facebook virus can redirect you to a fake Youtube page asking to update Adobe Flash Player. According to the latest news, this way you can get infected with an adware-type program that can potentially redirect you to malicious websites or track your browsing.
  • You can get infected with an infamous Monero miner, alternatively known as Digmine. In this case, your computer's resources can be used to mine virtual currency. Besides, this attack involves a malicious Chrome extension which misuses Facebook auto-login feature and connects to the victim's account to continue the distribution of the malicious video link. 

Distribution of Facebook virus and other hoaxes

The primary and most successful distribution technique of the malware is malicious Messenger messages that contain an infected link[12]. They are well-designed to make sure that people would fall for the fraud. This way, once the link is clicked, hackers have the access to hijack Facebook account and start the chair reaction of infections.

In addition, if not eliminated, Facebook virus can infect your computer with a trojan horse that starts its activity as soon as it enters the system. It can track you for years to steal your personal information or it can download other viruses to your computer, including ransomware-type threats that can encrypt your files with an advanced encryption algorithm and then start asking you to pay a ransom.

An alternative way used by Facebook virus to infect its victims is related to hacked apps. If you are tricked into granting them with the access to your account, you can find out that your social account was hijacked. Finally, using a weak password is also considered one of the main ways used by Facebook malware to affect its users.

The latest version of malware is noticed spreading via Google Chrome extensions. The problem with this distribution method is that users were forbidden from access Chrome settings and remove the malicious app unless they reset the browser or uninstall it entirely.

You must uninstall Facebook virus to protect your account and others

It is essential to understand that hackers are good at social engineering tactics and you shouldn't trust unknown people on the social media platform. You can avoid Facebook virus if you never click on:

  • Suspicious links;
  • Messages from unknown people;
  • Unreliable file downloads.

If you can't resist the temptation, send your friend a message BEFORE clicking the provided link and ask him or her about it. Additionally, avoid accessing every game or another app on the social network because it may be hacked by cyber criminals.

If you have been tricked by any of these types of Facebook virus, you should change your Facebook's password ASAP in order to avoid identity theft and the loss of personal information. Additionally, contact your friends and let them know that your account is hacked. Finally, download Reimage or Malwarebytes MalwarebytesCombo Cleaner to scan your computer and prevent infiltration of malware. It can remove Facebook virus and its outcomes within several minutes.

Do not forget to update the software before running a scan to be sure that your PC is virus free. Some of you might try to perform manual Facebook virus removal on their computers. While you can fix your account manually, we would like to warn you that the threat which travels around together with this threat can remain undetected on your computer. 

If Facebook virus is bothering you, please, follow these steps:

Check App settings:

  1. Login to your Facebook account and click this little triangle on your right;
  2. Click Settings to open General Account Settings window;
  3. Look on your left and select Apps;
  4. Click Edit button on Apps, Websites and Plugins option;
  5. Select Disable to protect your account from unauthorized access of third party apps. 

How to disable third party apps on Facebook

If you got infected with Facebook video virus, you should reset Google Chrome by following these steps:

  1. Go to Chrome Settings.
  2. Go to Advanced.
  3. Choose Reset.
  4. Click “Reset” button.

If you continue receiving complaints about malicious messages sent from your account, it means that Chrome reset did not help to delete the virus. In this case, you have to uninstall Chrome from the device because this version of virus spreads via Chrome extensions that might be nearly impossible to remove.

Change your Facebook password:

  1. Click the same little triangle on your right;
  2. Click Edit next to Password option;
  3. Enter your current password and the new one. Retype it and select Save changes.

Scan your computer with security software:

A full system scan is recommended to prevent the further damage of Facebook virus. By running a full scan with Reimage or similar software, you will ensure the removal of trojans, ransomware-type viruses and similar malware which has been spread with the help of this virus.

do it now!
Reimage (remover) Happiness
Reimage (remover) Happiness
Compatible with Microsoft Windows Supported versions Compatible with OS X Supported versions
What to do if failed?
If you failed to remove virus damage using Reimage, submit a question to our support team and provide as much details as possible.
Reimage is recommended to remove virus damage. Free scanner allows you to check whether your PC is infected or not. If you need to remove malware, you have to purchase the licensed version of Reimage malware removal tool.
Alternative Software
Different security software includes different virus database. If you didn’t succeed in finding malware with Reimage, try running alternative scan with Malwarebytes.
Alternative Software
Different security software includes different virus database. If you didn’t succeed in finding malware with Reimage, try running alternative scan with Combo Cleaner.

About the author

Jake Doevan
Jake Doevan - Computer technology expert

If this free removal guide helped you and you are satisfied with our service, please consider making a donation to keep this service alive. Even a smallest amount will be appreciated.

Contact Jake Doevan
About the company Esolutions


Removal guides in other languages