THREAT REMOVAL

Facebook Virus – How to Remove It (for PCs and Smartphones)

This article will help you remove all types of Facebook viruses and scams from your computer and increase your Facebook security.

Being the largest social media platform in the world is quite the achievement, but it also comes with quite the responsibility. Users are bombarded very often with scamming advertisements of different nature, most of which get them to watch a video or visit an article. Usually these very same marketing tricks used as click bait work when malware is the object advertised, which is very bad news for security vendors and users. In this article we aim to show you some of the most notorious Facebook viruses out there and provide removal instructions in case you experience symptoms of those viruses on your computer. We have also included some tips on how to increase the protection against such threats in general.

Update July 2019! What is Facebook Virus? What does Facebook Virus do? How to get rid of Facebook Virus?

SIDENOTE: This post was originally published in September 2018. But we gave it an update in August 2019

The Facebook Viruses

Watch This Video Of You Facebook (Update August 2019)

Recently a SPAM wave of phishing sites related to the Facebook social network have been set against end users worldwide. These pages are usually hosted on similar sounding domain names and may use security certificates that are self-signed. There are several variants under which this threat can appear as:

  • Phishing Login Pages — The users can be presented with fake login pages that copy down the exact page used by the social network. The title “Watch This Video of You Facebook” can be placed in the head of the page, as the title or somewhere inside the contents. If the users enter these pages then they will be asked to input their Facebook account data. This will automatically transmit it to the hacker operators.
  • Malicious Facebook Applications — They can easily be uploaded to the Facebook page and appear as legitimate and useful plugins, extensions, games or applications. Using fake or hacked developer credentials the victims may be enticed into opening them. The descriptions will feature descriptions that will promise new additions and functionality.
  • Multimedia Redirect Content — Using fake, hacked or automatically generated user profiles links to the dangerous content can be posted on their wall, story or in groups. In most cases the links can be hidden in URL shorteners or through link descriptions that can be related to other tools, games or sites.

The “Watch This Video of You Facebook” threat as a dangerous phishing threat will be used to harvest user data and report it to the hacker operators. They can use it to hijack their data and use it to commit other crimes like blackmail, identity theft and financial abuse.

If the virus is set to carry out other malicious actions they can include any of the following actions:

  • Data Theft — In certain situations the effects of the threat can lead to the gathering of sensitive information. This is very dangerous as the information can be cross-referenced on other malware sites as well.
  • Additional Payload Delivery — The “Watch This Video Of You Facebook” virus can be used as a conduit for spreading other threats. They can range from ransomware and Trojans to cryptocurrency miners.
  • Site Redirects — This is a very dangerous action as it will automatically launch certain hacker-controlled pages as soon as the victim users access the plugin.
  • Adware Content Display — As soon as the “Watch This Video of You Facebook” threat is accessed the hackers can include adware of various types that will be presented to the users: pop-ups, text links, banners and etc. For every displayed ad or user interaction the hackers will receive compensaion directly to their digital wallets.

Facebook Messenger Virus (Update May 2019)

Facebook Messenger has also been targeted by the so-called “viruses” and scams. An example of a malicious campaign that targets Messenger users is the [wplinkpreview url=”https://sensorstechforum.com/rietspoof-malware-messenger-skype/”] Rietspoof malware that was distributed in the wild via Facebook Messenger and Skype just a few months ago. The malware was discovered by Avast, and is a multi-stage threat that combines file formats to create a “more versatile malware”.

Shortly said, in its last campaigns, the malware was aiming to infect victims, gain persistence on affected systems, and download more malware as per the instructions it received from the command and control server.

Another example of a threat for Messenger users is a recent scam that features a video(.)bz link and the name of the targeted user. According to security experts, the link could redirect the user to a site that requires to reconnect to Facebook. Beware that this is just an attempt to steal Facebook’s login credentials to eventually take over the victim’s account. The Facebook Mesenger virus may also start sending bogus messages to the victim’s contacts.


Short Description Scams and malware campaigns that are using Messenger to spread further.
Symptoms Victims may receive suspicious messages containing links in Messenger.


The Secret Sister Gift Scam on Facebook (Update November 2018)

Pretending as a gifts exchange, the [wplinkpreview url=”https://sensorstechforum.com/secret-sister-gift-scam-facebook/”]Secret Sister Gift scam is the type of Facebook scam which is oriented towards stealing users’ money by getting them to pay 10$ on it’s landing page to begin exchanging gifts. In reality however, it brings nothing more than headaches to users.


Short Description A scam, posing as a service for gift exchange with an entry fee.
Symptoms Posts various different types of scamming mesage


Facebook Important Notice Virus

The Facebook important notice virus is a recent phishing tactics that can extract sensitive data from the victims. Its address will feature Facebook-related strings and it may also feature security certificates to further manipulate the victims into thinking that they have accessed a page belonging to the social network. The users will be shown a fake notification that asks them to a new terms of service agreement by interacting with a login page.

If they click the relevant button they will be redirected to a page that resembles the real Facebook login. If the targets input their account credentials they will automatically be redirected to the hacker operators who will take over control of the accounts. The scam pages will be distributed using the most popular tactics: spam email messages, redirects, browser hijackers and etc.

The “Posting from My Profile” Facebook Scam Virus

[wplinkpreview url=”https://sensorstechforum.com/facebook-virus-posts-profile-picture-link/”]A virus, related to a suspicious Google Chrome browser extension, known as “YouTubeEx” has been reported to generate a post, appearing as it is from the official Facebook page of YouTube. The post simply had the word “Video” written on it and nothing else besides that. When the user clicks on this suspicious video, he or she experiences a browser redirect to a suspicious website that force-adds the suspicious browser extension. As soon as this extension Is added, it may obtain credentials of your Facebook account and begin sharing and posting from your Facebook profile.


Short Description A complicated virus which primarily posts on your behalf in social networks, but also may employ malware
Symptoms Postings of viral videos on your behalf in Facebook. Sending messages to friends with malicious web links in them. Suspicious browser extension in your web browser.


IKEA Katalog 2016 Table Swastika Facebook Virus

Few months ago a Facebook scam appeared spreading the image of an [wplinkpreview url=”https://sensorstechforum.com/ikeas-hadolf-swastika-shaped-table-is-a-facebook-scam/”]IKEA table looking like a swastika. Not only this but there was also a price for the table – 88 Euros. Interesting post, keeping in mind that it was originating from Duisburg, Germany and the number 88 is a sign used by Neo-nazis. Some believe the scam was made to boost IKEA’s reputation, some believe it is used as a click-bait to spread malware. Whatever the case may be the post was shared over 12,000 times.


Short Description A hoax IKEA brochure that may infect the computer with malware and redirect to multiple suspicious third-party websites.
Symptoms An image of a dinner table dubbed Hadolf shaped like a swastika.


“Small Humanoids Discovered In the U.S. Facebook” Virus Spam

This scam is probably one of the most popular I’ve stumbled onto from my “collection”. It represents a fake post of an article that says there have been [wplinkpreview url=”https://sensorstechforum.com/new-facebook-scam-small-humanoids/”]small human-like creatures that were discovered somewhere in the United States. It actually led to a suspicious third-party website that led them to the video. Users were asked to complete a survey to watch the video, though, which asked for their personal and financial information.


Short Description Leading to a third-party sites that prompts the completion of a survey to watch the video.
Symptoms Transfers users to a third-party site instead of immediately letting them watch the video. The picture below featuring as a status update in Facebook News Feed from one of the user’s friends or a Facebook group.


The “Zuckerberg has left Facebook” Virus

The [wplinkpreview url=”https://sensorstechforum.com/mark-zuckerberg-has-left-facebook-life-event-scam/”]“Zuckerberg has left Facebook” scam was as classic as it was genius. Someone, who understood coding made this, because whoever that was found a bug that could change life events, statuses and other interesting details of users. A researcher, named Sachin Thakuri discovered the bug, yet Facebook refused to fix it. This was a potentially dangerous scam, and it may have led to some people being pissed off for sure.


Short Description A virus spreading through a scam that takes advantage of a Facebook bug allowing it to manipulate life events of users.
Symptoms Your life events, relationship status and other details may change and become public.


Duplicate Profiles Facebook Virus

Ever received a Facebook invite from someone you know twice? Well, this [wplinkpreview url=”https://sensorstechforum.com/new-facebook-scam-fake-duplicate-accounts-fraud/”]Duplicate Profiles scam is one of the more modern ways to send you malware and infect your PC or smartphone. What the virus does is that it takes the friends list of the victim and then duplicates their profile to send another friend request and infect their computer via malicious attachments and chat messages. This is still on the loose, so beware!


Short Description Creates a duplicate profile of the victim to be used for malicious purposes, such as infecting his friends with malware.
Symptoms Friend requests from a duplicate profile of yours sent to your Facebook buddies.


The “Starbucks Gift Card” Facebook Virus

This hipster-Starbucks-loving oriented scam targeted mainly fans of the notorious company, asking them to share and invite friends to a fake Starbucks Facebook group. Classic way to boost a group and then change it’s name to what you want, right?


Short Description Displays a fake promotion asking to join a potentially hazardous Facebook group.
Symptoms Shared posts of a promotion for Starbucks if you invite friends.


The “Dislike Button” Facebook Malware

Remember back then, when Facebook had a new design and decided to allow only some users to test it? Well, this scam took advantage of that, pretending to allow only “few” to test the upcoming dislike button. There was no such thing, however.


Short Description Posts, advertising a fake dislike button that lead to malicious third-party website.
Symptoms Added suspicious browser extensions, sluggish computer, posts from your profile and shares and automatic likes of unknown Facebook groups.


The Facebook “Change Color” Facebook Virus

The [wplinkpreview url=”https://sensorstechforum.com/removal-of-facebook-change-color-virus/”]Facebook “Change Color” virus was as classic as it was widespread. It’s goal was to primarily advertise a dubious browser extension that collects your sensitive information and helps spread the scam further. No FB colors were harmed during the making of this scam, only personal information.


Short Description Steals valuable information on a victim`s PC via malware.
Symptoms Users are redirected to fake Facebook phishing pages, pop-ups, online survey scams.


The “You’ve got an iPhone” Phishing Facebook Virus

I mean sure it may work for some people, but it takes another level of no experience to click on this thing and enter your credit card details, besides seeing a scam for the first time in your life, of course. Either way, it appears that many fell for the [wplinkpreview url=”https://sensorstechforum.com/remove-youve-randomly-selected-test-new-iphone-9-ads/”]“You’ve got an iPhone” trick and may have entered their details. The suspected method of spreading is via unwanted software and ad-supported applications.


Short Description Pop-up pretending to be Facebook caused by a potentially unwanted application, installed via bundling.
Symptoms “Every Monday we select one lucky visitor to get a special offer from our sponsors, as our “thank you” for being a loyal Facebook mobile user” message.


The “Free Southwest Airlines Tickets” Facebook Virus

This virus begins to lead you towards a survey pretending to be from Facebook, but is actually a phishing web page, reported to also be malicious and use unauthorized tracking technologies. Whatever the case may be, this virus besides spreading in Facebook directly, could also be seen if you have a potentially unwanted program installed on your computer.


Short Description Fake event portraying free tickets if you enter your personal information.
Symptoms Users may witness phishing pages, computer slowing down and pop-ups of the scam image above.


The “My Secret Video” Facebook Virus

This scam attacked mobile devices, it was pretty clever at it too. Most hacked profiles posted on other profiles or their own timelines a video named “My secret video”. This was to sort out the inexperienced from experienced users. As soon as inexperienced user opens it, the scam displays a fake Android update, which is basically malware that aims to take control over your Android smartphone.


Short Description Redirect to a fake upgrade of Android, flash player or java.
Symptoms After installing the malicious application the user may see posts on his Facebook profile without his consent.


Photos of Ray-Ban Sunglasses Facebook Virus

Ever seen a sales page leading to an external link. Well, this is what makes such scams pretty slick. You can’t differentiate the actual retailer from the scamming or malicious web page. Well, you can but it kind of requires some experience. Slick and devious! Besides that this scam infects users with malware, it may also be spread via infected computers and compromised or inactive Facebook profiles.


Short Description Malicious smartphone application or browser extension that posts from your profile.
Symptoms Unauthorized shared posts of Ray-Ban sunglasses.


Nike Shoes Facebook Virus (Scam)

The Nike Shoes scam is one of the recent and new Facebook scams and is likely sent by the same people who are responsible for the Ray-Ban Facebook virus. The scam is likely spread via a very specific software that hijacks the Facebook profiles of victims and then begins posting from the victim’s compromised account.

The Nike Shoes scam may propagate via special software that not only hijacks your Facebook profile but hijacks your browsing activity in general. The possibilities of getting this software are many. And what is worse is that the malware may also spread across victims’ smartphones as well. One victim has reported the following, concerning the Nike Facebook Virus scam:

Craig Powers
4 August at 09:06 ·
Dear Facebook I’m so tired of the SCAM ads that pop up…IE “Take this short survey”, “Nike shoes $7.00” and on and on! I report these every time but I still see them everyday? Like MySpace, Facebook is changing into one big commercial scam instead of what it was intended to be! Add in the fact that now we only see a small percentage of our friends post too. Facebook in the past always got better over time but in the last few years has gotten much worse! There is a wide open hole for a new social media platform that is scam free with better customer service! Mark Zuckerberg please fix this! #CP

The scam’s end goal is to take victims to a fake Nike Website, the idea of which is to enter your financial details and buy shoes that may not even arrive. Not only users risk their information by doing so, but they also risk all of they money as well, since the fake site does not have anything remotely to do with the original one:


Short Description Malicious smartphone application or PC browser extension that posts from your profile.
Symptoms Unauthorized shared posts of Nike Shoes.


Facebook Virus Posts Your Profile Picture With a Link

The discovery of this [wplinkpreview url=”https://sensorstechforum.com/facebook-virus-posts-profile-picture-link/”]Facebook virus originated from multiple reports from users of a virus that takes over your Facebook profile and posts your own profile picture to your friends, along with a malicious web link. Here is one of the reports from victims:

“IMPORTANT:
THERE IS A NEW VIRUS ON THE NET!
I ALREADY DELETED SEVERAL POSTS ON MY FACEBOOK WALL FROM MY FB-FRIENDS, WHO DO NOT HAVE ANY IDEA WHAT IS HAPPENING! THE POST IS MY PROFILE PICTURE WITH A VIDEO UPLOADED TO IT! DO NOT OPEN UNLESS YOU SEE THIS AND IMMEDIATELY DELETE IT! IT COULD BE YOUR PHOTO WITH A VIDEO ATTACHED; THIS IS THE VIRUS!”

Short Description Works based on how a botnet operates. Aims to steal information.
Symptoms Slow computer. Notifications from friends begin to appear on your Facebook timeline.


Remove Facebook Viruses from Your Smartphone and Your PC

In case you have experienced the symptoms from the viruses above, we strongly recommend following the removal instructions below. They are carefully designed to help you remove these viruses from your computer and your smartphone.

Delete Facebook Virus from your smartphone

1. Back up the data on your device

Back up the data on your phone

CAUTION! Before attempting any removals and drive formatting on your device, you should know that it is essential to save all your important contacts and files from your phone. There are several methods to backup your files:

Method I: Using online backup software or a memory card if the device supports it.

Method II: Connecting to another device and copying the data directly.

This is a bit risky option since the device may have malware on it. This is why, first you need to enter the device’s Safe Mode:

For RAZR Droid Devices:

1.Switch off the smartphone and remove the battery for a few seconds then plug it back in.

2.Switch the phone on.

3.You should see a Motorola Dual Core screen appearing. You should press and hold the Volume up, and Volume Down keys on the side of the smartphone. Hold them until the lock screen shows up with ‘Safe Mode’ written in the lower corner.

For HTC Devices:

1.Switch off the smartphone and remove the battery for a few seconds then plug it back in.

2.Turn on your phone while simultaneously holding down the Menu Button. When it starts, keep pressing the Menu Button until you see ‘Safe Mode’ menu appearing in the lower corner.

For Nexus devices:

1.Switch off the smartphone and remove the battery for a few seconds then plug it back in.
2.Turn on the phone.
3.When the welcome Logo Screen shows up, hold the trackball while pressing it until a lock screen shows up, or you see ‘Safe Mode’ written in the bottom corner.

For Other Motorola Devices:

1.Switch off the smartphone and remove the battery for a few seconds then plug it back in.
2.Hold down the Menu Button after you press it while turning on the phone. When it boots, hold the button down upon seeing the lock screen or feeling the phone vibrate.

For Moto G Devices:
1.Press the Power Button and hold it on until the list with options pop-up.
2.Hold the Power off button and wait for a ‘Reboot to Safe Mode’ option to appear.
3.Tap it and let the phone reset.

For Samsung Galaxy Devices:

1.While the device is on, hold down the Power Button and wait for the Options List.
2.Wait for a ‘Restart to Safe Mode’ option to appear.
3.Choose this setting. The device will restart.

For Apple Devices:

1. While your device is locked, hold down the Power Button and the Home Button until you see a white Apple logo.
2. Once you see the logo, let go from those buttons and start holding the Volume Up button. (Give it a little time to boot up)
3. Now the phone should boot in Safe Mode without any third-parties running.

And now it is time to proceed by doing the actual backup:

Apple iOS

1. Connect your device and select it in iTunes.
2. From the Backups section go to Manually Back Up and Restore and tap on Back Up Now.

Android

1. Connect your device via USB to a computer and select Use as a Media Device. You may also see use as file transfer option.
2. Go to your phone from My Computer and copy all the files you need.
3. If the phone has an option to install its drivers onto your computer, select it and install them since this will simplify the process of copying your contact list on your computer.

2. Hard-reset your device and remove Facebook Virus

Hard-Reset Your Smartphone

For Apple iPhone and iPad Devices:

Option I: Via the device

1.Back up your data using iCloud or another backup method.
2. Go to the Settings menu and go to General.
3. On the bottom, tap on Reset.
4. Tap on Erase All Content and Settings.
5. Confirm it by tapping on the red Erase button and then type your password.

Option II: Via iTunes

1. Connect your device and open iTunes.
2. Click on the device‘s name and model to open the dialog box.
3. From there, click on the button “Restore”

For Android Devices:

After you have backed up your files, you should perform a clean wipe-out of your phone. This can happen either via one of the options in Safe Mode or by entering your device’s Recovery Mode. Several methods exist in order to enter Recovery Mode of your device:

reboot-system

For Nexus Devices: – Hold the Volume Down + Volume Up + Power button until a Recovery menu appears. After that, you should select the Wipe Data/Factory reset option. Nexus 4 may work with Volume Up + Power + Volume Down.

For Samsung Devices: – Hold the Volume Up + Power Button + Home Button until a Recovery menu appears. After that, you should select the Wipe Data/Factory reset option.

For Motorola Droid X Devices: Hold the Home Button + Power Button until a Recovery menu appears. After that, you should select the Wipe Data/Factory reset setting.

For other devices with camera buttons on them: Hold the Volume Up + Camera Button until a Recovery Menu appears. After this, you should choose the Wipe Data/Factory reset option.

Also in case you have backed up your device in a Google Account, you will be able to restore your data after a complete wipe-out by just logging into your Google Account with you email and password.

Avatar

Ventsislav Krastev

Ventsislav is a cybersecurity expert at SensorsTechForum since 2015. He has been researching, covering, helping victims with the latest malware infections plus testing and reviewing software and the newest tech developments. Having graduated Marketing as well, Ventsislav also has passion for learning new shifts and innovations in cybersecurity that become game changers. After studying Value Chain Management, Network Administration and Computer Administration of System Applications, he found his true calling within the cybersecrurity industry and is a strong believer in the education of every user towards online safety and security.

More Posts - Website

Follow Me:
Twitter


Windows Mac OS X Google Chrome Mozilla Firefox Microsoft Edge Safari Internet Explorer

How to Remove Facebook Virus from Windows.


Step 1: Boot Your PC In Safe Mode to isolate and remove Facebook Virus

OFFER

Manual Removal Usually Takes Time and You Risk Damaging Your Files If Not Careful!
We Recommend To Scan Your PC with SpyHunter

Keep in mind, that SpyHunter’s scanner is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware removal tool to remove the malware threats. Read our SpyHunter 5 review. Click on the corresponding links to check SpyHunter's EULA, Privacy Policy and Threat Assessment Criteria

1. Hold Windows key() + R


2. The "Run" Window will appear. In it, type "msconfig" and click OK.


3. Go to the "Boot" tab. There select "Safe Boot" and then click "Apply" and "OK".
Tip: Make sure to reverse those changes by unticking Safe Boot after that, because your system will always boot in Safe Boot from now on.


4. When prompted, click on "Restart" to go into Safe Mode.


5. You can recognise Safe Mode by the words written on the corners of your screen.


Step 2: Uninstall Facebook Virus and related software from Windows

Here is a method in few easy steps that should be able to uninstall most programs. No matter if you are using Windows 10, 8, 7, Vista or XP, those steps will get the job done. Dragging the program or its folder to the recycle bin can be a very bad decision. If you do that, bits and pieces of the program are left behind, and that can lead to unstable work of your PC, errors with the file type associations and other unpleasant activities. The proper way to get a program off your computer is to Uninstall it. To do that:


1. Hold the Windows Logo Button and "R" on your keyboard. A Pop-up window will appear.


2. In the field type in "appwiz.cpl" and press ENTER.


3. This will open a window with all the programs installed on the PC. Select the program that you want to remove, and press "Uninstall"
Follow the instructions above and you will successfully uninstall most programs.


Step 3: Clean any registries, created by Facebook Virus on your computer.

The usually targeted registries of Windows machines are the following:

  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce

You can access them by opening the Windows registry editor and deleting any values, created by Facebook Virus there. This can happen by following the steps underneath:

1. Open the Run Window again, type "regedit" and click OK.


2. When you open it, you can freely navigate to the Run and RunOnce keys, whose locations are shown above.


3. You can remove the value of the virus by right-clicking on it and removing it.
Tip: To find a virus-created value, you can right-click on it and click "Modify" to see which file it is set to run. If this is the virus file location, remove the value.

IMPORTANT!
Before starting "Step 4", please boot back into Normal mode, in case you are currently in Safe Mode.
This will enable you to install and use SpyHunter 5 successfully.

Step 4: Scan for Facebook Virus with SpyHunter Anti-Malware Tool

1. Click on the "Download" button to proceed to SpyHunter's download page.


It is recommended to run a scan before purchasing the full version of the software to make sure that the current version of the malware can be detected by SpyHunter. Click on the corresponding links to check SpyHunter's EULA, Privacy Policy and Threat Assessment Criteria.


2. After you have installed SpyHunter, wait for it to update automatically.

SpyHunter5-update-2018


3. After the update process has finished, click on the 'Malware/PC Scan' tab. A new window will appear. Click on 'Start Scan'.

SpyHunter5-Free-Scan-2018


4. After SpyHunter has finished scanning your PC for any files of the associated threat and found them, you can try to get them removed automatically and permanently by clicking on the 'Next' button.

SpyHunter-5-Free-Scan-Next-2018

If any threats have been removed, it is highly recommended to restart your PC.


Windows Mac OS X Google Chrome Mozilla Firefox Microsoft Edge Safari Internet Explorer

Get rid of Facebook Virus from Mac OS X.


Step 1: Uninstall Facebook Virus and remove related files and objects

OFFER
Manual Removal Usually Takes Time and You Risk Damaging Your Files If Not Careful!
We Recommend To Scan Your Mac with SpyHunter for Mac
Keep in mind, that SpyHunter for Mac needs to purchased to remove the malware threats. Click on the corresponding links to check SpyHunter’s EULA and Privacy Policy


1. Hit the ⇧+⌘+U keys to open Utilities. Another way is to click on “Go” and then click “Utilities”, like the image below shows:


2. Find Activity Monitor and double-click it:


3. In the Activity Monitor look for any suspicious processes, belonging or related to Facebook Virus:

Tip: To quit a process completely, choose the “Force Quit” option.


4. Click on the "Go" button again, but this time select Applications. Another way is with the ⇧+⌘+A buttons.


5. In the Applications menu, look for any suspicious app or an app with a name, similar or identical to Facebook Virus. If you find it, right-click on the app and select “Move to Trash”.


6: Select Accounts, after which click on the Login Items preference. Your Mac will then show you a list of items that start automatically when you log in. Look for any suspicious apps identical or similar to Facebook Virus. Check the app you want to stop from running automatically and then select on the Minus (“-“) icon to hide it.


7: Remove any left-over files that might be related to this threat manually by following the sub-steps below:

  • Go to Finder.
  • In the search bar type the name of the app that you want to remove.
  • Above the search bar change the two drop down menus to “System Files” and “Are Included” so that you can see all of the files associated with the application you want to remove. Bear in mind that some of the files may not be related to the app so be very careful which files you delete.
  • If all of the files are related, hold the ⌘+A buttons to select them and then drive them to “Trash”.

In case you cannot remove Facebook Virus via Step 1 above:

In case you cannot find the virus files and objects in your Applications or other places we have shown above, you can manually look for them in the Libraries of your Mac. But before doing this, please read the disclaimer below:

Disclaimer! If you are about to tamper with Library files on Mac, be sure to know the name of the virus file, because if you delete the wrong file, it may cause irreversible damage to your MacOS. Continue on your own responsibility!

1: Click on "Go" and Then "Go to Folder" as shown underneath:

2: Type in "/Library/LauchAgents/" and click Ok:

3: Delete all of the virus files that have similar or the same name as Facebook Virus. If you believe there is no such file, do not delete anything.

You can repeat the same procedure with the following other Library directories:

→ ~/Library/LaunchAgents
/Library/LaunchDaemons

Tip: ~ is there on purpose, because it leads to more LaunchAgents.


Step 2: Scan for and remove malware from your Mac

When you are facing problems on your Mac as a result of unwanted scripts, programs and malware, the recommended way of eliminating the threat is by using an anti-malware program. Combo Cleaner offers advanced security features along with other modules that will improve your Mac’s security and protect it in the future.



Windows Mac OS X Google Chrome Mozilla Firefox Microsoft Edge Safari Internet Explorer


Remove Facebook Virus from Google Chrome.


Step 1: Start Google Chrome and open the drop menu


Step 2: Move the cursor over "Tools" and then from the extended menu choose "Extensions"


Step 3: From the opened "Extensions" menu locate the unwanted extension and click on its "Remove" button.


Step 4: After the extension is removed, restart Google Chrome by closing it from the red "X" button at the top right corner and start it again.


Windows Mac OS X Google Chrome Mozilla Firefox Microsoft Edge Safari Internet Explorer


Erase Facebook Virus from Mozilla Firefox.

Step 1: Start Mozilla Firefox. Open the menu window


Step 2: Select the "Add-ons" icon from the menu.


Step 3: Select the unwanted extension and click "Remove"


Step 4: After the extension is removed, restart Mozilla Firefox by closing it from the red "X" button at the top right corner and start it again.



Windows Mac OS X Google Chrome Mozilla Firefox Microsoft Edge Safari Internet Explorer


Uninstall Facebook Virus from Microsoft Edge.


Step 1: Start Edge browser.


Step 2: Open the drop menu by clicking on the icon at the top right corner.


Step 3: From the drop menu select "Extensions".


Step 4: Choose the suspected malicious extension you want to remove and then click on the gear icon.


Step 5: Remove the malicious extension by scrolling down and then clicking on Uninstall.



Windows Mac OS X Google Chrome Mozilla Firefox Microsoft Edge Safari Internet Explorer


Remove Facebook Virus from Safari.


Step 1: Start the Safari app.


Step 2: After hovering your mouse cursor to the top of the screen, click on the Safari text to open its drop down menu.


Step 3: From the menu, click on "Preferences".

stf-safari preferences


Step 4: After that, select the 'Extensions' Tab.

stf-safari-extensions


Step 5: Click once on the extension you want to remove.


Step 6: Click 'Uninstall'.

stf-safari uninstall

A pop-up window will appear asking for confirmation to uninstall the extension. Select 'Uninstall' again, and the Facebook Virus will be removed.


How to Reset Safari
IMPORTANT: Before resetting Safari make sure you back up all your saved passwords within the browser in case you forget them.

Start Safari and then click on the gear leaver icon.

Click the Reset Safari button and you will reset the browser.


Windows Mac OS X Google Chrome Mozilla Firefox Microsoft Edge Safari Internet Explorer


Eliminate Facebook Virus from Internet Explorer.


Step 1: Start Internet Explorer.


Step 2: Click on the gear icon labeled 'Tools' to open the drop menu and select 'Manage Add-ons'


Step 3: In the 'Manage Add-ons' window.


Step 4: Select the extension you want to remove and then click 'Disable'. A pop-up window will appear to inform you that you are about to disable the selected extension, and some more add-ons might be disabled as well. Leave all the boxes checked, and click 'Disable'.


Step 5: After the unwanted extension has been removed, restart Internet Explorer by closing it from the red 'X' button located at the top right corner and start it again.


Leave a Comment

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.

Stay tuned
Subscribe for our newsletter regarding the latest cybersecurity and tech-related news.