My wife got a message from yahoo messenger from her friend with this link “PIC675799074533-JPG-www.facebook.com.exe” Then she clicked on it and ran it. Now she is sending the same message to everyone on her list. I ran scan and stuffs but can’t find anything. Anyone has any advice or help on removing this? Thanks in advance.
Find a new wife
This…then change her password like yesterday. Notice that nice little .exe at the end of the file…That should have been a dead giveaway.
Well she is not computer person so she wouldn’t recognized it. I spent sometimes last night looking thru registry and run removal softwares in safe mode but can’t pick up anything.
Malwarebytes 1.46 with the most up-to-date definitions?
What A/V are you running? Uninstall Yahoo Messanger?
generally changing the password will get rid of it
Also, is this sending through facebook or the messanger program?
The PC is running Norton AV from UB 
I un-installed YM already and just changed the password. It’s jsut weird that I scanned that .exe file and it’s not detected it as a virus. Thank you everyone for your help.
there’s your problem
Anti virus doesn’t actually work go figure lol
Doesn’t ub give out symantec endpoint? Try using microsoft security essentials.
Sent from my Droid
ESET NOD32 Antivirus. end of story.
I am still willing to bet 90% of the malware people get won’t be stopped by AV
Yes it is. It’s AV+firewall. But I guess none of the AV can detects that. I just tried 4 different AV and none of them detect that .exe as virus.
http://www.virustotal.com/ upload it there
From my experience, virus scanners dont really do much to prevent infections. Theyre not even very good at removing them.
Your best bet will always be to not run shady files.
You can try running a few different scanners at the same time and hope that one of them can get it… But changing the Facebook password is required. I wouldn’t do it on that computer if possible…
Besides blatantly executing a .exe file most infections are from websites with malicious code that exploits vulnerabilities in your web browser/adobe reader/flash/quicktime most anti virus can’t do anything for this.
my wife “synchronized” her clock once in college… that was a hell of a phone call, LOL
Process explorer paired with autoruns is the best duo i’ve ever used.
Especially since both Flash and Reader install into the system32 folder IIRC. Java is another big exploit…make sure that shit is up to date.