Update: Another virus hits Yahoo! Messenger.

A virus which is not new to Yahoo!'s network seems to be hitting it again. A Romanian website for security warns users of Yahoo! Messenger about its existence and offers help in fixing it. This virus sends various links, most of them referring to Facebook (so this creates confusion between users). Some of them are pasted here:

• http://ow.ly/2D4zB?=www.facebook.com/photo.php
• is this you on pic?  http://ow.ly/2cWs2?=www.facebook.com/photo.php
• foto :D http://ow.ly/2d3aB?=www.facebook.com/photo.php
• foto :D http://ow.ly/2cTes?=www.facebook.com/photo.php
• foto :D http://ow.ly/2bmMb?=www.facebook.com/photo.php
• foto :D http : //ow.ly/2b7Xp?=www.facebook.com/photo.php
• foto :D http://ow.ly/2aG6r?=www.facebook.com
• foto :D http://ow.ly/2arJj?=www.facebook.com
• foto :D http://ow.ly/2aHoc?=www.facebook.com

The virus asks user to download a file, which is, of course, the virus. Here are some examples of files containing the virus:

• 012457566896789-JPG-www.facebook.com.exe
• PIC348u6234-www.facebook.com.JPG.exe
• n719753102_09.JPG-www.facebook.exe
• n11975310_09.JPG-www.facebook.exe
• n11975310_09.JPG-www.facebosok.exe
• n777719102_09.JPG-www.facebook.exe
• 102_09.JPG-www.facebook.exe 
• 9.JPG-www.facebook

Normally, an antivirus program should detect the malware and remove it, but if it doesn't (or you don't have one), you may download Palevo Removal v2 from here. This program should automatically close the virus and remove it. All you need to do then is to reboot. 

Note: Windows 7 and Vista users must click "This program works correctly" when prompted. 


Thanks to the Romanian website called IT Security which made everything possible. (Google translated webpage here).


Update: The admin from IT Security warned me that the virus is downloading more and more files with strange names (it's quite impossible to keep up with it). He also told me that using Malwarebytes should help much (download here). Make sure to update after installation and then perform a full scan.