Try Dr Web CureIt.
If that does not help, you will probably need to post a diagnostic log on one of the forums that handles them, so that more advanced tools and manual removal methods can be used.
This is no different from a so-called "friend" sending you a link in email. Apply the same caution at Facebook that you would using other online applications.
* Notify Facebook that your Friend's account has been hacked and that you downloaded malware from the link. (He probably has malware on his computer that allows the hacker access to his account, or he has a weak password to begin with.)
Facebook will disable the account until your friend has cleaned it up. If you are able to contact your friend by phone, do so and explain the situation.
Facebook provides a wealth of information on staying safe on the site. Unfortunately, people jump into using Facebook and don't bother to research first. The security community works with Facebook to monitor problems, but it is up to members to do their "homework". I suggest that you read all the Facebook Security information that is available.
You could start here: http://www.facebook.com/home.php?filter=nf#!/security?v=app_4949752878
Hello, I was recently on facebook when I got a message from a friend. The message was titled "Youtube" or something similar, and when I clicked the link in the message, I was taken to what I now assume was a fake Youtube (it also didn't really look like Youtube) and on the website, it told me I needed flash player 10, and automatically opened a download window. The program was titled 'setup', and did (seemingly) nothing when run. After a while, I noticed that my google searches were being redirected, and I also got the captcha*.dll file, which I've already removed. If someone could reccomend a program to remove the google redirecting thing for me, I would appreciate it. Malwarebytes didn't detect it, so don't reccomend that to me. Thanks!