NEWS
PARASITES
SOFTWARE
FORUM
DIRECTORY

 
 
 
 
 
 
  
Title: Koobface
Type: Worms

Remove Koobface. Removal instructions


 
Also known as: W32/Koobface,W32.Koobface,W32/Koobface.AZ,Boface
Severity scale:Koobface severity is 72  (72 / 100)
 
Koobface worm is distributed on social networks, usually on MySpace and Facebook. It embeds itself on victim’s profile and displays links to malicious websites. The websites promote video codec which is actually the Koobface worm. Those sources might also install the worm without notifying visitors.

Koobface is also known as W32/Koobface, W32/Koobface.AZ, W32.Koobface and Boface. Once it gets on a machine, it checks if there are cookies of social networks. If it finds the cookies, it infects victim’s profile. If Koobface worm can’t find evidence of social networking websites, it simply erases itself.

Koobface also loads pop-ups that look like MS Windows error messages. The pop-up contains the following text: “Error installing Codec. Please contact support.”

Related files: Ld12.exe, fmark2.dat, fbtre6.exe, ld08.exe, freddy79

Koobface properties:
• Connects itself to the internet
• Hides from the user
• Stays resident in background

Automatic Koobface removal:

remover for Koobface
SpyHunter is recommended remover to uninstall Koobface. You should confirm using free trial that it detects current version of parasite.

Note: Manual assistance required means that one or all of removers were unable to remove parasite without some manual intervention, please read manul removal instructions below.

If you failed to remove Koobface using SpyHunter please report this to us.

We might be affiliated with any product we recommend on the site. Full disclosure in our Agreement of Use.
STOPzilla
download | review
We are testing STOPzilla's efficiency at removing Koobface (2012-01-14 08:49:30)
Malwarebytes Anti Malware
download | review
We are testing Malwarebytes Anti Malware's efficiency at removing Koobface (2012-01-14 08:49:30)
Spyware Doctor
download | review | tutorial
We are testing Spyware Doctor's efficiency at removing Koobface (2012-01-14 08:49:30)
XoftSpySE Anti Spyware
download | review

Koobface manual removal:

Kill processes:
freddy79 fbtre6.exe mstre6.exe ld08.exe Ld12.exe
HELP:
how to kill malicious processes

Delete registry values:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Current Version\Run\"systray" = "c:\windows\mstre6.exe"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Current Version\Run\"systray" = "C:\Windows\fbtre6.exe"
HKEY_CURRENT_USER\AppEvents\Schemes\Apps\Explorer\Navigating
HELP:
how to remove registry entries

Delete files:
freddy79 fbtre6.exe fmark2.dat ld08.exe Ld12.exe
HELP:
how to remove harmful files
Information added: 2008-11-24 03:25:53
Information updated: 2012-01-14 06:12:15

Additional resources related to Koobface:

Attention: If you know or you have a website or page about Koobface removal, feel free to add a link to this list: add url
more resources
0
0
<Guest>
I also had to remove a file "freddy51" from the C drive as well.
2009 07 27
0
0
rodi
Thanks, although this file has other anmes as well. Previously it was freddy46, freddy49. Now, it's freddy51. Later it could be freddy52, freddy53 and etc.
2009 07 27
1
0
<Guest>
Removed Koobface using AVG, but still can Not connect to the Net using Internet Explorer even after changing the LAN Settings to automaic detect settings from Use a Proxy server. Please help
2009 08 17
0
0
<Guest>
yah it's freddy64 now
2009 09 17
0
0
<Guest>
it's freddy79. i was able to manually stop the processes, found the registry entries and deleted them but "freddy79" remains in C:Windows. If anyone has suggestions on getting it deleted, please post. It will no longer let you delete the file.
2009 12 30
0
0
rodi
Thank you, we added freddy79 to the list too. Just download an automatic removal tool and run a system scan. I'm afraid that manual removal won't work for you.
2009 12 31
0
0
<Guest>
i hate this stupid virus
2010 01 05
0
0
<Guest>
I just cleaned this from a friend's laptop last night. It was up to freddy81.
2010 01 28
0
0
<Guest>
im finding bills now, is that bad?
2010 03 16
0
0
<Guest>
I don't find the fbtre6.exe, I find fbtre19.exe. Should I remove it?
2010 03 21
0
0
<Guest>
Found it on mine as bill104.exe? Or is that another one?
2010 03 24
0
0
<Guest>
Found as bill 106.exe
2010 04 03
0
0
<Guest>
Koobface is nasty. It blocked me from many Internet sites by preventing DNS translation. I couldn't update my antivirus program (Avast). Ultimately I was able to rid myself of this beastie by running Microsoft's Malicious Software Removal tool (MRT.exe).
2010 04 06
0
0
<Guest>
dies this affect mac users also? if so, how do i manually remove it on a mac? thanks
2010 04 10
0
0
<Guest>
MUCH THANKS
2010 04 11
0
0
hey
dident work :(
2010 04 13
0
1
callum-MS-FB
ok just get avg or norton or a good anti virus and it will detect it and remove it
2010 05 04
0
0
<Guest>
Avira (free) gets rid of Koobface
2010 06 11
0
0
<Guest>
uhh, i found a bill something, but deleted it as soon as i found it (i run in safemode so i know what processz arnt suppose to be there) but i cant find it anywhere on my laptop, any help on where bill105 would be in the registry?
2010 07 29
0
0
Akio
hey guys after i infected with koobface my Google Chrome cant login facebook and any google related sites. Is it also koobfaces effect??
2011 08 23
0
0
Saleem
Avira gets rid of koobface.
2011 11 19
0
0
nazi
ya
2011 11 19

Post Comment:

Attention: Use this form only if you have additional information about Koobface parasite, its removal instructions, additional resources or behavior. By clicking "post comment" button you agree not to post any copyrighted, unlawful, harmful, threatening, abusive, harassing, defamatory, vulgar, obscene, profane, hateful, racially, ethnically or otherwise objectionable material of any kind.
Home page Name



«


* All field required
Latest spyware news:
Subscribe to news

Similar parasites:
Related discussions:
Compare spyware removers
Compare free products

HijackThis Log Analyzer Beta 2 HijackThis Log Analyzer Beta 2

I failed to remove Koobface using SpyHunter.

Email


Close

Spreading the knowledge:

It is very hard to fight Computer parasites alone in internet space. If you have a website we would be more than happy if you would help us to spread the knowledge about latest threats. You can help your visitors to manage their Computer system manually without aditional expences. Knowledge is the power, we just need to spread it.
add text box
rss feed
help other
Latest Spyware Threats: Internet Security 2012 | Win 7 Total security 2012 | System Check | Win 7 Internet Security 2012 | Win 7 Home Security 2012 | Win 7 Antivirus 2012 | Win 7 Antispyware 2012 | Vista Security 2012 | Vista Antivirus 2012 | Vista Antispyware 2012 | XP Antispyware 2012 | XP Antivirus 2012 | XP Security 2012 | XP Home Security 2012 | Security Shield
Agreement of Use | Privacy policy | Webmasters | Contact us | RSS Feeds
© 2001-2011 2-spyware.com All Rights Reserved. Reproduction in part or whole without written permission is prohibited. Powered by: eSolutions.