Is your computer infected with Worm.Win32.Koobface? This step-by-step guide can help you safely and quickly remove Worm.Win32.Koobface. If you have any problem during the removal process, please contact Tee Support agents 24/7 online for more detailed instructions.

Worm.Win32.Koobface Description

Worm.Win32.Koobface is determined by Tee Support Labs as code with the rootkit-specific techniques designed to hide the software presence in the system. Worm.Win32.Koobface will download files to the computer without permission which will cause security danger. Worm.Win32.Koobface can even allow hacker has remote access to the infected computer. Remove Worm.Win32.Koobface before it damages a system.

Worm.Win32.Koobface has security threat shows in the following aspects

  1. Worm.Win32.Koobface often infect computer without your permission at the background.
  2. Worm.Win32.Koobface allow hacker remotely access to the computer.
  3. Worm.Win32.Koobface can spread via network if the infected drive is shared at the network.
  4. Your antivirus software (Ikarus) may alert you to get rid of this infection Worm.Win32.Koobface.

Worm.Win32.Koobface Step-by-Step Manual Removal Instructions

1)  The associated processes of Worm.Win32.Koobface to be stoped are listed below:

   hjky159.exe

2)  The associated files of  Worm.Win32.Koobface to be deleted are listed below:

   %AppData%\10112010146107114.xxe
   %AppData%\101120101465051101.xxe
   %Temp%\5.tmp, %Temp%\9.tmp
   %Temp%\ffe.bat
   %Temp%\zpskon_1297805342.exe
   %Windir%\5456456z, %Windir%\bt7.dat
   %Windir%\hjky159.exe, %System%\drivers\ffe.sys
   %System%\ffe.dll, %Windir%\Temp\6.tmp
   %Windir%\Temp\A.tmp

3)  The registry entries of Worm.Win32.Koobface that need to be removed are listed as follows (Take Note: Back up the Windows registry before editing it, so that you can quickly restore it later if something goes wrong.):

   HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer

   HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender

   HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_1E11EB60

   HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_1E11EB60\0000

   HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_1E11EB60\0000\Control

   HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_FFE

   HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_FFE\0000

   HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_FFE\0000\Control

   HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_FFFE

   HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_FFFE\0000

   HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_FFFE\0000\Control

   HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ffe

   HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ffe\Security

   HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ffe\Enum

   HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\fffe

   HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\fffe\parameters

   HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\fffe\Security

   HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\fffe\Enum

   HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_1E11EB60

   HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_1E11EB60\0000

   HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_1E11EB60\0000\Control

   HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_FFE

   HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_FFE\0000

   HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_FFE\0000\Control

   HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_FFFE

   HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_FFFE\0000

   HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_FFFE\0000\Control

   HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ffe

   HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ffe\Security

   HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ffe\Enum

   HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\fffe

   HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\fffe\parameters

   HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\fffe\Security

   HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\fffe\Enum

   HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\featurecontrol

   HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\featurecontrol\FEATURE_BROWSER_EMULATION

   HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\international


Bookmark and Share
VN:F [1.9.18_1163]
Rating: 0.0/10 (0 votes cast)

Tee Support

Services | Review

Tee Support is an award-winning online tech service 24/7. Tee Support experts provide sophisticated manual solutions:

  • terminate latest, stubborn virus/spyware that an antivirus program can not!
  • specific solution for your specific system: Safe, Effective, Complete.
  • many more services covering various PC problems to meet your requirements.

A good spyware remover can safeguard your computer at real-time automatically. So, pick up one of your favorite to protect your system easily.

However, professional online technical support is highly recommended if you want a more specific, accurate and effective solution toward your specific issue in your specific computer system.

Malwarebytes Anti-Malware

Download | Review

Malwarebytes is one of the most popular and widely used anti-virus and malware-removal software applications for both home and corporate computer users alike.

Spyware Doctor

Download | Review

Award-winning Spyware Doctor with AntiVirus software protects your PC against privacy and tracking threats. Spyware Doctor with AntiVirus detects, removes and secures your PC from potential spyware, viruses, worms and tracking threats.

SpyHunter

Download | Review

SpyHunter is a powerful, real-time anti-spyware application designed to assist computer users in protecting their PC from trojans, rootkits and others.