Is your computer infected with Worm.Win32.Koobface? This step-by-step guide can help you safely and quickly remove Worm.Win32.Koobface. If you have any problem during the removal process, please contact Tee Support agents 24/7 online for more detailed instructions.

Worm.Win32.Koobface Description

Worm.Win32.Koobface is determined by Tee Support Labs as code with the rootkit-specific techniques designed to hide the software presence in the system. Worm.Win32.Koobface will download files to the computer without permission which will cause security danger. Worm.Win32.Koobface can even allow hacker has remote access to the infected computer. Remove Worm.Win32.Koobface before it damages a system.

Worm.Win32.Koobface has security threat shows in the following aspects

  1. Worm.Win32.Koobface often infect computer without your permission at the background.
  2. Worm.Win32.Koobface allow hacker remotely access to the computer.
  3. Worm.Win32.Koobface can spread via network if the infected drive is shared at the network.
  4. Your antivirus software (Ikarus) may alert you to get rid of this infection Worm.Win32.Koobface.

Worm.Win32.Koobface Step-by-Step Manual Removal Instructions

1)  The associated processes of Worm.Win32.Koobface to be stoped are listed below:

   hjky159.exe

2)  The associated files of  Worm.Win32.Koobface to be deleted are listed below:

   %AppData%\10112010146107114.xxe
   %AppData%\101120101465051101.xxe
   %Temp%\5.tmp, %Temp%\9.tmp
   %Temp%\ffe.bat
   %Temp%\zpskon_1297805342.exe
   %Windir%\5456456z, %Windir%\bt7.dat
   %Windir%\hjky159.exe, %System%\drivers\ffe.sys
   %System%\ffe.dll, %Windir%\Temp\6.tmp
   %Windir%\Temp\A.tmp

3)  The registry entries of Worm.Win32.Koobface that need to be removed are listed as follows (Take Note: Back up the Windows registry before editing it, so that you can quickly restore it later if something goes wrong.):

   HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer

   HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender

   HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_1E11EB60

   HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_1E11EB60\0000

   HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_1E11EB60\0000\Control

   HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_FFE

   HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_FFE\0000

   HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_FFE\0000\Control

   HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_FFFE

   HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_FFFE\0000

   HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_FFFE\0000\Control

   HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ffe

   HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ffe\Security

   HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ffe\Enum

   HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\fffe

   HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\fffe\parameters

   HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\fffe\Security

   HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\fffe\Enum

   HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_1E11EB60

   HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_1E11EB60\0000

   HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_1E11EB60\0000\Control

   HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_FFE

   HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_FFE\0000

   HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_FFE\0000\Control

   HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_FFFE

   HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_FFFE\0000

   HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_FFFE\0000\Control

   HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ffe

   HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ffe\Security

   HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ffe\Enum

   HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\fffe

   HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\fffe\parameters

   HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\fffe\Security

   HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\fffe\Enum

   HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\featurecontrol

   HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\featurecontrol\FEATURE_BROWSER_EMULATION

   HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\international


VN:F [1.9.18_1163]
Rating: 0.0/10 (0 votes cast)

Get a Safer, Cleaner & Faster PC!

A good spyware remover can safeguard your computer at real-time automatically.

  • Terminate latest, stubborn virus/spyware
  • Safe, effective and complete
  • Fix various PC problems

So, pick one of your favorite to protect your system easily.


Malwarebytes Anti-Malware

Download | Review

Malwarebytes is one of the most popular and widely used anti-virus and malware-removal software applications for both home and corporate computer users alike.

SpyHunter

Download | Review

SpyHunter is a powerful, real-time anti-spyware application designed to assist computer users in protecting their PC from trojans, rootkits and others.