Remove koobface virus infection from Computer

Home » Virus Removal » Remove koobface virus infection from Computer
Virus Removal No Comments

Remove koobface virus infection from Computer

Remove koobface virus infection from Computer. Koobface is Network worm that attacks Microsoft Windows, Mac OS X, and Linux platforms. This worm originally targeted users of the networking websites like Facebook, Skype, Yahoo Messenger, and email websites such as GMail, Yahoo Mail, and AOL Mail. It also targets other networking websites, such as MySpace, Twitter and it can infect other devices on the same local network. This infection allows an attacker to access users’ personal information such as banking information, passwords, or personal identity (IP address). It is considered a security risk and should be removed from the network.

Koobface propagates itself by putting links on the social network profile of a user whose machine is infected. When social connections or friends of this user click on the infected links, they may become infected themselves. It is most often spread through a tantalizing message or post that contains a video. When the video is clicked, the victim is taken to a forged Web page that states the video cannot be watched because an update for Adobe Flash Player is needed. It then conveniently offers a link to download and install the update. When that link is clicked, it installs the Koobface worm on the unsuspecting user’s computer.

 

Effects of koobface:

The Koobface worm is classified as a bot. Computers infected with bots can connect to command and control servers. A cluster of bots attached to a C&C server is known as a botnet. Once the infected computer is under the control of a C&C server, the cybercriminal has complete control of the infected system and all its data. Since a bot runs as a background process without the user knowing, virtually anything is possible from that point on. For this reason computers infected with bots like Koobface are also referred to as zombie hosts. The user of a zombie host can be monitored for bank account numbers, credit card numbers, passwords and more, and further forms of malicious software can be downloaded and installed on the infected computer.

A manual removal of Koobface is not recommended, and may cause unintended consequences. You’ll need to remove registry entries, stop background processes and unregister DLL files and even then you may just find that Koobface has reinstalled itself at your computer’s next startup. However, you can try the below troubleshooting steps in order to remove the koobface from the computer.

Resolution Steps:

  1. Run the full system using scan using any of the malware removal tools.

Malwarebytes: https://data-cdn.mbamupdates.com/web/mbam-setup-2.2.0.1024.exe

SUPERAntiSpyware: http://cdn.superantispyware.com/SUPERAntiSpyware.exe

HitmanPro: http://www.surfright.nl/en/hitmanpro

TDS Killer: http://media.kaspersky.com/utilities/VirusUtilities/EN/tdsskiller.exe

2. Once the scan is completed, reboot the computer, check for any unwanted application and remove them.

3. Perform cleanboot of the computer.

4. Use the below ADWCleaner to remove the unwanted ads, cookies and unwanted Trojans from the browsers. You can download it from the below link.

ADWCleaner: http://www.bleepingcomputer.com/download/adwcleaner/dl/125/

5. Update the anti-virus application installed in the computer to install all its latest updates.

If the issue with the koobface is not fixed, you may have to proceed with the Repair/Re-installation of the Operating System.

LEAVE A COMMENT