Protect Your Identity from Koobface Attack

Koobface is not just a pun on Facebook. It is a deadly virus that is affecting not only Facebook, but creating havoc also on MySpace, Twitter, Bebo, and other social networking websites. The process of infection is quite simple. You get a link from your friend claiming some sensational material asking you to click on that— generally it is some youtube.pl or ru link. Afterward, you are asked to install a newer version of flash, which is not what it claims to be. That is a virus. The latest variant of this virus claims to show you “Barack Obama Hillary Clinton – Sex Scandal”.



obama-clinton-facebook-scandal
Technically, it is not a virus. It is a worm that is used to steal your personal information, primarily your credit card. Safeguarding yourself against this should be your top identity protection strategy.

Variants of Koobface worm

 

There are several variants of Koobface virus. The identified ones are:
Variants Attacks
Net-Worm.Win32.Koobface.a MySpace
Net-Worm.Win32.Koobface.b Facebook
WORM_KOOBFACE.DC Twitter
W32/Koobfa-Gen Facebook, MySpace, hi5, Bebo, Friendster, myYearbook, Tagged, Netlog, Badoo, and fubar
Don’t Panic!
If you have clicked any such link, as there is a way to fix this. Just follow the steps written below and you will remain safe.

Koobface manual removal

 

Step 1: Press Ctrl + Alt + Del to open task manager and kill the following processes:
fbtre6.exe
mstre6.exe
Step 2: Delete the following registry values:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Current Version\Run\”systray” = “c:\windows\mstre6.exe”
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Current Version\Run\”systray” = “C:\Windows\fbtre6.exe”
HKEY_CURRENT_USER\AppEvents\Schemes\Apps\Explorer\Navigating
Step 3: Delete the following files
freddy79 fbtre6.exe fmark2.dat ld08.exe Ld12.exe
That’s it. You are safe. You can also search Google for “Koobface removal” to find automatic removal tool. You can also use Microsoft’s Malicious Software Removal Tool to remove Koobface.

Windows operating system is the only OS affected by this virus.

Leave a Reply