Your computer is infected with malicious software? Do you have pop-ups on your PC?
If so, search this blog for removal instructions or browse computer threats by category.

Thursday, January 7, 2010

What is Koobface and how to get rid of it?

Tell your friends:
Koobface is a computer worm that spreads via social networks site such as Facebook, Bebo or MySpace. The latest variant of this worm targets mostly Facebook likely because this site has more than 400 million members and the number grows each day. Koobface uses various misleading methods to fool people into installing it. Very often cyber criminals use fake video or greeting cards websites. The worm comes as a flash player update or a free greeting card. Once downloaded, it makes a copy of itself in %WINDOWS% (usually C:\Windows) directory. Koobface creates a file called freddy[RANDOM MUNBER].exe. For example:
  • freddy35.exe 
  • freddy36.exe
  • .....
  • freddy40.exe
  • freddy34.exe
  • .....
  • freddy79.exe
  • and so on.
As you can see the main process may be different in each compromised computer. Then Koobface worm connects to particular domains and downloads even more malware onto your PC. Finally, it starts sending malicious messages from your Facebook account. More information about this virus: detailed Koobface description and removal instructions.


Chappy said...

I have a varient of Koobface.Gen!A .In the beginnig ,on a desktop,there was Trojan Vundo type malware on it . Desk top has been recycled for parts .A new virus free ,laptop ,is the infected computer now .WIFI ,and,or ethernet DSL modem infected the laptop . Worm is very good at hiding from scans . Worm is in 'complete control' of computer .Will not allow me to print,run dvds' that may harm it. Laptop has had three hidden partition recoveries . Worm waiting to take over as recovery is over .Worm manipulates anti spyware , fire walls anti malware ,etc,etc . Any forum I join ,the bug,will not allow a log on . :( "Poorme"