Facebook Virus Removal – Koobface Worm

There are 2 ways you can choose to remove the Facebook virus, the first is automatically using anti-virus software which I would recommend and the second is by manually removing the files and processes.

Automatic virus removal (recommended)

If you haven’t already got antivirus firewall software installed on your computer then go to http://www.malwarebytes.org/mbam.php and download malwarebytes. After the software has downloaded you then need to install it and perform a full virus scan on your computer and then once the scan is completed it should give you a list of all infected files, which you should then remove from your system (malwarebytes will do this for you). Perform another full scan of your system after to ensure all infected files have been removed.

If this doesn’t work then you can try the manual removal, but make sure to be extremely careful when you enter the registry and only remove the files listed below as if you change or delete the wrong file/s it can completely ruin your system.

Manual virus removal

To start off remove the following processes from task manager (ctrl + alt + delete):

-          fbtre6.exe

-          mstre6.exe

You must then access the registry, the easiest way to find your way there is to search your computer for “regedit” and then open the file. The files you will have to delete from the registry are:

-          HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Current Version\Run\”systray” = “C:\Windows\mstre6.exe”

-          HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Current Version\Run\”systray” = “C:\Windows\fbtre6.exe”

-          HKEY_CURRENT_USER\AppEvents\Schemes\Apps\Explorer\Navigating

Finally, after you have removed the registry files delete the following files from your system and you are finished:

-          C:\\Windows\\fbtre6.exe

-          C:\\Windows\\fmark2.dat

Leave a Reply




You can use these HTML tags

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>