Koobface Virus Removal (May 2019 Update)

Parasite may reinstall itself multiple times if you don't delete its core files. We recommend downloading SpyHunter to scan for malicious programs installed with it. This may save you hours and cut down your time to about 15 minutes. 

Download SpyHunter Anti-Malware

More information on SpyHunter, steps to uninstallEULAThreat Assessment Criteria, and Privacy Policy.

How irritating is this problem? (2 votes, average: 5.00)

This page aims to help you remove Koobface Virus. Our removal instructions work for every version of Windows.

If you are seeking information regarding a malicious software program called Koobface Virus ot if you simply want to learn more about the infamous Trojan Horse malware category, you have come to the right place. In this article, you will be presented with information regarding this nasty category of dangerous programs and you will also learn how you can deal with the noxious Koobface Virus infection – a detailed removal guide has been provided own below for those of you who might need help with the elimination of the dangerous threat. Just don’t forget to read the actual article as the information that it holds is essential and highly important when it comes to making sure that infections like Koobface do not get anywhere near your PC ever again. Keep in mind that this particular virus class is one of the most dangerous and hackers that use Trojan Horses are typically able to gain remote access to your PC and control it without your knowledge meaning that the possible uses of a Trojan infection are many and oftentimes it’s cannot be said for certain what such a virus might be trying to accomplish whilst inside your PC. One thing’s for certain, though – whatever the malware’s specific purpose in your case might be, it definitely going to be something that’s at the very least illegal and unwanted.

The hidden threat

Trojans like Koobface are known for their ability to remain under the radar during the time they are on a targeted machine. There might be certain possible symptoms but most of the time there won’t be anything that could give away the infection. Potential red flags such as increased use of RAM and CPU as well as random unknown errors and sudden crashes to the dreaded Blue Screen might help you realize that there’s something potentially harmful happening with your PC yet, as we said above, you can’t rely on such infection indicators as in many cases none of those would be present during a Trojan Horse attack. Because of this, it is crucial that you have some sort of security software on your PC – an antivirus program that can help you spot potential threats and stop them before they have gotten the chance to cause any harm to your system. However, even if you are using a very high-quality antivirus, it might still fail at times and get bypassed by a certain virus, especially if it is a newer one. Koobface, for example is one if the latest Trojan Horse versions and many security tools might be unable to detect it. With this in mind, it is very important that you understand just how important it is that you make sure to always be vigilant and careful when browsing the Internet.

Koobface Virus Removal



Some of the steps will likely require you to exit the page. Bookmark it for later reference.

Reboot in Safe Mode (use this guide if you don’t know how to do it).



We get asked this a lot, so we are putting it here: Removing parasite manually may take hours and damage your system in the process. We recommend downloading SpyHunter to see if it can detect parasite files for you.

Press CTRL + SHIFT + ESC at the same time and go to the Processes Tab. Try to determine which processes are dangerous. 


Right click on each of them and select Open File Location. Then scan the files with our free online virus scanner:

Drag and Drop Files Here to Scan
Maximum file size: 128MB.

This scanner is free and will always remain free for our website's users. You can find its full-page version at:

Scan Results

Virus Scanner Result

After you open their folder, end the processes that are infected, then delete their folders. 

Note: If you are sure something is part of the infection – delete it, even if the scanner doesn’t flag it. No anti-virus program can detect all infections. 


Hold together the Start Key and R. Type appwiz.cpl –> OK.


You are now in the Control Panel. Look for suspicious entries. Uninstall it/them. If you see a screen like this when you click Uninstall, choose NO:



Type msconfig in the search field and hit enter. A window will pop-up:


Startup —> Uncheck entries that have “Unknown” as Manufacturer or otherwise look suspicious.

  • Remember this step – if you have reason to believe a bigger threat (like ransomware) is on your PC, check everything here.

Hold the Start Key and R –  copy + paste the following and click OK:

notepad %windir%/system32/Drivers/etc/hosts

A new file will open. If you are hacked, there will be a bunch of other IPs connected to you at the bottom. Look at the image below:

hosts_opt (1)

If there are suspicious IPs below “Localhost” – write to us in the comments.


To remove parasite on your own, you may have to meddle with system files and registries. If you were to do this, you need to be extremely careful, because you may damage your system.

If you want to avoid the risk, we recommend downloading SpyHunter
a professional malware removal tool.

More information on SpyHunter, steps to uninstallEULAThreat Assessment Criteria, and Privacy Policy.

Type Regedit in the windows search field and press Enter.

Once inside, press CTRL and F together and type the virus’s Name. Right click and delete any entries you find with a similar name. If they don’t show up this way, go manually to these directories and delete/uninstall them:

  • HKEY_CURRENT_USER—-Software—–Random Directory. It could be any one of them – ask us if you can’t discern which ones are malicious.
    HKEY_CURRENT_USER—-Software—Microsoft—-Windows—CurrentVersion—Run– Random
    HKEY_CURRENT_USER—-Software—Microsoft—Internet Explorer—-Main—- Random

If the guide doesn’t help, download the anti-virus program we recommended or try our free online virus scanner. Also, you can always ask us in the comments for help!

Trojans typically need some kind of user interaction to gain access to their victim’s machine. For instance, if the virus is getting distributed through spam e-mail attachments, the user would need to open the attachment so that the malware could infect the computer. Other possible ways of spreading such infections are pirated software downloads, fake update prompts and online requests, shady web offers, infected torrents, compromised program installers, etc. The common thing between all the aforementioned sources of Trojans is that, as we already said, the user is supposed to interact with them in some way – if such interaction doesn’t take place, most viruses would not be able to infect the user’s computer. Understanding and remembering this is crucial as it means that you, yourself, are your machine’s best protection – if you make sure that you avoid suspicious and questionable online content, the chances of getting your computer infected would get significantly lowered.

Trojan Horse dangers

We really can’t list all the possible things a Trojan such as Koobface can do to your PC and to your virtual identity here. Just know that those viruses are extremely versatile – they can cause damage to your system, corrupt important data and access sensitive information (personal or work-related). Other more specialized ways of using a Trojan are when the malware infects your machine with some other virus (a Ransomware, for example) or when it causes your computer to mine bitcoins for the hacker, send spam messages to other users in order to expand the malware’s botnet or execute DDoS attacks. There are many more possibilities – what was mentioned above was barely scratching the surface of all the potential kinds of harm that such a malware can cause. Obviously, you wouldn’t want to have to deal with such an infection ever again which is why it’s of utmost importance that you take heed of our advice and avoid anything that can be a potential source of such viruses. Now, if you need help against Koobface, go to our guide and follow the steps in it to eliminate the malware. Within the guide, there’s also a suggested anti-malware tool that can assist you in the elimination of Koobface so if you feel like you need the extra help, give it a try.


Name Koobface
Type Trojan
Danger Level  High (Trojans are often used as a backdoor for Ransomware)
Symptoms  Most Trojan hide themselves well and show no particular symptoms.
Distribution Method Malicious spam messages, various forms of malvertising, pirated downloadable content, etc.
Detection Tool

Keep in mind, SpyHunter’s malware detection tool is free. To remove the infection, you’ll need to purchase the full version.
More information about SpyHunter and steps to uninstall.

Leave a Comment