Hello: My son got the koobface "browser object holder" from Face book on my computer. I have tried my spyware to get rid of it. No luck. I need to update my spyware to help this but this thing will not let it update. It takes my browser where it wants to, Searching for a fix does not work because of it controlling my search engine? Any help thank you Chris

Try downloading the free version of revo-uninstaller.

good luck

I tried revo-uninstaller and only worked slightly better than the Add/Remove thing. I did find a few other uninstallers at download.com and I will be checking them out soon

Try a Linux live CD that includes an anti-virus program. Here is an article that explains more: http://news.cnet.com/8301-13554_3-9988099-33.html

Here is a list from a couple of years ago of free rescue CDs (most are Linux live CDs): http://www.raymond.cc/blog/archives/2008/12/11/13-antivirus-rescue-cds-software-compared-in-search-for-the-best-rescue-disk/

Thank you all for your imput. I have tried several spyware programs, the catch is that they need to access there site, to update, to run. This freaking thing will not let them access there site.

Just curious, when you add a program doesn't the computer use a hotkey?

if so, perhaps by deleting that would work.

Thanks Husker: Hot key? Would you mind explaining. I would try if I knew how. Thank you Chrisl

they are in your registry files. regedit.

Thank you all for your imput. I have tried several spyware programs, the catch is that they need to access there site, to update, to run. This freaking thing will not let them access there site.If you can download and burn a live CD, you can get the upper hand on the spyware. You will not be bothered by the spyware while you have the live CD booted, because you are not booting the OS on your hard drive. If the live CD's anti-virus program needs to update its virus list, your infected hard drive will have no influence on the update.

You will even be able to freely surf the web, without worry of further infecting your computer.

You might try using a different browser to get to some security sites and try some online scans. Years ago I picked up some kind of a virus that got passed my virus protection software. I tried to go to Trend Micro to use their online scanner but I kept getting a pop up that said I was already running it when I knew that I wasn't. I switched from Internet Explorer to a browser that I had installed called "Slim Browser". I went back to Trend Micro and their scan ran perfectly and it cleared up the problem. Don't remember what the virus was.

Dslreports has a good security forum that can take you through a clean up proceedure. Link below.

DslReports (http://www.dslreports.com/forum/cleanup)

If you want to download hijack this and post the log i can try to look at it for you

here is what I found online for manual removal -- sometimes thats easier to get things up and running enough to get back online:

http://www.2-spyware.com/remove-koobface.html

If you cant get to that site to see the help, you can use Task Manager to kill processes, type regedit into your start menu to bring up your registry editor. As always you have to be careful editing the registry.

Koobface manual removal:
Kill processes:
freddy79 fbtre6.exe mstre6.exe ld08.exe Ld12.exe


Delete registry values:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr ent Version\Run\"systray" = "c:\windows\mstre6.exe"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr ent Version\Run\"systray" = "C:\Windows\fbtre6.exe"
HKEY_CURRENT_USER\AppEvents\Schemes\Apps\Explorer\ Navigating


Delete files:
freddy79 fbtre6.exe fmark2.dat ld08.exe Ld12.exe

Thanks Chickenhead, I will try.Chris

no word from Chris. I hope a bad registry delete hasn't caused some major malfunction.

Why not just 'Restore', from disc, if you have one?