Exterminate It! Antimalware

malpedia

Known threats:700,085 Last Update:March 01, 12:55

Testimonials

Just a quick word to say thanks. After trying unsuccessfully to remove some stubborn trojans with various other tools, Exterminate It has done the trick!

Nice work!

Nicola

KoobFace- Registry Keys List

This is a complete list of KoobFace registry keys collected by Exterminate It!. If you find any of these registry keys on your PC, your computer is very likely to be infected with the KoobFace - trojan.

IMPORTANT: Because the registry is a core component of your Windows system, it is strongly recommended that you back up the registry before you begin deleting keys and values. For information about backing up the Windows registry, refer to the Registry Editor online help.
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SED
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\hrm
  • HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\fio32
  • HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\fioo32
  • HKEY_LOCAL_MACHINE\System\CurrentControlSet\Enum\Root\LEGACY_FIO32
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_HRM
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_PPDRV
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\afwoko
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\dpti3o
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ppdrv
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\o6ko
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ipokoraid
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\hhrm
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_HHRM
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\mmas
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_MMAS
  • HKEY_LOCAL_MACHINE\System\CurrentControlSet\Enum\Root\LEGACY_FIOO32
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srvoko6
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\elantos
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\aladdins
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\haspntt
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ALADDINS
  • HKEY_LOCAL_MACHINE\software\classes\y537.y537mgr
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\cpqoko6
  • HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{e7f15ac4-e0a9-43f0-921b-70dfea621220}
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ZUP
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\apto6ko
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\captcha
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\swoko
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PDRV
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_PDRV
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\zup
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\zzup
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ZZUP
  • HKEY_LOCAL_MACHINE\system\currentcontrolset\services\websrvx
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\afcunt
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AFWOKO
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_DPTI3O
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vdr
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vvdr
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_VDR
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_FLTOKOMGR
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\npi
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\npii
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NPI
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NPII
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wad
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\fioo64
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\i600oko
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\cow
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\mmen
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_COW
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_CCOW
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sproeval
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_IPOKORAID
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\dmoko
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ppoi
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\poi
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_POI
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\tgi
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_TGI
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ttgi
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\tar
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NDRV
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_I600OKO
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_DAC6OKO
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\hhny
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\hny
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_OKO6
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\okosrv
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\oko6
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\oko6
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_FIOO64
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SPROEVAL
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\rianbow
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SWOKO
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\men
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ClausDisk
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ClopSrv
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Ftdisoko
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_FTDISOKO
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_QL600OKO
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_DMOKO
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_HASPNTT
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_PPOI
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_OBI
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_DOBI
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sswe
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SWE
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ql600oko
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_TTGI
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SSH
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sshi
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ssed
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ttar
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\flexsrv
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\hasplic
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_OKOSRV
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\zdll
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ZDL
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_HASPLIC
  • HKEY_LOCAL_MACHINE\software\classes\clsid\{e7f15ac4-e0a9-43f0-921b-70dfea621220}
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ccow
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_RIANBOW
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\dobi
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\w83c600
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vmx64o
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_VMX64O
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_UDH
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_UUDH
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wwad
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\OBI
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\nndrv
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_W83C600
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_FLEXSRV
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SUF
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ssuf
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SSUF
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AFCUNT
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\httpo
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_HTTPO
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ELANTOS
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\dac6oko
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\birokod