cenkut.com » koobface virüsü http://www.cenkut.com virus - worm - trojan - spyware - mallware - antivirus LAB Thu, 20 May 2010 17:01:56 +0000 http://wordpress.org/?v=2.9.2 en hourly 1 KoobFace Virüsü Temizlemek http://www.cenkut.com/koobface-virusu-temizlemek/ http://www.cenkut.com/koobface-virusu-temizlemek/#comments Sat, 15 Aug 2009 20:09:05 +0000 admin http://www.cenkut.com/?p=370

Koobface virüsü adından anlaşılabileceği gibi Facebook benzer ismiyle sahtekarlığa yol açan bir virüstür.Sadece facebook amaçlı olmayıp bilgisayarınıza yüklediğinde trojan özelliğiyle kontrol sahibine vermektedir.Bu virüs shareware veya freeware yazılımlar veya P2P yazılımlarıyla veya sahte sayfalardan bulaşmaktadır.

Aşağıda Koobface virüsünün oluşturduğu dosyaları silin :

[%WINDOWS%]\t55ft3105f44.dat
[%WINDOWS%]\t55ft3165f44.dat
[%WINDOWS%]\freddy43.exe
[%WINDOWS%]\t55ft3192f44.dat
[%WINDOWS%]\mstre19.exe
[%WINDOWS%]\t55ft3601f44.dat
[%WINDOWS%]\010112010146118114.dat
[%WINDOWS%]\0101120101465452.dat
[%WINDOWS%]\0101120101465749.dat
[%WINDOWS%]\0101120101464849.dat
[%WINDOWS%]\0101120101465552.dat
[%WINDOWS%]\ld08.exe
[%WINDOWS%]\pp06.exe
[%WINDOWS%]\pp07.exe
[%WINDOWS%]\0101120101464849.fx
[%PROFILE_TEMP%]\vcru_1247795886.exe
[%PROFILE_TEMP%]\srazo_1250168927.exe
[%PROFILE_TEMP%]\srazo_1250187393.exe
[%WINDOWS%]\0101120101464949.fx
[%PROFILE_TEMP%]\srazo_1250198444.exe
[%PROFILE_TEMP%]\srazo_1250190616.exe
[%PROFILE_TEMP%]\srazo_1250197084.exe
[%PROFILE_TEMP%]\srazo_1250090197.exe
[%PROFILE_TEMP%]\srazo_1250102323.exe
[%WINDOWS%]\st_1242070417.exe
[%WINDOWS%]\st_1242076717.exe
[%WINDOWS%]\st_1242088847.exe
[%WINDOWS%]\nl.exe
[%WINDOWS%]\dk39fi4fe.dat
[%WINDOWS%]\zaponce52597.dat
[%WINDOWS%]\zaponce52689.dat
[%WINDOWS%]\ld09.exe
[%WINDOWS%]\0101120101465752.dat
[%WINDOWS%]\0101120101464850.fx
[%WINDOWS%]\0101120101465553.fx
[%PROFILE_TEMP%]\srazo_1250135222.exe
[%WINDOWS%]\freddy56.exe
[%WINDOWS%]\freddy55.exe
[%WINDOWS%]\0101120101465353.dat
[%WINDOWS%]\freddy53.exe
[%WINDOWS%]\0101120101465453.dat
[%WINDOWS%]\0101120101465153.dat
[%WINDOWS%]\t55ft2772f44.dat
[%WINDOWS%]\t55ft2829f44.dat
[%WINDOWS%]\t55ft2692f44.dat
[%WINDOWS%]\t55ft3223f44.dat
[%WINDOWS%]\t55ft2784f44.dat
[%WINDOWS%]\t55ft2792f44.dat
[%WINDOWS%]\t55ft2803f44.dat
[%WINDOWS%]\t55ft3242f44.dat
[%WINDOWS%]\t55ft3546f44.dat
[%WINDOWS%]\freddy39.exe
[%WINDOWS%]\freddy40.exe
[%WINDOWS%]\t55ft3189f44.dat
[%WINDOWS%]\freddy46.exe
[%WINDOWS%]\zaponce53198.dat
[%WINDOWS%]\zaponce53290.dat
[%WINDOWS%]\zaponce53222.dat
[%WINDOWS%]\sonce123198.dat
[%WINDOWS%]\ro122366.dat
[%WINDOWS%]\ro122390.dat
[%SYSTEM%]\mon32.dll
[%WINDOWS%]\ro122715.dat
[%WINDOWS%]\ro122739.dat
[%WINDOWS%]\sonce123173.dat
[%WINDOWS%]\freddy48.exe
[%WINDOWS%]\freddy49.exe
[%WINDOWS%]\ld02.exe
[%WINDOWS%]\pp04.exe
[%WINDOWS%]\freddy50.exe
[%WINDOWS%]\010112010146120114.dat
[%WINDOWS%]\freddy57.exe
[%WINDOWS%]\ld06.exe
[%WINDOWS%]\pp05.exe
[%WINDOWS%]\st_1241664655.exe
[%WINDOWS%]\st_1242148703.exe
[%WINDOWS%]\t55ft2667f44.dat
[%WINDOWS%]\t55ft3097f44.dat
[%WINDOWS%]\Pp.exe
[%WINDOWS%]\zaponce53173.dat
[%WINDOWS%]\sonce122714.dat
[%WINDOWS%]\sonce122739.dat
[%WINDOWS%]\010112010146118114.lso
[%WINDOWS%]\0101120101465452.lso
[%WINDOWS%]\sonce122715.dat

Koobface virüsünün kayıt defterinde oluşturduğu kayıtları silmek :

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, sysfbtray=[%WINDOWS%]\freddy58.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, pp=[%WINDOWS%]\pp11.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, sysmstray=[%WINDOWS%]\mstre21.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, pp=[%WINDOWS%]\pp10.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, sysfbtray=[%WINDOWS%]\freddy57.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, sysmstray=[%WINDOWS%]\mstre19.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, sysmstray=[%WINDOWS%]\mstre20.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, pp=[%WINDOWS%]\pp06.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, sysfbtray=[%WINDOWS%]\freddy55.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, sysberay2=[%WINDOWS%]\romeo15.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, sysfbtray=[%WINDOWS%]\freddy54.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, sysfbtray=[%WINDOWS%]\freddy53.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, sysfbtray=[%WINDOWS%]\freddy42.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, sysmstray=[%WINDOWS%]\mstre18.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, sysfbtray=[%WINDOWS%]\freddy50.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, sysfbtray=[%WINDOWS%]\freddy46.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, sysfbtray=[%WINDOWS%]\freddy49.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, sysmstray=[%WINDOWS%]\mstre15.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, sysfbtray=[%WINDOWS%]\freddy48.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, systgray2=[%WINDOWS%]\tag07.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, sysberay2=[%WINDOWS%]\romeo14.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, sysfbtray=[%WINDOWS%]\freddy47.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, sysfbtray=[%WINDOWS%]\freddy45.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, sysberay2=[%WINDOWS%]\romeo12.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, systgray2=C:\windows\tag12.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, pp=[%WINDOWS%]\pp04.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, systgray2=[%WINDOWS%]\tag12.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, sysfbtray=[%WINDOWS%]\freddy44.exe

]]> http://www.cenkut.com/koobface-virusu-temizlemek/feed/ 0 {\rtf1}