Havij Virüsü Temizlemek Registry

Virüsler cenkut 480

Havij Virüsü

İran menşeili havij virüsü Program Files ve Common Programs klasörlerine kendini yüklemektedir. Temizlemek için aşağıdaki adımları izleyiniz.

 

%ProgramFiles%\Havij\
%CommonPrograms%\Havij\

Yukarıdaki Klasörlerinin içini ve klasörleri siliniz.

Aşağıdaki Windows System klasöründeki Siliniz.

%System%\MSCOMCTL.OCX
%System%\RICHTX32.OCX

Kayıt Defteri Havij virüsünün oluşturduğu kayıtları siliniz;

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B617B991-A767-4F05-99BA-AC6FCABB102E}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B617B991-A767-4F05-99BA-AC6FCABB102E}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Havij_is1

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B617B991-A767-4F05-99BA-AC6FCABB102E}\InprocServer32]
(Default) = “%System%\RICHTX32.ocx”
ThreadingModel = “Apartment”
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B617B991-A767-4F05-99BA-AC6FCABB102E}]
(Default) = “Microsoft Rich Textbox Control 6.0 (SP4)”
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Havij_is1]
Inno Setup: Setup Version = “5.3.9 (a)”
Inno Setup: App Path = “%ProgramFiles%\Havij”

InstallLocation = “%ProgramFiles%\Havij\”
Inno Setup: Icon Group = “Havij”
Inno Setup: User = “%UserName%”
Inno Setup: Selected Tasks = “”
Inno Setup: Deselected Tasks = “desktopicon”
Inno Setup: Language = “english”
DisplayName = “Havij 1.10”
UninstallString = “”%ProgramFiles%\Havij\unins000.exe””
QuietUninstallString = “”%ProgramFiles%\Havij\unins000.exe” /SILENT”
Publisher = “ITSecTeam”

URLInfoAbout = “http://ITSecTeam.com”
HelpLink = “http://ITSecTeam.com”
URLUpdateInfo = “http://ITSecTeam.com”
NoModify = 0x00000001
NoRepair = 0x00000001
InstallDate = “20150917”
[HKEY_CURRENT_USER\Software\Classes\CLSID\{0000002F-0000-0000-C000-000000000046}\InprocServer32]
(Default) = “oleaut32.dll”
[HKEY_CURRENT_USER\Software\Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32]
(Default) = “oleaut32.dll”
[HKEY_CURRENT_USER\Software\Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32]
(Default) = “oleaut32.dll”

[HKEY_CURRENT_USER\Software\Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32]
(Default) = “oleaut32.dll”
[HKEY_CURRENT_USER\Software\Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32]
(Default) = “oleaut32.dll”
[HKEY_CURRENT_USER\Software\Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32]
(Default) = “oleaut32.dll”
[HKEY_CURRENT_USER\Software\Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32]
(Default) = “oleaut32.dll”
[HKEY_CURRENT_USER\Software\Classes\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\InprocServer32]
(Default) = “oleaut32.dll”
[HKEY_CURRENT_USER\Software\Classes\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\InprocServer32]
(Default) = “oleaut32.dll”
[HKEY_CURRENT_USER\Software\Classes\CLSID\{46763EE0-CAB2-11CE-8C20-00AA0051E5D4}\InprocServer32]
(Default) = “oleaut32.dll”
[HKEY_CURRENT_USER\Software\Classes\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}\InprocServer32]
(Default) = “oleaut32.dll”

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{248DD897-BB45-11CF-9ABC-0080C7E7B78D}\InprocServer32]
InprocServer32 = “IW[F9`$@Q?NcrI3z%N[,>`NTP6lYuf(laaqF-Q9q.”
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3C4F3BE3-47EB-101B-A3C9-08002B2F49FB}\InprocServer32]
InprocServer32 = “IW[F9`$@Q?NcrI3z%N[,>-S}(z(Bof(0l9efGjyo1”
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3C4F3BE5-47EB-101B-A3C9-08002B2F49FB}\InprocServer32]
InprocServer32 = “IW[F9`$@Q?NcrI3z%N[,>-S}(z(Bof(0l9efGjyo1”
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3C4F3BE7-47EB-101B-A3C9-08002B2F49FB}\InprocServer32]
InprocServer32 = “IW[F9`$@Q?NcrI3z%N[,>-S}(z(Bof(0l9efGjyo1”
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7629CFA2-3FE5-101B-A3C9-08002B2F49FB}\InprocServer32]
InprocServer32 = “IW[F9`$@Q?NcrI3z%N[,>-S}(z(Bof(0l9efGjyo1”
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7629CFA4-3FE5-101B-A3C9-08002B2F49FB}\InprocServer32]
InprocServer32 = “IW[F9`$@Q?NcrI3z%N[,>-S}(z(Bof(0l9efGjyo1”

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1EFB6596-857C-11D1-B16A-00C0F0283628}]
(Default) =
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1EFB6596-857C-11D1-B16A-00C0F0283628}\InprocServer32]
(Default) =
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1EFB6596-857C-11D1-B16A-00C0F0283628}\ToolboxBitmap32]
(Default) =

Regedit Silinecek Kayıtlar

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{248DD896-BB45-11CF-9ABC-0080C7E7B78D}]
(Default) =
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{248DD896-BB45-11CF-9ABC-0080C7E7B78D}\InprocServer32]
(Default) =
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{248DD896-BB45-11CF-9ABC-0080C7E7B78D}\ToolboxBitmap32]
(Default) =
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{248DD897-BB45-11CF-9ABC-0080C7E7B78D}\InprocServer32]
(Default) =
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2C247F23-8591-11D1-B16A-00C0F0283628}]
(Default) =
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2C247F23-8591-11D1-B16A-00C0F0283628}\InprocServer32]
(Default) =
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2C247F23-8591-11D1-B16A-00C0F0283628}\ToolboxBitmap32]
(Default) =
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{35053A22-8589-11D1-B16A-00C0F0283628}]
(Default) =
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{35053A22-8589-11D1-B16A-00C0F0283628}\InprocServer32]
(Default) =
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{35053A22-8589-11D1-B16A-00C0F0283628}\ToolboxBitmap32]
(Default) =
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3B7C8860-D78F-101B-B9B5-04021C009402}]
(Default) =
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3B7C8860-D78F-101B-B9B5-04021C009402}\InprocServer32]
(Default) =
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3B7C8860-D78F-101B-B9B5-04021C009402}\ToolboxBitmap32]
(Default) =
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{66833FE6-8583-11D1-B16A-00C0F0283628}]
(Default) =
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{66833FE6-8583-11D1-B16A-00C0F0283628}\InprocServer32]
(Default) =
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{66833FE6-8583-11D1-B16A-00C0F0283628}\ToolboxBitmap32]
(Default) =
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{78E5A540-1850-11CF-9D53-00AA003C9CB6}\InprocServer32]
(Default) =
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8E3867A3-8586-11D1-B16A-00C0F0283628}]
(Default) =
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8E3867A3-8586-11D1-B16A-00C0F0283628}\InprocServer32]
(Default) =
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8E3867A3-8586-11D1-B16A-00C0F0283628}\ToolboxBitmap32]
(Default) =
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AFC634B0-4B8B-11CF-8989-00AA00688B10}\InprocServer32]
(Default) =
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BDD1F04B-858B-11D1-B16A-00C0F0283628}]
(Default) =
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BDD1F04B-858B-11D1-B16A-00C0F0283628}\InprocServer32]
(Default) =
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BDD1F04B-858B-11D1-B16A-00C0F0283628}\ToolboxBitmap32]
(Default) =
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C27CCE32-8596-11D1-B16A-00C0F0283628}\InprocServer32]
(Default) =
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C27CCE33-8596-11D1-B16A-00C0F0283628}\InprocServer32]
(Default) =
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C27CCE34-8596-11D1-B16A-00C0F0283628}\InprocServer32]
(Default) =
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C27CCE35-8596-11D1-B16A-00C0F0283628}\InprocServer32]
(Default) =
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C27CCE36-8596-11D1-B16A-00C0F0283628}\InprocServer32]
(Default) =
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C27CCE37-8596-11D1-B16A-00C0F0283628}\InprocServer32]
(Default) =
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C27CCE38-8596-11D1-B16A-00C0F0283628}\InprocServer32]
(Default) =
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C27CCE39-8596-11D1-B16A-00C0F0283628}\InprocServer32]
(Default) =
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C27CCE3A-8596-11D1-B16A-00C0F0283628}\InprocServer32]
(Default) =
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C27CCE3B-8596-11D1-B16A-00C0F0283628}\InprocServer32]
(Default) =
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C27CCE3C-8596-11D1-B16A-00C0F0283628}\InprocServer32]
(Default) =
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C27CCE3D-8596-11D1-B16A-00C0F0283628}\InprocServer32]
(Default) =
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C27CCE3E-8596-11D1-B16A-00C0F0283628}\InprocServer32]
(Default) =
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C27CCE3F-8596-11D1-B16A-00C0F0283628}\InprocServer32]
(Default) =
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C27CCE40-8596-11D1-B16A-00C0F0283628}\InprocServer32]
(Default) =
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C27CCE41-8596-11D1-B16A-00C0F0283628}\InprocServer32]
(Default) =
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C27CCE42-8596-11D1-B16A-00C0F0283628}\InprocServer32]
(Default) =
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C74190B6-8589-11D1-B16A-00C0F0283628}]
(Default) =
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C74190B6-8589-11D1-B16A-00C0F0283628}\InprocServer32]
(Default) =
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C74190B6-8589-11D1-B16A-00C0F0283628}\ToolboxBitmap32]
(Default) =
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DD9DA666-8594-11D1-B16A-00C0F0283628}]
(Default) =
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DD9DA666-8594-11D1-B16A-00C0F0283628}\InprocServer32]
(Default) =
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DD9DA666-8594-11D1-B16A-00C0F0283628}\ToolboxBitmap32]
(Default) =
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F08DF954-8592-11D1-B16A-00C0F0283628}]
(Default) =
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F08DF954-8592-11D1-B16A-00C0F0283628}\InprocServer32]
(Default) =
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F08DF954-8592-11D1-B16A-00C0F0283628}\ToolboxBitmap32]
(Default) =
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F9043C85-F6F2-101A-A3C9-08002B2F49FB}]
(Default) =
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{2334D2B1-713E-11CF-8AE5-00AA00C00905}\TypeLib]
(Default) =
Version =
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{2334D2B3-713E-11CF-8AE5-00AA00C00905}\TypeLib]
(Default) =
Version =
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MSComctlLib.ImageComboCtl]
(Default) =
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MSComctlLib.ImageComboCtl.2]
(Default) =
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MSComctlLib.ImageListCtrl]
(Default) =

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MSComctlLib.ImageListCtrl.2]
(Default) =
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MSComctlLib.ListViewCtrl]
(Default) =
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MSComctlLib.ListViewCtrl.2]
(Default) =
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MSComctlLib.ProgCtrl]
(Default) =
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MSComctlLib.ProgCtrl.2]
(Default) =
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MSComctlLib.SBarCtrl]
(Default) =
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MSComctlLib.SBarCtrl.2]
(Default) =
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MSComctlLib.Slider]
(Default) =

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MSComctlLib.Slider.2]
(Default) =
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MSComctlLib.TabStrip]
(Default) =
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MSComctlLib.TabStrip.2]
(Default) =

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MSComctlLib.Toolbar]
(Default) =
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MSComctlLib.Toolbar.2]
(Default) =
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MSComctlLib.TreeCtrl]
(Default) =
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MSComctlLib.TreeCtrl.2]
(Default) =

Registry Silinecek Kayıtlar

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MSComDlg.CommonDialog]
(Default) =
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MSComDlg.CommonDialog.1]
(Default) =
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MSWinsock.Winsock]
(Default) =
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MSWinsock.Winsock.1]
(Default) =
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RICHTEXT.RichtextCtrl]
(Default) =
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RICHTEXT.RichtextCtrl.1]
(Default) =
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{248DD890-BB45-11CF-9ABC-0080C7E7B78D}\1.0]
(Default) =
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{248DD890-BB45-11CF-9ABC-0080C7E7B78D}\1.0\0\win32]
(Default) =
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{248DD890-BB45-11CF-9ABC-0080C7E7B78D}\1.0\HELPDIR]
(Default) =
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{3B7C8863-D78F-101B-B9B5-04021C009402}\1.2]
(Default) =
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{3B7C8863-D78F-101B-B9B5-04021C009402}\1.2\0\win32]
(Default) =

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{3B7C8863-D78F-101B-B9B5-04021C009402}\1.2\HELPDIR]
(Default) =
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{831FDD16-0C5C-11D2-A9FC-0000F8754DA1}\2.0]
(Default) =
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{831FDD16-0C5C-11D2-A9FC-0000F8754DA1}\2.0\0\win32]
(Default) =
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{831FDD16-0C5C-11D2-A9FC-0000F8754DA1}\2.0\HELPDIR]
(Default) =
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{F9043C88-F6F2-101A-A3C9-08002B2F49FB}\1.2]
(Default) =
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{F9043C88-F6F2-101A-A3C9-08002B2F49FB}\1.2\HELPDIR]
(Default) =

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
C:\WINDOWS\system32\comcat.dll =
C:\WINDOWS\system32\olepro32.dll =
C:\WINDOWS\system32\stdole2.tlb =
C:\WINDOWS\system32\oleaut32.dll =
C:\WINDOWS\system32\asycfilt.dll =
C:\WINDOWS\system32\COMDLG32.OCX =
C:\WINDOWS\system32\RICHTX32.OCX =

Sosyal Ağlarda Paylaş

{cenkut}

Bir Cevap Yazın

E-posta hesabınız yayımlanmayacak. Gerekli alanlar * ile işaretlenmişlerdir