Server 2008 R2 CMD ...
 
Bildirimler
Hepsini Temizle

Server 2008 R2 CMD Problemi  

  RSS
Emrah ÖZYURT
(@EmrahOZYURT)
Üye

Merhaba Değerli Çözüm Park kullanıcılar

 

Benim web serverımda cmd 1 aydır aşağıdaki gibi bi türlü çözüm bulamadım yardımlarınızı bekliyorum.  
Image and video hosting by TinyPic

Alıntı
Gönderildi : 07/04/2014 14:44
Rafet S. AYATA
(@rafets-ayata)
Saygın Üye Forum Yöneticisi

Merhaba,


CMD çalıştırdıktan sonra Echo ON yaptıktan sonra komut çalıştırmayı dener misiniz ?


Bir de bu CMD virüs yemiş olabilir. Kısayoldan çalıştırmayın direk dizini bulup buradan CMD bulun ve oradan çalıştırın.

CevapAlıntı
Gönderildi : 07/04/2014 16:26
Emrah ÖZYURT
(@EmrahOZYURT)
Üye

Hocam 2 yöntemide denedim fakat malesef çözüm olmadı zaten her hangi bir komut yazınca echo kapalı yazdıktan yarım saniye sonra kapanıyor cmd 

CevapAlıntı
Gönderildi : 07/04/2014 18:32
Rafet S. AYATA
(@rafets-ayata)
Saygın Üye Forum Yöneticisi

Selamlar,


İyi bir antivirüs programı ile full taramdan geçirip deneyip sonucu paylaşır mısın lütfen.

CevapAlıntı
Gönderildi : 07/04/2014 19:16
Emrah ÖZYURT
(@EmrahOZYURT)
Üye

Hocam F-Secure ile tarattım sonuçlar aşağıdaki gibi;

Scanning
Report

08
April 2014 09:47:00 - 09:47:30

Computer
name: HTTPSERVER
Scanning type: Scan target
Target:
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary
Internet Files\Content.IE5\SFF7IWPL\server59[1].exe


Result:
1 malware found

Gen:Variant.Graftor.874
(virus)

  • C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary
    Internet Files\Content.IE5\SFF7IWPL\server59[1].exe Action: quarantined
  • C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary
    Internet Files\Content.IE5\4RXKN65S\server[1].exe Action: quarantined

Gen:Variant.Kazy.246978
(virus)

  • C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary
    Internet Files\Content.IE5\SFF7IWPL\all[1].exe Action: quarantined
  • C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary
    Internet Files\Content.IE5\S3OIORL3\all[1].exe Action: quarantined
  • C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary
    Internet Files\Content.IE5\SFF7IWPL\all[2].exe Action: quarantined
  • C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary
    Internet Files\Content.IE5\4RXKN65S\all[1].exe Action: quarantined
  • C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary
    Internet Files\Content.IE5\4RXKN65S\all[2].exe Action: quarantined
  • C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary
    Internet Files\Content.IE5\1V0VQVQQ\all[1].exe Action: quarantined
  • C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary
    Internet Files\Content.IE5\1FA4OC0L\all[1].exe Action: quarantined

MemScan:Trojan.Generic.7690736
(virus)

  • C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary
    Internet Files\Content.IE5\SFF7IWPL\lpk.dll Action: quarantined
  • C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary
    Internet Files\Content.IE5\S3OIORL3\lpk.dll Action: quarantined
  • C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary
    Internet Files\Content.IE5\4RXKN65S\lpk.dll Action: quarantined
  • C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary
    Internet Files\Content.IE5\1V0VQVQQ\123456help[1].exe Action: quarantined
  • C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary
    Internet Files\Content.IE5\1V0VQVQQ\lpk.dll Action: quarantined
  • C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary
    Internet Files\Content.IE5\1FA4OC0L\lpk.dll Action: quarantined
  • D:\MSOCache\All
    Users\9000041f-6000-11D3-8CFE-0150048383C9\FILES\PFILES\MSOFFICE\OFFICE11\lpk.dll
    Action: quarantined
  • D:\MSOCache\All
    Users\9000041f-6000-11D3-8CFE-0150048383C9\FILES\SETUP\lpk.dll Action:
    quarantined
  • D:\MSOCache\All
    Users\9000041f-6000-11D3-8CFE-0150048383C9\FILES\PFILES\COMMON\MSSHARED\DW\lpk.dll
    Action: quarantined

Gen:Variant.Strictor.26189
(virus)

  • C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary
    Internet Files\Content.IE5\SFF7IWPL\server[1].exe Action: quarantined
  • C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary
    Internet Files\Content.IE5\1FA4OC0L\1234[1].exe Action: quarantined

Gen:Variant.Graftor.43188
(virus)

  • C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary
    Internet Files\Content.IE5\SFF7IWPL\jlkra[1].exe Action: quarantined
  • C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary
    Internet Files\Content.IE5\4RXKN65S\jlkra[1].exe Action: quarantined

Gen:Variant.Zusy.67641
(virus)

  • C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary
    Internet Files\Content.IE5\S3OIORL3\dz[1].exe Action: quarantined

Dropped:Generic.Malware.SFdld.2C530BCF
(virus)

  • C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary
    Internet Files\Content.IE5\S3OIORL3\zcsdfs[1].exe Action: quarantined

Backdoor.Farfli.AS
(virus)

  • C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary
    Internet Files\Content.IE5\4RXKN65S\5099[1].exe Action: quarantined
  • C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary
    Internet Files\Content.IE5\1FA4OC0L\5099[1].exe Action: quarantined

Gen:Variant.Symmi.27178
(virus)

  • C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary
    Internet Files\Content.IE5\S3OIORL3\SB360[1].exe Action: quarantined

Gen:Variant.Graftor.38935
(virus)

  • C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary
    Internet Files\Content.IE5\1V0VQVQQ\dz[1].exe Action: quarantined

Gen:Variant.Graftor.107543
(virus)

  • C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary
    Internet Files\Content.IE5\1V0VQVQQ\jinlul[1].exe Action: quarantined

Trojan.Generic.7240379
(virus)

  • C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary
    Internet Files\Content.IE5\1FA4OC0L\Install[1].exe Action: quarantined

Statistics

Scanned:

  • Files: 1
  • Not scanned: 0

Result:

  • Viruses: 1
  • Spyware: 0
  • Suspicious
    items: 0
  • Riskware: 0

Actions:

  • Disinfected: 0
  • Renamed: 0
  • Deleted: 0
  • Quarantined:
    30
  • Failed: 0

Boot Sectors:

  • Scanned: 0
  • Infected: 0
  • Suspicious
    items: 0
  • Disinfected: 0

Options

Definitions version:

  • Viruses:
    2014-04-04_07
  • Spyware:
    2014-04-04_07

Scanning Engines:

  • F-Secure
    Aquarius: 11.00.01, 2014-04-04
  • F-Secure
    Hydra: 5.11.87, 2014-04-04
  • F-Secure
    Online: 13.51.02, 0-00-00
  • F-Secure
    Gemini: 3.02.243, 2014-03-12

Scanning options:

  • Scan defined
    files: COM EXE SYS OV? BIN SCR DLL SHS HTM HTML HTT VBS JS INF VXD DO? XL?
    RTF CPL WIZ HTA PP? PWZ POT MSO PIF ACM ASP AX CNV CSC DRV INI MDB MPD MPP
    MPT OBD OBT OCX PCI TLB TSP WBK WBT WPC WSH VWP WML BOO HLP TD0 TT6 MSG
    ASD JSE VBE WSC CHM EML PRC SHB LNK WSF {* PDF ZL? XML ANI BAT CMD DOC DOT
    JOB LSP MHT PHP PPT SWF WMA WMV WMF WRI XLS XLT CLASS TMP ZIP JAR ARJ LZH
    TAR TGZ GZ CAB RAR BZ2 HQX
  • Scan inside
    archives

Actions:

  • Viruses:
    Disinfect infected files
  • Spyware: Ask
    after scan

  

CevapAlıntı
Gönderildi : 08/04/2014 13:27
Rafet S. AYATA
(@rafets-ayata)
Saygın Üye Forum Yöneticisi

Selamlar,


 Sunucunuz virüs yemiş görüldüğü gibi. Farklı bir yerden CMD dosyası alıp bu sunucudaki ile  değiştirin. Ayrıca farklı antivirüs programları ile taratıp temizletin.

CevapAlıntı
Gönderildi : 08/04/2014 14:52
Paylaş: