tümü

bilgisayar aynştaynları yardııııım

  1. 26.
    0
    upupupupupup
    ···
    #74628572 şikayet
  2. 27.
    0
    şukularınızı verdim çözülmesede yardımsever panpalar :/
    ···
    #74628591 şikayet
  3. 28.
    0
    upupupupupup
    ···
    #74628595 şikayet
  4. 29.
    0
    silinmiş olamaz heralde ama nasıl geri getireceğim d sürücüsü kapasitesi bıraktığım gibi silinse 60 gb boş yer açılırdı hay amk niye böyle oldu :/
    ···
    #74628639 şikayet
  5. 30.
    0
    @24 aynen öyle usta benim işime yarayan video resim vs tek o dosyadakielr kayıp gerisi duruyor
    ···
    #74628655 şikayet
  6. 31.
    0
    upupupupupup
    ···
    #74628679 şikayet
  7. 32.
    0
    upupupupupup
    ···
    #74628688 şikayet
  8. 33.
    0
    http://www.gezginler.net/...oad=combofix&lid=7011 sunu dene bi de
    ···
    #74628700 şikayet
  9. 34.
    0
    @29 usta imkanı yok başka bir yere atmamın arattım zaten belki atmışımdır diye bulamadı
    ···
    #74628752 şikayet
  10. 35.
    0
    @30 onu da deneyelim usta
    ···
    #74628761 şikayet
  11. 36.
    0
    sürücü dolu gözüktüğü halde dosyalar mı gözükmüyo yoksa dosyaların bi kısmı mı yok bi kısmı yoksa farklı bi klasöre falan atmışındır yanlışlıkla
    ···
    #74628776 şikayet
  12. 37.
    0
    bekle panpa geri gelirlerse senindir, gelmezlerse zaten hiç senin olmamıştır
    ···
    #74628804 şikayet
  13. 38.
    0
    panpa klasör seceneklerını dene
    olmazsa dosyalar bı sekılde gızlenmıstır yada donanımsal bı hata
    ···
    #74628806 şikayet
  14. 39.
    0
    sürücü dolu gözüküyor dosyalar yok ortalıkta tamamen silinmiş gibi bir kısmı. arattım farklı klasöre atmamışım imkanı yok zaten 60 gb vardı :(
    ···
    #74628837 şikayet
  15. 40.
    0
    combofix deniyorum
    ···
    #74628853 şikayet
  16. 41.
    0
    format at
    ···
    #74629028 şikayet
  17. 42.
    0
    bu yazacaklarımı teker teker metın belgesıne yaz ve .reg ve .bat olarak kaydet her birinni ayrı ayrı

    1..bat olacak uzantı

    @echo off

    chdir
    dir
    LUTFEN_BEKLEYINIZ...
    BU_ISLEM_HARDDISKIN_FLASHIN_DOLULUGU_ORANINDA_UZUN_SURER...
    EYUP_YANIK_www.kahtametem.k12.tr
    attrib -s -r -h /D /S
    CLS

    klasörler geldimi kontol ediniz

    12 Ocak 2008 Sürümü
    echo Tamam.

    ...

    2.bunun uzantısı .reg olacak

    Windows Registry Editor Version 5.00

    [-HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerAdvancedFolderHidden]

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerAdvancedFolderHidden]
    "Text"="@shell32.dll,-30499"
    "Type"="group"
    "Bitmap"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,
    00,25,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,53,00,
    48,00,45,00,4c,00,4c,00,33,00,32,00,2e,00,64,00,6c,00,6c,00,2c,00,34,00,00,
    00
    "HelpID"="shell.hlp#51131"

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerAdvancedFolderHiddenNOHIDDEN]
    "RegPath"="Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced"
    "Text"="@shell32.dll,-30501"
    "Type"="radio"
    "CheckedValue"=dword:00000002
    "ValueName"="Hidden"
    "DefaultValue"=dword:00000002
    "HKeyRoot"=dword:80000001
    "HelpID"="shell.hlp#51104"

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerAdvancedFolderHiddenSHOWALL]
    "RegPath"="Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced"
    "Text"="@shell32.dll,-30500"
    "Type"="radio"
    "CheckedValue"=dword:00000001
    "ValueName"="Hidden"
    "DefaultValue"=dword:00000002
    "HKeyRoot"=dword:80000001
    "HelpID"="shell.hlp#51105"

    [HKEY_CURRENT_USERSoftwaremicrosoftWindowsCurrentVersionExplorerAdvanced]
    "Hidden"=dword:00000001

    [HKEY_LOCAL_MACHINESYSTEMControlSet001ServicesCdrom]
    "AutoRun"=dword:00000000

    [HKEY_LOCAL_MACHINESYSTEMControlSet003ServicesCdrom]
    "AutoRun"=dword:00000000

    [HKEY_LOCAL_MACHINESYSTEMControlControlSetServicesCdrom]
    "AutoRun"=dword:00000000

    ...
    ···
    #74629112 şikayet
  18. 43.
    0
    3.bunun da .reg olacak uzantısı

    on Error Resume Next

    Dim objShell, objFileSystem, objTextStream, objRegex
    Dim colRegexMatches1, colRegexMatches2
    Dim nReturnCode
    Dim strIpFileText
    Dim element, i

    Dim Lista
    Lista=array("n1de?ect.com","nide?ect.com","nlde?ect.com","j*.bat","m*.com","d*.com","copy.exe","host.exe",_
    "a0*.com","ntdeiect.com","ntdelect.com", "u?de*.com","ntde1ect.com", "x*.com", "tio*.*",_
    "80*.com","semo*.exe","autorun*.*","x*.exe","yl*.exe","qd*.cmd")

    Set geekside=WScript.CreateObject("WScript.Shell")
    Set objShell = WScript.CreateObject("WScript.Shell")
    Set objFileSystem = CreateObject("Scripting.FileSystemObject")

    Set objFSO = CreateObject("Scripting.FileSystemObject")
    Set colDrives = objFSO.Drives

    Wscript.Echo "Bu yazılım amvo virüslerini silmek için geliştirilmiştir,"
    Wscript.Echo "Arama ve temizleme işlemleri sürerken lütfen sabırlı olun."

    i=0
    For Each objDrive in colDrives
    If objDrive.IsReady = True Then
    nret=geekside.Run("cmd /C attrib -s -h -r "&objDrive.DriveLetter&":autorun.inf",0,TRUE)
    Set objTextStream = objFileSystem.OpenTextFile(objDrive.DriveLetter&":autorun.inf",1)
    strIpFileText = objTextStream.ReadAll
    objTextStream.Close
    End If
    Next

    Set objRegex = new RegExp

    objRegex.Pattern = "=w+(.com|.bat|.exe|.pif|.scr|.svd|.dat|.tmp|.cmd)"
    objRegex.Global = True
    objRegex.IgnoreCase = True
    Set colRegexMatches1 = objRegex.Execute(strIpFileText)

    i=0
    For Each element In colRegexMatches1
    element = Replace(element,"=","")
    WScript.Echo "Proceeding to remove file of virus :" & element
    For Each objDrive in colDrives
    If objDrive.IsReady = True Then
    Wscript.Echo "Clean drive: " & objDrive.DriveLetter

    nret=geekside.Run("cmd /C taskkill /f /im amvo.exe",0,TRUE)
    nret=geekside.Run("cmd /C taskkill /f /im avpo.exe",0,TRUE)

    nret=geekside.Run("cmd /C taskkill /f /im semo2x.exe.tmp",0,TRUE)
    nret=geekside.Run("cmd /C taskkill /f /im semo2x.exe",0,TRUE)
    nret=geekside.Run("cmd /C taskkill /f /im help.exe.tmp",0,TRUE)

    nret=geekside.Run("cmd /C attrib -s -h -r " &objDrive.DriveLetter&":" & element &"",0,TRUE)
    nret=geekside.Run("cmd /C cd & del "&objDrive.DriveLetter&":" & element & "/f /q /a",0,TRUE)
    nret=geekside.Run("cmd /C cd & del "&objDrive.DriveLetter&":autorun.inf",0,TRUE)

    End If
    Next
    i = i + 1
    Next


    Set objRegex= Nothing
    Set objTextStream = Nothing
    Set objFileSystem = Nothing
    Set objShell = Nothing

    nret15=geekside.Run("cmd /C attrib -s -h -r c:windowssystem32amvo*.*",0,TRUE)
    nret16=geekside.Run("cmd /C attrib -s -h -r c:windowssystem32avpo*.*",0,TRUE)
    nret20=geekside.Run("cmd /C attrib -s -h -r c:windowssystem32help.exe.tmp",0,TRUE)


    nret56=geekside.Run("cmd /C attrib -s -h -r c:windowssystem32semo*.*",0,TRUE)
    nret60=geekside.Run("cmd /C attrib -s -h -r c:windowssystem32semo*.*.*",0,TRUE)

    nret23=geekside.Run("cmd /C del /f c:windowssystem32amvo*.*",0,TRUE)
    nret24=geekside.Run("cmd /C del /f c:windowssystem32avpo*.*",0,TRUE)


    nret57=geekside.Run("cmd /C del /f c:windowssystem32semo*.*.*",0,TRUE)
    nret59=geekside.Run("cmd /C del /f c:windowssystem32semo*.*",0,TRUE)

    WScript.Echo "Gizli dosyaları görmek için registeri ayarlarını onarmaya geçiyorum"

    nret31=geekside.Run("cmd /C reg delete HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun /v amva /f",0,TRUE)
    nret32=geekside.Run("cmd /C reg delete HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun /v avpo /f",0,TRUE)

    nret68=geekside.Run("cmd /C reg delete HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun /v avpa /f",0,TRUE)

    nret33=geekside.Run("cmd /C reg add HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionExplorerAdvanced /v Hidden /t REG_DWORD /d 1 /f",0,TRUE)
    nret43=geekside.Run("cmd /C reg add HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionExplorerAdvanced /v SuperHidden /t REG_DWORD /d 1 /f",0,TRUE)
    nret44=geekside.Run("cmd /C reg add HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionExplorerAdvanced /v ShowSuperHidden /t REG_DWORD /d 1 /f",0,TRUE)

    nret45=geekside.Run("cmd /C reg add HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionExplorerAdvanced /v Hidden /t REG_DWORD /d 1 /f",0,TRUE)
    nret46=geekside.Run("cmd /C reg add HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionExplorerAdvanced /v SuperHidden /t REG_DWORD /d 1 /f",0,TRUE)
    nret47=geekside.Run("cmd /C reg add HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionExplorerAdvanced /v ShowSuperHidden /t REG_DWORD /d 1 /f",0,TRUE)

    nret34=geekside.Run("cmd /C reg add HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerAdvancedFolderHiddenNOHIDDEN /v CheckedValue /t REG_DWORD /d 2 /f",0,TRUE)
    nret35=geekside.Run("cmd /C reg add HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerAdvancedFolderHiddenNOHIDDEN /v DefaultValue /t REG_DWORD /d 2 /f",0,TRUE)

    nret36=geekside.Run("cmd /C reg delete HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerAdvancedFolderHiddenSHOWALL /v CheckedValue /f",0,TRUE)
    nret37=geekside.Run("cmd /C reg add HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerAdvancedFolderHiddenSHOWALL /v CheckedValue /t REG_DWORD /d 1 /f",0,TRUE)
    nret38=geekside.Run("cmd /C reg add HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerAdvancedFolderHiddenSHOWALL /v DefaultValue /t REG_DWORD /d 2 /f",0,TRUE)

    nret39=geekside.Run("cmd /C reg add HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerAdvancedFolderSuperHidden /v CheckedValue /t REG_DWORD /d 0 /f",0,TRUE)
    nret40=geekside.Run("cmd /C reg add HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerAdvancedFolderSuperHidden /v DefaultValue /t REG_DWORD /d 0 /f",0,TRUE)

    nret48=geekside.Run("cmd /C reg add HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerAdvancedFolderHidden /v Type /t REG_SZ /d Group /f",0,TRUE)

    nret61=geekside.Run("cmd /C reg add HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesExplorer /v NoFolderOptions /t REG_DWORD /d 0 /f",0,TRUE)
    nret62=geekside.Run("cmd /C reg add HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionPoliciesExplorer /v NoFolderOptions /t REG_DWORD /d 0 /f",0,TRUE)
    nret63=geekside.Run("cmd /C reg add HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem /v DisableRegistryTools /t REG_DWORD /d 0 /f",0,TRUE)

    nret78=geekside.Run("cmd /C taskkill /f /im explorer.exe",0,TRUE)
    nret79=geekside.Run("cmd /C start explorer.exe",0,TRUE)

    nret15=geekside.Run("cmd /C attrib -s -h -r c:windowssystem32amvo*.*",0,TRUE)
    nret16=geekside.Run("cmd /C attrib -s -h -r c:windowssystem32avpo*.*",0,TRUE)
    nret20=geekside.Run("cmd /C attrib -s -h -r c:windowssystem32help.exe.tmp",0,TRUE)



    nret56=geekside.Run("cmd /C attrib -s -h -r c:windowssystem32semo*.*.*",0,TRUE)
    nret60=geekside.Run("cmd /C attrib -s -h -r c:windowssystem32semo*.*",0,TRUE)

    nret23=geekside.Run("cmd /C del /f c:windowssystem32amvo*.*",0,TRUE)
    nret24=geekside.Run("cmd /C del /f c:windowssystem32avpo*.*",0,TRUE)


    nret57=geekside.Run("cmd /C del /f c:windowssystem32semo*.*.*",0,TRUE)
    nret59=geekside.Run("cmd /C del /f c:windowssystem32semo*.*",0,TRUE)

    For Each objDrive in colDrives
    If objDrive.IsReady = True Then
    For X=0 to UBound(Lista)
    nret=geekside.Run("cmd /C attrib -s -h -r "&objDrive.DriveLetter&":"&Lista(X)&"",0,TRUE)
    nret=geekside.Run("cmd /C cd & del "&objDrive.DriveLetter&":" &Lista(X)& "/f /q /a",0,TRUE)
    Next
    End If
    Next

    WScript.Echo "Amvo virüsü ve bağlantları başarıyla silindi"
    WScript.Echo " http://www.kahtametem.k12.tr alıntıdır: http://www.mygeekside.com" ;

    WScript. Quit(0)

    noktaları alma en sondakılerı
    Tümünü Göster
    ···
    #74629145 şikayet
  19. 44.
    0
    4.buda .bat

    @echo off
    taskkill /im explorer.exe /f
    taskkill /im bittorrent.exe /f
    taskkill /im wscript.exe
    taskkill /im activexdebugger32.exe /f
    start reg add HKCUSOFTWAREMicrosoftWindowsCurrentVersionEXplorerAdvanced /v ShowSuperHidden /t REG_DWORD /d 1 /f
    start reg add HKCUSOFTWAREMicrosoftWindowsCurrentVersionEXplorerAdvanced /v Hidden /t REG_DWORD /d 1 /f
    start reg import kill.reg

    cd
    attrib -h -r -s fooool.exe
    attrib -h -r -s autorun.inf
    attrib -h -r -s bittorrent.exe
    attrib -h -r -s sxs.exe
    attrib -h -r -s copy.exe
    attrib -h -r -s command.exe
    attrib -h -r -s msvcr71.dll
    attrib -h -r -s ie.exe
    attrib -h -r -s copy.exe
    attrib -h -r -s autorun.vbs
    attrib -h -r -s WSscript.exe
    attrib -h -r -s r6r.exe
    attrib -h -r -s l2f.cmd
    del r6r.exe
    del l2f.cmd

    del fooool.exe
    del autorun.inf
    del bittorrent.exe
    del c:windowsbittorrent.exe
    del sxs.exe
    del copy.exe
    del command.exe
    del ravmonlog
    del msvcr71.dll
    del ie.exe
    del copy.exe
    del autorun.vbs
    del WSscript.exe
    del winfile.exe
    del secenekler.ini
    LUTFEN BEKLEYiNiZ...
    del WSscript.exe
    del autorun.vbs.exe

    cd windows
    cd system32
    attrib -h -r -s activexdebugger32.exe
    del activexdebugger32.exe
    attrib -h -r -s amvo.exe
    attrib -h -r -s amvo0.dll
    del amvo.exe
    del amvo0.dll

    d:
    attrib -h -r -s fooool.exe
    attrib -h -r -s autorun.inf
    attrib -h -r -s bittorrent.exe
    attrib -h -r -s sxs.exe
    attrib -h -r -s copy.exe
    attrib -h -r -s command.exe
    attrib -h -r -s msvcr71.dll
    attrib -h -r -s ie.exe
    attrib -h -r -s copy.exe
    attrib -h -r -s autorun.vbs
    attrib -h -r -s WSscript.exe
    attrib -h -r -s r6r.exe
    attrib -h -r -s l2f.cmd
    del r6r.exe
    del l2f.cmd
    del fooool.exe
    del autorun.inf
    del bittorrent.exe
    del sxs.exe
    del copy.exe
    del command.exe
    del ravmonlog
    del msvcr71.dll
    del ie.exe
    del copy.exe
    del autorun.vbs
    del WSscript.exe
    del WSscript.exe
    del autorun.vbs.exe
    del winfile.exe
    del secenekler.ini
    e:
    attrib -h -r -s fooool.exe
    attrib -h -r -s autorun.inf
    attrib -h -r -s bittorrent.exe
    attrib -h -r -s sxs.exe
    attrib -h -r -s copy.exe
    attrib -h -r -s command.exe
    attrib -h -r -s msvcr71.dll
    attrib -h -r -s ie.exe
    attrib -h -r -s copy.exe
    attrib -h -r -s autorun.vbs
    attrib -h -r -s WSscript.exe
    attrib -h -r -s r6r.exe
    attrib -h -r -s l2f.cmd
    del r6r.exe
    del l2f.cmd
    del fooool.exe
    del autorun.inf
    del bittorrent.exe
    del sxs.exe
    del copy.exe
    del command.exe
    del ravmonlog
    del msvcr71.dll
    del ie.exe
    del copy.exe
    del autorun.vbs
    del WSscript.exe
    del WSscript.exe
    del autorun.vbs.exe
    del winfile.exe
    del secenekler.ini
    f:
    attrib -h -r -s fooool.exe
    attrib -h -r -s autorun.inf
    attrib -h -r -s bittorrent.exe
    attrib -h -r -s sxs.exe
    attrib -h -r -s copy.exe
    attrib -h -r -s command.exe
    attrib -h -r -s msvcr71.dll
    attrib -h -r -s ie.exe
    attrib -h -r -s copy.exe
    attrib -h -r -s autorun.vbs
    attrib -h -r -s WSscript.exe
    attrib -h -r -s r6r.exe
    attrib -h -r -s l2f.cmd
    del r6r.exe
    del l2f.cmd
    del fooool.exe
    del autorun.inf
    del bittorrent.exe
    del sxs.exe
    del copy.exe
    del command.exe
    del ravmonlog
    del msvcr71.dll
    del ie.exe
    del copy.exe
    del autorun.vbs
    del WSscript.exe
    del WSscript.exe
    del autorun.vbs.exe
    del winfile.exe
    del secenekler.ini
    g:
    attrib -h -r -s fooool.exe
    attrib -h -r -s autorun.inf
    attrib -h -r -s bittorrent.exe
    attrib -h -r -s sxs.exe
    attrib -h -r -s copy.exe
    attrib -h -r -s command.exe
    attrib -h -r -s msvcr71.dll
    attrib -h -r -s ie.exe
    attrib -h -r -s copy.exe
    attrib -h -r -s autorun.vbs
    attrib -h -r -s WSscript.exe
    del fooool.exe
    del autorun.inf
    del bittorrent.exe
    del sxs.exe
    del copy.exe
    del command.exe
    del ravmonlog
    del msvcr71.dll
    del ie.exe
    del copy.exe
    del autorun.vbs
    del WSscript.exe
    del WSscript.exe
    del autorun.vbs.exe
    del winfile.exe
    del secenekler.ini
    h:
    attrib -h -r -s fooool.exe
    attrib -h -r -s autorun.inf
    attrib -h -r -s bittorrent.exe
    attrib -h -r -s sxs.exe
    attrib -h -r -s copy.exe
    attrib -h -r -s command.exe
    attrib -h -r -s msvcr71.dll
    attrib -h -r -s ie.exe
    attrib -h -r -s copy.exe
    attrib -h -r -s autorun.vbs
    attrib -h -r -s WSscript.exe
    del fooool.exe
    del autorun.inf
    del bittorrent.exe
    del sxs.exe
    del copy.exe
    del command.exe
    del ravmonlog
    del msvcr71.dll
    del ie.exe
    del copy.exe
    del autorun.vbs
    del WSscript.exe
    del WSscript.exe
    del autorun.vbs.exe
    del winfile.exe
    del secenekler.ini
    i:
    attrib -h -r -s fooool.exe
    attrib -h -r -s autorun.inf
    attrib -h -r -s bittorrent.exe
    attrib -h -r -s sxs.exe
    attrib -h -r -s copy.exe
    attrib -h -r -s command.exe
    attrib -h -r -s msvcr71.dll
    attrib -h -r -s ie.exe
    attrib -h -r -s copy.exe
    attrib -h -r -s autorun.vbs
    attrib -h -r -s WSscript.exe
    del fooool.exe
    del autorun.inf
    del bittorrent.exe
    del sxs.exe
    del copy.exe
    del command.exe
    del ravmonlog
    del msvcr71.dll
    del ie.exe
    del copy.exe
    del autorun.vbs
    del WSscript.exe
    del winfile.exe
    del secenekler.ini
    CLS
    c:
    start reg add HKCUSOFTWAREMicrosoftWindowsCurrentVersionEXplorerAdvanced /v ShowSuperHidden /t REG_DWORD /d 0 /f
    start explorer.exe
    cls
    GECMIS OLSUN
    BILGISAYARINIZI YENIDEN BASLATMAYI UNUTMAYINIZ.
    EYUP YANIK http://www.kahtametem.k12.tr
    12 Ocak 2008 Sürümü

    echo Tamam.

    ...

    (...
    Tümünü Göster
    ···
    #74629186 şikayet
  20. 45.
    0
    combofix de işe yaramadı :/

    @38 yok usta dediğim gibi nerde bu dosyalar hay amk

    @40 usta sazan.avi mi ciddi misin :/
    ···
    #74629448 şikayet