Merhaba,

CMD çalıştırdıktan sonra Echo ON yaptıktan sonra komut çalıştırmayı dener misiniz ?

Bir de bu CMD virüs yemiş olabilir. Kısayoldan çalıştırmayın direk dizini bulup buradan CMD bulun ve oradan çalıştırın.

Hocam 2 yöntemide denedim fakat malesef çözüm olmadı zaten her hangi bir komut yazınca echo kapalı yazdıktan yarım saniye sonra kapanıyor cmd 

Selamlar,

İyi bir antivirüs programı ile full taramdan geçirip deneyip sonucu paylaşır mısın lütfen.

Hocam F-Secure ile tarattım sonuçlar aşağıdaki gibi;

Scanning
Report

08
April 2014 09:47:00 - 09:47:30

Computer
name: HTTPSERVER
Scanning type: Scan target
Target:
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary
Internet Files\Content.IE5\SFF7IWPL\server59[1].exe

Result:
1 malware found

Gen:Variant.Graftor.874
(virus)

• C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary
  Internet Files\Content.IE5\SFF7IWPL\server59[1].exe Action: quarantined
• C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary
  Internet Files\Content.IE5\4RXKN65S\server[1].exe Action: quarantined

Gen:Variant.Kazy.246978
(virus)

• C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary
  Internet Files\Content.IE5\SFF7IWPL\all[1].exe Action: quarantined
• C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary
  Internet Files\Content.IE5\S3OIORL3\all[1].exe Action: quarantined
• C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary
  Internet Files\Content.IE5\SFF7IWPL\all[2].exe Action: quarantined
• C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary
  Internet Files\Content.IE5\4RXKN65S\all[1].exe Action: quarantined
• C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary
  Internet Files\Content.IE5\4RXKN65S\all[2].exe Action: quarantined
• C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary
  Internet Files\Content.IE5\1V0VQVQQ\all[1].exe Action: quarantined
• C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary
  Internet Files\Content.IE5\1FA4OC0L\all[1].exe Action: quarantined

MemScan:Trojan.Generic.7690736
(virus)

• C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary
  Internet Files\Content.IE5\SFF7IWPL\lpk.dll Action: quarantined
• C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary
  Internet Files\Content.IE5\S3OIORL3\lpk.dll Action: quarantined
• C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary
  Internet Files\Content.IE5\4RXKN65S\lpk.dll Action: quarantined
• C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary
  Internet Files\Content.IE5\1V0VQVQQ\123456help[1].exe Action: quarantined
• C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary
  Internet Files\Content.IE5\1V0VQVQQ\lpk.dll Action: quarantined
• C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary
  Internet Files\Content.IE5\1FA4OC0L\lpk.dll Action: quarantined
• D:\MSOCache\All
  Users\9000041f-6000-11D3-8CFE-0150048383C9\FILES\PFILES\MSOFFICE\OFFICE11\lpk.dll
  Action: quarantined
• D:\MSOCache\All
  Users\9000041f-6000-11D3-8CFE-0150048383C9\FILES\SETUP\lpk.dll Action:
  quarantined
• D:\MSOCache\All
  Users\9000041f-6000-11D3-8CFE-0150048383C9\FILES\PFILES\COMMON\MSSHARED\DW\lpk.dll
  Action: quarantined

Gen:Variant.Strictor.26189
(virus)

• C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary
  Internet Files\Content.IE5\SFF7IWPL\server[1].exe Action: quarantined
• C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary
  Internet Files\Content.IE5\1FA4OC0L\1234[1].exe Action: quarantined

Gen:Variant.Graftor.43188
(virus)

• C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary
  Internet Files\Content.IE5\SFF7IWPL\jlkra[1].exe Action: quarantined
• C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary
  Internet Files\Content.IE5\4RXKN65S\jlkra[1].exe Action: quarantined

Gen:Variant.Zusy.67641
(virus)

• C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary
  Internet Files\Content.IE5\S3OIORL3\dz[1].exe Action: quarantined

Dropped:Generic.Malware.SFdld.2C530BCF
(virus)

• C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary
  Internet Files\Content.IE5\S3OIORL3\zcsdfs[1].exe Action: quarantined

Backdoor.Farfli.AS
(virus)

• C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary
  Internet Files\Content.IE5\4RXKN65S\5099[1].exe Action: quarantined
• C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary
  Internet Files\Content.IE5\1FA4OC0L\5099[1].exe Action: quarantined

Gen:Variant.Symmi.27178
(virus)

• C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary
  Internet Files\Content.IE5\S3OIORL3\SB360[1].exe Action: quarantined

Gen:Variant.Graftor.38935
(virus)

• C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary
  Internet Files\Content.IE5\1V0VQVQQ\dz[1].exe Action: quarantined

Gen:Variant.Graftor.107543
(virus)

• C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary
  Internet Files\Content.IE5\1V0VQVQQ\jinlul[1].exe Action: quarantined

Trojan.Generic.7240379
(virus)

• C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary
  Internet Files\Content.IE5\1FA4OC0L\Install[1].exe Action: quarantined

Statistics

Scanned:

• Files: 1
• Not scanned: 0
  

Result:

• Viruses: 1
• Spyware: 0
• Suspicious
  items: 0
• Riskware: 0

Actions:

• Disinfected: 0
  
• Renamed: 0
• Deleted: 0
• Quarantined:
  30
• Failed: 0

Boot Sectors:

• Scanned: 0
• Infected: 0
• Suspicious
  items: 0
• Disinfected: 0
  

Options

Definitions version:

• Viruses:
  2014-04-04_07
• Spyware:
  2014-04-04_07

Scanning Engines:

• F-Secure
  Aquarius: 11.00.01, 2014-04-04
• F-Secure
  Hydra: 5.11.87, 2014-04-04
• F-Secure
  Online: 13.51.02, 0-00-00
• F-Secure
  Gemini: 3.02.243, 2014-03-12

Scanning options:

• Scan defined
  files: COM EXE SYS OV? BIN SCR DLL SHS HTM HTML HTT VBS JS INF VXD DO? XL?
  RTF CPL WIZ HTA PP? PWZ POT MSO PIF ACM ASP AX CNV CSC DRV INI MDB MPD MPP
  MPT OBD OBT OCX PCI TLB TSP WBK WBT WPC WSH VWP WML BOO HLP TD0 TT6 MSG
  ASD JSE VBE WSC CHM EML PRC SHB LNK WSF {* PDF ZL? XML ANI BAT CMD DOC DOT
  JOB LSP MHT PHP PPT SWF WMA WMV WMF WRI XLS XLT CLASS TMP ZIP JAR ARJ LZH
  TAR TGZ GZ CAB RAR BZ2 HQX
• Scan inside
  archives

Actions:

• Viruses:
  Disinfect infected files
• Spyware: Ask
  after scan

  

Selamlar,

 Sunucunuz virüs yemiş görüldüğü gibi. Farklı bir yerden CMD dosyası alıp bu sunucudaki ile  değiştirin. Ayrıca farklı antivirüs programları ile taratıp temizletin.