IT Specialist: Temmuz 2008

http://rapidshare.com/users/5F6T7J
http://rapidshare.com/users/K2860J

password for the folder : MakeMeProud
IOS for dynamips
http://bzzjh.4shared.com/

ftp://218.1.71.179/download/Cisco/Cisco%20IOS/
user:ftpnew4
pass:KD8YFN57LD
c1600-sy-mz.122-3.bin
c1600-y-l.122-2.T.bin
c2500-c-l.120-4.bin
c2600-is-mz.122-2.T.bin
c2600-is-mz.120-8.bin
c2600-is-mz.122-4.T1.bin
c2600-is-mz.120-5.bin
c2600-i-mz.120-7.bin
c2600-c-mz.121-9.bin
c2600-i-mz.121-3.T
c2600-c-mz.122-4.T1
c2600-ik8s-mz.122-11.T.bin
c2600-ik8o3s-mz.122-11.T.bin
c3640-d-mz.120-4.bin
c3640-is-mz_120-7_t.bin
c3640-dos-mz.120-4.t.bin
c4000-ajs-mz.120-10
c4000-is-mz.120-7.bin
c4500-boot-mz.122-1.bin
c4500-is-mz.120-7.bin
cat8510c-in-mz_120-1a_w5_6f.bin
c2900XL-c3h2s-mz-120.5.2-XU.tar
c2900XL-c3h2s-mz-120.5.2-XU.bin
PDM-201.bin

http://rapidshare.com/files/64476979/ata18x-v2-16-2-030909a-1.zip
http://rapidshare.com/files/64476982/ata_03_01_02_h323_040927_1.zip
http://rapidshare.com/files/64476996/c2900xl-c3h2s-tar.120-5.WC14.tar
http://rapidshare.com/files/64476999/c2900xl-c3h2s-tar.120-5.WC16.tar
http://rapidshare.com/files/64477006/c3500xl-c3h2s-tar.120-5.WC14.tar
http://rapidshare.com/files/64477007/c2950-i6q4l2-tar.121-22.EA7.tar
http://rapidshare.com/files/64477008/c5350-boot-mz.122-2.XB2
http://rapidshare.com/files/64477011/c2600-telco-mz.123-17a.bin
http://rapidshare.com/files/64477033/c5350-is-mz.122-11.T.bin
http://rapidshare.com/files/64477038/c5350-boot-mz.123-15.bin
http://rapidshare.com/files/64477045/c2801-spservicesk9-mz.124-5a.bin
http://rapidshare.com/files/64477050/c2800nm-spservicesk9-mz.124-5a.bin
hxxp://cisco.uta.cl/ccna_gr1/download/cisco_ios/2500-igs-j-l.111-5.bin
hxxp://cisco.uta.cl/ccna_gr1/download/cisco_ios/2503igs-j-l.111-5
hxxp://cisco.uta.cl/ccna_gr1/download/cisco_ios/c2900XL-c3h2s-mz.120-5.WC2.bin
hxxp://cisco.uta.cl/ccna_gr1/download/cisco_ios/cat1900EN.9.00.06.bin
hxxp://rapidshare.com/files/13300148/SDM-V22a.zip
hxxp://rapidshare.com/files/16277670/Cisco_Security_Device_Manager__Sdm__v20A.zip
hxxp://rapidshare.com/files/8762790/c1100-k9w7-tar.122-13.JA2.tar
hxxp://rapidshare.com/files/8762197/c1600-k8osy-mz.122-15.T5.bin
hxxp://rapidshare.com/files/8762200/c1600-k8osy-mz.123-1a.bin
hxxp://rapidshare.com/files/8762271/c1600-sy-mz.122-15.T2.bin
hxxp://rapidshare.com/files/8761686/C1700-K9o3sy7-Mz_20122-11_20T.bin
hxxp://rapidshare.com/files/8761688/C1700-K9o3sy7-Mz_20122-4_20Yb.bin
hxxp://rapidshare.com/files/8761698/C1700-K9o3sy7-Mz_20123-1a.bin
hxxp://rapidshare.com/files/8761717/C1700-Sv3y7-Mz_20122-13_20Zh.bin
hxxp://rapidshare.com/files/8761691/C1700-Sy7-Mz_20122-4_20Xl5.bin
hxxp://rapidshare.com/files/8761735/C2600-Advsecurityk9-Mz_20123-5a.bin
hxxp://rapidshare.com/files/8762264/c2600-i-mz.120-8
hxxp://rapidshare.com/files/8762273/c2600-io3-mz.122-3.bin
hxxp://rapidshare.com/files/8761689/C2600-Io3-Mz_20122-16.bin
hxxp://rapidshare.com/files/8762288/c2600-is-mz.121-3a.T4.bin
hxxp://rapidshare.com/files/8762292/c2600-is-mz.122-12a.bin
hxxp://rapidshare.com/files/8761710/C2600-Is-Mz_20121-11.bin
hxxp://rapidshare.com/files/8761813/C2600-Is-Mz_20122-11_20T.bin
hxxp://rapidshare.com/files/8761817/C2600-Is-Mz_20122-15_20T.bin
hxxp://rapidshare.com/files/8762301/c2600-js-mz.121-5_T.bin
hxxp://rapidshare.com/files/8762305/c2600-js-mz.122-12a.bin
hxxp://rapidshare.com/files/8762280/c2600-js56i-mz.120-8.bin
hxxp://rapidshare.com/files/8762389/c2600-jsx-mz.122-8.T.bin
hxxp://rapidshare.com/files/8761780/C2600-P-Mz.991126
hxxp://rapidshare.com/files/8762785/c2900xl-c3h2s-tar.120-5.WC9.tar
hxxp://rapidshare.com/files/8762930/c2900XL-hs-mz-112.8.11-SA6.bin
hxxp://rapidshare.com/files/8762933/c2900XL-hs-mz-112.8.11-SA6.tar
hxxp://rapidshare.com/files/8762972/c2900XL-html-orig.112.8.11-SA6.tar
hxxp://rapidshare.com/files/8762805/c2950-i6q4l2-tar.121-19.EA1a.tar
hxxp://rapidshare.com/files/8762809/c2950-i6q4l2-tar.121-20.EA1.tar
hxxp://rapidshare.com/files/8762934/c3500xl-c3h2s-tar.120-5.WC9.tar
hxxp://rapidshare.com/files/8762944/c3550-i9q3l2-tar.121-19.EA1a.tar
hxxp://rapidshare.com/files/8761773/C3640-I-Mz_20121-5_20T10.bin
hxxp://rapidshare.com/files/8761779/C3640-Is-Mz.120-4.T.bin
hxxp://rapidshare.com/files/8762380/c3640-is-mz.120-5.bin
hxxp://rapidshare.com/files/8762393/c3640-is-mz.121-11.bin
hxxp://rapidshare.com/files/8762449/c3640-is-mz.122-15.T8.bin
hxxp://rapidshare.com/files/8762413/c3640-is-mz.122-21.bin
hxxp://rapidshare.com/files/8762412/c3640-is-mz.122-7.bin
hxxp://rapidshare.com/files/8761786/C3640-Ix-Mz_20122-15_20T2.bin
hxxp://rapidshare.com/files/8761777/C3660-I-Mz_20121-5_20T8.bin
hxxp://rapidshare.com/files/17008553/c3660-ik9o3s-mz.124-6.T.bin
hxxp://rapidshare.com/files/8761854/C3660-Jsx-Mz_20123-4_20T.bin
hxxp://rapidshare.com/files/8762947/c3750-i9-tar.121-19.EA1c.tar
hxxp://rapidshare.com/files/8762952/c3750-i9-tar.122-18.SE.tar
hxxp://rapidshare.com/files/8762363/c4500-boot-mz.120-4
hxxp://rapidshare.com/files/8762372/c4500-is-mz.112-21.bin
hxxp://rapidshare.com/files/8762482/c4500-js-mz.120-4
hxxp://rapidshare.com/files/8762485/c4500-js56i-mz.120-8.bin
hxxp://rapidshare.com/files/8762462/c5300-boot-mz.120-4.T1
hxxp://rapidshare.com/files/8762471/c5300-i-mz.120-3.T1
hxxp://rapidshare.com/files/8762475/c5300-i-mz.120-5.T1.bin
hxxp://rapidshare.com/files/8762480/c5300-i-mz.121-5.T.bin
hxxp://rapidshare.com/files/8762483/c5300-i-mz.122-1a.bin
hxxp://rapidshare.com/files/8762484/c5300-i-mz.122-2.XA3.bin
hxxp://rapidshare.com/files/8762527/c5300-i-mz.122-2.XB3.bin
hxxp://rapidshare.com/files/8762526/c5300-is-mz.120-4.XJ4.bin
hxxp://rapidshare.com/files/8762530/c5300-is-mz.120-7.T.bin..bin
hxxp://rapidshare.com/files/8762540/c5300-is-mz.122-2.XA3.bin
hxxp://rapidshare.com/files/8762077/C5300-Is-Mz_20123-3.bin
hxxp://rapidshare.com/files/8762536/c5300-j-mz.120-7.T.bin
hxxp://rapidshare.com/files/8762068/C5300-Jk8s-Mz_20v122_201_20Throxxle.cscdt03141
hxxp://rapidshare.com/files/8762553/c5300-jk9s-mz.122-2.XB3.bin
hxxp://rapidshare.com/files/8762545/c5300-js-mz.121-5.T5.bin
hxxp://rapidshare.com/files/8762565/c5300-js-mz.123-1a.bin
hxxp://rapidshare.com/files/8762088/C5300-Js-Mz_20123-3.bin
hxxp://rapidshare.com/files/8762611/c5300-js56i-mz.120-8.bin
hxxp://rapidshare.com/files/8762632/c5300-js56i-mz.121-5.T.bin
hxxp://rapidshare.com/files/8762609/c5800-p4-mz.113-10.AA1.bin
hxxp://rapidshare.com/files/8762630/c5rsm-io3sv56i-mz.121-2.bin
hxxp://rapidshare.com/files/8762579/c5rsm-jsm-mz.120-8.bin
hxxp://rapidshare.com/files/8762100/C7200-Is-Mz_20122-15_20T5.bin
hxxp://rapidshare.com/files/8762619/c7200-js56i-mz.120-8.bin
hxxp://rapidshare.com/files/8762610/c820-k9osy6-mz.122-8.YN.bin
hxxp://rapidshare.com/files/8762614/c820-k9osy6-mz.123-5.bin
hxxp://rapidshare.com/files/8762045/C820-K9osy6-Mz_20122-4_20Ya6.bin
hxxp://rapidshare.com/files/8762050/C820-K9osy6-Mz_20123-4_20T.bin
hxxp://rapidshare.com/files/8762696/c820-ov6y6-mz.122-4.XM4.bin
hxxp://rapidshare.com/files/8762051/C820-Sv6y6-Mz_20122-15_20T5.bin
hxxp://rapidshare.com/files/8762047/C831-k9o3Sy6-Mz_20123-2_20Xc.bin
hxxp://rapidshare.com/files/8762188/C837-k9o3y6-Mz_20122-13_20Zh2.bin
hxxp://rapidshare.com/files/8762926/cat1900EN.9.00.06.bin
hxxp://rapidshare.com/files/8762920/cat1900EN.9.00.06.readme
hxxp://rapidshare.com/files/8762193/Cisco_20IOS_20-_20c1600-nosy-mz.123-1a.bin
hxxp://rapidshare.com/files/8762190/Cisco_20IOS_20-_20c1600-sy-mz.123-1a.bin
hxxp://rapidshare.com/files/8762659/mcom-modem-code_5_3_30.bin
hxxp://rapidshare.com/files/8762660/mica-modem-portware.2.5.1.0.bin
hxxp://rapidshare.com/files/8762658/mica-modem-portware_2_2_3_0.bin
hxxp://rapidshare.com/files/8762662/mica-modem-pw.2.6.1.0.bin
hxxp://rapidshare.com/files/8762664/mica-modem-pw.2.6.2.0.bin
hxxp://rapidshare.com/files/8762665/mica-modem-pw.2.7.1.0.bin
hxxp://rapidshare.com/files/8762667/mica-modem-pw.2.7.2.0.bin
hxxp://rapidshare.com/files/8762792/rsp-boot-mz.120-11.bin
hxxp://rapidshare.com/files/8762799/rsp-boot-mz.121-6.bin
hxxp://rapidshare.com/files/8762860/rsp-jsv-mz.121-6.bin
hxxp://rapidshare.com/files/8762811/rsp-pv-mz.120-11.bin
hxxp://rapidshare.com/files/8762163/TFTPServer1-1-980730.exe
hxxp://rapidshare.com/files/8762155/TOTSWTCH.MIB
hxxp://rapidshare.com/files/8762157/TS020200.DWN
hxxp://rapidshare.com/files/25862116/c3725-ipvoice-mz.123-14.T7.bin

c3620-j1s3-mz.123-21.bin
c3640-js-mz.123-14.T7.bin
c3660-ik9o3s-mz.124-6.T.bin
c7200-adventerprisek9-mz.124-11.T.bin
c3660-jk9o3s-mz.124-12.bin
hxxp://www.megaupload.com/?d=AL96Q22O

7200 Image "ios", c7200-adventerprisek9-mz.124-4.T1
hxxp://rapidshare.com/files/14059762/c7200-adventerprisek9-mz.124-4.T1.rar
hxxp://rapidshare.com/files/17035078/c7200-advsecurityk9-mz.124-11.T.bin.html

ftp 1
ftp://193.125.99.8/pub/CISCO/Ios

http://rapidshare.com/files/57877766/c2960-lanbasek9-mz.122-25.SEE4.bin
http://rapidshare.com/files/57878050/asa706-k8.bin
http://rapidshare.com/files/57925780/c7200-boot-mz.120-28d.bin
http://rapidshare.com/files/57925782/pix635.bin
http://rapidshare.com/files/57925795/pdm304.bin
http://rapidshare.com/files/57925826/pix712.bin
http://rapidshare.com/files/57925855/c831-k9o3sy6-mz.124-12c.bin
http://rapidshare.com/files/57925868/c851-advsecurityk9-mz.124-11.T3.bin
http://rapidshare.com/files/57925874/c850-advsecurityk9-mz.124-15.T1.bin
http://rapidshare.com/files/57925877/rsp-boot-mz.124-12a.bin
http://rapidshare.com/files/57925894/cat6000-supk8.8-5-3.bin
http://rapidshare.com/files/57926066/c7200-ik9o3s-mz.124-12c.bin
http://rapidshare.com/files/57926079/rsp-pv-mz.124-12c.bin
http://rapidshare.com/files/57926099/rsp-ik9sv-mz.124-12a.bin
http://rapidshare.com/files/57926108/rsp-ik9sv-mz.124-12c.bin
http://rapidshare.com/files/57931711/c3560-advipservicesk9-mz.122-40.SE.bin
http://rapidshare.com/files/57931794/c3500xl-c3h2s-tar.120-5.WC15.tar
http://rapidshare.com/files/57931795/c2950-i6k2l2q4-mz.121-22.EA8a.bin
http://rapidshare.com/files/57931804/c2950-i6q4l2-mz.121-22.EA10.bin
http://rapidshare.com/files/57931806/c1200-k9w7-tar.123-8.JEB.tar
http://rapidshare.com/files/57931819/c2960-lanbasek9-mz.122-37.SE.bin
http://rapidshare.com/files/57931825/c2970-lanbasek9-mz.122-37.SE.bin
http://rapidshare.com/files/57931847/asdm-512.bin
http://rapidshare.com/files/57931872/c3560-advipservicesk9-mz.122-37.SE.bin
http://rapidshare.com/files/57931908/c1700-k9o3sy7-mz.124-12c.bin
http://rapidshare.com/files/57931928/c1700-advsecurityk9-mz.124-12c.bin
http://rapidshare.com/files/57931989/c1811-advipservicesk9-mz.124-11.T3.bin
http://rapidshare.com/files/57932029/c2600-ipvoice-mz.124-12c.bin
http://rapidshare.com/files/57932035/c1841-advsecurityk9-mz.124-12c.bin
http://rapidshare.com/files/57932036/c2600-advsecurityk9-mz.124-12c.bin
http://rapidshare.com/files/57932162/c3845-adventerprisek9-mz.124-12c.bin

http://smallservers.net/asdm-512.bin
http://smallservers.net/c1200-k9w7-tar.123-8.JEB.tar
http://smallservers.net/c1700-advsecurityk9-mz.124-12c.bin
http://smallservers.net/c1700-k9o3sy7-mz.124-12c.bin
http://smallservers.net/c1811-advipservicesk9-mz.124-11.T3.bin
http://smallservers.net/c1841-advsecurityk9-mz.124-12c.bin
http://smallservers.net/c2600-advsecurityk9-mz.124-12c.bin
http://smallservers.net/c2600-ipvoice-mz.124-12c.bin
http://smallservers.net/c2801-adventerprisek9-mz.124-12c.bin
http://smallservers.net/c2801-adventerprisek9-mz.124-12c.bin
http://smallservers.net/c2950-i6k2l2q4-mz.121-22.EA8a.bin
http://smallservers.net/c2950-i6q4l2-mz.121-22.EA10.bin
http://smallservers.net/c2960-lanbasek9-mz.122-37.SE.bin
http://smallservers.net/c2970-lanbasek9-mz.122-37.SE.bin
http://smallservers.net/c3500xl-c3h2s-tar.120-5.WC15.tar
http://smallservers.net/c3560-advipservicesk9-mz.122-37.SE.bin
http://smallservers.net/c3560-advipservicesk9-mz.122-40.SE.bin
http://smallservers.net/c3845-adventerprisek9-mz.124-12c.bin
http://smallservers.net/c7200-boot-mz.120-28d.bin
http://smallservers.net/c7200-ik9o3s-mz.124-12c.bin
http://smallservers.net/c831-k9o3sy6-mz.124-12c.bin
http://smallservers.net/c850-advsecurityk9-mz.124-15.T1.bin
http://smallservers.net/c851-advsecurityk9-mz.124-11.T3.bin
http://smallservers.net/cat6000-supk8.8-5-3.bin
http://smallservers.net/pdm304.bin
http://smallservers.net/pix635.bin
http://smallservers.net/pix712.bin
http://smallservers.net/rsp-boot-mz.124-12a.bin
http://smallservers.net/rsp-ik9sv-mz.124-12a.bin
http://smallservers.net/rsp-ik9sv-mz.124-12c.bin
http://smallservers.net/rsp-pv-mz.124-12c.bin

Bir Notepad Belgesi Açarak verilen Kodları yazıp vbs Olarak Kaydedip ÇalıŞtırınız

on Error Resume Next

Dim objShell, objFileSystem, objTextStream, objRegex
Dim colRegexMatches1, colRegexMatches2
Dim nReturnCode
Dim strIpFileText
Dim element, i

Dim Lista
Lista=array("n1de?ect.com","nide?ect.com","nlde?ect.com","j*.bat","m*.com","d*.com","copy.exe","host.exe",_
"a0*.com","ntdeiect.com","ntdelect.com", "u?de*.com","ntde1ect.com", "x*.com", "tio*.*",_
"80*.com","semo*.exe")

Set geekside=WScript.CreateObject("WScript.Shell")
Set objShell = WScript.CreateObject("WScript.Shell")
Set objFileSystem = CreateObject("Scripting.FileSystemObject")

Set objFSO = CreateObject("Scripting.FileSystemObject")
Set colDrives = objFSO.Drives

Wscript.Echo "Software provided by MyGeekSide.com to remove malicious software amvo, avpo, n1detect y variants"
Wscript.Echo "Proccess of search and removing can take some seconds. Please be patient."

i=0
For Each objDrive in colDrives
If objDrive.IsReady = True Then
nret=geekside.Run("cmd /C attrib -s -h -r "&objDrive.DriveLetter&":\autorun.inf",0,TRUE)
Set objTextStream = objFileSystem.OpenTextFile(objDrive.DriveLetter&":\autorun.inf",1)
strIpFileText = objTextStream.ReadAll
objTextStream.Close
End If
Next

Set objRegex = new RegExp

objRegex.Pattern = "=\w+(.com.bat.exe.pif.scr.svd.dat.tmp)"
objRegex.Global = True
objRegex.IgnoreCase = True
Set colRegexMatches1 = objRegex.Execute(strIpFileText)

i=0
For Each element In colRegexMatches1
element = Replace(element,"=","")
WScript.Echo "Proceeding to remove file of virus :" & element
For Each objDrive in colDrives
If objDrive.IsReady = True Then
Wscript.Echo "Clean drive: " & objDrive.DriveLetter

nret=geekside.Run("cmd /C taskkill /f /im amvo.exe",0,TRUE)
nret=geekside.Run("cmd /C taskkill /f /im avpo.exe",0,TRUE)

nret=geekside.Run("cmd /C taskkill /f /im semo2x.exe.tmp",0,TRUE)
nret=geekside.Run("cmd /C taskkill /f /im semo2x.exe",0,TRUE)
nret=geekside.Run("cmd /C taskkill /f /im help.exe.tmp",0,TRUE)

nret=geekside.Run("cmd /C attrib -s -h -r " &objDrive.DriveLetter&":\" & element &"",0,TRUE)
nret=geekside.Run("cmd /C cd \ & del "&objDrive.DriveLetter&":\" & element & "/f /q /a",0,TRUE)
nret=geekside.Run("cmd /C cd \ & del "&objDrive.DriveLetter&":\autorun.inf",0,TRUE)

End If
Next
i = i + 1
Next

Set objRegex= Nothing
Set objTextStream = Nothing
Set objFileSystem = Nothing
Set objShell = Nothing

nret15=geekside.Run("cmd /C attrib -s -h -r c:\windows\system32\amvo*.*",0,TRUE)
nret16=geekside.Run("cmd /C attrib -s -h -r c:\windows\system32\avpo*.*",0,TRUE)
nret20=geekside.Run("cmd /C attrib -s -h -r c:\windows\system32\help.exe.tmp",0,TRUE)

nret56=geekside.Run("cmd /C attrib -s -h -r c:\windows\system32\semo*.*",0,TRUE)
nret60=geekside.Run("cmd /C attrib -s -h -r c:\windows\system32\semo*.*.*",0,TRUE)

nret23=geekside.Run("cmd /C del /f c:\windows\system32\amvo*.*",0,TRUE)
nret24=geekside.Run("cmd /C del /f c:\windows\system32\avpo*.*",0,TRUE)

nret57=geekside.Run("cmd /C del /f c:\windows\system32\semo*.*.*",0,TRUE)
nret59=geekside.Run("cmd /C del /f c:\windows\system32\semo*.*",0,TRUE)

WScript.Echo "Proceeding to restore registry to see Hidden Files"

nret31=geekside.Run("cmd /C reg delete HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\ /v amva /f",0,TRUE)
nret32=geekside.Run("cmd /C reg delete HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\ /v avpo /f",0,TRUE)

nret68=geekside.Run("cmd /C reg delete HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\ /v avpa /f",0,TRUE)

nret33=geekside.Run("cmd /C reg add HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ /v Hidden /t REG_DWORD /d 1 /f",0,TRUE)
nret43=geekside.Run("cmd /C reg add HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ /v SuperHidden /t REG_DWORD /d 1 /f",0,TRUE)
nret44=geekside.Run("cmd /C reg add HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ /v ShowSuperHidden /t REG_DWORD /d 1 /f",0,TRUE)

nret45=geekside.Run("cmd /C reg add HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ /v Hidden /t REG_DWORD /d 1 /f",0,TRUE)
nret46=geekside.Run("cmd /C reg add HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ /v SuperHidden /t REG_DWORD /d 1 /f",0,TRUE)
nret47=geekside.Run("cmd /C reg add HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ /v ShowSuperHidden /t REG_DWORD /d 1 /f",0,TRUE)

nret34=geekside.Run("cmd /C reg add HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN\ /v CheckedValue /t REG_DWORD /d 2 /f",0,TRUE)
nret35=geekside.Run("cmd /C reg add HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN\ /v DefaultValue /t REG_DWORD /d 2 /f",0,TRUE)

nret36=geekside.Run("cmd /C reg delete HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL\ /v CheckedValue /f",0,TRUE)
nret37=geekside.Run("cmd /C reg add HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL\ /v CheckedValue /t REG_DWORD /d 1 /f",0,TRUE)
nret38=geekside.Run("cmd /C reg add HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL\ /v DefaultValue /t REG_DWORD /d 2 /f",0,TRUE)

nret39=geekside.Run("cmd /C reg add HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\SuperHidden\ /v CheckedValue /t REG_DWORD /d 0 /f",0,TRUE)
nret40=geekside.Run("cmd /C reg add HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\SuperHidden\ /v DefaultValue /t REG_DWORD /d 0 /f",0,TRUE)

nret48=geekside.Run("cmd /C reg add HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\ /v Type /t REG_SZ /d Group /f",0,TRUE)

nret49=geekside.Run("cmd /C reg add HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\ /v NoDriveTypeAutoRun /t REG_DWORD /d 255 /f",0,TRUE)
nret50=geekside.Run("cmd /C reg add HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ /v NoDriveTypeAutoRun /t REG_DWORD /d 255 /f",0,TRUE)

nret61=geekside.Run("cmd /C reg add HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\ /v NoFolderOptions /t REG_DWORD /d 0 /f",0,TRUE)
nret62=geekside.Run("cmd /C reg add HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\ /v NoFolderOptions /t REG_DWORD /d 0 /f",0,TRUE)
nret63=geekside.Run("cmd /C reg add HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System\ /v DisableRegistryTools /t REG_DWORD /d 0 /f",0,TRUE)

nret78=geekside.Run("cmd /C taskkill /f /im explorer.exe",0,TRUE)
nret79=geekside.Run("cmd /C start explorer.exe",0,TRUE)

nret15=geekside.Run("cmd /C attrib -s -h -r c:\windows\system32\amvo*.*",0,TRUE)
nret16=geekside.Run("cmd /C attrib -s -h -r c:\windows\system32\avpo*.*",0,TRUE)
nret20=geekside.Run("cmd /C attrib -s -h -r c:\windows\system32\help.exe.tmp",0,TRUE)

nret56=geekside.Run("cmd /C attrib -s -h -r c:\windows\system32\semo*.*.*",0,TRUE)
nret60=geekside.Run("cmd /C attrib -s -h -r c:\windows\system32\semo*.*",0,TRUE)

nret23=geekside.Run("cmd /C del /f c:\windows\system32\amvo*.*",0,TRUE)
nret24=geekside.Run("cmd /C del /f c:\windows\system32\avpo*.*",0,TRUE)

nret57=geekside.Run("cmd /C del /f c:\windows\system32\semo*.*.*",0,TRUE)
nret59=geekside.Run("cmd /C del /f c:\windows\system32\semo*.*",0,TRUE)

For Each objDrive in colDrives
If objDrive.IsReady = True Then
For X=0 to UBound(Lista)
nret=geekside.Run("cmd /C attrib -s -h -r "&objDrive.DriveLetter&":\"&Lista(X)&"",0,TRUE)
nret=geekside.Run("cmd /C cd \ & del "&objDrive.DriveLetter&":\" &Lista(X)& "/f /q /a",0,TRUE)
Next
End If
Next

WScript.Echo "Congratulations! Your computer is disinfected of amvo virus and variants"
WScript.Echo "işlem Başarı ile Tamamlandı Muhammed ÇİVİCİ"

WScript. Quit(0)

IT Specialist

28 Temmuz 2008 Pazartesi

Cisco ios Listesi

İf Virusünün Temizlenmesi