z-demon molim pomoc
Prikazujem rezultate 1 do 11 od 11

Tema: z-demon molim pomoc

  1. #1
    Početnik
    Učlanjen
    04.01.2005.
    Lokacija
    beograd
    Poruke
    34
    Reputaciona moć
    0

    Podrazumevano z-demon molim pomoc

    imam spybot s&d kada ga pustim stane na pola citanja sa informacijom error during check z-demon i nesto u zagradi na nemackom.uz to desava mi se kada sam na netu da me pita da ponovo uspostavim online ili da nastavim offline i onda okrijem da mi je u files stiklirano work offline kada ga ponistim posle pregleda nekoliko sajtova to se vrati.imam i adawer i kasperski sve sam pustao nista ne pomaze.unapred hvala



  2. #2
    Iskusan codemaker (avatar)
    Učlanjen
    05.04.2004.
    Lokacija
    Beograd
    Poruke
    6.416
    Reputaciona moć
    0

    Podrazumevano

    Mislim da se kod tebe radi o ovome:

    Backdoor.Zdemon.126 gives its author remote access to your computer. Although the listening ports are configurable, by default, the Trojan listens on ports 10001 and 10002.

    o Deletes files: Allows the hacker to delete files
    o Modifies files: Allows the hacker to modify files
    o Causes system instability: Allows the hacker to disrupt normal system functions
    o Releases confidential info: Allows the hacker access to passwords and files
    o Compromises security settings: Allows the hacker to change security settings

    Distribution Ports: 10001, 10002



    When Backdoor.Zdemon.126 is executed, it does the following:

    1. Moves itself to the %System% folder as Z100.exe.
    NOTE: %System% is a variable. The Trojan locates the System folder and copies itself to that location. By default, this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).

    2. Appends Z100.exe to the shell= line of the System.ini file, so that the Trojan runs when you start Windows 95/98/Me computers.

    3. Adds the value:
    "Micro"="%system%\Z100.exe"

    to the registry key:
    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Run
    so that the Trojan runs when you start Windows.

    4. Opens a port, allowing the Trojan's creator to remotely control an infected computer and do any of the following:
    * Terminate processes with names that match certain antivirus and firewall products.
    * Send files, including itself, by email and by accessible network shares.
    * Use a built-in FTP server to gain file access to the infected computer.
    * Log keystrokes.
    * Take screenshots.
    * Execute arbitrary commands.
    * Perform various harassing actions.
    * Start the Web cam.
    * Send confidential information including:
    o ICQ information including your Unique Identification Number (UIN).
    o Computer system information.
    o Dial-up networking passwords



    Symantec Security Response encourages all users and administrators to adhere to the following basic security "best practices":

    * Turn off and remove unneeded services. By default, many operating systems install auxiliary services that are not critical, such as an FTP server, telnet, and a Web server. These services are avenues of attack. If they are removed, blended threats have less avenues of attack and you have fewer services to maintain through patch updates.
    * If a blended threat exploits one or more network services, disable, or block access to, those services until a patch is applied.
    * Always keep your patch levels up-to-date, especially on computers that host public services and are accessible through the firewall, such as HTTP, FTP, mail, and DNS services.
    * Enforce a password policy. Complex passwords make it difficult to crack password files on compromised computers. This helps to prevent or limit damage when a computer is compromised.
    * Configure your email server to block or remove email that contains file attachments that are commonly used to spread viruses, such as .vbs, .bat, .exe, .pif and .scr files.
    * Isolate infected computers quickly to prevent further compromising your organization. Perform a forensic analysis and restore the computers using trusted media.
    * Train employees not to open attachments unless they are expecting them. Also, do not execute software that is downloaded from the Internet unless it has been scanned for viruses. Simply visiting a compromised Web site can cause infection if certain browser vulnerabilities are not patched.


    Removal:
    1. Click Start, and then click Run. (The Run dialog box appears.)
    2. Type regedit
    Then click OK. (The Registry Editor opens.)
    3. Navigate to the key:
    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Run
    4. In the right pane, delete the value:
    "Micro"="%system%\Z100.exe"
    5. Exit the Registry Editor.


    MAlo je podugacko objasnjenje ali ako ce ti pomoci, izdrzace se.
    Javi da li ti je to bilo potrebno

  3. #3
    Početnik
    Učlanjen
    04.01.2005.
    Lokacija
    beograd
    Poruke
    34
    Reputaciona moć
    0

    Podrazumevano

    dosao sam do toga i kada otvorim run na kraju nema tog fajla ima jedno 6-5 stvari ali ni jedna nije ta sto si mi napisao ne znam mozda ima neka druga fora.pomazite

  4. #4
    Početnik
    Učlanjen
    04.01.2005.
    Lokacija
    beograd
    Poruke
    34
    Reputaciona moć
    0

    Podrazumevano

    nista nema toga kad otvorim run ima 5-6 stvari ali toga nema

  5. #5
    Iskusan codemaker (avatar)
    Učlanjen
    05.04.2004.
    Lokacija
    Beograd
    Poruke
    6.416
    Reputaciona moć
    0

    Podrazumevano

    Drugo stvarno nemam
    Kada na Google otkucas z-demon, izbacuje ovo..
    Mozda ce ti neko drugi moci da pomogne. Sorry

  6. #6
    Domaćin Nina2 (avatar)
    Učlanjen
    06.01.2004.
    Pol
    ženski
    Lokacija
    Ljubljana
    Poruke
    4.658
    Reputaciona moć
    97

    Podrazumevano

    Sta je to sto ti napise na nemackom, prilicno je bitno za resavanje problema.

  7. #7
    Početnik
    Učlanjen
    04.01.2005.
    Lokacija
    beograd
    Poruke
    34
    Reputaciona moć
    0

    Podrazumevano

    znaci u spybot s&d prekida skeniranje pojavljuje se trougao kao saobracajni znak error during check z-demon[ungultiger datentyp fur"]samo to

  8. #8
    Domaćin Nina2 (avatar)
    Učlanjen
    06.01.2004.
    Pol
    ženski
    Lokacija
    Ljubljana
    Poruke
    4.658
    Reputaciona moć
    97

    Podrazumevano

    Citat Original postavio ze
    znaci u spybot s&d prekida skeniranje pojavljuje se trougao kao saobracajni znak error during check z-demon[ungultiger datentyp fur"]samo to
    E ok, posto postoje dva errora na nemackom koje ume da prijavi. U ovom slucaju postoji fix Search and Destroy DSO Exploit Fix 1.3.1 TX koji skines na http://www.majorgeeks.com/download4392.html. Skini fajl (spybotsd131tx.exe ), ugasi Spybot jer ne sme da bude aktivan tokom instalacije, pokreni skinuti spybotsd131tx.exe i onda ponovo pokreni Spybot.
    Trebalo bi da pomogne.

  9. #9
    Početnik
    Učlanjen
    04.01.2005.
    Lokacija
    beograd
    Poruke
    34
    Reputaciona moć
    0

    Podrazumevano

    e hvala ti puno resio sam problem imas pice.pozdrav

  10. #10
    Domaćin Nina2 (avatar)
    Učlanjen
    06.01.2004.
    Pol
    ženski
    Lokacija
    Ljubljana
    Poruke
    4.658
    Reputaciona moć
    97

    Podrazumevano

    Citat Original postavio ze
    e hvala ti puno resio sam problem imas pice.pozdrav
    No problem. Samo nazdravi u moje ime, to ce biti dovoljno

  11. #11
    Zainteresovan član
    Učlanjen
    05.08.2004.
    Pol
    muški
    Lokacija
    NS
    Poruke
    450
    Reputaciona moć
    53

    Podrazumevano

    MmmmMmMmmm nina ti si rib

Slične teme

  1. Problem u Demon Tools-u
    Autor mihajlovic.uros u forumu Softver
    Odgovora: 4
    Poslednja poruka: 13.12.2008., 20:07
  2. Molim, ali molim Vas za pomoć!
    Autor Stars111 u forumu Web dizajn
    Odgovora: 0
    Poslednja poruka: 24.03.2008., 11:39
  3. Z-DEMON
    Autor cages u forumu Sigurnost i zaštita
    Odgovora: 11
    Poslednja poruka: 21.03.2005., 15:09
  4. Demon Stone
    Autor amidza u forumu Video igre
    Odgovora: 0
    Poslednja poruka: 13.02.2005., 22:22

Pravila za slanje poruka

  • Ne možete kreirati novu temu
  • Ne možete poslati odgovor
  • Ne možete dodati priloge
  • Ne možete prepraviti svoju poruku
  •