imam spybot s&d kada ga pustim stane na pola citanja sa informacijom error during check z-demon i nesto u zagradi na nemackom.uz to desava mi se kada sam na netu da me pita da ponovo uspostavim online ili da nastavim offline i onda okrijem da mi je u files stiklirano work offline kada ga ponistim posle pregleda nekoliko sajtova to se vrati.imam i adawer i kasperski sve sam pustao nista ne pomaze.unapred hvala
-
- Popularno:
- NOVI KOLAPS U SRCU EVROPE! Sve mobilne...
- Zasto rasizam nema nikakvog smisla sa...
- Ne radi monitor posle čišćenja
- Zasto Vucic nikada ne imenuje stranog...
- Život sa energetskim vampirom, pomozite
- Због чега имате телевизор?
- Profesorka blokaderka zakukala u Utisku...
- Izaberite ime maskote EXPO
- Vuciceva cerka studira na Americkom...
- Pronaci meru
z-demon molim pomoc
- Začetnik teme ze
- Datum pokretanja
- Poruka
- 6.510
Mislim da se kod tebe radi o ovome:
Backdoor.Zdemon.126 gives its author remote access to your computer. Although the listening ports are configurable, by default, the Trojan listens on ports 10001 and 10002.
o Deletes files: Allows the hacker to delete files
o Modifies files: Allows the hacker to modify files
o Causes system instability: Allows the hacker to disrupt normal system functions
o Releases confidential info: Allows the hacker access to passwords and files
o Compromises security settings: Allows the hacker to change security settings
Distribution Ports: 10001, 10002
When Backdoor.Zdemon.126 is executed, it does the following:
1. Moves itself to the %System% folder as Z100.exe.
NOTE: %System% is a variable. The Trojan locates the System folder and copies itself to that location. By default, this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).
2. Appends Z100.exe to the shell= line of the System.ini file, so that the Trojan runs when you start Windows 95/98/Me computers.
3. Adds the value:
"Micro"="%system%\Z100.exe"
to the registry key:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
so that the Trojan runs when you start Windows.
4. Opens a port, allowing the Trojan's creator to remotely control an infected computer and do any of the following:
* Terminate processes with names that match certain antivirus and firewall products.
* Send files, including itself, by email and by accessible network shares.
* Use a built-in FTP server to gain file access to the infected computer.
* Log keystrokes.
* Take screenshots.
* Execute arbitrary commands.
* Perform various harassing actions.
* Start the Web cam.
* Send confidential information including:
o ICQ information including your Unique Identification Number (UIN).
o Computer system information.
o Dial-up networking passwords
Symantec Security Response encourages all users and administrators to adhere to the following basic security "best practices":
* Turn off and remove unneeded services. By default, many operating systems install auxiliary services that are not critical, such as an FTP server, telnet, and a Web server. These services are avenues of attack. If they are removed, blended threats have less avenues of attack and you have fewer services to maintain through patch updates.
* If a blended threat exploits one or more network services, disable, or block access to, those services until a patch is applied.
* Always keep your patch levels up-to-date, especially on computers that host public services and are accessible through the firewall, such as HTTP, FTP, mail, and DNS services.
* Enforce a password policy. Complex passwords make it difficult to crack password files on compromised computers. This helps to prevent or limit damage when a computer is compromised.
* Configure your email server to block or remove email that contains file attachments that are commonly used to spread viruses, such as .vbs, .bat, .exe, .pif and .scr files.
* Isolate infected computers quickly to prevent further compromising your organization. Perform a forensic analysis and restore the computers using trusted media.
* Train employees not to open attachments unless they are expecting them. Also, do not execute software that is downloaded from the Internet unless it has been scanned for viruses. Simply visiting a compromised Web site can cause infection if certain browser vulnerabilities are not patched.
Removal:
1. Click Start, and then click Run. (The Run dialog box appears.)
2. Type regedit
Then click OK. (The Registry Editor opens.)
3. Navigate to the key:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
4. In the right pane, delete the value:
"Micro"="%system%\Z100.exe"
5. Exit the Registry Editor.
MAlo je podugacko objasnjenje ali ako ce ti pomoci, izdrzace se.
Javi da li ti je to bilo potrebno
Backdoor.Zdemon.126 gives its author remote access to your computer. Although the listening ports are configurable, by default, the Trojan listens on ports 10001 and 10002.
o Deletes files: Allows the hacker to delete files
o Modifies files: Allows the hacker to modify files
o Causes system instability: Allows the hacker to disrupt normal system functions
o Releases confidential info: Allows the hacker access to passwords and files
o Compromises security settings: Allows the hacker to change security settings
Distribution Ports: 10001, 10002
When Backdoor.Zdemon.126 is executed, it does the following:
1. Moves itself to the %System% folder as Z100.exe.
NOTE: %System% is a variable. The Trojan locates the System folder and copies itself to that location. By default, this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).
2. Appends Z100.exe to the shell= line of the System.ini file, so that the Trojan runs when you start Windows 95/98/Me computers.
3. Adds the value:
"Micro"="%system%\Z100.exe"
to the registry key:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
so that the Trojan runs when you start Windows.
4. Opens a port, allowing the Trojan's creator to remotely control an infected computer and do any of the following:
* Terminate processes with names that match certain antivirus and firewall products.
* Send files, including itself, by email and by accessible network shares.
* Use a built-in FTP server to gain file access to the infected computer.
* Log keystrokes.
* Take screenshots.
* Execute arbitrary commands.
* Perform various harassing actions.
* Start the Web cam.
* Send confidential information including:
o ICQ information including your Unique Identification Number (UIN).
o Computer system information.
o Dial-up networking passwords
Symantec Security Response encourages all users and administrators to adhere to the following basic security "best practices":
* Turn off and remove unneeded services. By default, many operating systems install auxiliary services that are not critical, such as an FTP server, telnet, and a Web server. These services are avenues of attack. If they are removed, blended threats have less avenues of attack and you have fewer services to maintain through patch updates.
* If a blended threat exploits one or more network services, disable, or block access to, those services until a patch is applied.
* Always keep your patch levels up-to-date, especially on computers that host public services and are accessible through the firewall, such as HTTP, FTP, mail, and DNS services.
* Enforce a password policy. Complex passwords make it difficult to crack password files on compromised computers. This helps to prevent or limit damage when a computer is compromised.
* Configure your email server to block or remove email that contains file attachments that are commonly used to spread viruses, such as .vbs, .bat, .exe, .pif and .scr files.
* Isolate infected computers quickly to prevent further compromising your organization. Perform a forensic analysis and restore the computers using trusted media.
* Train employees not to open attachments unless they are expecting them. Also, do not execute software that is downloaded from the Internet unless it has been scanned for viruses. Simply visiting a compromised Web site can cause infection if certain browser vulnerabilities are not patched.
Removal:
1. Click Start, and then click Run. (The Run dialog box appears.)
2. Type regedit
Then click OK. (The Registry Editor opens.)
3. Navigate to the key:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
4. In the right pane, delete the value:
"Micro"="%system%\Z100.exe"
5. Exit the Registry Editor.
MAlo je podugacko objasnjenje ali ako ce ti pomoci, izdrzace se.
Javi da li ti je to bilo potrebno
dosao sam do toga i kada otvorim run na kraju nema tog fajla ima jedno 6-5 stvari ali ni jedna nije ta sto si mi napisao ne znam mozda ima neka druga fora.pomazite
nista nema toga kad otvorim run ima 5-6 stvari ali toga nema
- Poruka
- 6.510
Drugo stvarno nemam 
Kada na Google otkucas z-demon, izbacuje ovo..
Mozda ce ti neko drugi moci da pomogne. Sorry
Kada na Google otkucas z-demon, izbacuje ovo..
Mozda ce ti neko drugi moci da pomogne. Sorry
Nina2
Domaćin
- Poruka
- 4.676
Sta je to sto ti napise na nemackom, prilicno je bitno za resavanje problema.
znaci u spybot s&d prekida skeniranje pojavljuje se trougao kao saobracajni znak error during check z-demon[ungultiger datentyp fur"]samo to
Nina2
Domaćin
- Poruka
- 4.676
ze:
E ok, posto postoje dva errora na nemackom koje ume da prijavi. U ovom slucaju postoji fix Search and Destroy DSO Exploit Fix 1.3.1 TX koji skines na http://www.majorgeeks.com/download4392.html. Skini fajl (spybotsd131tx.exe ), ugasi Spybot jer ne sme da bude aktivan tokom instalacije, pokreni skinuti spybotsd131tx.exe i onda ponovo pokreni Spybot.
Trebalo bi da pomogne.
e hvala ti puno resio sam problem imas pice.pozdrav
Nina2
Domaćin
- Poruka
- 4.676
ze:
No problem. Samo nazdravi u moje ime, to ce biti dovoljno
MmmmMmMmmm nina ti si rib
