bartsen Skrevet 3. oktober 2008 Rapporter Del Skrevet 3. oktober 2008 en grønnskolling som trenger datahjelp her... NOEN hadde lest spammailen sin på min maskin og fått problemer. De skulle da være grei og innstallerte et virusprogram som da var selvfølgelig MS AV... hadde F-Secure fra før.. Nå har jeg først kjørt SAS, så fulgt resten av veiledningen som er lagt ut her. Datamaskinen virker helt fint nå, men hvis noen gidder kan de jo ta en titt. Er absolutt ikke bereist i dataverden så må i tilfelle ha grundig forklaring. Her er loggene: MBAM: Klikk for å se/fjerne innholdet nedenfor Malwarebytes' Anti-Malware 1.28Database versjon: 1226 Windows 5.1.2600 Service Pack 1 02.10.2008 23:58:44 mbam-log-2008-10-02 (23-58-40).txt Skanntype: Rask Skann Objekter skannet: 42286 Tid tilbakelagt: 12 minute(s), 42 second(s) Minneprosesser infisert: 0 Minnemoduler infisert: 1 Registernøkler infisert: 2 Registerverdier infisert: 1 Registerfiler infisert: 8 Mapper infisert: 1 Filer infisert: 9 Minneprosesser infisert: (Ingen mistenkelige filer funnet) Minnemoduler infisert: C:\WINDOWS\SYSTEM32\__c0061E1F.dat (Trojan.Agent) -> No action taken. Registernøkler infisert: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\583b685c382 (Trojan.Agent) -> No action taken. HKEY_CURRENT_USER\SOFTWARE\MicroAV (Rogue.MicroAntivirus) -> No action taken. Registerverdier infisert: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\antivirus (Trojan.FakeAlert) -> No action taken. Registerfiler infisert: HKEY_CLASSES_ROOT\scrfile\shell\open\command\ (Broken.OpenCommand) -> Bad: (NOTEPAD.EXE %1) Good: ("%1" /S) -> No action taken. HKEY_CLASSES_ROOT\regfile\shell\open\command\ (Broken.OpenCommand) -> Bad: (NOTEPAD.EXE %1) Good: (regedit.exe "%1") -> No action taken. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\NameServer (Trojan.DNSChanger) -> Data: 85.255.113.138 85.255.112.115 -> No action taken. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{59ef9772-4dd4-4cc9-a01d-2372ace8fdfd}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.113.138,85.255.112.115 -> No action taken. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\NameServer (Trojan.DNSChanger) -> Data: 85.255.113.138 85.255.112.115 -> No action taken. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{59ef9772-4dd4-4cc9-a01d-2372ace8fdfd}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.113.138,85.255.112.115 -> No action taken. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\NameServer (Trojan.DNSChanger) -> Data: 85.255.113.138 85.255.112.115 -> No action taken. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\Interfaces\{59ef9772-4dd4-4cc9-a01d-2372ace8fdfd}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.113.138,85.255.112.115 -> No action taken. Mapper infisert: C:\Programfiler\MicroAntivirus (Rogue.MicroAntivirus) -> No action taken. Filer infisert: C:\Programfiler\MicroAntivirus\microAV.exe (Trojan.FakeAlert) -> No action taken. C:\WINDOWS\SYSTEM32\MicroAV.cpl (Trojan.FakeAlert) -> No action taken. C:\Programfiler\MicroAntivirus\microAV.cpl (Rogue.MicroAntivirus) -> No action taken. C:\Programfiler\MicroAntivirus\microAV.ooo (Rogue.MicroAntivirus) -> No action taken. C:\Programfiler\MicroAntivirus\microAV0.dat (Rogue.MicroAntivirus) -> No action taken. C:\Programfiler\MicroAntivirus\microAV1.dat (Rogue.MicroAntivirus) -> No action taken. C:\WINDOWS\SYSTEM32\__c0061E1F.dat (Trojan.Agent) -> No action taken. C:\WINDOWS\SYSTEM32\__c0084DE0.dat (Trojan.Agent) -> No action taken. C:\Documents and Settings\Sol\Skrivebord\MicroAntivirus.lnk (Rogue.XPertAntivirus) -> No action taken. Combofix: Klikk for å se/fjerne innholdet nedenfor ComboFix 08-10-02.04 - Sol 2008-10-03 8:59:46.1 - NTFSx86Microsoft Windows XP Home Edition 5.1.2600.1.1252.47.1044.18.294 [GMT 2:00] Running from: C:\Documents and Settings\Sol\Skrivebord\ComboFix.exe * Created a new restore point WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\WINDOWS\system32\components C:\WINDOWS\system32\components\flx0.dll C:\WINDOWS\system32\components\flx1.dll C:\WINDOWS\system32\components\flx10.dll C:\WINDOWS\system32\components\flx2.dll C:\WINDOWS\system32\components\flx3.dll C:\WINDOWS\system32\components\flx4.dll C:\WINDOWS\system32\components\flx5.dll C:\WINDOWS\system32\components\flx6.dll C:\WINDOWS\system32\components\flx7.dll C:\WINDOWS\system32\components\flx8.dll C:\WINDOWS\system32\components\flx9.dll C:\WINDOWS\system32\wins\svchost.exe C:\xcrashdump.dat . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_MCHINJDRV -------\Legacy_WINDRIVER -------\Service_WinDriver ((((((((((((((((((((((((( Files Created from 2008-09-03 to 2008-10-03 ))))))))))))))))))))))))))))))) . 2008-10-02 23:42 . 2008-10-02 23:42 <DIR> d-------- C:\Documents and Settings\Sol\Programdata\Malwarebytes 2008-10-02 23:42 . 2008-09-10 00:03 17,200 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\mbam.sys 2008-10-02 23:41 . 2008-10-02 23:58 <DIR> d-------- C:\Programfiler\Malwarebytes' Anti-Malware 2008-10-02 23:41 . 2008-10-02 23:41 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\Malwarebytes 2008-10-02 23:41 . 2008-09-10 00:04 38,528 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\mbamswissarmy.sys 2008-10-02 23:34 . 2008-10-02 23:58 <DIR> dr-h----- C:\Documents and Settings\Sol\Siste 2008-10-02 23:28 . 2008-10-02 23:28 <DIR> d-------- C:\Programfiler\CCleaner 2008-10-02 22:32 . 2008-10-02 22:32 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\SUPERAntiSpyware.com 2008-10-02 22:31 . 2008-10-02 22:32 <DIR> d-------- C:\Programfiler\SUPERAntiSpyware 2008-10-02 22:31 . 2008-10-02 22:31 <DIR> d-------- C:\Documents and Settings\Sol\Programdata\SUPERAntiSpyware.com 2008-09-04 21:23 . 2008-09-04 21:23 432 --a------ C:\WINDOWS\SYSTEM32\iolo.ini 2008-09-04 21:22 . 2008-09-04 21:22 406 --a------ C:\WINDOWS\SYSTEM32\ioloBootDefrag.cfg 2008-09-04 21:20 . 2008-09-10 18:21 <DIR> d-------- C:\Documents and Settings\LocalService\Programdata\iolo 2008-09-04 21:20 . 2008-08-26 15:23 118,784 --a------ C:\WINDOWS\SYSTEM32\iavlsp.dll 2008-09-04 21:19 . 2008-09-04 21:19 <DIR> d-------- C:\Programfiler\Fellesfiler\Authentium 2008-09-04 20:53 . 2008-09-04 20:53 74,703 --a------ C:\WINDOWS\SYSTEM32\mfc45.dll 2008-09-04 20:49 . 2008-09-04 20:49 491,120 --a------ C:\Programfiler\smpro_dm.exe 2008-09-04 14:38 . 2008-09-04 21:48 <DIR> d-------- C:\Documents and Settings\Sol\Programdata\iolo 2008-09-04 14:38 . 2008-10-02 11:38 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\iolo . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-10-02 20:30 --------- d-----w C:\Programfiler\Fellesfiler\Wise Installation Wizard 2008-09-04 19:21 --------- d-----w C:\Programfiler\F-Secure 2008-09-04 18:56 --------- d-----w C:\Documents and Settings\All Users\Programdata\F-Secure 2006-12-01 15:47 29,072 ----a-w C:\Documents and Settings\Sol\Programdata\GDIPFONTCACHEV1.DAT 2003-10-19 22:12 9,822,476 ----a-w C:\Programfiler\QuickTimeInstaller.zip . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\System32\ctfmon.exe" [2002-09-16 13312] "SUPERAntiSpyware"="C:\Programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2008-09-03 1576176] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SynTPLpr"="C:\Programfiler\Synaptics\SynTP\SynTPLpr.exe" [2002-10-11 126976] "SynTPEnh"="C:\Programfiler\Synaptics\SynTP\SynTPEnh.exe" [2002-10-11 561152] "ATIPTA"="C:\Programfiler\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2002-09-20 290816] "DadApp"="C:\Programfiler\Dell\AccessDirect\dadapp.exe" [2002-11-01 208560] "WG511WLU"="C:\Programfiler\NETGEAR\WG511\Utility\WG511WLU.exe" [2004-04-29 450560] "iTunesHelper"="C:\Programfiler\iTunes\iTunesHelper.exe" [2006-02-23 278528] "Adobe Photo Downloader"="C:\Programfiler\Adobe\Photoshop Elements 4.0\apdproxy.exe" [2005-09-09 57344] "REGSHAVE"="C:\Programfiler\REGSHAVE\REGSHAVE.EXE" [2002-02-04 53248] "ATIModeChange"="Ati2mdxx.exe" [2002-09-26 C:\WINDOWS\SYSTEM32\Ati2mdxx.exe] "CARPService"="carpserv.exe" [2002-10-17 C:\WINDOWS\SYSTEM32\carpserv.exe] "Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2005-03-10 C:\WINDOWS\KHALMNPR.Exe] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2002-09-16 13312] C:\Documents and Settings\All Users\Start-meny\Programmer\Oppstart\ Digital Line Detect.lnk - C:\Programfiler\Digital Line Detect\DLG.exe [2003-03-18 24576] Logitech SetPoint.lnk - C:\Programfiler\Logitech\SetPoint\SetPoint.exe [2006-08-12 438272] Microsoft Office.lnk - C:\Programfiler\Microsoft Office\Office10\OSA.EXE [2001-02-13 83360] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoBandCustomize"= 0 (0x0) [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "C:\Programfiler\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon] 2008-07-23 16:28 352256 C:\Programfiler\SUPERAntiSpyware\SASWINLO.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "msvideo9"= SDVC03.drv R3 AWINDIS5;AWINDIS5 Protocol Driver;C:\WINDOWS\System32\AWINDIS5.SYS [2002-04-11 16194] R3 PRISM_ICB;NETGEAR WG511 Wireless LAN Driver;C:\WINDOWS\System32\DRIVERS\WG511ICB.sys [2004-03-22 390016] S3 SDVC05;USB SDVC05;C:\WINDOWS\System32\Drivers\SDVC05.sys [2003-07-22 18088] S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM);C:\WINDOWS\System32\DRIVERS\ss_bus.sys [2005-08-30 58320] S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter;C:\WINDOWS\System32\DRIVERS\ss_mdfl.sys [2005-08-30 8304] S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers;C:\WINDOWS\System32\DRIVERS\ss_mdm.sys [2005-08-30 94000] *Newly Created Service* - ALG *Newly Created Service* - IPNAT . Contents of the 'Scheduled Tasks' folder . - - - - ORPHANS REMOVED - - - - HKCU-Run-scanSYS - WTFCTF.exe HKCU-Run-WTFCTF - 10010.exe HKCU-Run-ParisM - gabber.exe HKLM-Run-dmniy.exe - C:\WINDOWS\System32\dmniy.exe HKLM-Run-utsgmon - forces_elite.exe HKLM-Run-TForm1 - control64.exe . ------- Supplementary Scan ------- . FireFox -: Profile - C:\Documents and Settings\Sol\Programdata\Mozilla\Firefox\Profiles\ws2bv5qa.default\ FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://www.google.no . . ------- File Associations ------- . JSEFile=NOTEPAD.EXE %1 VBEFile=NOTEPAD.EXE %1 VBSFile=NOTEPAD.EXE %1 . ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-10-03 09:05:18 Windows 5.1.2600 Service Pack 1 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . ------------------------ Other Running Processes ------------------------ . C:\Programfiler\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe C:\WINDOWS\SYSTEM32\ati2evxx.exe C:\WINDOWS\SYSTEM32\bgsvcgen.exe C:\WINDOWS\SYSTEM32\wdfmgr.exe C:\Programfiler\Dell\AccessDirect\dadtray.exe C:\Programfiler\iPod\bin\iPodService.exe C:\Programfiler\Fellesfiler\Logitech\KHAL\KHALMNPR.EXE . ************************************************************************** . Completion time: 2008-10-03 9:10:39 - machine was rebooted ComboFix-quarantined-files.txt 2008-10-03 07:10:34 Pre-Run: 8ÿ041ÿ623ÿ552 byte ledig Post-Run: 7,994,040,320 byte ledig 150 --- E O F --- 2008-04-17 20:33:38 HJT Klikk for å se/fjerne innholdet nedenfor Logfile of Trend Micro HijackThis v2.0.2Scan saved at 09:45:41, on 03.10.2008 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Programfiler\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\SYSTEM32\bgsvcgen.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\carpserv.exe C:\Programfiler\Synaptics\SynTP\SynTPLpr.exe C:\Programfiler\Synaptics\SynTP\SynTPEnh.exe C:\Programfiler\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Programfiler\Dell\AccessDirect\dadapp.exe C:\Programfiler\NETGEAR\WG511\Utility\WG511WLU.exe C:\Programfiler\iTunes\iTunesHelper.exe C:\Programfiler\Dell\AccessDirect\DadTray.exe C:\Programfiler\iPod\bin\iPodService.exe C:\WINDOWS\System32\ctfmon.exe C:\Programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Programfiler\Digital Line Detect\DLG.exe C:\Programfiler\Logitech\SetPoint\SetPoint.exe C:\Programfiler\Fellesfiler\Logitech\KHAL\KHALMNPR.EXE C:\WINDOWS\System32\wuauclt.exe C:\WINDOWS\explorer.exe C:\Programfiler\internet explorer\iexplore.exe C:\Programfiler\Trend Micro\test\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startsiden.no/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.euro.dell.com/countries/no/nor/gen/default.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe O4 - HKLM\..\Run: [CARPService] carpserv.exe O4 - HKLM\..\Run: [synTPLpr] C:\Programfiler\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [synTPEnh] C:\Programfiler\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [ATIPTA] C:\Programfiler\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [DadApp] C:\Programfiler\Dell\AccessDirect\dadapp.exe O4 - HKLM\..\Run: [WG511WLU] C:\Programfiler\NETGEAR\WG511\Utility\WG511WLU.exe -hide O4 - HKLM\..\Run: [iTunesHelper] "C:\Programfiler\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Programfiler\Adobe\Photoshop Elements 4.0\apdproxy.exe" O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [REGSHAVE] C:\Programfiler\REGSHAVE\REGSHAVE.EXE /AUTORUN O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOKAL TJENESTE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETTVERKSTJENESTE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Digital Line Detect.lnk = ? O4 - Global Startup: Logitech SetPoint.lnk = C:\Programfiler\Logitech\SetPoint\SetPoint.exe O4 - Global Startup: Microsoft Office.lnk = C:\Programfiler\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000 O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\MSMSGS.EXE O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\MSMSGS.EXE O16 - DPF: {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} (DjVuCtl Class) - http://downloadcenter.samsung.com/content/...trolLite_EN.cab O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.postfoto.no/aurigma/ImageUploader4.cab O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secur...loadManager.ocx O16 - DPF: {DEB21AD3-FDA4-42F6-B57D-EE696A675EE8} (IP-Uploader Control) - http://asp03.photoprintit.de/microsite/502...geUploader3.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{CA7015BF-5AD2-4359-819D-CE550E338461}: Domain = loberg.privnett.uib.no O20 - Winlogon Notify: !SASWinLogon - C:\Programfiler\SUPERAntiSpyware\SASWINLO.dll O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Programfiler\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINDOWS\SYSTEM32\bgsvcgen.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programfiler\Fellesfiler\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Programfiler\iPod\bin\iPodService.exe -- End of file - 5546 bytes Hvilket antivirusprogram anbefales, er F-Secure OK? På forhånd takk Lenke til kommentar
norbat Skrevet 3. oktober 2008 Rapporter Del Skrevet 3. oktober 2008 (endret) Ser fint ut dette F-secure holder. Du bør imidlertid oppdatere Windows (gå til windows update: Start-Alle programmer->Windows update) Endret 3. oktober 2008 av norbat Lenke til kommentar
bartsen Skrevet 3. oktober 2008 Forfatter Rapporter Del Skrevet 3. oktober 2008 Takk for raskt svar! Ett annet spørsmål; søkte på oppdateringer for Windows slik som du anbefalte og fikk beskjed om blant annet Service pack 2. Da står det at jeg bør ta en sikkerhetskopi av systemet først. Menes det da hele harddisken og i tilfelle hvordan gjør jeg dette? Lenke til kommentar
InsertNumLock Skrevet 3. oktober 2008 Rapporter Del Skrevet 3. oktober 2008 Kan du velge ja/nei når den meldingen dukker opp? Mener updaten fikser backup automatisk. Lenke til kommentar
bartsen Skrevet 3. oktober 2008 Forfatter Rapporter Del Skrevet 3. oktober 2008 Installasjonsveiviseren sier velkommen og at før jeg installerer denne oppdateringen bør jeg gjøre følgende: Ta sikkerhetskopi av systemet og lukke alle åpne program. Og så klikk neste hvis du vil fortsette. Lenke til kommentar
norbat Skrevet 3. oktober 2008 Rapporter Del Skrevet 3. oktober 2008 (endret) I 99,9% av tilfellene så er det ikke behov for å ta backup ved installasjon av SP2. Jeg foreslår at du hopper over backup'n Det har også kommet en SP3, så når du har kjørt SP2-oppdateringen, så sjekker du etter flere oppdateringer. Endret 3. oktober 2008 av norbat Lenke til kommentar
Bruker-158599 Skrevet 3. oktober 2008 Rapporter Del Skrevet 3. oktober 2008 I 99,9% av tilfellene så er det ikke behov for å ta backup ved installasjon av SP2. Jeg foreslår at du hopper over backup'n Det har også kommet en SP3, så når du har kjørt SP2-oppdateringen, så sjekker du etter flere oppdateringer. du kan bare insalere sp3 etter det jeg har hørt, siden sp3 har alle oppdateringene som er sluppet ut for windows Lenke til kommentar
Anbefalte innlegg
Opprett en konto eller logg inn for å kommentere
Du må være et medlem for å kunne skrive en kommentar
Opprett konto
Det er enkelt å melde seg inn for å starte en ny konto!
Start en kontoLogg inn
Har du allerede en konto? Logg inn her.
Logg inn nå