pagefile.sys, hiberfil.sys, $NtUninstallKB839645$ [RESOLVED]
Started by
cait885
, Aug 19 2005 08:58 AM
#1
Posted 19 August 2005 - 08:58 AM
#2
Posted 31 August 2005 - 12:31 PM
hiberfil.sys and pagefile.sys <--- hiberfil is a file that is basically a snapshot of your machine right before it goes into hibernation (hibernation involves dumping ram and turning off the hd...this file needs to be accessed to come back out of hibernation) pagefile.sys is your page file...the file allocated to allow your computer to use the hd instead of ram when your ram is either full or too busy...the thumbs.db things are probably the files used to enable that snazy picture preview in windows explorer (when you open a folder with images...it shows a thumbnail image of the file)
$NtUninstallQ815021$<--- i'm not sure...but i think this is what is used to remove the set up files from windows update once it has been installed
$NtUninstallQ815021$<--- i'm not sure...but i think this is what is used to remove the set up files from windows update once it has been installed
#3
Posted 31 August 2005 - 02:06 PM
sorry it wasn't anything serious. thanks for your time!
#4
Posted 01 September 2005 - 04:16 PM
Hello!
I just want to make sure that your issue is fixed before I close the topic.
Let me know
I just want to make sure that your issue is fixed before I close the topic.
Let me know
#5
Posted 01 September 2005 - 07:41 PM
If you guys think all is well, then I'm sure it's fine... but that "thumbs.db" thing is bizarre- it's only in some groups of files in "my pictures"- some have it and some don't.
#6
Posted 01 September 2005 - 07:46 PM
Please Click here!, and follow the recommendations in the guide.
Then downloadHijack This. Follow the instructions in step five of this guide, and reply here with your log.
Then ill take a look at your log and see if anything is there, sicne there is no harm in checking.
Then downloadHijack This. Follow the instructions in step five of this guide, and reply here with your log.
Then ill take a look at your log and see if anything is there, sicne there is no harm in checking.
Edited by Jfcap, 01 September 2005 - 07:47 PM.
#7
Posted 01 September 2005 - 08:16 PM
thanks! ...here she is:
Logfile of HijackThis v1.99.1
Scan saved at 10:15:17 PM, on 9/1/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\cisvc.exe
C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe
C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Dell\QuickSet\QuickSet.exe
C:\WINDOWS\System32\DSentry.exe
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\Dell AIO Printer A940\dlbabmgr.exe
C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
C:\Program Files\Java\j2re1.4.2_01\bin\jusched.exe
C:\Program Files\PHILIPS\PSADMM\DMM\bin\AutoLaunch.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\Dell AIO Printer A940\dlbabmon.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\CA\eTrust PestPatrol\PPActiveDetection.exe
C:\WINDOWS\system32\lexpps.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\Program Files\Dell Support\DSAgnt.exe
C:\PROGRA~1\COMMON~1\PHILIP~1\USBCON~1.EXE
C:\Program Files\AIM\aim.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Documents and Settings\Caitlin Elizabeth\Desktop\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dellnet.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://webmail.bowd...escaped_unicode
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dellnet.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dellnet.com/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\QuickSet.exe
O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [Dell AIO Printer A940] "C:\Program Files\Dell AIO Printer A940\dlbabmgr.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_01\bin\jusched.exe
O4 - HKLM\..\Run: [/AutoLaunch] C:\Program Files\PHILIPS\PSADMM\DMM\bin\AutoLaunch.exe
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [eTrustPPAP] "C:\Program Files\CA\eTrust PestPatrol\PPActiveDetection.exe"
O4 - HKLM\..\Run: [THGuard] "C:\Program Files\TrojanHunter 4.2\THGuard.exe"
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai...all/xscan53.cab
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\System32\NavLogon.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: DefWatch - Symantec Corporation - C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Symantec AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe
Logfile of HijackThis v1.99.1
Scan saved at 10:15:17 PM, on 9/1/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\cisvc.exe
C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe
C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Dell\QuickSet\QuickSet.exe
C:\WINDOWS\System32\DSentry.exe
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\Dell AIO Printer A940\dlbabmgr.exe
C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
C:\Program Files\Java\j2re1.4.2_01\bin\jusched.exe
C:\Program Files\PHILIPS\PSADMM\DMM\bin\AutoLaunch.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\Dell AIO Printer A940\dlbabmon.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\CA\eTrust PestPatrol\PPActiveDetection.exe
C:\WINDOWS\system32\lexpps.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\Program Files\Dell Support\DSAgnt.exe
C:\PROGRA~1\COMMON~1\PHILIP~1\USBCON~1.EXE
C:\Program Files\AIM\aim.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Documents and Settings\Caitlin Elizabeth\Desktop\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dellnet.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://webmail.bowd...escaped_unicode
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dellnet.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dellnet.com/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\QuickSet.exe
O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [Dell AIO Printer A940] "C:\Program Files\Dell AIO Printer A940\dlbabmgr.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_01\bin\jusched.exe
O4 - HKLM\..\Run: [/AutoLaunch] C:\Program Files\PHILIPS\PSADMM\DMM\bin\AutoLaunch.exe
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [eTrustPPAP] "C:\Program Files\CA\eTrust PestPatrol\PPActiveDetection.exe"
O4 - HKLM\..\Run: [THGuard] "C:\Program Files\TrojanHunter 4.2\THGuard.exe"
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai...all/xscan53.cab
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\System32\NavLogon.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: DefWatch - Symantec Corporation - C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Symantec AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe
#8
Posted 01 September 2005 - 09:22 PM
Hello!
Your log is clean! But lets double check to see if something shows up.
Please download Panda ActiveScan
Make sure you run this scan in Internet Explorer.
Accept default settings, and scan your computer.
Then save the log and post it in your next reply.
Your log is clean! But lets double check to see if something shows up.
Please download Panda ActiveScan
Make sure you run this scan in Internet Explorer.
Accept default settings, and scan your computer.
Then save the log and post it in your next reply.
#9
Posted 02 September 2005 - 06:30 AM
thanks for picking this up justin
#10
Posted 02 September 2005 - 07:25 AM
No problem dsenette,
I can fix it from the malware side, as long as there is nothing wrong with those files that were mentioned above
I can fix it from the malware side, as long as there is nothing wrong with those files that were mentioned above
#11
Posted 02 September 2005 - 07:26 AM
i just kind of forgot to push it over there to you guys, since i recognized most of the files
#12
Posted 02 September 2005 - 05:13 PM
again, thank you....
Incident Status Location
Adware:adware/ipinsight No disinfected C:\WINDOWS\INF\alchem.inf
Adware:adware/gator No disinfected C:\WINDOWS\FT1_02_0_402_GEPFAH.EXE
Adware:adware/wupd No disinfected C:\PROGRAM FILES\Windows SyncroAd
Spyware:spyware/bargainbuddy No disinfected Windows Registry
Possible Virus. No disinfected C:\Program Files\TrojanHunter 4.2\Tools\Process Viewer\ProcessViewer.exe
Adware:Adware/Twain-Tech No disinfected C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP305\A0025141.inf
Spyware:Spyware/LocalNRD No disinfected C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP305\A0025143.inf
Adware:Adware/IPInsight No disinfected C:\WINDOWS\INF\alchem.inf
Adware:Adware/IPInsight No disinfected C:\WINDOWS\INF\conscorr.inf
Incident Status Location
Adware:adware/ipinsight No disinfected C:\WINDOWS\INF\alchem.inf
Adware:adware/gator No disinfected C:\WINDOWS\FT1_02_0_402_GEPFAH.EXE
Adware:adware/wupd No disinfected C:\PROGRAM FILES\Windows SyncroAd
Spyware:spyware/bargainbuddy No disinfected Windows Registry
Possible Virus. No disinfected C:\Program Files\TrojanHunter 4.2\Tools\Process Viewer\ProcessViewer.exe
Adware:Adware/Twain-Tech No disinfected C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP305\A0025141.inf
Spyware:Spyware/LocalNRD No disinfected C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP305\A0025143.inf
Adware:Adware/IPInsight No disinfected C:\WINDOWS\INF\alchem.inf
Adware:Adware/IPInsight No disinfected C:\WINDOWS\INF\conscorr.inf
#13
Posted 02 September 2005 - 05:58 PM
Hello!
FIrst, lets clear your restore points:
To reset your restore points, please note that you will need to log into your computer with an account which has full administrator access. You will know if the account has administrator access because you will be able to see the System Restore tab. If the tab is missing, you are logged in under a limited account.
(Windows XP)
1. Turn off System Restore.
On the Desktop, right-click My Computer.
Click Properties.
Click the System Restore tab.
Check Turn off System Restore.
Click Apply, and then click OK.
2. Reboot.
3. Turn ON System Restore.
On the Desktop, right-click My Computer.
Click Properties.
Click the System Restore tab.
UN-Check *Turn off System Restore*.
Click Apply, and then click OK.
How to Turn On and Turn Off System Restore in Windows XP
http://support.micro...kb;en-us;310405
Then:
1) Please download the Killbox.
Unzip it to the desktop but do NOT run it yet.
2) Then please reboot into Safe Mode by restarting your computer and pressing F8 as your computer is booting up. Then select the Safe Mode option.
3) Once in Safe Mode, please run Killbox.
4) Select "Delete on Reboot".
5) Open the text file with these instructions in it, and copy the file names below to the clipboard by highlighting them and pressing Control-C:
7) Click the red-and-white "Delete File" button. Click "Yes" at the Delete on Reboot prompt. Click "No" at the Pending Operations prompt.
If you receive a message such as: "Component 'MsComCtl.ocx' or one of its dependencies not correctly registered: a file is missing or invalid." when trying to run TheKillbox, click here to download and run missingfilesetup.exe. Then try TheKillbox again..
Let the system reboot, then let me know how things are running.
FIrst, lets clear your restore points:
To reset your restore points, please note that you will need to log into your computer with an account which has full administrator access. You will know if the account has administrator access because you will be able to see the System Restore tab. If the tab is missing, you are logged in under a limited account.
(Windows XP)
1. Turn off System Restore.
On the Desktop, right-click My Computer.
Click Properties.
Click the System Restore tab.
Check Turn off System Restore.
Click Apply, and then click OK.
2. Reboot.
3. Turn ON System Restore.
On the Desktop, right-click My Computer.
Click Properties.
Click the System Restore tab.
UN-Check *Turn off System Restore*.
Click Apply, and then click OK.
How to Turn On and Turn Off System Restore in Windows XP
http://support.micro...kb;en-us;310405
Then:
1) Please download the Killbox.
Unzip it to the desktop but do NOT run it yet.
2) Then please reboot into Safe Mode by restarting your computer and pressing F8 as your computer is booting up. Then select the Safe Mode option.
3) Once in Safe Mode, please run Killbox.
4) Select "Delete on Reboot".
5) Open the text file with these instructions in it, and copy the file names below to the clipboard by highlighting them and pressing Control-C:
C:\WINDOWS\INF\alchem.inf C:\WINDOWS\FT1_02_0_402_GEPFAH.EXE C:\PROGRAM FILES\Windows SyncroAd C:\WINDOWS\INF\alchem.inf C:\WINDOWS\INF\conscorr.inf6) Return to Killbox, go to the File menu, and choose "Paste from Clipboard".
7) Click the red-and-white "Delete File" button. Click "Yes" at the Delete on Reboot prompt. Click "No" at the Pending Operations prompt.
If you receive a message such as: "Component 'MsComCtl.ocx' or one of its dependencies not correctly registered: a file is missing or invalid." when trying to run TheKillbox, click here to download and run missingfilesetup.exe. Then try TheKillbox again..
Let the system reboot, then let me know how things are running.
#14
Posted 03 September 2005 - 01:02 PM
hi again... ran killbot and deleted those files, but then ran the panda active scan again to make sure everything was clean... however, this was my log:
Incident Status Location
Adware:adware/ipinsight No disinfected C:\WINDOWS\alchem.ini
Spyware:spyware/bargainbuddy No disinfected Windows Registry
Possible Virus. No disinfected C:\Program Files\TrojanHunter 4.2\Tools\Process Viewer\ProcessViewer.exe
Adware:Adware/IPInsight No disinfected C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP1\A0000035.inf
Adware:Adware/IPInsight No disinfected C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP1\A0000037.inf
what do you think the deal is?
-caitlin
Incident Status Location
Adware:adware/ipinsight No disinfected C:\WINDOWS\alchem.ini
Spyware:spyware/bargainbuddy No disinfected Windows Registry
Possible Virus. No disinfected C:\Program Files\TrojanHunter 4.2\Tools\Process Viewer\ProcessViewer.exe
Adware:Adware/IPInsight No disinfected C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP1\A0000035.inf
Adware:Adware/IPInsight No disinfected C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP1\A0000037.inf
what do you think the deal is?
-caitlin
#15
Posted 03 September 2005 - 02:39 PM
Hello!
Most of the things in the panda scan are false positives.
Lets run Ewido and see if it will pick up the two things that are bad.
Please download ewido security suite it is a free version of the program.
ewido manual updates
Once the updates are installed do the following:
Most of the things in the panda scan are false positives.
Lets run Ewido and see if it will pick up the two things that are bad.
Please download ewido security suite it is a free version of the program.
- Install ewido security suite
- When installing, under "Additional Options" uncheck..
- Install background guard
- Install scan via context menu
- Launch ewido, there should be an icon on your desktop, double-click it.
- The program will now open to the main screen.
- When you run ewido for the first time, you may get a warning "Database could not be found!". Click OK. We will fix this in a moment.
- You will need to update ewido to the latest definition files.
- On the left hand side of the main screen click update.
- Then click on Start Update.
- The update will start and a progress bar will show the updates being installed.
(the status bar at the bottom will display ("Update successful")
ewido manual updates
Once the updates are installed do the following:
- Click on scanner
- Click on Complete System Scan and the scan will begin.
- You will be prompted to clean the first infection.
- Select "Perform action on all infections", then proceed.
- Once the scan has completed, there will be a button located on the bottom of the screen named Save report
- Click Save report.
- Save the report .txt file to your desktop or a location where you can find it easily.
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users