This topic is locked[attachment=60268:wuauserv.zip]
Extract all reg files to the desktop
Double click each in turn and allow to merge
Then re-run FSS please
Annoying Spyware/Adware/Malware [Closed]
Started by
USMCLong
, Sep 04 2012 10:02 AM
#31
Posted 04 September 2012 - 02:11 PM
Essexboy
-
- Retired Staff
-
- 69,964 posts
GeekU Moderator
[attachment=60268:wuauserv.zip]
Extract all reg files to the desktop
Double click each in turn and allow to merge
Then re-run FSS please
#32
Posted 04 September 2012 - 02:16 PM
USMCLong
- Topic Starter
-
- Member
-
- 25 posts
Member
Farbar Service Scanner Version: 06-08-2012
Ran by Ignoble (administrator) on 04-09-2012 at 14:16:02
Running from "C:\Users\Ignoble\Desktop"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************
Internet Services:
============
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Attempt to access Yahoo.com returned error: Yahoo.com is offline
Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.
MpsSvc Service is not running. Checking service configuration:
The start type of MpsSvc service is OK.
The ImagePath of MpsSvc service is OK.
The ServiceDll of MpsSvc service is OK.
bfe Service is not running. Checking service configuration:
The start type of bfe service is OK.
The ImagePath of bfe service is OK.
The ServiceDll of bfe service is OK.
Firewall Disabled Policy:
==================
System Restore:
============
System Restore Disabled Policy:
========================
Action Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is OK.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv service is OK.
BITS Service is not running. Checking service configuration:
The start type of BITS service is OK.
The ImagePath of BITS service is OK.
The ServiceDll of BITS service is OK.
Windows Autoupdate Disabled Policy:
============================
Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is OK.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.
Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1
Other Services:
==============
File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
**** End of log ****
Ran by Ignoble (administrator) on 04-09-2012 at 14:16:02
Running from "C:\Users\Ignoble\Desktop"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************
Internet Services:
============
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Attempt to access Yahoo.com returned error: Yahoo.com is offline
Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.
MpsSvc Service is not running. Checking service configuration:
The start type of MpsSvc service is OK.
The ImagePath of MpsSvc service is OK.
The ServiceDll of MpsSvc service is OK.
bfe Service is not running. Checking service configuration:
The start type of bfe service is OK.
The ImagePath of bfe service is OK.
The ServiceDll of bfe service is OK.
Firewall Disabled Policy:
==================
System Restore:
============
System Restore Disabled Policy:
========================
Action Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is OK.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv service is OK.
BITS Service is not running. Checking service configuration:
The start type of BITS service is OK.
The ImagePath of BITS service is OK.
The ServiceDll of BITS service is OK.
Windows Autoupdate Disabled Policy:
============================
Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is OK.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.
Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1
Other Services:
==============
File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
**** End of log ****
#33
Posted 04 September 2012 - 02:22 PM
Essexboy
-
- Retired Staff
-
- 69,964 posts
GeekU Moderator
Darn I missed one
Download this reg file to your desktop
[attachment=60269:wscsvc.reg]
Double click and allow to merge
How is the computer behaving now ?
Re-run RoguKiller
[*] Wait until Prescan has finished ...
[*] Click on Scan[/list]
Download this reg file to your desktop
[attachment=60269:wscsvc.reg]
Double click and allow to merge
How is the computer behaving now ?
Re-run RoguKiller
[*] Wait until Prescan has finished ...
[*] Click on Scan[/list]
- Wait for the end of the scan.
- The report has been created on the desktop.
- Click on the Delete button.
- The report has been created on the desktop.
#34
Posted 04 September 2012 - 02:36 PM
USMCLong
- Topic Starter
-
- Member
-
- 25 posts
Member
Honestly I haven't messed with it since we started except for what you've said, so if this is the last step, I have to go to work soon but I can comment on the thread tomorrow with an update!
RogueKiller V8.0.2 [08/31/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo...13-roguekiller/
Blog: http://tigzyrk.blogspot.com
Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Ignoble [Admin rights]
Mode : Scan -- Date : 09/04/2012 14:36:16
¤¤¤ Bad processes : 0 ¤¤¤
¤¤¤ Registry Entries : 12 ¤¤¤
[RUN][SUSP PATH] HKUS\S-1-5-21-2484045102-2861270268-2398893883-1002[...]\RunOnce : CTPostBootSequencer ("C:\Users\Ignoble\AppData\Local\Temp\CTPBSeq.exe" /reglaunch /self_destruct) -> FOUND
[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND
[HJ] HKLM\[...]\Wow6432Node\System : ConsentPromptBehaviorAdmin (0) -> FOUND
[HJ] HKLM\[...]\System : EnableLUA (0) -> FOUND
[HJ] HKLM\[...]\Wow6432Node\System : EnableLUA (0) -> FOUND
[HJ DESK] HKCU\[...]\ClassicStartMenu : {59031A47-3F72-44A7-89C5-5595FE6B30EE} (1) -> FOUND
[HJ DESK] HKCU\[...]\NewStartPanel : {59031A47-3F72-44A7-89C5-5595FE6B30EE} (1) -> FOUND
[HJ DESK] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[HJ DESK] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[HJ INPROC][ZeroAccess] HKCR\[...]\InprocServer32 : (C:\$Recycle.Bin\S-1-5-21-2484045102-2861270268-2398893883-1001\$3bc8139ad8c8d4bf99f1b3e38b025194\n.) -> FOUND
[HJ INPROC][ZeroAccess] HKCR\[...]\InprocServer32 : (C:\$Recycle.Bin\S-1-5-18\$3bc8139ad8c8d4bf99f1b3e38b025194\n.) -> FOUND
[HJ INPROC][ZeroAccess] HKLM\[...]\InprocServer32 : (C:\$Recycle.Bin\S-1-5-18\$3bc8139ad8c8d4bf99f1b3e38b025194\n.) -> FOUND
¤¤¤ Particular Files / Folders: ¤¤¤
¤¤¤ Driver : [NOT LOADED] ¤¤¤
¤¤¤ Infection : ZeroAccess ¤¤¤
¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts
¤¤¤ MBR Check: ¤¤¤
+++++ PhysicalDrive0: +++++
--- User ---
[MBR] 3156e7c08c02337e356dbb1a33cb34ea
[BSP] cd27ed3eb96aab5c994ff939e1f9cca6 : Windows 7 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 1907627 Mo
Error reading LL1 MBR!
Error reading LL2 MBR!
Finished : << RKreport[1].txt >>
RKreport[1].txt
RogueKiller V8.0.2 [08/31/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo...13-roguekiller/
Blog: http://tigzyrk.blogspot.com
Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Ignoble [Admin rights]
Mode : Scan -- Date : 09/04/2012 14:36:16
¤¤¤ Bad processes : 0 ¤¤¤
¤¤¤ Registry Entries : 12 ¤¤¤
[RUN][SUSP PATH] HKUS\S-1-5-21-2484045102-2861270268-2398893883-1002[...]\RunOnce : CTPostBootSequencer ("C:\Users\Ignoble\AppData\Local\Temp\CTPBSeq.exe" /reglaunch /self_destruct) -> FOUND
[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND
[HJ] HKLM\[...]\Wow6432Node\System : ConsentPromptBehaviorAdmin (0) -> FOUND
[HJ] HKLM\[...]\System : EnableLUA (0) -> FOUND
[HJ] HKLM\[...]\Wow6432Node\System : EnableLUA (0) -> FOUND
[HJ DESK] HKCU\[...]\ClassicStartMenu : {59031A47-3F72-44A7-89C5-5595FE6B30EE} (1) -> FOUND
[HJ DESK] HKCU\[...]\NewStartPanel : {59031A47-3F72-44A7-89C5-5595FE6B30EE} (1) -> FOUND
[HJ DESK] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[HJ DESK] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[HJ INPROC][ZeroAccess] HKCR\[...]\InprocServer32 : (C:\$Recycle.Bin\S-1-5-21-2484045102-2861270268-2398893883-1001\$3bc8139ad8c8d4bf99f1b3e38b025194\n.) -> FOUND
[HJ INPROC][ZeroAccess] HKCR\[...]\InprocServer32 : (C:\$Recycle.Bin\S-1-5-18\$3bc8139ad8c8d4bf99f1b3e38b025194\n.) -> FOUND
[HJ INPROC][ZeroAccess] HKLM\[...]\InprocServer32 : (C:\$Recycle.Bin\S-1-5-18\$3bc8139ad8c8d4bf99f1b3e38b025194\n.) -> FOUND
¤¤¤ Particular Files / Folders: ¤¤¤
¤¤¤ Driver : [NOT LOADED] ¤¤¤
¤¤¤ Infection : ZeroAccess ¤¤¤
¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts
¤¤¤ MBR Check: ¤¤¤
+++++ PhysicalDrive0: +++++
--- User ---
[MBR] 3156e7c08c02337e356dbb1a33cb34ea
[BSP] cd27ed3eb96aab5c994ff939e1f9cca6 : Windows 7 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 1907627 Mo
Error reading LL1 MBR!
Error reading LL2 MBR!
Finished : << RKreport[1].txt >>
RKreport[1].txt
#35
Posted 04 September 2012 - 02:37 PM
Essexboy
-
- Retired Staff
-
- 69,964 posts
GeekU Moderator
Yep if you run the delete stage on Rogue killer we should be good to wait for an update
#36
Posted 04 September 2012 - 02:39 PM
USMCLong
- Topic Starter
-
- Member
-
- 25 posts
Member
Did you want me to run RogueKiller again and post the log?
Once again, thank you for all the help!
Once again, thank you for all the help!
#37
Posted 04 September 2012 - 02:43 PM
Essexboy
-
- Retired Staff
-
- 69,964 posts
GeekU Moderator
Yes as you only ran the scan for the last run .. You need to do the delete section so that it can kill the files. It takes two runs with roguekiller but at the moment is safer than Combofix
#38
Posted 04 September 2012 - 02:45 PM
USMCLong
- Topic Starter
-
- Member
-
- 25 posts
Member
RogueKiller V8.0.2 [08/31/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo...13-roguekiller/
Blog: http://tigzyrk.blogspot.com
Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Ignoble [Admin rights]
Mode : Scan -- Date : 09/04/2012 14:44:47
¤¤¤ Bad processes : 0 ¤¤¤
¤¤¤ Registry Entries : 8 ¤¤¤
[RUN][SUSP PATH] HKUS\S-1-5-21-2484045102-2861270268-2398893883-1002[...]\RunOnce : CTPostBootSequencer ("C:\Users\Ignoble\AppData\Local\Temp\CTPBSeq.exe" /reglaunch /self_destruct) -> FOUND
[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND
[HJ] HKLM\[...]\Wow6432Node\System : ConsentPromptBehaviorAdmin (0) -> FOUND
[HJ] HKLM\[...]\System : EnableLUA (0) -> FOUND
[HJ] HKLM\[...]\Wow6432Node\System : EnableLUA (0) -> FOUND
[HJ INPROC][ZeroAccess] HKCR\[...]\InprocServer32 : (C:\$Recycle.Bin\S-1-5-21-2484045102-2861270268-2398893883-1001\$3bc8139ad8c8d4bf99f1b3e38b025194\n.) -> FOUND
[HJ INPROC][ZeroAccess] HKCR\[...]\InprocServer32 : (C:\$Recycle.Bin\S-1-5-18\$3bc8139ad8c8d4bf99f1b3e38b025194\n.) -> FOUND
[HJ INPROC][ZeroAccess] HKLM\[...]\InprocServer32 : (C:\$Recycle.Bin\S-1-5-18\$3bc8139ad8c8d4bf99f1b3e38b025194\n.) -> FOUND
¤¤¤ Particular Files / Folders: ¤¤¤
¤¤¤ Driver : [NOT LOADED] ¤¤¤
¤¤¤ Infection : ZeroAccess ¤¤¤
¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts
¤¤¤ MBR Check: ¤¤¤
+++++ PhysicalDrive0: +++++
--- User ---
[MBR] 3156e7c08c02337e356dbb1a33cb34ea
[BSP] cd27ed3eb96aab5c994ff939e1f9cca6 : Windows 7 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 1907627 Mo
Error reading LL1 MBR!
Error reading LL2 MBR!
Finished : << RKreport[4].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt ; RKreport[4].txt
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo...13-roguekiller/
Blog: http://tigzyrk.blogspot.com
Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Ignoble [Admin rights]
Mode : Scan -- Date : 09/04/2012 14:44:47
¤¤¤ Bad processes : 0 ¤¤¤
¤¤¤ Registry Entries : 8 ¤¤¤
[RUN][SUSP PATH] HKUS\S-1-5-21-2484045102-2861270268-2398893883-1002[...]\RunOnce : CTPostBootSequencer ("C:\Users\Ignoble\AppData\Local\Temp\CTPBSeq.exe" /reglaunch /self_destruct) -> FOUND
[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND
[HJ] HKLM\[...]\Wow6432Node\System : ConsentPromptBehaviorAdmin (0) -> FOUND
[HJ] HKLM\[...]\System : EnableLUA (0) -> FOUND
[HJ] HKLM\[...]\Wow6432Node\System : EnableLUA (0) -> FOUND
[HJ INPROC][ZeroAccess] HKCR\[...]\InprocServer32 : (C:\$Recycle.Bin\S-1-5-21-2484045102-2861270268-2398893883-1001\$3bc8139ad8c8d4bf99f1b3e38b025194\n.) -> FOUND
[HJ INPROC][ZeroAccess] HKCR\[...]\InprocServer32 : (C:\$Recycle.Bin\S-1-5-18\$3bc8139ad8c8d4bf99f1b3e38b025194\n.) -> FOUND
[HJ INPROC][ZeroAccess] HKLM\[...]\InprocServer32 : (C:\$Recycle.Bin\S-1-5-18\$3bc8139ad8c8d4bf99f1b3e38b025194\n.) -> FOUND
¤¤¤ Particular Files / Folders: ¤¤¤
¤¤¤ Driver : [NOT LOADED] ¤¤¤
¤¤¤ Infection : ZeroAccess ¤¤¤
¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts
¤¤¤ MBR Check: ¤¤¤
+++++ PhysicalDrive0: +++++
--- User ---
[MBR] 3156e7c08c02337e356dbb1a33cb34ea
[BSP] cd27ed3eb96aab5c994ff939e1f9cca6 : Windows 7 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 1907627 Mo
Error reading LL1 MBR!
Error reading LL2 MBR!
Finished : << RKreport[4].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt ; RKreport[4].txt
#39
Posted 04 September 2012 - 02:47 PM
Essexboy
-
- Retired Staff
-
- 69,964 posts
GeekU Moderator
Are you selecting delete ?
#40
Posted 04 September 2012 - 02:52 PM
USMCLong
- Topic Starter
-
- Member
-
- 25 posts
Member
Yes, I've deleted every time after a scan, just like the instructions said
#41
Posted 04 September 2012 - 02:55 PM
Essexboy
-
- Retired Staff
-
- 69,964 posts
GeekU Moderator
OK they are just registry keys I will work a fix for them and do it manually
#42
Posted 04 September 2012 - 02:56 PM
USMCLong
- Topic Starter
-
- Member
-
- 25 posts
Member
Ok, thank you! I'm off to work now. I'll be back later tonight
#43
Posted 04 September 2012 - 02:57 PM
Essexboy
-
- Retired Staff
-
- 69,964 posts
GeekU Moderator
It will be morning for me by then 
#44
Posted 05 September 2012 - 07:18 AM
Essexboy
-
- Retired Staff
-
- 69,964 posts
GeekU Moderator
I have spoken to Tigzy and the registry entries should have been replaced.. So lets check them out
Please download SystemLook from one of the links below and save it to your Desktop.
Download Mirror #1
Download Mirror #2
Please download SystemLook from one of the links below and save it to your Desktop.
Download Mirror #1
Download Mirror #2
- Double-click SystemLook.exe to run it.
- Copy the content of the following codebox into the main textfield:
:regfind $3bc8139ad8c8d4bf99f1b3e38b025194
- Click the Look button to start the scan.
- When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
#45
Posted 05 September 2012 - 09:21 AM
USMCLong
- Topic Starter
-
- Member
-
- 25 posts
Member
SystemLook 30.07.11 by jpshortstuff
Log created at 09:20 on 05/09/2012 by Ignoble
Administrator - Elevation successful
WARNING: SystemLook running under WOW64. Use SystemLook_x64 for accurate results.
========== regfind ==========
Searching for "$3bc8139ad8c8d4bf99f1b3e38b025194"
No data found.
-= EOF =-
Log created at 09:20 on 05/09/2012 by Ignoble
Administrator - Elevation successful
WARNING: SystemLook running under WOW64. Use SystemLook_x64 for accurate results.
========== regfind ==========
Searching for "$3bc8139ad8c8d4bf99f1b3e38b025194"
No data found.
-= EOF =-
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users
As Featured On:
Sign In
Create Account
