Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Win debugger question


  • Please log in to reply
6 replies to this topic

#1 hitokiri51

hitokiri51

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:09:06 PM

Posted 18 April 2014 - 03:06 PM

Hi

 

I have been trying to figure out how to solve a blue screen that I get life every 5 days.  Just installed the debugger and followed some steps to configure it, but when I  try to open the .dmp file, I get the following:

 

Microsoft ® Windows Debugger Version 6.3.9600.17029 AMD64
Copyright © Microsoft Corporation. All rights reserved.
 
 
Loading Dump File [C:\Windows\System32\config\systemprofile\AppData\Local\CrashDumps\Service_KMS.exe(1).2260.dmp]
User Mini Dump File: Only registers, stack and portions of memory are available
 
Symbol search path is: *** Invalid ***
****************************************************************************
* Symbol loading may be unreliable without a symbol search path.           *
* Use .symfix to have the debugger choose a symbol path.                   *
* After setting your symbol path, use .reload to refresh symbol locations. *
****************************************************************************
Executable search path is: 
Windows 7 Version 7601 (Service Pack 1) MP (4 procs) Free x64
Product: WinNt, suite: SingleUserTS
Machine Name:
Debug session time: Thu Apr 17 00:06:26.000 2014 (UTC - 5:00)
System Uptime: not available
Process Uptime: 0 days 0:00:20.000
..............................................................
This dump file has an exception of interest stored in it.
The stored exception information can be accessed via .ecxr.
(8d4.93c): Unknown exception - code 00000000 (first/second chance not available)
*** ERROR: Symbol file could not be found.  Defaulted to export symbols for ntdll.dll - 
*** ERROR: Symbol file could not be found.  Defaulted to export symbols for KERNELBASE.dll - 
ntdll!NtWaitForMultipleObjects+0xa:
00000000`770b186a c3              ret
 
 
I´m not quite sure how to go from there.
 
Thanks

Edited by hamluis, 19 April 2014 - 10:47 AM.
Moved from Win 7 to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 hamluis

hamluis

    Moderator


  • Moderator
  • 55,411 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:09:06 PM

Posted 18 April 2014 - 04:54 PM

Please download MiniToolBox  , save it to your desktop and run it.
 
Checkmark the following checkboxes:
  List last 10 Event Viewer log
  List Installed Programs
  List Users, Partitions and Memory size.
 
Click Go and paste the content into your next post.
 
Also...please Publish a Snapshot using Speccy - http://www.bleepingcomputer.com/forums/topic323892.html/page__p__1797792#entry1797792 , taking care to post the link of the snapshot in your next post.
 
Louis



#3 hitokiri51

hitokiri51
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:09:06 PM

Posted 18 April 2014 - 08:04 PM

Hi

 

I would like to add that I have run the windows memory diagnose and found no errors; and that the file involved in the crashes is KMseldi.  I was trying the debugger to get more info.

 

Here´s the info:

 

MiniToolBox by Farbar  Version: 23-01-2014
Ran by Oscar (administrator) on 18-04-2014 at 19:57:35
Running from "C:\Users\Oscar\Downloads"
Microsoft Windows 7 Professional  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (04/18/2014 07:57:05 PM) (Source: SideBySide) (User: )
Description: Error al generar el contexto de activación para "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Error en el archivo de manifiesto o directiva "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" en la línea C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Una versión de componente requerida por la aplicación está en conflicto con la versión de otro componente activo.
Los componentes en conflicto son:.
Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (04/18/2014 01:03:12 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (04/18/2014 01:01:39 PM) (Source: Application Error) (User: )
Description: Nombre de la aplicación con errores: Service_KMS.exe, versión: 11.0.0.0, marca de tiempo: 0x52a8d15d
Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000
Código de excepción: 0x00000000
Desplazamiento de errores: 0x000007fe95580560
Id. del proceso con errores: 0x8bc
Hora de inicio de la aplicación con errores: 0xService_KMS.exe0
Ruta de acceso de la aplicación con errores: Service_KMS.exe1
Ruta de acceso del módulo con errores: Service_KMS.exe2
Id. del informe: Service_KMS.exe3
 
Error: (04/18/2014 01:01:21 PM) (Source: NvStreamSvc) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]
 
Error: (04/18/2014 01:01:21 PM) (Source: NvStreamSvc) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]
 
Error: (04/18/2014 01:01:21 PM) (Source: NvStreamSvc) (User: )
Description: NvStreamSvcNvVAD endpoint registration failed [0]
 
Error: (04/17/2014 09:17:15 PM) (Source: SideBySide) (User: )
Description: Error al generar el contexto de activación para "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Error en el archivo de manifiesto o directiva "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" en la línea C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Una versión de componente requerida por la aplicación está en conflicto con la versión de otro componente activo.
Los componentes en conflicto son:.
Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (04/17/2014 07:36:58 PM) (Source: SideBySide) (User: )
Description: Error al generar el contexto de activación para "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Error en el archivo de manifiesto o directiva "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" en la línea C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Una versión de componente requerida por la aplicación está en conflicto con la versión de otro componente activo.
Los componentes en conflicto son:.
Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (04/17/2014 07:19:57 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (04/17/2014 07:18:27 PM) (Source: Application Error) (User: )
Description: Nombre de la aplicación con errores: Service_KMS.exe, versión: 11.0.0.0, marca de tiempo: 0x52a8d15d
Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000
Código de excepción: 0x00000000
Desplazamiento de errores: 0x000007fe95c70560
Id. del proceso con errores: 0x8e0
Hora de inicio de la aplicación con errores: 0xService_KMS.exe0
Ruta de acceso de la aplicación con errores: Service_KMS.exe1
Ruta de acceso del módulo con errores: Service_KMS.exe2
Id. del informe: Service_KMS.exe3
 
 
System errors:
=============
Error: (04/18/2014 01:01:41 PM) (Source: Service Control Manager) (User: )
Description: El servicio Service KMSELDI se terminó de manera inesperada. Esto ha sucedido 1 veces.
 
Error: (04/18/2014 01:01:14 PM) (Source: volmgr) (User: )
Description: Error en la inicialización del archivo de volcado
 
Error: (04/17/2014 07:18:30 PM) (Source: Service Control Manager) (User: )
Description: El servicio Service KMSELDI se terminó de manera inesperada. Esto ha sucedido 1 veces.
 
Error: (04/17/2014 07:18:01 PM) (Source: EventLog) (User: )
Description: El cierre anterior del sistema a las 7:17:23 PM del ?4/?17/?2014 resultó inesperado.
 
Error: (04/17/2014 07:17:59 PM) (Source: volmgr) (User: )
Description: Error en la inicialización del archivo de volcado
 
Error: (04/17/2014 11:13:32 AM) (Source: Service Control Manager) (User: )
Description: El servicio Service KMSELDI se terminó de manera inesperada. Esto ha sucedido 1 veces.
 
Error: (04/17/2014 11:13:06 AM) (Source: volmgr) (User: )
Description: Error en la inicialización del archivo de volcado
 
Error: (04/17/2014 00:09:31 AM) (Source: Service Control Manager) (User: )
Description: El servicio Service KMSELDI se terminó de manera inesperada. Esto ha sucedido 1 veces.
 
Error: (04/17/2014 00:09:05 AM) (Source: volmgr) (User: )
Description: Error en la inicialización del archivo de volcado
 
Error: (04/17/2014 00:06:26 AM) (Source: Service Control Manager) (User: )
Description: El servicio Service KMSELDI se terminó de manera inesperada. Esto ha sucedido 1 veces.
 
 
Microsoft Office Sessions:
=========================
Error: (04/18/2014 07:57:05 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Oscar\Downloads\esetsmartinstaller_enu.exe
 
Error: (04/18/2014 01:03:12 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (04/18/2014 01:01:39 PM) (Source: Application Error)(User: )
Description: Service_KMS.exe11.0.0.052a8d15dunknown0.0.0.00000000000000000000007fe955805608bc01cf5b3032c56239C:\Program Files\KMSpico\Service_KMS.exeunknown7cdedfb2-c723-11e3-a5fe-10bf4885b5ab
 
Error: (04/18/2014 01:01:21 PM) (Source: NvStreamSvc)(User: )
Description: NvStreamSvcNvVAD initialization failed [6]
 
Error: (04/18/2014 01:01:21 PM) (Source: NvStreamSvc)(User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]
 
Error: (04/18/2014 01:01:21 PM) (Source: NvStreamSvc)(User: )
Description: NvStreamSvcNvVAD endpoint registration failed [0]
 
Error: (04/17/2014 09:17:15 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Oscar\Downloads\esetsmartinstaller_enu.exe
 
Error: (04/17/2014 07:36:58 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Oscar\Downloads\esetsmartinstaller_enu.exe
 
Error: (04/17/2014 07:19:57 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (04/17/2014 07:18:27 PM) (Source: Application Error)(User: )
Description: Service_KMS.exe11.0.0.052a8d15dunknown0.0.0.00000000000000000000007fe95c705608e001cf5a9ba9ddf4d5C:\Program Files\KMSpico\Service_KMS.exeunknownf5fd1fd2-c68e-11e3-9b09-10bf4885b5ab
 
 
=========================== Installed Programs ============================
 
"Assassin's Creed IV - Black Flag" (Version: 1.04.0.0)
Actualización de NVIDIA 12.4.55 (Version: 12.4.55)
Adobe Digital Editions 3.0 (Version: 3.0)
Adobe Flash Player 12 ActiveX (Version: 12.0.0.77)
AIMP3 (Version: v3.55.1338, 31.01.2014)
Ask Toolbar (Version: 12.10.6.4904)
Assassin's Creed ® III (Version: 1.00)
Assassins Creed III version 5.1 (Version: 5.1)
aTube Catcher (Version: 3.8.5187)
Avira Free Antivirus (Version: 14.0.3.350)
Battle.net
Castlevania: Lords of Shadow 2 (Version: 1)
CCleaner (Version: 4.09)
Diablo III
Eines de correcció del Microsoft Office 2013: català (Version: 15.0.4420.1017)
ESET Online Scanner v3
Ferramentas de verificación de Microsoft Office 2013 - Galego (Version: 15.0.4420.1017)
Google Chrome (Version: 34.0.1847.116)
Google Update Helper (Version: 1.3.23.9)
Happy Cloud Client (Version: 4.54)
Hearthstone
Hitman Absolution
Intel® Management Engine Components (Version: 8.1.0.1252)
Intel® Smart Connect Technology 3.0 x64 (Version: 3.0.30.1526)
Intel® USB 3.0 eXtensible Host Controller Driver (Version: 1.0.5.235)
Intel® Trusted Connect Service Client (Version: 1.24.388.1)
Java 8 (64-bit) (Version: 8.0.0)
Java Auto Updater (Version: 2.8.00.108)
Kits Configuration Installer (Version: 8.100.25984)
KMSpico v9.1.3 (Version: 9.1.3)
Magicka
Malwarebytes Anti-Malware version 2.0.1.1004 (Version: 2.0.1.1004)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938)
Microsoft Access MUI (Spanish) 2013 (Version: 15.0.4420.1017)
Microsoft DCF MUI (Spanish) 2013 (Version: 15.0.4420.1017)
Microsoft Excel MUI (Spanish) 2013 (Version: 15.0.4420.1017)
Microsoft Groove MUI (Spanish) 2013 (Version: 15.0.4420.1017)
Microsoft InfoPath MUI (Spanish) 2013 (Version: 15.0.4420.1017)
Microsoft Lync MUI (Spanish) 2013 (Version: 15.0.4420.1017)
Microsoft Office 32-bit Components 2013 (Version: 15.0.4420.1017)
Microsoft Office OSM MUI (Spanish) 2013 (Version: 15.0.4420.1017)
Microsoft Office OSM UX MUI (Spanish) 2013 (Version: 15.0.4420.1017)
Microsoft Office Professional Plus 2013 (Version: 15.0.4420.1017)
Microsoft Office Proofing (Spanish) 2013 (Version: 15.0.4420.1017)
Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4420.1017)
Microsoft Office Proofing Tools 2013 - Español (Version: 15.0.4420.1017)
Microsoft Office Shared 32-bit MUI (Spanish) 2013 (Version: 15.0.4420.1017)
Microsoft Office Shared MUI (Spanish) 2013 (Version: 15.0.4420.1017)
Microsoft Office zuzenketa-tresnak 2013 - Euskara (Version: 15.0.4420.1017)
Microsoft OneNote MUI (Spanish) 2013 (Version: 15.0.4420.1017)
Microsoft Outlook MUI (Spanish) 2013 (Version: 15.0.4420.1017)
Microsoft PowerPoint MUI (Spanish) 2013 (Version: 15.0.4420.1017)
Microsoft Publisher MUI (Spanish) 2013 (Version: 15.0.4420.1017)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (Version: 11.0.51106.1)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (Version: 11.0.51106)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (Version: 11.0.51106)
Microsoft Word MUI (Spanish) 2013 (Version: 15.0.4420.1017)
Mumble 1.2.3 (Version: 1.2.3)
Nitro Pro 8 (Version: 8.5.6.5)
NVIDIA Controlador de 3D Vision 335.23 (Version: 335.23)
NVIDIA Controlador de audio HD 1.3.30.1 (Version: 1.3.30.1)
NVIDIA Controlador de gráficos 335.23 (Version: 335.23)
NVIDIA Controlador de la controladora 3D Vision 335.21 (Version: 335.21)
NVIDIA GeForce Experience 2.0 (Version: 2.0)
NVIDIA Install Application (Version: 2.1002.151.1095)
NVIDIA LED Visualizer 1.0 (Version: 1.0)
NVIDIA Network Service (Version: 1.0)
NVIDIA PhysX (Version: 9.13.1220)
NVIDIA ShadowPlay 12.4.55 (Version: 12.4.55)
NVIDIA Software del sistema PhysX 9.13.1220 (Version: 9.13.1220)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.13.3523)
NVIDIA Update Core (Version: 12.4.55)
NVIDIA Virtual Audio 1.2.22 (Version: 1.2.22)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4420.1017)
Panel de control de NVIDIA 335.23 (Version: 335.23)
Portal
Realtek Ethernet Controller Driver (Version: 7.65.1025.2012)
Realtek High Definition Audio Driver (Version: 6.0.1.6767)
Revisores de Texto do Microsoft Office 2013 – Português do Brasil (Version: 15.0.4420.1017)
SDK Debuggers (Version: 8.100.26629)
SHIELD Streaming (Version: 1.8.323)
Skype™ 6.14 (Version: 6.14.104)
Southpark Stick of Truth (Version: 1)
Steam
TERA
UltraISO Premium V9.36
Ventrilo Client (Version: 3.0.8)
VLC media player 2.1.1 (Version: 2.1.1)
Waterfox 24.0 (x64 en-US) (Version: 24.0)
Windows Software Development Kit EULA (Version: 8.100.25984)
Windows Software Development Kit for Windows 8.1 (Version: 8.100.26654)
WinRAR 5.00 (64-bit) (Version: 5.00.0)
World of Warcraft
 
========================= Memory info: ===================================
 
Percentage of memory in use: 29%
Total physical RAM: 16328.41 MB
Available physical RAM: 11520.54 MB
Total Pagefile: 16326.59 MB
Available Pagefile: 10916.83 MB
Total Virtual: 4095.88 MB
Available Virtual: 3973.4 MB
 
========================= Partitions: =====================================
 
1 Drive c: () (Fixed) (Total:111.69 GB) (Free:57.61 GB) NTFS
2 Drive d: (Hitokiri) (Fixed) (Total:931.51 GB) (Free:609.66 GB) NTFS
4 Drive f: () (Removable) (Total:3.77 GB) (Free:2.9 GB) FAT32
 
========================= Users: ========================================
 
Cuentas de usuario de \\OSCAR-PC
 
Administrator            Guest                    Oscar                    
Se ha completado el comando correctamente.
 
 
**** End of log ****
 
 
____________________________________________________________________________________________________________________________________________________________________________________________
 
 


#4 hamluis

hamluis

    Moderator


  • Moderator
  • 55,411 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:09:06 PM

Posted 19 April 2014 - 10:46 AM

Appears to me that you have possible malware on your system...possibly via your use of keygens.

 

Moving topic to Am I Infected forum.

 

Louis



#5 hitokiri51

hitokiri51
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:09:06 PM

Posted 19 April 2014 - 05:25 PM

Bump



#6 hitokiri51

hitokiri51
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:09:06 PM

Posted 19 April 2014 - 11:11 PM

Bump



#7 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:12:06 PM

Posted 23 April 2014 - 05:11 AM

From hamluis

Appears to me that you have possible malware on your system...possibly via your use of keygens.

Please uninstall all Torrent programs, or programs downloaded from illegal sites.
Nitro Pro 8 <= Crack illegal version
Just remove ALL of the Crack Installed programs.

 

This must be removed now -
The application KMSELDI.exe has been detected as a potentially unwanted program by 8 of 10 anti-malware scanners.

 

Remove these programs unless you are upgrading to Windows 8 now -
Windows Software Development Kit EULA (Version: 8.100.25984)
Windows Software Development Kit for Windows 8.1 (Version: 8.100.26654)

 

NEXT -

Please download and run RKill by Grinler.

A black DOS box will briefly flash and then disappear.
This is normal and indicates the tool ran successfully.

At most the tool will run for about 2 minutes

Post the RKill log back here.

 

 

Important: Do not reboot your computer until you complete the next step.

 

 

* Please download AdwCleaner by Xplode and save to your Desktop.
* Double-click on AdwCleaner.exe to run the tool.
* Vista/Windows 7/8 users right-click and select Run As Administrator.
* Click on the Scan button (only once)
* AdwCleaner will begin...be patient as the scan may take some time to complete.
* After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.

* Check that no important items are listed and then continue -
* NOW - Click on the Clean button (only once)
* Press OK when asked to close all programs and follow the onscreen prompts.
* Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
* After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
* Copy and paste the contents of that logfile in your next reply.
* A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.

 

Next -

Please download Junkware Removal Tool by thisisu and save it to your Desktop.
* Close all open programs and shut down any protection/security software now to avoid potential conflicts.
* Double-click on JRT.exe to run the tool.
* Vista/Windows 7/8 users right-click and select Run As Administrator.
* The tool will open and start scanning your system.
* Please be patient as this can take a while to complete depending on your system's specifications.
* On completion, a log file named JRT.txt will automatically open and be saved to your Desktop.
* Copy and paste the contents of JRT.txt in your next reply.

These tools will search for and remove many potentially unwanted programs (PUPs), adware, toolbars, browser hijackers, extensions, add-ons, browser helper objects (BHOs) and other junkware to include many related registry entires (values, keys)

 

 

* Download Malwarebytes Anti-Malware Free and save it to your desktop
* Double click the desktop icon, click Run, then OK
* Click Next
* Select I accept the agreement then continue to click Next then finally click Install
** Uncheck Enable free trial of Malwarebytes Anti-Malware Premium if you do not want the free trial of the paid version, then click Finish
* If you are notified the Database is out of date click Update Now
* Click Scan Now >>
----------

 

** Note: If Malwarebytes will not launch please do the following to launch Malwarebytes Chameleon:
* Click Start (Start, Search, All files and folders for Windows XP) then type mbam
* Double click one of the four following files (if one does not work try the next one, and so on) - A black command window will open. Follow those instructions until the Malwarebytes program starts the scan

mbam-chameleon.scr
mbam-chameleon
mbam-chameleon.exe
mbam-chameleon.com

----------

 

** When completed click the down arrow on Export Log and select Text file (*.txt)
* Save the file to your desktop as MBAM
* Click Apply Actions then restart your computer if requested
* Copy and past the contents of MBAM.txt in your reply






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users