Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

AdwCleaner Crashes Vista


  • Please log in to reply
20 replies to this topic

#1 KellyB56

KellyB56

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:02:27 AM

Posted 17 November 2015 - 11:20 PM

Specs:

AdwCleaner 5.0.2.1

Windows Vista 32

Other security programs - Windows Malicious Software Removal Tool, Spyware Blaster, Spybot Search & Destroy, MalwareBytes, Avira Free.

 

Problem:

Decided to try AdwCleaner ... was just doing a little maintenance and AdwCleaner found some stuff ... I clicked clean ... and when AdwCleaner shut down the computer ... I got an immediate BSOD (inadvertent shutdown). The BSOD remained visable just a couple of seconds so I have no clue what it said. Vista recovered just fine ... I reran AdwCleaner and there were no detections. Other than the BSOD everything seems fine.

 

But ... what could have been the cause of the BSOD? I'm reluctant to use AdwCleaner again until I can determine the cause.

 

Thanks!

 

KenB



BC AdBot (Login to Remove)

 


#2 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,592 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:05:27 AM

Posted 18 November 2015 - 07:35 AM


Please activate Debug Mode as follows so we can see a report which may be helpful with identifying the problem.
  • Double-click on AdwCleaner.exe to open the tool.
  • Click on Options in the top menu.
  • Put a check mark next to Activate debug mode.
  • Click on the Scan button.
  • A logfile report called AdwCleaner_dbg_XXXX.log (where XXXX represents the time run) will be created and saved to %systemdrive%\AdwCleaner folder (usually C:\AdwCleaner).
  • Copy and paste the contents of AdwCleaner_dbg_XXXX.log in your next reply.

.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#3 KellyB56

KellyB56
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:02:27 AM

Posted 18 November 2015 - 05:09 PM

Hey ... thanks for the help! I ran AdwCleaner to generate the debug log and there was 1 detection. When AdwCleaner rebooted to clean the detection there was no BSOD this time. But here's the debug log just the same.

 

Thanks!

 

KenB

2015-11-18 13:11:34 : [Notice]		Scan started
2015-11-18 13:11:34 : [Success]		Internet connection is UP
2015-11-18 13:11:34 : [Success]		Loaded C:\Users\KENTON~1.BLA\AppData\Local\Temp\sqlite.dll
2015-11-18 13:11:34 : [Success]		Opened C:\Users\KENTON~1.BLA\AppData\Local\Temp\adwcleaner.db
2015-11-18 13:11:34 : [Success]		Database v2015-11-17.2
2015-11-18 13:11:35 : [Success]		Retrieved 6721 elements from 'guid' table
2015-11-18 13:11:35 : [Success]		Retrieved 66 elements from 'ifeo' table
2015-11-18 13:11:35 : [Success]		Retrieved 1645 elements from 'chrome_extensions' table
2015-11-18 13:11:35 : [Success]		Retrieved 86 elements from 'chrome_files' table
2015-11-18 13:11:35 : [Success]		Retrieved 1013 elements from 'files' table
2015-11-18 13:11:35 : [Success]		Retrieved 1025 elements from 'firefox_extensions' table
2015-11-18 13:11:35 : [Success]		Retrieved 255 elements from 'firefox_files' table
2015-11-18 13:11:35 : [Success]		Retrieved 80 elements from 'firewallpolicy' table
2015-11-18 13:11:36 : [Success]		Retrieved 3282 elements from 'folders' table
2015-11-18 13:11:36 : [Success]		Retrieved 37 elements from 'generic_addlyrics' table
2015-11-18 13:11:36 : [Success]		Retrieved 64 elements from 'generic_appinit' table
2015-11-18 13:11:36 : [Success]		Retrieved 293 elements from 'generic_multiplug' table
2015-11-18 13:11:36 : [Success]		Retrieved 141 elements from 'generic_mywebsearch' table
2015-11-18 13:11:36 : [Success]		Retrieved 24 elements from 'generic_netfilter' table
2015-11-18 13:11:36 : [Success]		Retrieved 751 elements from 'product_ids' table
2015-11-18 13:11:37 : [Success]		Retrieved 3084 elements from 'registry_keys_values' table
2015-11-18 13:11:37 : [Success]		Retrieved 814 elements from 'services' table
2015-11-18 13:11:37 : [Success]		Retrieved 3002 elements from 'softwares' table
2015-11-18 13:11:37 : [Success]		Retrieved 874 elements from 'tasks' table
2015-11-18 13:11:37 : [Success]		Retrieved 391 elements from 'urls' table
2015-11-18 13:11:37 : [Success]		Retrieved 53 elements from 'wl_processes' table
2015-11-18 13:11:37 : [Success]		Retrieved 14 elements from 'wl_firefox' table
2015-11-18 13:11:37 : [Success]		Retrieved 15 elements from 'dns' table
2015-11-18 13:11:37 : [Success]		Retrieved 53 elements from 'generic_crossrider' table
2015-11-18 13:11:37 : [Success]		Retrieved 12 elements from 'generic_pullupdate' table
2015-11-18 13:11:37 : [Success]		Retrieved 150 elements from 'generic_browsefox' table
2015-11-18 13:11:37 : [Notice]		Closed C:\Users\KENTON~1.BLA\AppData\Local\Temp\adwcleaner.db
2015-11-18 13:11:37 : [Notice]		Unloaded C:\Users\KENTON~1.BLA\AppData\Local\Temp\sqlite.dll
2015-11-18 13:11:37 : [Success]		Retrieved 2 users
2015-11-18 13:11:37 : [Notice]		User #1 : Kenton C. Blanton
2015-11-18 13:11:37 : [Notice]		User #2 : UpdatusUser
2015-11-18 13:11:37 : [Success]		Retrieved 1 firefox profiles
2015-11-18 13:11:37 : [Success]		Retrieved 1 chrome profiles
2015-11-18 13:11:37 : [Success]		Retrieved 48 global paths
2015-11-18 13:11:37 : [Success]		Retrieved 7 shortcut paths
2015-11-18 13:11:37 : [Notice]		Starting generic detections ... 
2015-11-18 13:11:39 : [Success]		Generic.Multiplug ... OK
2015-11-18 13:11:39 : [Success]		Generic.MyWebSearch ... OK
2015-11-18 13:11:39 : [Success]		Generic.Vitruvian ... OK
2015-11-18 13:11:39 : [Success]		Generic.PullUpdate ... OK
2015-11-18 13:11:39 : [Success]		Generic.BrowseFox ... OK
2015-11-18 13:11:39 : [Success]		Generic.BetterSurf ... OK
2015-11-18 13:11:39 : [Success]		Generic.Piccolor ... OK
2015-11-18 13:11:39 : [Success]		Generic.DownloadProtect ... OK
2015-11-18 13:11:40 : [Success]		Generic.AddLyrics ... OK
2015-11-18 13:11:40 : [Success]		Generic.Crossrider ... OK
2015-11-18 13:11:40 : [Success]		Generic.Maintainer ... OK
2015-11-18 13:11:40 : [Success]		Generic.Conduit ... OK
2015-11-18 13:11:40 : [Success]		Generic.Tuto4PC ... OK
2015-11-18 13:11:40 : [Success]		Generic.Perion ... OK
2015-11-18 13:11:40 : [Success]		Generic.HomeTab ... OK
2015-11-18 13:11:40 : [Success]		Other generic detections ... OK
2015-11-18 13:11:41 : [Success]		Adding firefox extensions ... OK
2015-11-18 13:11:41 : [Success]		Adding firefox files ... OK
2015-11-18 13:11:43 : [Success]		Adding chrome extensions ... OK
2015-11-18 13:11:43 : [Success]		Adding chrome files ... OK
2015-11-18 13:11:52 : [Success]		Adding GUID keys ... OK
2015-11-18 13:11:54 : [Success]		Adding Software keys ... OK
2015-11-18 13:11:54 : [Success]		Adding Product ID keys ... OK
2015-11-18 13:11:54 : [Success]		Adding IFEO keys ... OK
2015-11-18 13:11:54 : [Success]		Adding IE keys ... OK
2015-11-18 13:11:54 : [Success]		Adding FirewallPolicy keys ... OK
2015-11-18 13:11:54 : [Success]		Adding SearchScope keys ... OK
2015-11-18 13:11:54 : [Success]		Adding EIFL keys ... OK
2015-11-18 13:11:54 : [Success]		Adding SMI keys ... OK
2015-11-18 13:11:54 : [Success]		Adding AppInit keys ... OK
2015-11-18 13:11:54 : [Success]		Adding DNS keys ... OK
2015-11-18 13:11:54 : [Success]		Adding Prefixes keys ... OK
2015-11-18 13:11:54 : [Success]		Adding FileExts keys ... OK
2015-11-18 13:11:54 : [Success]		Adding DOMStorage keys ... OK
2015-11-18 13:11:54 : [Notice]		Processing services ...
2015-11-18 13:11:55 : [Notice]		Processing folders ...
2015-11-18 13:12:05 : [Notice]		Processing files ...
2015-11-18 13:12:08 : [Notice]		Processing DLLs ...
2015-11-18 13:12:08 : [Notice]		Processing shortcuts ...
2015-11-18 13:12:09 : [Notice]		Processing scheduled tasks ...
2015-11-18 13:12:09 : [Notice]		Processing registry elements ...
2015-11-18 13:12:09 : [Notice]		Processing browsers preferences ...
2015-11-18 13:12:09 : [Success]		Read C:\Users\Kenton C. Blanton\AppData\Roaming\Mozilla\Firefox\Profiles\h3cwof6h.default\prefs.js
2015-11-18 13:12:09 : [Success]		Opened C:\Users\Kenton C. Blanton\AppData\Local\Google\Chrome\User Data\Default\Web Data
2015-11-18 13:12:09 : [Success]		Opened  C:\Users\Kenton C. Blanton\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
2015-11-18 13:12:12 : [Success]		Retrieved "preferences"
2015-11-18 13:12:12 : [Success]		Retrieved "extensions"
2015-11-18 13:12:12 : [Success]		Retrieved "settings"
2015-11-18 13:12:13 : [Success]		Retrieved "homepage"
2015-11-18 13:12:13 : [Notice]		Scan finished without error
2015-11-18 13:15:27 : [Notice]		Clean started
2015-11-18 13:15:30 : [Notice]		Killing all processes
2015-11-18 13:15:33 : [Notice]		Deleting services
2015-11-18 13:15:33 : [Notice]		Deleting folders
2015-11-18 13:15:33 : [Notice]		Deleting files
2015-11-18 13:15:33 : [Notice]		Disinfecting files
2015-11-18 13:15:33 : [Notice]		Disinfecting shortcuts
2015-11-18 13:15:33 : [Notice]		Deleting scheduled tasks ...
2015-11-18 13:15:33 : [Notice]		Deleting registry elements
2015-11-18 13:15:33 : [Notice]		Cleaning browsers preferences
2015-11-18 13:15:33 : [Notice]		Processing selected options
2015-11-18 13:15:34 : [Notice]		Clean finished without error

Edited by KellyB56, 18 November 2015 - 05:12 PM.


#4 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,592 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:05:27 AM

Posted 18 November 2015 - 05:17 PM

I have advised M-K-D-B who works with the developer.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#5 blueelvis

blueelvis

    Bleep Blop Bleep


  • Malware Response Team
  • 1,666 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:57 PM

Posted 19 November 2015 - 03:09 AM

Greetings KenB & Welcome to the forums ^_^,


Could you please follow the below steps and upload the Dump files required? This would help us in pin pointing why the system crashed while running ADWCleaner

:)

 

  1. Go to this path - C:\Windows\Minidump
  2. In case you are asked for permissions, kindly click on Yes.
  3. You would notice several files having an extension of DMP. In case you don't see them, please post back.
  4. Select all of the dump files and add them to a ZIP file. Make sure that before adding them to the ZIP file, you have pasted the dump files to a different folder, else you would face errors related to permissions.
  5. Upload the ZIP file along with your next post so that it could be analysed :)

 

@quietman7 - Feel free to use this canned speech in case you want :)

 

 

-Pranav


Member of the Bleeping Computer A.I.I. early response team!


In case I have been helping you and you haven't received a reply from me in 48 hours, please feel free to PM me. Anything else? Still feel free to PM me :)

Did you read this? http://omgdebugging.com/5-tips-for-getting-the-best-bang-for-the-buck-at-fast-food-joints/

#6 KellyB56

KellyB56
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:02:27 AM

Posted 19 November 2015 - 06:21 AM

I'm sorry ... but for the life of me I can't figure out how to add the zipped Minidump file as an attachment to my reply. I don't see an uploader anywhere.
 
KenB



#7 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,592 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:05:27 AM

Posted 19 November 2015 - 06:58 AM

Did you click the More Reply Options button in the bottom right corner of the Board Editor then look for the Browse... button under Attach Files?
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#8 KellyB56

KellyB56
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:02:27 AM

Posted 19 November 2015 - 11:03 AM

@quietman7
 
Yeah ... I did all that. In my More Reply Options editor there is no Attach Files label nor is there a Browse button ... not in the area populated by the icons ... not in the Post Options area ... not in the Add Reply area. It's as if in my case the Attach Files option is turned off or blocked.
 
KenB



#9 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:10:27 AM

Posted 19 November 2015 - 11:36 AM

You will need to upload it to a file hosting service (i.e. Google Drive) and put the link here, since this forum does not allow attachments.

#10 KellyB56

KellyB56
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:02:27 AM

Posted 19 November 2015 - 12:31 PM

Here's a Google Drive link to the Minidump files.

 

https://drive.google.com/file/d/0B9JrLXjZN7mIcU83WEdSQjdaMFE/view?usp=sharing

 

Thanks!

 

KenB


Edited by KellyB56, 19 November 2015 - 12:38 PM.


#11 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,592 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:05:27 AM

Posted 19 November 2015 - 12:58 PM

This forum allows me to add attachments and I have it listed in my notes as one of the forums this can be done. I'll have to look into it.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#12 blueelvis

blueelvis

    Bleep Blop Bleep


  • Malware Response Team
  • 1,666 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:57 PM

Posted 20 November 2015 - 04:46 PM

I am also allowed to add attachments to my post in this thread.

I analysed the dump files and it seems that the crash was caused by AVG Antivirus as per the stack of the latest dump file -
0: kd> knL
 # ChildEBP RetAddr  
00 8c72fbc8 82850e14 nt!MmAccessFault+0x10b
01 8c72fbc8 937189b3 nt!KiTrap0E+0xdc
WARNING: Stack unwind information not available. Following frames may be wrong.
02 8c72fc50 00000000 avgntflt+0x69b3
There are other old dump files as well but the latest ones say that AVG caused the crash. Maybe AVG does not like ADWCleaner? :P


-Pranav

Member of the Bleeping Computer A.I.I. early response team!


In case I have been helping you and you haven't received a reply from me in 48 hours, please feel free to PM me. Anything else? Still feel free to PM me :)

Did you read this? http://omgdebugging.com/5-tips-for-getting-the-best-bang-for-the-buck-at-fast-food-joints/

#13 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,592 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:05:27 AM

Posted 20 November 2015 - 04:50 PM

I don't recommend AVG anymore for a variety of reasons...this is just another to add to that list.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#14 blueelvis

blueelvis

    Bleep Blop Bleep


  • Malware Response Team
  • 1,666 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:57 PM

Posted 20 November 2015 - 04:59 PM

I don't recommend AVG anymore for a variety of reasons...this is just another to add to that list.

The user is running Windows Vista. There is a chance that the latest version was simply not tested on this operating system properly.
After seeing so many crashes related to AVs, the only ones I can recommend are -

1. Emsisoft
2. ESET
3. Windows Defender

and yep, common sense ;)


-Pranav

Member of the Bleeping Computer A.I.I. early response team!


In case I have been helping you and you haven't received a reply from me in 48 hours, please feel free to PM me. Anything else? Still feel free to PM me :)

Did you read this? http://omgdebugging.com/5-tips-for-getting-the-best-bang-for-the-buck-at-fast-food-joints/

#15 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,592 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:05:27 AM

Posted 20 November 2015 - 05:19 PM

I agree.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users