Blue Screen Crash When Updating Definition File
I have what seems like a unique problem (I have scoured the forum for a similar thread before posting this one).
In brief, whenever I attempt to update the Adaware definition file (by clicking the "update" button within the application) my computer crashes. The crash happens very fast - first, there is a quick flash of a blue screen with white text. This blue screen flashes by so quickly I can't even read what it says. Immediately after this, the screen goes black and an extremely loud beeping begins (beeps once every 5 secs or so). This beeping is LOUD and will only stop if I hold down the power button.
Additional info:
-for the last 1 year or so, I have been getting periodic computer freezes that can only be fixed by holding the power button (CTRL-Alt-Del doesn't work, the computer is completely frozen) - this is a bigger problem that the Adaware update issue and I mention it because the two seem related
-these freezes seem fairly coincidental with the Adaware problems but I can't remember for sure (I have been trying to fix this issue for a long time)
-Adaware scans normally, I have manually downloaded the update def file and replaced it within the installation folder - no spyware found
Troubleshooting to date:
-most importantly, I have reformatted the HD, reinstalled Windows, and reinstalled Adaware (fresh copy from web site) only to have the same blue screen crash problem
-interestingly, when I reinstall Adaware and start the program, it tells me my definitions are 500+ days old - this makes me wonder if I didn't get a complete uninstall even after reformatting and reinstalling windows OS
-I have run multiple other adware, anti-virus, etc. programs to no avail
I have much more info but will stop there and see if anyone has any ideas. If anyone would like to see a HJT log I can post that or anything else that might be helpful. Any advice is GREATLY appreciated. Thanks.
-
Hello
It sounds like you may have some hardware problems. You mentioned that over the last year you had periodically freezes. Do you still have them even after a complete reinstall of windows? Also verify that you are using a legit copy of Windows when reinstalling and update/patch it.
What operating system are you using and what version of Ad-Aware are you running?
/Daniel
0 -
Freezes occurred after complete OS reinstall (Windows XP Pro) and all updates. Also, they happened before I reinstalled Adaware so as you suggest, I probably have a bigger problem that just Adaware...any comments/suggestions to this point are appreciated but I'm aware that it is not the main purpose of this forum.
What's interesting is that after the OS reinstall and after reinstalling a fresh copy of Adaware, I still get the blue screen freeze when attempting to connect for def updates.
This is a legit copy obtained through my school. Running latest Adaware version (SE Personal 1.06r1).
Thanks for your help. Let me know what other info might be helpful.
0 -
Hi
Can you try this please:
Close Ad-Aware. Press start, select run and in the window that opens enter the text in bold:
services.msc
Click the OK button to open the Services window.
In the services window that is displayed, scroll down to "DCOM Server Process Launcher". You may need to drag the column indicator next to the column headed "Name" to the right to see the full name. Double-click on "DCOM Server Process Launcher" to open the Properties window then click on the "Recovery" tab.
Against the item "Select the computer's response if this service fails" there are three settings. In the drop down box change each one (First failure, Second failure and Subsequent failures) from "Restart the Computer" to "Restart the Service". Click OK to save the settings.
Now scroll down to "Remote Procedure Call (RPC)". Double-click on "Remote Procedure Call (RPC)" then click on the "Recovery" tab and repeat the above to change the three "Select the computer's response if this service fails" settings to "Restart the Service". Click OK to save the settings.
Close the services windows.
Restart Ad-Aware abd try updating now.
Post back how you get on.
Thanks
0 -
I get the same problem when I tries to update Ad-Aware on my PC today. I get blue-screen when the Connect-button is clicked. I have not had any other blue-screen problems with my PC. I have Win XP Pro. I tried to reinstall Ad-Aware but it did not help.
I am using Ad-Aware on another PC (with Win XP HomeEd) without any problems.
0 -
THAT WORKED! Thank you SO much!
I would love to know how you knew to try this solution...if only for my own edification.
Once again thank you so much.
0 -
THAT WORKED! Thank you SO much!I would love to know how you knew to try this solution...if only for my own edification.
Once again thank you so much.
Windows provides a method to monitor services and take action on specific events e.g. if service fails it can be restarted. A few rather than restart the service are set to restart the PC. Certain malware take advantage of this and target these services as a defense against tools that are designed to remove malware.
It would be worth running a full scan with Ad-Aware and post the log along with a HijackThis log to see if any of this type of malware is present on your system.
0 -
Logfile of HijackThis v1.99.1
Scan saved at 12:12:56 AM, on 12/17/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\EzButton\CplBCL50.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\MICROS~3\wcescomm.exe
C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
C:\PROGRA~1\MICROS~3\rapimgr.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Documents and Settings\Bowlin\Desktop\hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/accounts/ServiceLogi...mp;ltmplcache=2
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [CplBCL50] C:\Program Files\EzButton\CplBCL50.EXE
O4 - HKLM\..\Run: [synTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\PROGRA~1\MICROS~3\wcescomm.exe"
O4 - HKCU\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [iNTERNATIONAL] International*
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1164328869588
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1164329162304
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: RegVac Registry Service (RegVacService) - Super Win Software, Inc. - C:\Program Files\RegVac Registry Cleaner\RegVserv.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
0 -
Logfile of HijackThis v1.99.1
Scan saved at 8:51:27 AM, on 12/18/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\EzButton\CplBCL50.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\MICROS~3\wcescomm.exe
C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
C:\PROGRA~1\MICROS~3\rapimgr.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\HijackThis\myhjt.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/accounts/ServiceLogi...mp;ltmplcache=2
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [CplBCL50] C:\Program Files\EzButton\CplBCL50.EXE
O4 - HKLM\..\Run: [synTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\PROGRA~1\MICROS~3\wcescomm.exe"
O4 - HKCU\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [iNTERNATIONAL] International*
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1164328869588
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1164329162304
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: RegVac Registry Service (RegVacService) - Super Win Software, Inc. - C:\Program Files\RegVac Registry Cleaner\RegVserv.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
0 -
Hi
The HijackThis log looks OK. Can you try the following three things as well please.
1) Rename the HijackThis program as some malware detect the name when it is running so renaming helps get round this. Install HijackThis to a folder rather than the desktop. See this post for help:
http://www.lavasoftsupport.com/index.php?showtopic=216
Then rename the HijackThis.exe file to say myhjt.exe and then click on this to run a scan. Please post the new logfile.
2) Try the free beta trial of a tool from F-Secure called Blacklight
F-Secure Blacklight:
https://europe.f-secure.com/blacklight/try.shtml
read the info and click the *I accept* button near the bottom of that page.
download Blacklight Beta (graphical user interface version).
Doubleclick on blbeta.exe to run it, click > scan then > next, next again then exit.
There will be a new text file near blacklite. Post this please. The text file is named: fsbl.xxxxxxx.log (the xxxxxxx stand for numbers). Do not take any action based on the scan, please just post the file.
3) Please download Rootkit Revealer
http://www.microsoft.com/technet/sysintern...itRevealer.mspx
(link is at the very bottom of the page)
Unzip it to a folder. Open the rootkitrevealer folder and double-click rootkitrevealer.exe. Click the Scan button (bottom right). It may take a while to scan (don't do anything else while it's running - leave the PC idle during the scan).
When it's done, go up to File > Save. Choose to save it to the folder you installed rootkitrevealer. Then open rootkitrevealer.txt you just saved and copy the entire contents and paste them here.
Do not take any action on the output as the items may be perfectly normal.
Many thanks
0 -
12/18/06 08:54:18 [info]: BlackLight Engine 1.0.47 initialized
12/18/06 08:54:18 [info]: OS: 5.1 build 2600 (Service Pack 2)
12/18/06 08:54:19 [Note]: 7019 4
12/18/06 08:54:19 [Note]: 7005 0
12/18/06 08:54:27 [Note]: 7006 0
12/18/06 08:54:27 [Note]: 7011 1724
12/18/06 08:54:27 [Note]: 7026 0
12/18/06 08:54:28 [Note]: 7026 0
12/18/06 08:54:32 [Note]: FSRAW library version 1.7.1020
12/18/06 08:56:20 [Note]: 2000 1012
12/18/06 08:58:03 [Note]: 7007 0
0 -
HKLM\SECURITY\Policy\Secrets\SAC* 11/23/2006 7:07 PM 0 bytes Key name contains embedded nulls (*)
HKLM\SECURITY\Policy\Secrets\SAI* 11/23/2006 7:07 PM 0 bytes Key name contains embedded nulls (*)
0 -
NEW INFO: In response to your request from several posts ago, I just went to Adaware to do a full scan and post the log. Unfortunately, as soon as I clicked "update" I got the blue screen crash again. After holding down the power button, restarting, etc. I checked the settings you had me change in services.msc and they all still say "restart the service."
Any comments or suggestions? Do you want me to manually update the Adaware defs and then run a scan/post the log? Thanks.
0 -
Hi
The HijackThis log is OK and the rootkitrevealer is normal and the embedded nulls are as expected.
I am not familiar with blacklight output so I will ask an expert to check that out. As Ad-Aware SE is still giving a BSOD can you try to rename the defs.ref file to defs.ref.backup. Then try running a web update again, it should notify no defs file found and download a new defintions file.
Post back how this goes.
0 -
I tried renaming the def file but still got a crash when attempting to update. Appreciate the ongoing help.
0 -
The blue screen flashes up so quickly and then goes black that I can't read the code. It is literally up for less than 1 second. Once the screen goes black there is this LOUD beeping that will persist unless I hold the power button.
Is there any way to slow down the crash so I can read the code? Screen capture?...although this would take some lucky timing and probably wouldn't save since I have to restart after the crash. Any other system logs that might contain the number?...the event log doesn't show anything abnormal after the restart from what I can tell. Thanks.
0 -
Hi
When the blue screen appears in Windows there should be a stop code at the beginning as a hexadecimal number. The number will vary depending on the reason for the blue screen. e.g.
Stop 0x0000001e
Can you post back with the stop code you get when updating the defs file please.
Thanks
0 -
I made the change but when I went to update, it didn't crash! Go figure. I am running a scan right now and will post the log when it is done.
Restarted computer and was able to click update again without a crash.
ADD. INFO: Between my last post and your most recent post I had on of the 'random' freezes that has been haunting my computer for at least a year (I mentioned this before as a possibly related side-note to the Adaware problem). Upon restarting from this freeze I got the Windows Error Reporting box. I sent the report and then had a browser window appear with info on updating my Intel 2200BG wireless driver (this is a laptop). There were warnings about obtaining drivers only from your laptop manufacturer (Chembook in my case) but I figured I'd give it a shot anyway. The update worked just fine and my hardware manager reflects the change in drivers.
As I said, I installed this driver update before changing the settings suggested in your last post and before attempting to update the Adaware drivers. I'm not sure if there is a connection here but I thought I'd let you know either way.
Thanks.
0 -
Hi
Please try adjusting this option.
Right mouse click on "My Computer" and select properties, then select the "Advanced" tab. Under the section headed "Startup and Recovery" click on the settings button. In the "Startup and Recovery" window then deselect the option "Automatically restart". Click OK at each Window to enable the setting.
This should cause the system to halt with the blue screen displayed. You will need to power cycle to restart the PC again.
0 -
Sorry for the long post. I can delete some of this garbage if it isn't helpful.
Ad-Aware SE Build 1.06r1
Logfile Created on:Tuesday, December 19, 2006 5:15:30 PM
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R140 18.12.2006
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
MRU List(TAC index:0):25 total references
Tracking Cookie(TAC index:3):3 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Ad-Aware SE Settings
===========================
Set : Search for negligible risk entries
Set : Search for low-risk threats
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan my Hosts file
Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects
12-19-2006 5:15:30 PM - Scan started. (Full System Scan)
MRU List Object Recognized!
Location: : C:\Documents and Settings\Bowlin\Application Data\microsoft\office\recent
Description : list of recently opened documents using microsoft office
MRU List Object Recognized!
Location: : C:\Documents and Settings\Bowlin\recent
Description : list of recently opened documents
MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct3d
MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct X
MRU List Object Recognized!
Location: : software\microsoft\directdraw\mostrecentapplication
Description : most recent application to use microsoft directdraw
MRU List Object Recognized!
Location: : S-1-5-21-73586283-706699826-854245398-1003\software\microsoft\directinput\mostrecentapplication
Description : most recent application to use microsoft directinput
MRU List Object Recognized!
Location: : S-1-5-21-73586283-706699826-854245398-1003\software\microsoft\directinput\mostrecentapplication
Description : most recent application to use microsoft directinput
MRU List Object Recognized!
Location: : S-1-5-21-73586283-706699826-854245398-1003\software\microsoft\internet explorer
Description : last download directory used in microsoft internet explorer
MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\mediaplayer\preferences
Description : last playlist loaded in microsoft windows media player
MRU List Object Recognized!
Location: : S-1-5-18\software\microsoft\mediaplayer\preferences
Description : last playlist loaded in microsoft windows media player
MRU List Object Recognized!
Location: : S-1-5-19\software\microsoft\mediaplayer\preferences
Description : last playlist loaded in microsoft windows media player
MRU List Object Recognized!
Location: : S-1-5-20\software\microsoft\mediaplayer\preferences
Description : last playlist loaded in microsoft windows media player
MRU List Object Recognized!
Location: : S-1-5-21-73586283-706699826-854245398-1003\software\microsoft\microsoft management console\recent file list
Description : list of recent snap-ins used in the microsoft management console
MRU List Object Recognized!
Location: : S-1-5-21-73586283-706699826-854245398-1003\software\microsoft\search assistant\acmru
Description : list of recent search terms used with the search assistant
MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\windows\currentversion\explorer\comdlg32\lastvisitedmru
Description : list of recent programs opened
MRU List Object Recognized!
Location: : S-1-5-18\software\microsoft\windows\currentversion\explorer\comdlg32\lastvisitedmru
Description : list of recent programs opened
MRU List Object Recognized!
Location: : S-1-5-21-73586283-706699826-854245398-1003\software\microsoft\windows\currentversion\explorer\comdlg32\lastvisitedmru
Description : list of recent programs opened
MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\windows\currentversion\explorer\comdlg32\opensavemru
Description : list of recently saved files, stored according to file extension
MRU List Object Recognized!
Location: : S-1-5-18\software\microsoft\windows\currentversion\explorer\comdlg32\opensavemru
Description : list of recently saved files, stored according to file extension
MRU List Object Recognized!
Location: : S-1-5-21-73586283-706699826-854245398-1003\software\microsoft\windows\currentversion\explorer\comdlg32\opensavemru
Description : list of recently saved files, stored according to file extension
MRU List Object Recognized!
Location: : S-1-5-21-73586283-706699826-854245398-1003\software\microsoft\windows\currentversion\explorer\recentdocs
Description : list of recent documents opened
MRU List Object Recognized!
Location: : S-1-5-21-73586283-706699826-854245398-1003\software\microsoft\windows\currentversion\explorer\runmru
Description : mru list for items opened in start | run
MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\windows media\wmsdk\general
Description : windows media sdk
MRU List Object Recognized!
Location: : S-1-5-18\software\microsoft\windows media\wmsdk\general
Description : windows media sdk
MRU List Object Recognized!
Location: : S-1-5-21-73586283-706699826-854245398-1003\software\microsoft\windows media\wmsdk\general
Description : windows media sdk
Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ProcessID : 668
ThreadCreationTime : 12-19-2006 11:10:59 PM
BasePriority : Normal
#:2 [csrss.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 732
ThreadCreationTime : 12-19-2006 11:11:01 PM
BasePriority : Normal
#:3 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 768
ThreadCreationTime : 12-19-2006 11:11:05 PM
BasePriority : High
#:4 [services.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 812
ThreadCreationTime : 12-19-2006 11:11:05 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Services and Controller app
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : services.exe
#:5 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 824
ThreadCreationTime : 12-19-2006 11:11:05 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe
#:6 [ati2evxx.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 980
ThreadCreationTime : 12-19-2006 11:11:06 PM
BasePriority : Normal
#:7 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 992
ThreadCreationTime : 12-19-2006 11:11:06 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:8 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1072
ThreadCreationTime : 12-19-2006 11:11:06 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:9 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1108
ThreadCreationTime : 12-19-2006 11:11:07 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:10 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1144
ThreadCreationTime : 12-19-2006 11:11:07 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:11 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1304
ThreadCreationTime : 12-19-2006 11:11:10 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:12 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1444
ThreadCreationTime : 12-19-2006 11:11:13 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:13 [explorer.exe]
FilePath : C:\WINDOWS\
ProcessID : 1524
ThreadCreationTime : 12-19-2006 11:11:14 PM
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : EXPLORER.EXE
#:14 [spoolsv.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1820
ThreadCreationTime : 12-19-2006 11:11:14 PM
BasePriority : Normal
FileVersion : 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)
ProductVersion : 5.1.2600.2696
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe
#:15 [guard.exe]
FilePath : C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\
ProcessID : 264
ThreadCreationTime : 12-19-2006 11:11:21 PM
BasePriority : Normal
FileVersion : 7, 5, 0, 47
ProductVersion : 7, 5, 0, 47
ProductName : AVG Anti-Spyware
CompanyName : Anti-Malware Development a.s.
FileDescription : AVG Anti-Spyware guard
InternalName : AVG Anti-Spyware guard
LegalCopyright : Copyright © 2006 Anti-Malware Development a.s.
OriginalFilename : guard.exe
#:16 [avgamsvr.exe]
FilePath : C:\PROGRA~1\Grisoft\AVGFRE~1\
ProcessID : 272
ThreadCreationTime : 12-19-2006 11:11:21 PM
BasePriority : Normal
FileVersion : 7.5.0.420
ProductVersion : 7.5.0.420
ProductName : AVG 7.5 Anti-Virus System
CompanyName : GRISOFT, s.r.o.
FileDescription : AVG Alert Manager
InternalName : avgamsvr
LegalCopyright : Copyright © 2006 GRISOFT, s.r.o.
OriginalFilename : avgamsvr.EXE
#:17 [avgupsvc.exe]
FilePath : C:\PROGRA~1\Grisoft\AVGFRE~1\
ProcessID : 284
ThreadCreationTime : 12-19-2006 11:11:22 PM
BasePriority : Normal
FileVersion : 7.5.0.420
ProductVersion : 7.5.0.420
ProductName : AVG 7.5 Anti-Virus System
CompanyName : GRISOFT, s.r.o.
FileDescription : AVG Update Service
InternalName : avgupsvc
LegalCopyright : Copyright © 2006 GRISOFT, s.r.o.
OriginalFilename : avgupdsvc.EXE
#:18 [avgemc.exe]
FilePath : C:\PROGRA~1\Grisoft\AVGFRE~1\
ProcessID : 340
ThreadCreationTime : 12-19-2006 11:11:22 PM
BasePriority : Normal
FileVersion : 7.5.0.432
ProductVersion : 7.5.0.432
ProductName : AVG Anti-Virus system
CompanyName : GRISOFT, s.r.o.
FileDescription : AVG E-Mail Scanner
InternalName : avgemc
LegalCopyright : Copyright © 2006 GRISOFT, s.r.o.
OriginalFilename : avgemc.exe
#:19 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 516
ThreadCreationTime : 12-19-2006 11:11:22 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:20 [alg.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1200
ThreadCreationTime : 12-19-2006 11:11:27 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Application Layer Gateway Service
InternalName : ALG.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : ALG.exe
#:21 [soundman.exe]
FilePath : C:\WINDOWS\
ProcessID : 1464
ThreadCreationTime : 12-19-2006 11:11:28 PM
BasePriority : Normal
FileVersion : 5.1.0.21
ProductVersion : 5.1.0.21
ProductName : Realtek Sound Manager
CompanyName : Realtek Semiconductor Corp.
FileDescription : Realtek Sound Manager
InternalName : ALSMTray
LegalCopyright : Copyright © 2001-2003 Realtek Semiconductor Corp.
OriginalFilename : ALSMTray.exe
Comments : Realtek AC97 Audio Sound Manager
#:22 [agrsmmsg.exe]
FilePath : C:\WINDOWS\
ProcessID : 1488
ThreadCreationTime : 12-19-2006 11:11:28 PM
BasePriority : Normal
FileVersion : 2.1.32 2.1.32 07/25/2003 11:22:37
ProductVersion : 2.1.32 2.1.32 07/25/2003 11:22:37
ProductName : Agere SoftModem Messaging Applet
CompanyName : Agere Systems
FileDescription : SoftModem Messaging Applet
InternalName : smdmstat.exe
LegalCopyright : Copyright © Agere Systems 1998-2000
OriginalFilename : smdmstat.exe
#:23 [cplbcl50.exe]
FilePath : C:\Program Files\EzButton\
ProcessID : 1504
ThreadCreationTime : 12-19-2006 11:11:28 PM
BasePriority : Normal
FileVersion : 1.00
ProductVersion : 1.00
ProductName : Dritek System Inc. CPATR10 10.29.2001 ( VC60 )
CompanyName : Dritek System Inc.
FileDescription : Compal ATR10 Easy Button ( Multi-Language )
InternalName : CPATR10
LegalCopyright : Copyright © 2001 Dritek System Inc.
OriginalFilename : CPATR10.exe
#:24 [syntplpr.exe]
FilePath : C:\Program Files\Synaptics\SynTP\
ProcessID : 1624
ThreadCreationTime : 12-19-2006 11:11:28 PM
BasePriority : Normal
FileVersion : 7.9.0 08Jan04
ProductVersion : 7.9.0 08Jan04
ProductName : Progressive Touch
CompanyName : Synaptics, Inc.
FileDescription : TouchPad Driver Helper Application
InternalName : SynTPLpr
LegalCopyright : Copyright © Synaptics, Inc. 1996-2004
OriginalFilename : SynTPLpr.exe
#:25 [syntpenh.exe]
FilePath : C:\Program Files\Synaptics\SynTP\
ProcessID : 1640
ThreadCreationTime : 12-19-2006 11:11:28 PM
BasePriority : Normal
FileVersion : 7.9.0 08Jan04
ProductVersion : 7.9.0 08Jan04
ProductName : Progressive Touch
CompanyName : Synaptics, Inc.
FileDescription : Synaptics TouchPad Enhancements
InternalName : Scrolleroo
LegalCopyright : Copyright © Synaptics, Inc. 1996-2004
OriginalFilename : SynTPEnh.exe
#:26 [avgcc.exe]
FilePath : C:\PROGRA~1\Grisoft\AVGFRE~1\
ProcessID : 1652
ThreadCreationTime : 12-19-2006 11:11:28 PM
BasePriority : Normal
FileVersion : 7.5.0.418
ProductVersion : 7.5.0.418
ProductName : AVG 7.5 Anti-Virus System
CompanyName : GRISOFT, s.r.o.
FileDescription : AVG Control Center
InternalName : AvgCC
LegalCopyright : Copyright © 2006 GRISOFT, s.r.o.
OriginalFilename : AvgCC.EXE
#:27 [avgas.exe]
FilePath : C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\
ProcessID : 1664
ThreadCreationTime : 12-19-2006 11:11:28 PM
BasePriority : Normal
FileVersion : 7, 5, 0, 50
ProductVersion : 7, 5, 0, 50
ProductName : AVG Anti-Spyware
CompanyName : Anti-Malware Development a.s.
FileDescription : AVG Anti-Spyware
InternalName : AVG Anti-Spyware
LegalCopyright : Copyright © 2006 Anti-Malware Development a.s.
OriginalFilename : avgas.exe
#:28 [atiptaxx.exe]
FilePath : C:\Program Files\ATI Technologies\ATI Control Panel\
ProcessID : 1672
ThreadCreationTime : 12-19-2006 11:11:28 PM
BasePriority : Normal
FileVersion : 6.14.10.5107
ProductVersion : 6.14.10.5107
ProductName : ATI Desktop Component
CompanyName : ATI Technologies, Inc.
FileDescription : ATI Desktop Control Panel
InternalName : Atiptaxx.exe
LegalCopyright : Copyright © 1998-2004 ATI Technologies Inc.
OriginalFilename : Atiptaxx.exe
#:29 [ctfmon.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1680
ThreadCreationTime : 12-19-2006 11:11:28 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : CTF Loader
InternalName : CTFMON
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : CTFMON.EXE
#:30 [wcescomm.exe]
FilePath : C:\PROGRA~1\MICROS~3\
ProcessID : 1692
ThreadCreationTime : 12-19-2006 11:11:28 PM
BasePriority : Normal
FileVersion : 4.2.4876.0
ProductVersion : 4.2.4876
ProductName : Microsoft ActiveSync
CompanyName : Microsoft Corporation
FileDescription : ActiveSync Connection Manager
InternalName : wcescomm
LegalCopyright : Copyright © 1995-2006 Microsoft Corp. All rights reserved.
LegalTrademarks : Microsoft® and Windows® are registered trademarks of Microsoft Corporation.
OriginalFilename : WCESCOMM.EXE
#:31 [anydvd.exe]
FilePath : C:\Program Files\SlySoft\AnyDVD\
ProcessID : 1700
ThreadCreationTime : 12-19-2006 11:11:29 PM
BasePriority : High
#:32 [rapimgr.exe]
FilePath : C:\PROGRA~1\MICROS~3\
ProcessID : 1508
ThreadCreationTime : 12-19-2006 11:11:30 PM
BasePriority : Normal
FileVersion : 4.2.4876.0
ProductVersion : 4.2.4876
ProductName : Microsoft ActiveSync
CompanyName : Microsoft Corporation
FileDescription : ActiveSync RAPI Manager
InternalName : rapimgr
LegalCopyright : Copyright © 1995-2006 Microsoft Corp. All rights reserved.
LegalTrademarks : Microsoft® and Windows® are registered trademarks of Microsoft Corporation.
OriginalFilename : rapimgr.exe
#:33 [wuauclt.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 876
ThreadCreationTime : 12-19-2006 11:12:10 PM
BasePriority : Normal
FileVersion : 5.8.0.2469 built by: lab01_n(wmbla)
ProductVersion : 5.8.0.2469
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Automatic Updates
InternalName : wuauclt.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : wuauclt.exe
#:34 [ad-aware.exe]
FilePath : C:\Program Files\Lavasoft\Ad-Aware SE Personal\
ProcessID : 2916
ThreadCreationTime : 12-19-2006 11:14:39 PM
BasePriority : Normal
FileVersion : 6.2.0.236
ProductVersion : SE 106
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft AB Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved
Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 25
Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 25
Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 25
Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : bowlin@live365[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:6
Value : Cookie:bowlin@live365.com/
Expires : 12-22-2011 9:51:50 AM
LastSync : Hits:6
UseCount : 0
Hits : 6
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : bowlin@hitbox[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:14
Value : Cookie:bowlin@hitbox.com/
Expires : 12-19-2007 1:47:14 PM
LastSync : Hits:14
UseCount : 0
Hits : 14
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : bowlin@ehg-nokiafin.hitbox[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:7
Value : Cookie:bowlin@ehg-nokiafin.hitbox.com/
Expires : 12-19-2007 1:47:14 PM
LastSync : Hits:7
UseCount : 0
Hits : 7
Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 3
Objects found so far: 28
Deep scanning and examining files (C:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Disk Scan Result for C:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 28
Scanning Hosts file......
Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
1 entries scanned.
New critical objects:0
Objects found so far: 28
Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 28
5:24:08 PM Scan Complete
Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:08:38.175
Objects scanned:118217
Objects identified:3
Objects ignored:0
New critical objects:3
0 -
Hi
Nothing of concern in the Ad-Aware log either. Tracking cookies are easy to remove and the MRU items are not a threat. MRUs are the lists of files, URLS etc opened recently in various applications. The recently used file lists are useful in applications but could be a potential privacy issue on a shared PC so Ad-Aware offers the option to delete them.
The Blacklight log checked out OK as well.
The intermitent blue screen and info you provided suggests a hardware issue rather than a malware infection; possibly the disk drive is starting to fail.
If it happens again try posting the stop code. This will give some pointers as to where the issue is.
0 -
I will make sure to do that.
Thanks again for all your help.
0 -
Well the program was working fine for a few weeks but I just now recovered from a physical memory dump/blue screen crash. Here's the info:
DRIVER_IRQL_NOT_LESS_OR_EQUAL
Technical Information:
***STOP: 0x000000D1 (0x82400000, 0x00000002, 0x00000000, 0xF8097A98)
***w22n51.sys - Address F8097A98 base at F8024000, DateStamp 3ff54d71
Upon restart the Windows Error Reporting box appeared and after sending the error report, a Windows error reporting web page opened and prompted me to download the latest Intel 2200bg driver. I have received this message before (and installed the different driver) but that didn't fix the problem.
Any thoughts? Thanks.
0 -
I'm having the same problem and also have the Intel 2200BG driver (mine is v.8). The manufacturer is Averatec and they have no driver available. I tried updating my driver to Intel v.9, but then can't connect to my home network at all so I had to rollback to v.8. Could there be any way to get Ad-Aware to work with v.8?
0 -
Hi
Sorry for the late reply, I have only just seen you posted the stop code.
In general STOP: 0x000000D1 is due to one of these reasons:
- A bad device driver
- Faulty RAM
- A corrupted page file
As the stop code references a specific driver (w22n51.sys ) this needs checking out. Check if the original manufacturer of your laptop has their own version of that driver. Visit their web site and look for the drivers for you model of laptop. It is possible they have thier own versions of the wireless LAN driver. A handy lookup table is available from Intel at http://www.intel.com/support/notebook/cent...b/cs-009881.htm
Always use the original equipment manfacturers' version if one is available. If not then checkout the Intel web site at http://www.intel.com/support/wireless/wlan...200bg/index.htm and follow Intel's instructions on how to identify your adapter and driver.
0 - A bad device driver
-
Ad Astra, thanks so much for the reply.
The w22n51.sys file is part of my WLAN drivers. I have the latest drivers installed per ChemUSAs web site (my laptop manufacturer) and have reinstalled those drivers several times. I have also tried the latest drivers from Intel's' site but run into connection difficulties and the inability to use ActiveSync with my PPC.
I'll try emailing ChemUSA to see if they have any new drivers that haven't been uploaded to their site but I am not too optimistic.
I'm also debating whether to try a new stick of RAM but that is a fairly expensive experiment especially in light of the fact that memtest86+ has shown no errors on several runs.
I'll let you know what ChemUSA has to say. In the meantime, let me know if you have any other ideas...I really appreciate the help. Thanks.
0
Please sign in to leave a comment.
Comments
25 comments