Troubleshoot Weird log file "crash-handler.log"

Flopek

New Member
Thread author
Aug 30, 2020
1
Hello,
I just found a log file that freaks me out a bit. I thought it could be some kind of malware because of the name "Watcher". I would like to know if it is just a harmless file Windows created or is it something serious.
I hope I am posting in the right section as this is my first time using the forum.
Thank you in advance.
This is what is in the file:

INF:20200819:215942.772: Start Watcher
INF:20200819:215942.865: Socket::read instance_0 pendingIO state 1
DBG:20200819:215942.865: Socket::read instance_0 GetOverlappedResult read 0, dwErr 0
DBG:20200819:215942.865: Socket::read instance_0 read size 0, fSuccess 0
ERR:20200819:215942.865: Socket::read instance_0 failed with error code 997
INF:20200819:215942.915: Socket::read instance_0 pendingIO state 1
DBG:20200819:215942.915: Socket::read instance_0 GetOverlappedResult read 6, dwErr 0
INF:20200819:215942.915: register process
INF:20200819:215942.915: pid 4728
INF:20200819:215942.915: isCritical 0
INF:20200819:215942.916: Processes size: 1
INF:20200819:215942.916: Socket::read instance_0 pendingIO state 0
DBG:INF:20200819:215942.916: Socket::read instance_0 read size 0, fSuccess 0
ERR:20200819:215942.916: Start monitoring
20200819:215942.916: Socket::read instance_0 failed with error code 997
INF:20200819:215943.551: Socket::read instance_1 pendingIO state 1
DBG:20200819:215943.551: Socket::read instance_1 GetOverlappedResult read 0, dwErr 0
DBG:20200819:215943.551: Socket::read instance_1 read size 0, fSuccess 0
ERR:20200819:215943.551: Socket::read instance_1 failed with error code 997
INF:20200819:215943.602: Socket::read instance_1 pendingIO state 1
DBG:20200819:215943.602: Socket::read instance_1 GetOverlappedResult read 6, dwErr 0
INF:20200819:215943.602: register process
INF:20200819:215943.602: pid 9528
INF:20200819:215943.602: isCritical 0
INF:20200819:215943.602: Processes size: 2
INF:20200819:215943.602: Socket::read instance_1 pendingIO state 0
DBG:20200819:215943.602: Socket::read instance_1 read size 0, fSuccess 0
ERR:20200819:215943.602: Socket::read instance_1 failed with error code 997
INF:20200819:215943.652: Socket::read instance_2 pendingIO state 1
DBG:20200819:215943.652: Socket::read instance_2 GetOverlappedResult read 0, dwErr 0
DBG:20200819:215943.652: Socket::read instance_2 read size 6, fSuccess 1
INF:20200819:215943.652: register process
INF:20200819:215943.653: pid 13200
INF:20200819:215943.653: isCritical 0
INF:20200819:215943.653: Processes size: 3
INF:20200819:215943.653: Socket::read instance_2 pendingIO state 0
DBG:20200819:215943.653: Socket::read instance_2 read size 0, fSuccess 0
ERR:20200819:215943.653: Socket::read instance_2 failed with error code 997
INF:20200819:215943.703: Socket::read instance_3 pendingIO state 1
DBG:20200819:215943.703: Socket::read instance_3 GetOverlappedResult read 0, dwErr 0
DBG:20200819:215943.703: Socket::read instance_3 read size 6, fSuccess 1
INF:20200819:215943.703: register process
INF:20200819:215943.703: pid 5848
INF:20200819:215943.703: isCritical 0
INF:20200819:215943.703: Processes size: 4
INF:20200819:215943.703: Socket::read instance_3 pendingIO state 0
DBG:20200819:215943.703: Socket::read instance_3 read size 0, fSuccess 0
ERR:20200819:215943.703: Socket::read instance_3 failed with error code 997
INF:20200819:215943.754: Socket::read instance_4 pendingIO state 1
DBG:20200819:215943.754: Socket::read instance_4 GetOverlappedResult read 0, dwErr 0
DBG:20200819:215943.754: Socket::read instance_4 read size 6, fSuccess 1
INF:20200819:215943.754: register process
INF:20200819:215943.754: pid 4552
INF:20200819:215943.754: isCritical 1
INF:20200819:215943.754: Processes size: 5
INF:20200819:215943.754: Socket::read instance_4 pendingIO state 0
DBG:20200819:215943.754: Socket::read instance_4 read size 0, fSuccess 0
ERR:20200819:215943.754: Socket::read instance_4 failed with error code 109
INF:20200819:215943.754: DisconnectAndReconnect start for 4
INF:20200819:220709.224: Socket::read instance_5 pendingIO state 1
DBG:20200819:220709.224: Socket::read instance_5 GetOverlappedResult read 0, dwErr 0
DBG:20200819:220709.224: Socket::read instance_5 read size 5, fSuccess 1
INF:20200819:220709.224: unregister process
INF:20200819:220709.224: pid 4552
INF:20200819:220709.224: isCritical 1
INF:20200819:220709.239: End monitoring
INF:20200819:220713.476: Start Watcher
INF:20200819:220714.301: End Watcher
INF:20200819:220714.318: Terminating application
 

hector444

New Member
Sep 20, 2020
1
it happens to me in random occasions as well, but from what I understand, it happens when some application simply crash, because I get the log when for example a steam app called wallpaper engine crashes.
but recently got it while playing cod warzone which uses another platform, I was playing and out of nowhere my monitor, mouse, and keyboard disconnected but the computer was still on. And as soon as I restarted again I got the handler. this last reason is why I am also commenting here in case someone knows more about this.
 
Upvote 0

FUNKYdoc

New Member
Dec 22, 2020
1
it happens to me in random occasions as well, but from what I understand, it happens when some application simply crash, because I get the log when for example a steam app called wallpaper engine crashes.
but recently got it while playing cod warzone which uses another platform, I was playing and out of nowhere my monitor, mouse, and keyboard disconnected but the computer was still on. And as soon as I restarted again I got the handler. this last reason is why I am also commenting here in case someone knows more about this.
can you help me figure out why the socket crashes, the err code 997 and 109 are what i want toknow more about
i too have the issue caused by stream labs
 
Upvote 0

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top