We help IT Professionals succeed at work.

Strange BSOD and ini file keeps opening at boot up of Win 7

634 Views
Last Modified: 2013-12-31
I very rarely have a BSOD on my rig, but here is one that just happened and I have no clue why or if it was just a burp in Win 7 Ultimate.  However, since it happened, every time I restart or bootup, and after Win 7 is up and running, notepad opens the desktop ini file and I have to manually close it.  What is that all about?  I have attached all files for you people to look at and give me some feedback.  I am going to run my AV scans, etc. just in case.
BSOD-12-29-13.docx
122913-12745-01.dmp
file-strange.jpg
WER-28033-0.sysdata.xml
Comment
Watch Question

JohnBusiness Consultant (Owner)
Most Valuable Expert 2012
Expert of the Year 2018

Commented:
The dmp file says Page Fault in Non Paged area.

It could be memory, so check memory with memtest.ext (memtest.org).

More likely it is a virus corrupting your operating system.

Check for viruses with your own application and then scan with malwarebytes (malwarebytes.org).

... Thinkpads_User

Author

Commented:
Will do and doing.

Author

Commented:
Ok, finished.  Bitdefender and Malware Bytes found some stuff and took care of it.  EXCEPT the desktop.ini file keeps opening up after boot up and I have to close it every time.  See the image I uploaded before called "file-strange".  The desktop.ini file says:

[.ShellClassInfo]
LocalizedResourceName=@%SystemRoot%\system32\shell32.dll,-21787
JohnBusiness Consultant (Owner)
Most Valuable Expert 2012
Expert of the Year 2018

Commented:
See if you can log into the system with a different username (member of administrators group) and delete the file from the different username.

Get a copy of Process Explorer (free from Microsoft). Run it. Look down in the Explorer process and see if there is any process with a strange alpha numeric label. If so, kill the process and run malwarebytes again.

... Thinkpads_User
CERTIFIED EXPERT
Distinguished Expert 2019

Commented:
your dump file points to Vsserv.exe Which is the main Bitdefender process that provides continuous real-time protection

so best uninstall bitdefender for testing
You also have a few outdated drivers so update them.

Filename: 000.fcl Fri Sep 26 23:11:22 2008
Command: c:\program files\cyberlink\powerdvd10\navfilter\000.fcl
Description: Added by the PowerDVD universal media player.
File Location: %ProgramFiles%\cyberlink\powerdvd10\navfilter\000.fcl

Filename: lmimirr.sys  Wed Apr 11 08:32:45 2007
Command: %System%\DRIVERS\lmimirr.sys
Description: Video driver for the the LogMeIn remote management software.
File Location: %System%\DRIVERS\lmimirr.sys
Bug Check Code 50 with 2nd parameter as 0 means "Page Fault in Non Paged area while reading". It means when operating system tries to read from memory [virtual memory] which reside on RAM [Physical memory] and which is supposed not to be paged out has not been found and inorder to save from file corruption Windows operating system gives a bugcheck code 0x00000050 . The memory address fffff80003b53b41 [Virutal memory address]
Nobus is absolutly correct the process which was running during the BSOD on processor 0 was VSSERV.EXE

Even if you are getting Shell32.dll error ,please dont play with it , its operating system file which is required at the time of booting . Your explorer gets loaded on the shell so dont try to delete the file.
Its always better to test with clean boot in order to find the root cause however when its related to antivirus or any application which uses kernla mode driver which gets loaded at boot time . You need to disable it through registry so that its completely gets deactivated.

Author

Commented:
Ratnesh & Nobus, I'm about a mid-level tech in experience, so I do not know exactly how to disable things in the registry.  I need help/instructions to do this.  I have a couple of questions so I can better understand:

Is the desktop.ini file that keeps opening just after boot, the Shell32.dll error?
Nobus, when you say uninstall Bitdefender, should I uninstall and then re-install?  Or run a repair install?  Or talk to Bitdefender tech support and notify them of this error and let them advise as well?

I've had NO BSODs since, but this desktop.ini file that keeps opening, is it directly related to the BSOD I had?  It would seem that way.  If so, then Bitdefender in taking care of a problem, has caused a slight malfunction somewhere that causes the ini to keep opening, yes?
First Uninstall [If you can else you can follow http://support.microsoft.com/kb/816071] Bit-defender and then verify if it reappears again or not. Then we can go ahead with other action plan based on the outcome.

Author

Commented:
Quick note:
I ran Process Explorer, and there are NO strange alpha numeric labels.
JohnBusiness Consultant (Owner)
Most Valuable Expert 2012
Expert of the Year 2018

Commented:
Did you try deleting the file from another username?

... Thinkpads_User
You can't find that in Process Explorer , if want you can see that, it may be visible in procmon however at what level that matters .

Is this error you are facing is happening with only one user ? if the answer is yes then recreate the user profile .
Did you try clean boot [Disabling all 3rd party application and then boot in normal mode] ?
Are you getting this issue in safe mode as well ? Whats about safemode with networking ?

Or updating Win32k.sys and shell32.dll will help you to resolve the issue. However if BitDefender get corrupt then even upgrading the system files will also not help . SO first uninstall the Bit defender and they try to verify. Deleting shell32.dll will destabilize your system , so if you want to check rename it .
CERTIFIED EXPERT
Distinguished Expert 2019

Commented:
Art - i never talked about registry - all i said was "so best uninstall bitdefender for testing "
in the mean time, you can use a free AV, like AVG, or Avast

Author

Commented:
I am the only user.  I will try a couple of these things you all suggest.  Give me a day or two and then I will post the resuts.   In the mean time, everyone have a Happy New Year!!
JohnBusiness Consultant (Owner)
Most Valuable Expert 2012
Expert of the Year 2018

Commented:
Even though you are the only user, setting up a test user is quite easy. Make it a member of the admin group. You can always remove it later.

... Thinkpads_User

Author

Commented:
Since I am off from work today, here is what I have done so far:

Boot up in safe mode.  desktop.ini does NOT open after boot.

Boot up in safe mode with networking.  desktop.ini does NOT open after boot.

Uninstalled Bitdefender.  Re-started. desktop.ini file STILL opens (in Notepad).

Re-installed Bitdefender.  Re-started.  desktop.ini file STILL opens (in Notepad).

Did a search for "desktop.ini" file on "C" drive.  It turns up only one file by that name.  See the attached image called "desktop ini search".  When I open this ini file it reads the following:

[.ShellClassInfo]
IconFile=folder.ico
IconIndex=0
ConfirmFileOp=0

But the desktop.ini file that opens at every re-boot is:

(space)
[.ShellClassInfo]
LocalizedResourceName=@%SystemRoot%\system32\shell32.dll,-21787


I have some questions:

How do I update Win32k.sys and shell32.dll?

How do I set up a test user and make it a member of the admin group?  Is that just simply going to Users Accounts and creating a user?
desktop-ini-search.jpg
This one is on us!
(Get your first solution completely free - no credit card required)
UNLOCK SOLUTION
JohnBusiness Consultant (Owner)
Most Valuable Expert 2012
Expert of the Year 2018

Commented:
Is that just simply going to Users Accounts and creating a user?

Yes. then go to groups and add the user to "administrators"

I use this method a lot. It may not work here if a virus continues to cause the issue, but it is worth a try.

... Thinkpads_User

Author

Commented:
Thanks to everyone's help, but Ratnesh is the clear winner.  That solution when applied to Win 7, worked.

Gain unlimited access to on-demand training courses with an Experts Exchange subscription.

Get Access
Why Experts Exchange?

Experts Exchange always has the answer, or at the least points me in the correct direction! It is like having another employee that is extremely experienced.

Jim Murphy
Programmer at Smart IT Solutions

When asked, what has been your best career decision?

Deciding to stick with EE.

Mohamed Asif
Technical Department Head

Being involved with EE helped me to grow personally and professionally.

Carl Webster
CTP, Sr Infrastructure Consultant
Empower Your Career
Did You Know?

We've partnered with two important charities to provide clean water and computer science education to those who need it most. READ MORE

Ask ANY Question

Connect with Certified Experts to gain insight and support on specific technology challenges including:

  • Troubleshooting
  • Research
  • Professional Opinions
Unlock the solution to this question.
Join our community and discover your potential

Experts Exchange is the only place where you can interact directly with leading experts in the technology field. Become a member today and access the collective knowledge of thousands of technology experts.

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.