Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

explorer.exe keeps crashing. grooveex.dll, ntdll.dll


  • Please log in to reply
22 replies to this topic

#1 samak

samak

  • Members
  • 61 posts
  • OFFLINE
  •  
  • Local time:09:18 PM

Posted 09 May 2012 - 11:38 AM

The problem:
Suddenly, for the past few weeks, my computer has been taking 15 minutes to start. That is, when I turn on the computer, it boots into windows, then I am stuck at the desktop for 15 minutes before I can do ANYTHING. During these 15 minutes, the computer keeps giving "windows error" messages. Then it keeps crashing and restarting "explorer.exe".
I am sure it is not a virus or malware. Sometimes it would give a message saying there is a problem with grooveex.dll.
I do not remember installing anything or making any software or hardware changes that may have caused this. The only thing I did was get windows updates, so that may have something to do with windows updates. How do I find out? Is there a history I can go to so I can actually see the details of the errors I keep getting every time I turn on my computer?

I do not have many programs running automatically on startup. My computer USED to run smoothly and quickly until this problem started. After it gets past the first 15 minutes, my computer seems to run like normal again.

Should I generate a memory dump for the crashing process so you can see what is happening? How can I do that?

I already did a clean boot but that did not solve the problem. I also used autoruns to disable all unnecessary startup programs.


Running:
Windows 7
service pack 1
Processor: intel core duo cpu E7500 @ 2.93 Ghz
Installed RAM: 6 GB
64- bit OS


Below are some errors I was able to see:
*********
Description:
A problem caused this program to stop interacting with Windows.

Problem signature:
Problem Event Name: AppHangB1
Application Name: explorer.exe
Application Version: 6.1.7601.17567
Application Timestamp: 4d672ee4
Hang Signature: e6e6
Hang Type: 0
OS Version: 6.1.7601.2.1.0.256.1
Locale ID: 1033
Additional Hang Signature 1: e6e6dcbb288ea7554575c68667082ed2
Additional Hang Signature 2: 4d11
Additional Hang Signature 3: 4d1104a990cf75d4058f3f342ae42470
Additional Hang Signature 4: e6e6
Additional Hang Signature 5: e6e6dcbb288ea7554575c68667082ed2
Additional Hang Signature 6: 4d11
Additional Hang Signature 7: 4d1104a990cf75d4058f3f342ae42470

Read our privacy statement online:
http://go.microsoft.com/fwlink/?linkid=104288&clcid=0x0409

If the online privacy statement is not available, please read our privacy statement offline:
C:\Windows\system32\en-US\erofflps.txt



******************

Problem signature:
Problem Event Name: APPCRASH
Application Name: explorer.exe
Application Version: 6.1.7601.17567
Application Timestamp: 4d672ee4
Fault Module Name: ntdll.dll
Fault Module Version: 6.1.7601.17725
Fault Module Timestamp: 4ec4aa8e
Exception Code: c0000005
Exception Offset: 0000000000018e3d
OS Version: 6.1.7601.2.1.0.256.1
Locale ID: 1033
Additional Information 1: abcc
Additional Information 2: abcc8f7853b48d9807d6d51eb1fa5df9
Additional Information 3: abcc
Additional Information 4: abcc8f7853b48d9807d6d51eb1fa5df9

Read our privacy statement online:
http://go.microsoft.com/fwlink/?linkid=104288&clcid=0x0409

If the online privacy statement is not available, please read our privacy statement offline:
C:\Windows\system32\en-US\erofflps.txt

BC AdBot (Login to Remove)

 


#2 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 34,310 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:06:18 PM

Posted 09 May 2012 - 05:51 PM

Download Security Check from HERE, and save it to your Desktop.

* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt; please post the contents of that document.

=============================================================================

Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

====================================================================================

Please download MiniToolBox and run it.

Checkmark following boxes:
  • Report IE Proxy Settings
  • Report FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices (do NOT change any settings here)
  • List Users, Partitions and Memory size
Click Go and post the result.

=============================================================================

Download Malwarebytes' Anti-Malware (aka MBAM): http://www.malwarebytes.org/products/malwarebytes_free to your desktop.

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.

Be sure to restart the computer.

The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

=============================================================================

Download aswMBR to your desktop.
Double click the aswMBR.exe to run it.
If you see this question: Would you like to download latest Avast! virus definitions?" say "Yes".
Click the "Scan" button to start scan.
On completion of the scan click "Save log", save it to your desktop and post in your next reply.

NOTE. aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif




#3 samak

samak
  • Topic Starter

  • Members
  • 61 posts
  • OFFLINE
  •  
  • Local time:09:18 PM

Posted 10 May 2012 - 04:59 PM

Results from Security Check:
http://pastebin.com/6VewdZPC

Results from FSS:
http://pastebin.com/60qyj2tE

Results from Minitoolbox:
http://pastebin.com/mt02ucQM

Results from MBAM:
http://pastebin.com/ND9rA14d

Results from aswMBR:
http://pastebin.com/fgQt3p90

#4 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 34,310 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:06:18 PM

Posted 10 May 2012 - 05:22 PM

That won't work.
I need all logs to be pasted into your reply.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif




#5 samak

samak
  • Topic Starter

  • Members
  • 61 posts
  • OFFLINE
  •  
  • Local time:09:18 PM

Posted 10 May 2012 - 05:30 PM

Results from Security Check:

Results of screen317's Security Check version 0.99.24
Windows 7 x64 (UAC is enabled)
Internet Explorer 9
``````````````````````````````
Antivirus/Firewall Check:

Windows Firewall Enabled!
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:

Java™ 6 Update 31
Adobe Flash Player ( 10.3.183.7) Flash Player Out of Date!
Adobe Reader X (10.1.1)
Mozilla Firefox (x86 en-US..)
````````````````````````````````
Process Check:
objlist.exe by Laurent

Malwarebytes' Anti-Malware mbamservice.exe
``````````End of Log````````````



Results from FSS:

Farbar Service Scanner Version: 08-05-2012
Ran by bird (administrator) on 10-05-2012 at 17:28:06
Running from "C:\Users\bird\Desktop"
Microsoft Windows 7 Ultimate Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Yahoo IP is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

Results from Minitoolbox:

MiniToolBox by Farbar Version: 18-01-2012
Ran by bird (administrator) on 10-05-2012 at 17:29:30
Microsoft Windows 7 Ultimate Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

========================= FF Proxy Settings: ==============================

========================= Hosts content: =================================


127.0.0.1 localhost


========================= IP Configuration: ================================

Intel® 82567V-2 Gigabit Network Connection = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : murdock
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel® 82567V-2 Gigabit Network Connection
Physical Address. . . . . . . . . : 00-1C-C0-EE-AB-79
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::d99d:230b:4c81:db19%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.100(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Thursday, May 10, 2012 4:52:18 PM
Lease Expires . . . . . . . . . . : Friday, May 11, 2012 4:52:17 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 234888384
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-95-40-0B-00-1C-C0-EE-AB-79
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{572B8993-7FE0-4707-802E-0325DC418D40}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:1875:46f:3f57:fe9b(Preferred)
Link-local IPv6 Address . . . . . : fe80::1875:46f:3f57:fe9b%13(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: unknown
Address: 192.168.1.1

Name: google.com
Addresses: 74.125.227.98
74.125.227.99
74.125.227.100
74.125.227.101
74.125.227.102
74.125.227.103
74.125.227.104
74.125.227.105
74.125.227.110
74.125.227.96
74.125.227.97


Pinging google.com [74.125.227.97] with 32 bytes of data:
Reply from 74.125.227.97: bytes=32 time=44ms TTL=53
Reply from 74.125.227.97: bytes=32 time=43ms TTL=53

Ping statistics for 74.125.227.97:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 43ms, Maximum = 44ms, Average = 43ms
Server: unknown
Address: 192.168.1.1

Name: yahoo.com
Addresses: 98.139.183.24
209.191.122.70
72.30.38.140


Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes=32 time=100ms TTL=55
Reply from 72.30.38.140: bytes=32 time=111ms TTL=55

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 100ms, Maximum = 111ms, Average = 105ms
Server: unknown
Address: 192.168.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Request timed out.
Request timed out.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 0, Lost = 2 (100% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
11...00 1c c0 ee ab 79 ......Intel® 82567V-2 Gigabit Network Connection
1...........................Software Loopback Interface 1
12...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.100 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.100 276
192.168.1.100 255.255.255.255 On-link 192.168.1.100 276
192.168.1.255 255.255.255.255 On-link 192.168.1.100 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.100 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.100 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
13 58 ::/0 On-link
1 306 ::1/128 On-link
13 58 2001::/32 On-link
13 306 2001:0:4137:9e76:1875:46f:3f57:fe9b/128
On-link
11 276 fe80::/64 On-link
13 306 fe80::/64 On-link
13 306 fe80::1875:46f:3f57:fe9b/128
On-link
11 276 fe80::d99d:230b:4c81:db19/128
On-link
1 306 ff00::/8 On-link
13 306 ff00::/8 On-link
11 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (05/10/2012 05:19:41 PM) (Source: Application Error) (User: )
Description: Windows cannot access the file C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL for one of the following reasons:
there is a problem with the network connection, the disk that the file is stored on, or the storage
drivers installed on this computer; or the disk is missing.
Windows closed the program Windows Explorer because of this error.

Program: Windows Explorer
File: C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL

The error value is listed in the Additional Data section.
User Action
1. Open the file again.
This situation might be a temporary problem that corrects itself when the program runs again.
2.
If the file still cannot be accessed and
- It is on the network,
your network administrator should verify that there is not a problem with the network and that the server can be contacted.
- It is on a removable disk, for example, a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer.
3. Check and repair the file system by running CHKDSK. To run CHKDSK, click Start, click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then press ENTER.
4. If the problem persists, restore the file from a backup copy.
5. Determine whether other files on the same disk can be opened. If not, the disk might be damaged. If it is a hard disk, contact your administrator or computer hardware vendor for
further assistance.

Additional Data
Error value: C000009C
Disk type: 3

Error: (05/10/2012 05:19:41 PM) (Source: Application Error) (User: )
Description: Faulting application name: explorer.exe, version: 6.1.7601.17567, time stamp: 0x4d672ee4
Faulting module name: ntdll.dll, version: 6.1.7601.17725, time stamp: 0x4ec4aa8e
Exception code: 0xc0000006
Fault offset: 0x0000000000018f55
Faulting process id: 0x818
Faulting application start time: 0xexplorer.exe0
Faulting application path: explorer.exe1
Faulting module path: explorer.exe2
Report Id: explorer.exe3

Error: (05/10/2012 05:17:13 PM) (Source: Application Error) (User: )
Description: Faulting application name: explorer.exe, version: 6.1.7601.17567, time stamp: 0x4d672ee4
Faulting module name: ntdll.dll, version: 6.1.7601.17725, time stamp: 0x4ec4aa8e
Exception code: 0xc0000005
Fault offset: 0x0000000000018e3d
Faulting process id: 0xc1c
Faulting application start time: 0xexplorer.exe0
Faulting application path: explorer.exe1
Faulting module path: explorer.exe2
Report Id: explorer.exe3

Error: (05/10/2012 05:02:41 PM) (Source: Application Error) (User: )
Description: Windows cannot access the file C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL for one of the following reasons:
there is a problem with the network connection, the disk that the file is stored on, or the storage
drivers installed on this computer; or the disk is missing.
Windows closed the program Windows Explorer because of this error.

Program: Windows Explorer
File: C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL

The error value is listed in the Additional Data section.
User Action
1. Open the file again.
This situation might be a temporary problem that corrects itself when the program runs again.
2.
If the file still cannot be accessed and
- It is on the network,
your network administrator should verify that there is not a problem with the network and that the server can be contacted.
- It is on a removable disk, for example, a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer.
3. Check and repair the file system by running CHKDSK. To run CHKDSK, click Start, click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then press ENTER.
4. If the problem persists, restore the file from a backup copy.
5. Determine whether other files on the same disk can be opened. If not, the disk might be damaged. If it is a hard disk, contact your administrator or computer hardware vendor for
further assistance.

Additional Data
Error value: C000009C
Disk type: 3

Error: (05/10/2012 05:02:41 PM) (Source: Application Error) (User: )
Description: Faulting application name: explorer.exe, version: 6.1.7601.17567, time stamp: 0x4d672ee4
Faulting module name: ntdll.dll, version: 6.1.7601.17725, time stamp: 0x4ec4aa8e
Exception code: 0xc0000006
Fault offset: 0x0000000000018f55
Faulting process id: 0xb8c
Faulting application start time: 0xexplorer.exe0
Faulting application path: explorer.exe1
Faulting module path: explorer.exe2
Report Id: explorer.exe3

Error: (05/10/2012 04:57:35 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/10/2012 04:52:13 PM) (Source: EventLog) (User: )
Description: 4:49:34 PM?5/?10/?2012908

Error: (05/10/2012 04:46:07 PM) (Source: Application Error) (User: )
Description: Faulting application name: explorer.exe, version: 6.1.7601.17567, time stamp: 0x4d672ee4
Faulting module name: ntdll.dll, version: 6.1.7601.17725, time stamp: 0x4ec4aa8e
Exception code: 0xc0000005
Fault offset: 0x0000000000018e3d
Faulting process id: 0xaa0
Faulting application start time: 0xexplorer.exe0
Faulting application path: explorer.exe1
Faulting module path: explorer.exe2
Report Id: explorer.exe3

Error: (05/10/2012 04:40:04 PM) (Source: Application Error) (User: )
Description: Faulting application name: Explorer.EXE, version: 6.1.7601.17567, time stamp: 0x4d672ee4
Faulting module name: ntdll.dll, version: 6.1.7601.17725, time stamp: 0x4ec4aa8e
Exception code: 0xc0000005
Fault offset: 0x0000000000018e3d
Faulting process id: 0xb04
Faulting application start time: 0xExplorer.EXE0
Faulting application path: Explorer.EXE1
Faulting module path: Explorer.EXE2
Report Id: Explorer.EXE3

Error: (05/10/2012 04:36:40 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (05/10/2012 05:19:45 PM) (Source: Disk) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (05/10/2012 05:19:38 PM) (Source: Disk) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (05/10/2012 05:19:36 PM) (Source: Disk) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (05/10/2012 05:19:34 PM) (Source: Disk) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (05/10/2012 05:19:32 PM) (Source: Disk) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (05/10/2012 05:19:30 PM) (Source: Disk) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (05/10/2012 05:19:28 PM) (Source: Disk) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (05/10/2012 05:19:27 PM) (Source: Disk) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (05/10/2012 05:19:25 PM) (Source: Disk) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (05/10/2012 05:19:23 PM) (Source: Disk) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.


Microsoft Office Sessions:
=========================
Error: (05/10/2012 05:19:41 PM) (Source: Application Error)(User: )
Description: C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLLWindows ExplorerC000009C3

Error: (05/10/2012 05:19:41 PM) (Source: Application Error)(User: )
Description: explorer.exe6.1.7601.175674d672ee4ntdll.dll6.1.7601.177254ec4aa8ec00000060000000000018f5581801cd2ef24a12a0d2C:\Windows\explorer.exeC:\Windows\SYSTEM32\ntdll.dlldaabf6fc-9ae5-11e1-adc3-001cc0eeab79

Error: (05/10/2012 05:17:13 PM) (Source: Application Error)(User: )
Description: explorer.exe6.1.7601.175674d672ee4ntdll.dll6.1.7601.177254ec4aa8ec00000050000000000018e3dc1c01cd2ef195485ddaC:\Windows\explorer.exeC:\Windows\SYSTEM32\ntdll.dll824735de-9ae5-11e1-adc3-001cc0eeab79

Error: (05/10/2012 05:02:41 PM) (Source: Application Error)(User: )
Description: C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLLWindows ExplorerC000009C3

Error: (05/10/2012 05:02:41 PM) (Source: Application Error)(User: )
Description: explorer.exe6.1.7601.175674d672ee4ntdll.dll6.1.7601.177254ec4aa8ec00000060000000000018f55b8c01cd2eef81439ab2C:\Windows\explorer.exeC:\Windows\SYSTEM32\ntdll.dll7abcf583-9ae3-11e1-adc3-001cc0eeab79

Error: (05/10/2012 04:57:35 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/10/2012 04:52:13 PM) (Source: EventLog)(User: )
Description: 4:49:34 PM?5/?10/?2012908

Error: (05/10/2012 04:46:07 PM) (Source: Application Error)(User: )
Description: explorer.exe6.1.7601.175674d672ee4ntdll.dll6.1.7601.177254ec4aa8ec00000050000000000018e3daa001cd2eed444e425eC:\Windows\explorer.exeC:\Windows\SYSTEM32\ntdll.dll2a391f32-9ae1-11e1-be4e-001cc0eeab79

Error: (05/10/2012 04:40:04 PM) (Source: Application Error)(User: )
Description: Explorer.EXE6.1.7601.175674d672ee4ntdll.dll6.1.7601.177254ec4aa8ec00000050000000000018e3db0401cd2eec654875cbC:\Windows\Explorer.EXEC:\Windows\SYSTEM32\ntdll.dll52062f95-9ae0-11e1-be4e-001cc0eeab79

Error: (05/10/2012 04:36:40 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


=========================== Installed Programs ============================

7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
Acronis True Image Home 2012 (Version: 15.0.5545)
Active@ KillDisk (Version: 6.0.0)
Adobe Acrobat X Pro - English, Français, Deutsch (Version: 10.1.1)
Adobe AIR (Version: 2.5.1.17730)
Adobe Community Help (Version: 3.4.980)
Adobe Content Viewer (Version: 1.4.0)
Adobe Creative Suite 5.5 Master Collection (Version: 5.5)
Adobe Flash Player 10 ActiveX (Version: 10.3.183.5)
Adobe Flash Player 10 Plugin (Version: 10.3.183.7)
Adobe Reader X (10.1.1) (Version: 10.1.1)
Adobe Story (Version: 1.0.571)
Adobe Widget Browser (Version: 2.0 Build 230)
Adobe Widget Browser (Version: 2.0.230)
Amazon Kindle
ATI Catalyst Install Manager (Version: 3.0.715.0)
calibre (Version: 0.8.45)
Camtasia Studio 6 (Version: 6.0.3)
CCleaner (Version: 3.09)
DAEMON Tools Lite (Version: 4.40.2.0131)
DAZzle
Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition
Defraggler (Version: 2.09)
DYMO Label Software
DYMO Printable Postage (Version: 3.1)
DYMO Stamps (Version: 3.0)
Eraser 6.0.8.2273 (Version: 6.0.2273)
FileZilla Client 3.5.3 (Version: 3.5.3)
Garmin City Navigator North America NT 2012.40 Update (Version: 15.40.0.0)
Garmin Communicator Plugin (Version: 4.0.1)
Garmin Communicator Plugin x64 (Version: 4.0.1)
Garmin USB Drivers (Version: 2.3.0.0)
Garmin WebUpdater (Version: 2.5.5)
Google Chrome (Version: 18.0.1025.152)
Google Talk (remove only)
Gyazo 1.0
Intel® Desktop Utilities (Version: 3.1.4)
Intel® Management Engine Interface
Intel® Network Connections 15.3.68.0 (Version: 15.3.68.0)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 31 (Version: 6.0.310)
Malwarebytes Anti-Malware version 1.61.0.1400 (Version: 1.61.0.1400)
Maxthon 3 (Version: )
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Office 2010 Language Pack Service Pack 1 (SP1)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 32-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000)
Microsoft Office Project MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Project Professional 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 32-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Visio 2010 (Version: 14.0.6029.1000)
Microsoft Office Visio MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Project 2010 Service Pack 1 (SP1)
Microsoft Project Professional 2010 (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 5.0.61118.0)
Microsoft Visio 2010 Service Pack 1 (SP1)
Microsoft Visio Premium 2010 (Version: 14.0.6029.1000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86_x64 (Version: 1.00.0000)
Mozilla Firefox 12.0 (x86 en-US) (Version: 12.0)
Mozilla Maintenance Service (Version: 12.0)
Notepad++ (Version: 5.9.8)
Opera 11.60 (Version: 11.60.1185)
PDF Settings CS5 (Version: 10.0)
Pidgin (Version: 2.10.1)
PxMergeModule (Version: 1.00.0000)
Realtek High Definition Audio Driver (Version: 6.0.1.6201)
Respondus LockDown Browser (Version: 1.02.0001)
Seagate Dashboard (Version: 1.1.0.1421)
Shipping Assistant 3.8 (Version: 3.8.0.0)
Skype™ 5.8 (Version: 5.8.158)
Speccy (Version: 1.14)
SUPERAntiSpyware (Version: 4.55.1000)
TurboTax 2011
TurboTax 2011 WinPerFedFormset (Version: 011.000.2999)
TurboTax 2011 WinPerReleaseEngine (Version: 011.000.0495)
TurboTax 2011 WinPerTaxSupport (Version: 011.000.0214)
TurboTax 2011 wrapper (Version: 011.000.0121)
TurboTax 2011 wvaiper (Version: 011.000.1642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Excel 2010 (KB2553439) 64-Bit Edition
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 64-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 64-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 64-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 64-Bit Edition
Update for Microsoft Office 2010 (KB2553385) 64-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2597091) 64-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 64-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 64-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 64-Bit Edition
VitalSource Bookshelf (Version: 5.05.0047)
VLC media player 1.1.11 (Version: 1.1.11)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0) (Version: 06/03/2009 2.3.0.0)
Wisdom-soft Set up ScreenHunter 5.1 Free
Yahoo! Messenger

========================= Devices: ================================

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Communications Port (COM1)
Description: Communications Port
Class Guid: {4d36e978-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard port types)
Service: Serial
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.


========================= Memory info: ===================================

Percentage of memory in use: 17%
Total physical RAM: 6076.83 MB
Available physical RAM: 5003.73 MB
Total Pagefile: 12151.85 MB
Available Pagefile: 10997.31 MB
Total Virtual: 4095.88 MB
Available Virtual: 3962.84 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:465.76 GB) (Free:296.27 GB) NTFS
2 Drive d: () (Fixed) (Total:465.75 GB) (Free:463.84 GB) NTFS

========================= Users: ========================================

User accounts for \\MURDOCK

Administrator birds Guest
home Standardize


**** End of log ****



Results from MBAM:

Malwarebytes Anti-Malware (PRO) 1.61.0.1400
www.malwarebytes.org

Database version: v2012.05.10.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
bird :: MURDOCK [administrator]

Protection: Disabled

5/10/2012 5:39:13 PM
mbam-log-2012-05-10 (17-39-13).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 236866
Time elapsed: 1 minute(s), 50 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)


Results from aswMBR:

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-05-10 17:41:56
-----------------------------
17:41:56.415 OS Version: Windows x64 6.1.7601 Service Pack 1
17:41:56.415 Number of processors: 2 586 0x170A
17:41:56.415 ComputerName: MURDOCK UserName: bird
17:41:57.196 Initialize success
17:42:42.095 AVAST engine defs: 12051000
17:43:00.955 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-3
17:43:00.955 Disk 0 Vendor: WDC_WD1002FAEX-00Z3A0 05.01D05 Size: 953869MB BusType: 3
17:43:00.970 Disk 0 MBR read successfully
17:43:00.986 Disk 0 MBR scan
17:43:00.986 Disk 0 Windows 7 default MBR code
17:43:00.986 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 476935 MB offset 2048
17:43:01.017 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 476932 MB offset 976764928
17:43:01.017 Disk 0 scanning C:\Windows\system32\drivers
17:43:07.220 Service scanning
17:43:21.548 Modules scanning
17:43:21.548 Disk 0 trace - called modules:
17:43:21.564 ntoskrnl.exe fltsrv.sys tdrpman.sys CLASSPNP.SYS disk.sys vsflt58.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
17:43:21.564 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80063b2060]
17:43:21.580 3 CLASSPNP.SYS[fffff88001cc043f] -> nt!IofCallDriver -> [0xfffffa80063afd20]
17:43:21.580 5 vsflt58.sys[fffff88000e120ed] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-3[0xfffffa8006227060]
17:43:23.001 AVAST engine scan C:\Windows
17:43:24.908 AVAST engine scan C:\Windows\system32
17:45:22.892 AVAST engine scan C:\Windows\system32\drivers
17:45:30.533 AVAST engine scan C:\Users\bird
17:47:18.580 Disk 0 MBR has been saved successfully to "C:\Users\bird\Desktop\MBR.dat"
17:47:18.595 The log file has been saved successfully to "C:\Users\bird\Desktop\aswMBR.txt"


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-05-10 17:41:56
-----------------------------
17:41:56.415 OS Version: Windows x64 6.1.7601 Service Pack 1
17:41:56.415 Number of processors: 2 586 0x170A
17:41:56.415 ComputerName: MURDOCK UserName: bird
17:41:57.196 Initialize success
17:42:42.095 AVAST engine defs: 12051000
17:43:00.955 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-3
17:43:00.955 Disk 0 Vendor: WDC_WD1002FAEX-00Z3A0 05.01D05 Size: 953869MB BusType: 3
17:43:00.970 Disk 0 MBR read successfully
17:43:00.986 Disk 0 MBR scan
17:43:00.986 Disk 0 Windows 7 default MBR code
17:43:00.986 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 476935 MB offset 2048
17:43:01.017 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 476932 MB offset 976764928
17:43:01.017 Disk 0 scanning C:\Windows\system32\drivers
17:43:07.220 Service scanning
17:43:21.548 Modules scanning
17:43:21.548 Disk 0 trace - called modules:
17:43:21.564 ntoskrnl.exe fltsrv.sys tdrpman.sys CLASSPNP.SYS disk.sys vsflt58.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
17:43:21.564 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80063b2060]
17:43:21.580 3 CLASSPNP.SYS[fffff88001cc043f] -> nt!IofCallDriver -> [0xfffffa80063afd20]
17:43:21.580 5 vsflt58.sys[fffff88000e120ed] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-3[0xfffffa8006227060]
17:43:23.001 AVAST engine scan C:\Windows
17:43:24.908 AVAST engine scan C:\Windows\system32
17:45:22.892 AVAST engine scan C:\Windows\system32\drivers
17:45:30.533 AVAST engine scan C:\Users\bird
17:47:18.580 Disk 0 MBR has been saved successfully to "C:\Users\bird\Desktop\MBR.dat"
17:47:18.595 The log file has been saved successfully to "C:\Users\bird\Desktop\aswMBR.txt"
17:47:29.447 Disk 0 MBR has been saved successfully to "C:\Users\bird\Desktop\MBR.dat"
17:47:29.447 The log file has been saved successfully to "C:\Users\bird\Desktop\aswMBR.txt"

#6 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 34,310 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:06:18 PM

Posted 10 May 2012 - 05:42 PM

I don't see anything malicious but I can see a bunch of these messages:

Error: (05/10/2012 05:19:28 PM) (Source: Disk) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.


Click Start button and in "Start search" type:
cmd
Hold CTRL and SHIFT buttons and press Enter.
Command prompt window will open.
Paste this in:
chkdsk /f /r (<------watch for "spaces")
Press Enter.
Restart the computer.
Chkdsk will run.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif




#7 samak

samak
  • Topic Starter

  • Members
  • 61 posts
  • OFFLINE
  •  
  • Local time:09:18 PM

Posted 10 May 2012 - 05:49 PM

I don't see anything malicious but I can see a bunch of these messages:

Error: (05/10/2012 05:19:28 PM) (Source: Disk) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

] will run.


Are you sure this part it in reference to my hard drive? Could that message be related to an external hard drive? I just recently formatted an external hard drive from FAT32 to NTFS, and found some errors on it.


Anyways, I will still do that thing you just recommended.

#8 samak

samak
  • Topic Starter

  • Members
  • 61 posts
  • OFFLINE
  •  
  • Local time:09:18 PM

Posted 10 May 2012 - 08:06 PM

I have ran chkdsk the way you said and it is now complete. After restarting with chkdsk, the computer boots up and loads the desktop much faster, however, the problem is still there:

If I want to open anything, even notepad, I get a window saying "windows explorer has stopped working".
Problem event name: APPCRASH
Application name: explorer.exe
fault module name: GROOVEEX.DLL
EXCEPTION CODE: c0000005

So right now I still cannot do anything on the computer. Everytime I want to open anything it keeps crashing windows explorer.

#9 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 34,310 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:06:18 PM

Posted 10 May 2012 - 11:13 PM

Harddisk0 is definitely your boot drive.
We'll get back to your hard drive in a moment but I want to check something else first.

Download Autoruns for Windows: http://technet.microsoft.com/en-us/sysinternals/bb963902.aspx
No installation required.
Simply unzip Autoruns.zip file, and double click on autoruns.exe file to run the program.
Go File>Save, and save it as AutoRuns.txt file to know location.
You must select Text from drop-down menu as a file type:

Posted Image

Upload the file(s) here: http://uploadmb.com/
Copy the link inside the Direct Link box and post it in your next reply.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif




#10 samak

samak
  • Topic Starter

  • Members
  • 61 posts
  • OFFLINE
  •  
  • Local time:09:18 PM

Posted 11 May 2012 - 01:39 AM

I already have autoruns.exe on my computer, but I am unable to do anything. When I get to the desktop, I cannot even open autoruns to get the file like you said because explorer.exe keeps on crashing. I have tried from safe mode and I get the same problem.

#11 samak

samak
  • Topic Starter

  • Members
  • 61 posts
  • OFFLINE
  •  
  • Local time:09:18 PM

Posted 11 May 2012 - 03:49 AM

I was able to start windows in safe mode with command prompt, and from there i was able to run autorunsc.exe from the command prompt and get the autoruns.txt file:

http://www.uploadmb.com/dw.php?id=1336726078

Edited by samak, 11 May 2012 - 03:49 AM.


#12 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 34,310 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:06:18 PM

Posted 11 May 2012 - 10:50 AM

Nothing interesting there.

Run hard drive diagnostics: http://www.tacktech.com/display.cfm?ttid=287
Make sure, you select tool, which is appropriate for the brand of your hard drive.
Depending on the program, it'll create bootable floppy, or bootable CD.
If downloaded file is of .iso type, use ImgBurn: http://www.imgburn.com/ to burn .iso file to a CD (select "Write image file to disc" option), and make the CD bootable.

NOTE. If your hard drive is made by Toshiba, unfortunately, you're out of luck, because Toshiba doesn't provide any diagnostic tool.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif




#13 samak

samak
  • Topic Starter

  • Members
  • 61 posts
  • OFFLINE
  •  
  • Local time:09:18 PM

Posted 11 May 2012 - 04:23 PM

I have a western digital drive.

I did the test and got "Read Element Failure" code 0007 after the quick test. Then I did a

'Full Media Scan' and after that it said "ERRORS FOUND - THE DRIVE HAS BEEN REPAIRED
ERROR/STATUS CODE: 0223"

After restarting, the computer is still giving the same original problem like before.

Edited by samak, 11 May 2012 - 04:31 PM.


#14 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 34,310 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:06:18 PM

Posted 11 May 2012 - 06:40 PM

Go Start>Run (Start Search in Vista), type in:
msconfig
Click OK (hit Enter in Vista).

Click on Startup tab.
Click Disable all
IMPORTANT! In case of laptop, make sure, you do NOT disable any keyboard, or touchpad entries.

Click Services tab.
Put checkmark in Hide all Microsoft services
Click Disable all.

Click OK.
Restart computer in Normal Mode.

NOTE. If you use different firewall, than Windows firewall, turn Windows firewall on, just for this test, since your regular firewall won't be running.
If you use Windows firewall, you're fine.

Same problem?

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif




#15 samak

samak
  • Topic Starter

  • Members
  • 61 posts
  • OFFLINE
  •  
  • Local time:09:18 PM

Posted 11 May 2012 - 06:47 PM

Actually I already did those steps before but still have the same problem.
Now, even if i wanted to do those steps again, I wont be able to. If I try to go to msconfig, explorer.exe will crash. No matter how many times I try, it crashes.

Edited by samak, 11 May 2012 - 06:47 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users