Windows Explorer Crashing - Page 2

ftmscott · 02-09-2007, 08:51 AM

Ok, i already have all of that software installed, i'll run it all again and post any results.

Mak213 · 02-09-2007, 08:52 AM

Also get Hijack this and post that log. That way i can also tell what else you have going on and let you know if i see anything harmful.

ftmscott · 02-09-2007, 09:07 AM

Ok, i've got avast! running in the background, i've got it doing a thorough scan on the drive with the problems. I'll run the other software afterwards.

Here's what the Hijack this log give me.

Logfile of HijackThis v1.99.1
Scan saved at 14:05:45, on 09/02/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\Ati2evxx.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\Ati2evxx.exe
E:\WINDOWS\system32\spoolsv.exe
E:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
E:\Program Files\Alwil Software\Avast4\ashServ.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\svchost.exe
E:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
E:\Program Files\Alwil Software\Avast4\ashWebSv.exe
E:\Program Files\Zune\ZuneLauncher.exe
E:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
E:\Program Files\MSN Messenger\MsnMsgr.Exe
E:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
E:\Program Files\Steam\Steam.exe
E:\Program Files\ATI Technologies\ATI.ACE\cli.exe
E:\Program Files\ATI Technologies\ATI.ACE\cli.exe
E:\Program Files\Xfire\Xfire.exe
E:\Program Files\MSN Messenger\usnsvc.exe
E:\WINDOWS\explorer.exe
E:\Program Files\Alwil Software\Avast4\ashSimpl.exe
E:\Documents and Settings\Scott\Desktop\hijackthis\HijackThis.exe

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [ATICCC] "E:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [Zune Launcher] "E:\Program Files\Zune\ZuneLauncher.exe"
O4 - HKLM\..\Run: [avast!] E:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [MsnMsgr] "E:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Steam] "E:\Program Files\Steam\Steam.exe" -silent
O4 - Startup: Xfire.lnk = E:\Program Files\Xfire\xfire.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {48884C41-EFAC-433D-958A-9FADAC41408E} (EGamesPlugin Class) - https://www.e-games.com.my/com/EGamesPlugin.cab
O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} (Measurement Services Client v.3.11) - http://gameadvisor.futuremark.com/global/msc311.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{BA795CE7-E1EE-459F-9D60-085CDAAC6AE2}: NameServer = 62.31.144.39,195.188.53.175
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - E:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - E:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - E:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - E:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - E:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - E:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - Unknown owner - E:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - E:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - E:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)

Mak213 · 02-09-2007, 09:15 AM

That looks good. The only ones i would question are these:

O16 - DPF: {48884C41-EFAC-433D-958A-9FADAC41408E} (EGamesPlugin Class) - https://www.e-games.com.my/com/EGamesPlugin.cab
O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} (Measurement Services Client v.3.11) - http://gameadvisor.futuremark.com/global/msc311.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{BA795CE7-E1EE-459F-9D60-085CDAAC6AE2}: NameServer = 62.31.144.39,195.188.53.175

Other than that you are fine. Maybe if the scans do come up with something try to defrag and see if that helps atr all.

ftmscott · 02-09-2007, 09:35 AM

The first one is from a game i play called Supreme Destiny and the other is from 3dMark05.

Inaris · 02-09-2007, 11:57 AM

there is an event log entry created from the check disk. Can you post what it says?

start->run->EVENTVWR
select the application list, and look for a winlogon entry. Copy the contrent and past it here...

ftmscott · 02-09-2007, 12:44 PM

I can't post that at the moment as i'm not home. But i finished a scan using avast!, skybot, adaware and ccleaner and i didnt receive any errors or visuses and the problem still persists.

I'll post that when i get home.

Inaris · 02-09-2007, 01:04 PM

can you check your version of NTDLL.dll.

there are some issues with ntdll.dll 6.0.2800.1106 that I'm finding ...

ftmscott · 02-09-2007, 06:50 PM

Ok, as for NTDLL.dll i've got this version: 5.1.2600.2180.

As for the winlogon thing, there seemed to alot of them that said;

The shell stopped unexpectedly and Explorer.exe was restarted.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

but i found a few others.

One said;

Checking file system on E:
The type of the file system is NTFS.
Volume label is System.

A disk check has been scheduled.
Windows will now check the disk.
Cleaning up minor inconsistencies on the drive.
Cleaning up 120 unused index entries from index $SII of file 0x9.
Cleaning up 120 unused index entries from index $SDH of file 0x9.
Cleaning up 120 unused security descriptors.
CHKDSK is verifying Usn Journal...
Usn Journal verification completed.
CHKDSK discovered free space marked as allocated in the
master file table (MFT) bitmap.
Windows has made corrections to the file system.

52428095 KB total disk space.
15412932 KB in 40995 files.
12892 KB in 2637 indexes.
0 KB in bad sectors.
180751 KB in use by the system.
65536 KB occupied by the log file.
36821520 KB available on disk.

4096 bytes in each allocation unit.
13107023 total allocation units on disk.
9205380 allocation units available on disk.

Internal Info:
c0 ab 00 00 7c aa 00 00 9a f4 00 00 00 00 00 00 ....|...........
01 01 00 00 01 00 00 00 50 01 00 00 00 00 00 00 ........P.......
f0 28 34 03 00 00 00 00 bc ca da 16 00 00 00 00 .(4.............
ae d3 c0 03 00 00 00 00 00 00 00 00 00 00 00 00 ................
00 00 00 00 00 00 00 00 10 85 18 2a 00 00 00 00 ...........*....
f0 1a 92 cb 00 00 00 00 10 3a 07 00 23 a0 00 00 .........:..#...
00 00 00 00 00 10 bb ac 03 00 00 00 4d 0a 00 00 ............M...

Windows has finished checking your disk.
Please wait while your computer restarts.

For more information, see Help and Support Center at

the other said;

Checking file system on E:
The type of the file system is NTFS.
Volume label is System.

A disk check has been scheduled.
Windows will now check the disk.
Cleaning up minor inconsistencies on the drive.
Cleaning up 13 unused index entries from index $SII of file 0x9.
Cleaning up 13 unused index entries from index $SDH of file 0x9.
Cleaning up 13 unused security descriptors.
CHKDSK is verifying Usn Journal...
Usn Journal verification completed.
CHKDSK is verifying file data (stage 4 of 5)...
File data verification completed.
CHKDSK is verifying free space (stage 5 of 5)...
Free space verification is complete.

52428095 KB total disk space.
15674144 KB in 41624 files.
13016 KB in 2672 indexes.
0 KB in bad sectors.
187219 KB in use by the system.
65536 KB occupied by the log file.
36553716 KB available on disk.

4096 bytes in each allocation unit.
13107023 total allocation units on disk.
9138429 allocation units available on disk.

Internal Info:
00 af 00 00 14 ad 00 00 0a f9 00 00 00 00 00 00 ................
0a 01 00 00 01 00 00 00 e5 00 00 00 00 00 00 00 ................
58 b2 3d 03 00 00 00 00 da 4f 41 17 00 00 00 00 X.=......OA.....
fa 0e bc 03 00 00 00 00 1a fd cb 7a 01 00 00 00 ...........z....
ee 89 ac 5b 02 00 00 00 16 02 6a 01 04 00 00 00 ...[......j.....
20 90 92 cb 00 00 00 00 10 3a 07 00 98 a2 00 00 ........:......
00 00 00 00 00 80 ac bc 03 00 00 00 70 0a 00 00 ............p...

Windows has finished checking your disk.
Please wait while your computer restarts.

For more information, see Help and Support Center at

They maybe exactly the same mind.

Inaris · 02-09-2007, 07:03 PM

what kind of files are you dealing with in that directory?
are there a lot of them? say more then 1000?

are they images and your view is thumbnails?

I can't find much that might relate to this. so I need some more info.

what OS are you on and what version is it? SP included...

Member Login