Remove From My Forums

Explorer.exe keeps crashing

Question
0

Sign in to vote

Firstly, apologies if I am posting at a wrong thread or if a thread is already existing with this issue.

Issues:

Explorer.exe keeps crashing after I installed an addin on my outlook 2007. The same Outlook addin on another computer with same Windows 7 does not cause the explorer.exe to crash. I have captured crash dumps and I see the following:
FAULTING_IP:
ntdll!RtlFreeHeap+d0
00000000`77703290 4c8b6308 mov r12,qword ptr [rbx+8]

EXCEPTION_RECORD: ffffffffffffffff -- (.exr 0xffffffffffffffff)
ExceptionAddress: 0000000077703290 (ntdll!RtlFreeHeap+0x00000000000000d0)
ExceptionCode: c0000005 (Access violation)
ExceptionFlags: 00000000
NumberParameters: 2
Parameter[0]: 0000000000000000
Parameter[1]: 00000177e1f4dbf8
Attempt to read from address 00000177e1f4dbf8

PROCESS_NAME: explorer.exe

ERROR_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%08lx referenced memory at 0x%08lx. The memory could not be %s.

EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%08lx referenced memory at 0x%08lx. The memory could not be %s.

EXCEPTION_PARAMETER1: 0000000000000000

EXCEPTION_PARAMETER2: 00000177e1f4dbf8

READ_ADDRESS: 00000177e1f4dbf8

FOLLOWUP_IP:
ntdll!RtlFreeHeap+d0
00000000`77703290 4c8b6308 mov r12,qword ptr [rbx+8]

MOD_LIST: <ANALYSIS/>

NTGLOBALFLAG: 0

APPLICATION_VERIFIER_FLAGS: 0

ADDITIONAL_DEBUG_TEXT: Enable Pageheap/AutoVerifer

FAULTING_THREAD: 000000000000194c

DEFAULT_BUCKET_ID: HEAP_CORRUPTION

PRIMARY_PROBLEM_CLASS: HEAP_CORRUPTION

BUGCHECK_STR: APPLICATION_FAULT_HEAP_CORRUPTION_INVALID_POINTER_READ_FILL_PATTERN_ffffffff

LAST_CONTROL_TRANSFER: from 0000000077131a4a to 0000000077703290

STACK_TEXT:
00000000`0756ec60 00000000`77131a4a : 00000000`00000000 00000000`00000000 000007fe`ff085c28 00000000`087a9790 : ntdll!RtlFreeHeap+0xd0
00000000`0756ece0 000007fe`fc2c0b50 : 00000000`05e41d10 00000000`00000000 00000000`05e41d10 000007fe`fedb123c : kernel32!HeapFree+0xa
00000000`0756ed10 000007fe`fecd67f9 : 00000000`00000000 00000000`087a9790 00000000`05e41ef0 00000000`00000000 : comctl32!DSA_Destroy+0x34
00000000`0756ed40 000007fe`fedb134a : 00000000`00000000 00000000`05e41ef0 00000000`00000000 000007fe`fedb123c : shell32!DSA_DestroyCallback+0x4d
00000000`0756ed70 000007fe`fedb12bb : 00000000`00000000 00000000`00000000 000007fe`fedb123c 000007fe`fedaa733 : shell32!CDefEventSinkContainer::`scalar deleting destructor'+0xd6
00000000`0756edd0 000007fe`fedb12a7 : 00000000`08857b18 00000000`08857ad0 000007fe`fedb123c 00000000`00000000 : shell32!CDefEventSinkContainer::Release+0x20
00000000`0756ee00 000007fe`fc2c0c04 : 00000000`0884efd0 00000000`00000000 00000000`08652510 000007fe`fecac5bf : shell32!CItemStore::s_ClearEntry+0x34
00000000`0756ee30 000007fe`fecc74a9 : 00000000`00000000 00000000`80004005 00000000`087a9790 000007fe`fecac57d : comctl32!DSA_EnumCallback+0x48
00000000`0756ee60 000007fe`fedaf416 : 00000000`060d2810 00000000`00000000 00000000`00200001 00000000`06226400 : shell32!DSA_EnumCallback+0x4d
00000000`0756ee90 000007fe`fedaf5b5 : 00000000`08652510 00000000`00000000 00000000`00000000 00000000`08652510 : shell32!CItemStore::DeleteItem+0x87
00000000`0756eec0 000007fe`fedafafe : 00000000`08652510 00000000`08652510 00000000`00000000 00000000`08652510 : shell32!CDefCollection::_RemoveAllItems+0x1d5
00000000`0756ef30 000007fe`fedaf7b5 : 00000000`08652510 000007fe`fe5f44e7 00000000`060e4680 00000000`060e4680 : shell32!CDefCollection::_DestroyCollection+0x92
00000000`0756ef60 000007fe`fedaf6c8 : 00000000`00000001 00000000`00000000 00000000`80004005 00000000`00000000 : shell32!CDefCollection::~CDefCollection+0xc5
00000000`0756ef90 000007fe`fec7ae5f : 00000000`00000000 00000000`00000000 00000000`08652510 0000190a`36e509ba : shell32!CDefCollection::`vector deleting destructor'+0x14
00000000`0756efc0 000007fe`fedaa07b : 00000000`088bd700 00000000`00000000 00000000`088bd700 00000000`00000000 : shell32!CCDBurn::Release+0x25
00000000`0756eff0 000007fe`fedabcde : 00000000`088bd700 00000000`088bd700 00000000`088bd700 00000000`00000000 : shell32!CDefView::_ReleaseCurrentCollection+0xd9
00000000`0756f030 000007fe`fc9043f2 : 00000000`087a9f10 00000000`00000001 00000000`80004005 00000000`00000000 : shell32!CDefView::_DestroyView+0x22d
00000000`0756f060 000007fe`fc90438c : 00000000`05eab648 00000000`00000000 00000000`00000001 0000190a`36e5166a : EXPLORERFRAME!CShellViewProvider::Release+0x33
00000000`0756f090 000007fe`fc9033e5 : 00000000`05eab500 00000000`00000000 00000000`05eab500 00000000`00000001 : EXPLORERFRAME!CShellBrowser::_ClearNavigationState+0x49
00000000`0756f0c0 000007fe`fc90a81f : 00000000`05eab580 00000000`05eab500 00000000`00000000 00000000`beef0016 : EXPLORERFRAME!CShellBrowser::_ReleaseNavigationState+0x17c
00000000`0756f100 000007fe`fc90a122 : 00000000`00000000 00000000`0756f430 00000000`0756f430 00000000`00000000 : EXPLORERFRAME!CShellBrowser::_SwitchNavigationState+0xed
00000000`0756f390 000007fe`fc909fcb : 00000000`00000001 00000000`00000000 00000000`0877c350 00000000`05eab500 : EXPLORERFRAME!CShellBrowser::_ActivateNavigation+0xfd
00000000`0756f3d0 000007fe`fc909c18 : 00000000`05eab5e8 00000000`00000000 00000000`0877c350 00000000`05eab5e8 : EXPLORERFRAME!CShellBrowser::_OnConnectionCreated+0x2b5
00000000`0756f4f0 000007fe`fc909b71 : 00000000`087a9f10 00000000`00000000 00000000`000700c2 00000000`088a1348 : EXPLORERFRAME!CShellBrowser::OnNavigationResult+0x98
00000000`0756f560 000007fe`fc9093c9 : 00000000`0866a940 00000000`80004005 00000000`000700c2 00000000`088a1348 : EXPLORERFRAME!CPendingNavigation::OnConnectionCreated+0x4d
00000000`0756f5c0 000007fe`fc9099c2 : 00000000`00000000 00000000`0000001a 00000000`00000000 00000000`0877c350 : EXPLORERFRAME!CShellViewFactory::BeginCreateConnection+0x116
00000000`0756f630 000007fe`fc90961e : 00000000`038d9f00 00000000`038d9f00 00000000`038d9f00 00000000`038d9f00 : EXPLORERFRAME!CShellBrowser::_CreateConnectionForItem+0x36d
00000000`0756f7f0 000007fe`fc909522 : 00000000`00000000 00000000`05e575c0 00000000`00200001 00000000`00000000 : EXPLORERFRAME!CShellBrowser::_CreateNewConnection+0xd9
00000000`0756f840 000007fe`fc961e5d : 00000000`088a1348 00000000`00000000 00000000`05e575c0 000007fe`ff0787a8 : EXPLORERFRAME!CShellBrowser::_NavigateToPidl+0x167
00000000`0756f890 000007fe`fc961d89 : 00000000`05eab500 00000000`00000700 00000000`00000700 00000000`0756f990 : EXPLORERFRAME!CShellBrowser::_OnGoto+0xeb
00000000`0756f8d0 000007fe`fc9005dd : 0000190a`00000000 000007fe`fc1e03d2 00000000`00000000 00000000`00000000 : EXPLORERFRAME!CShellBrowser::WndProcBS+0xc26
00000000`0756f9a0 00000000`77469bd1 : 00000000`00000000 00000000`03983100 00000000`00000001 00000000`00000030 : EXPLORERFRAME!IEFrameWndProc+0xef
00000000`0756f9f0 00000000`774698da : 00000000`0756fb60 000007fe`fc900570 000007fe`fca3b550 00000000`008bcec0 : user32!UserCallWinProcCheckWow+0x1ad
00000000`0756fab0 000007fe`fc9004b0 : 00000000`03983104 00000000`03983104 000007fe`fc900570 00000000`00000000 : user32!DispatchMessageWorker+0x3b5
00000000`0756fb30 000007fe`fc904925 : 00000000`03983100 00000000`00000002 00000000`00000000 00000000`00000000 : EXPLORERFRAME!CExplorerFrame::FrameMessagePump+0x436
00000000`0756fbb0 000007fe`fc90509b : 00000000`03983100 00000000`0399e800 00000000`00000000 00000000`00000000 : EXPLORERFRAME!BrowserThreadProc+0x180
00000000`0756fc30 000007fe`fc905032 : 1047c67a`00000001 00000000`038d9900 00000000`7fffffff 000007fe`fdc02d40 : EXPLORERFRAME!BrowserNewThreadProc+0x53
00000000`0756fc60 000007fe`fc8fbe50 : 00000000`038d9b40 00000000`05e412c0 00000000`00000000 000007fe`feccf07c : EXPLORERFRAME!CExplorerTask::InternalResumeRT+0x12
00000000`0756fc90 000007fe`feccefcb : 80000000`01000000 00000000`0756fd20 00000000`038d9b40 00000000`00000009 : EXPLORERFRAME!CRunnableTask::Run+0xda
00000000`0756fcc0 000007fe`fecd2b56 : 00000000`038d9b40 00000000`00000000 00000000`038d9b40 00000000`00000002 : shell32!CShellTask::TT_Run+0x124
00000000`0756fcf0 000007fe`fecd2cb2 : 00000000`0391bc70 00000000`0391bc70 00000000`00000000 00000000`00000010 : shell32!CShellTaskThread::ThreadProc+0x1d2
00000000`0756fd90 000007fe`fe5ec71e : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : shell32!CShellTaskThread::s_ThreadProc+0x22
00000000`0756fdc0 00000000`771259ed : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : shlwapi!WrapperThreadProc+0x19b
00000000`0756fec0 00000000`776dc541 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : kernel32!BaseThreadInitThunk+0xd
00000000`0756fef0 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : ntdll!RtlUserThreadStart+0x1d

SYMBOL_NAME: heap_corruption!heap_corruption

FOLLOWUP_NAME: MachineOwner

MODULE_NAME: heap_corruption

IMAGE_NAME: heap_corruption

DEBUG_FLR_IMAGE_TIMESTAMP: 0

STACK_COMMAND: ~22s; .ecxr ; kb

FAILURE_BUCKET_ID: HEAP_CORRUPTION_c0000005_heap_corruption!heap_corruption

BUCKET_ID: X64_APPLICATION_FAULT_HEAP_CORRUPTION_INVALID_POINTER_READ_FILL_PATTERN_ffffffff_heap_corruption!heap_corruption

WATSON_STAGEONE_URL: http://watson.microsoft.com/StageOne/explorer_exe/6_1_7601_17567/4d672ee4/ntdll_dll/6_1_7601_18247/5...

Followup: MachineOwner
---------
I have uploaded the dump file at the following link: https://onedrive.live.com/redir?resid=497DA1BB5BE3BBFF!145&authkey=!AGeZyXW_JB1NWUc&ithint=file%2cdmp

Any help on fixing this issue is appreciated.

Thanks

Tuesday, December 16, 2014 2:29 PM

Answers

0

Sign in to vote
Hi,

According to your dump file, this problem seems like caused by

SnagitShellExt64; "C:\Program Files (x86)\TechSmith\Snagit 11\DLLx64\SnagitShellExt64.dll"

Please try to disable this app's extension or try to uninstall it temporarilly for test.
Roger Lu
TechNet Community Support
- Marked as answer by WRAITHBLADE Friday, December 26, 2014 3:08 PM
Monday, December 22, 2014 8:24 AM

All replies

0

Sign in to vote

Still waiting! Anyone that can help me here please?

Friday, December 19, 2014 11:57 AM
0

Sign in to vote
Hi,

According to your dump file, this problem seems like caused by

SnagitShellExt64; "C:\Program Files (x86)\TechSmith\Snagit 11\DLLx64\SnagitShellExt64.dll"

Please try to disable this app's extension or try to uninstall it temporarilly for test.
Roger Lu
TechNet Community Support
- Marked as answer by WRAITHBLADE Friday, December 26, 2014 3:08 PM
Monday, December 22, 2014 8:24 AM
0

Sign in to vote

Hi Roger, could you help me understand how did you find the location for the shell extension from the dump file? Any specific commands you use to run in the windbg cmd prompt to obtain this results? Any light you can provide on analyzing the dump file is highly appreciated. Thank you helping in figuring out the crash issue

Friday, December 26, 2014 3:10 PM
0

Sign in to vote

Hi,

Firstly, using !analyze -v command to generate a results of this crash events. We can see

Attempt to read from address 00000177e1f4dbf8, then using !address command to check this address information:

0:022> !address 00000177e1f4dbf8


Mapping file section regions...
Mapping module regions...
Mapping PEB regions...
Mapping TEB and stack regions...
Mapping heap regions...
Mapping page heap regions...
Mapping other regions...
Mapping stack trace database regions...
Mapping activation context regions...

Usage:                  Free
Base Address:           00000001`001d0000
End Address:            000007fe`ecd50000
Region Size:            000007fd`ecb80000
State:                  00010000 MEM_FREE
Protect:                00000001 PAGE_NOACCESS
Type:                   <info not present at the target>

Here we should remember the end address and region address. Then using !address command to displays information about the whole address space. After that, check above address around process if there is any program that may caused the crash.

Roger Lu
TechNet Community Support

Monday, December 29, 2014 3:30 AM
0

Sign in to vote

This is amazing info. I didn't know about the !address command. Thank you very much for all these information. You've been really helpful! Thanks again

Monday, December 29, 2014 11:36 AM
0

Sign in to vote

Hi Roger,

I am in need of your expertise once again. One my Windows 7 PC is exhibiting explorer crash while right clicking on a folder for the first time after booting the pc, once I restart the explorer, the right works fine. Here's the crash dump: http://goo.gl/U24oyj

I followed your instruction as last time, but could find any shell extension causing this issue. Looking forward for your expert opinion.

Friday, February 6, 2015 6:15 PM
0

Sign in to vote

I realised that the shared link for the dump expired. i've uploaded it here: https://onedrive.live.com/redir?resid=497DA1BB5BE3BBFF!146&authkey=!AND2qxdEaE1pAuk&ithint=file%2cdmp

Any insight on this is much appreciated.

Monday, February 16, 2015 4:54 PM
0

Sign in to vote

Hello Folks,

Any help on this is appreciated!

Tuesday, February 24, 2015 1:41 PM
0

Sign in to vote

Hi,

Have you installed any 3rd theme in your system? According to the dump file, it seems like the crash is relate with Windows Theme, please try to revert to Windows basic theme for test.
Roger Lu
TechNet Community Support

Wednesday, February 25, 2015 9:17 AM
0

Sign in to vote

Hello Roger,

It's always been basic theme, so not really sure what I could do. perhaps I'll try formatting and re-installing windows to check the behavior

Thursday, March 5, 2015 11:50 AM

Products

Resources

Solutions

Updates

Trials

Related Sites

Training

Certifications

Other resources

Support options

More support

Not an IT pro?

Answered by:

Explorer.exe keeps crashing

Question

Answers

All replies