Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

explore.exe using 100% usage on folder browse

Posted on 2011-02-11
13
Medium Priority
?
376 Views
Last Modified: 2012-05-11
This one is rough. My grandparents PC (ug right?) has XP SP3 on it. They have a genealogy program on it that installs to c:\legacy.

I did my usual cleanup with malware bytes and cc cleaner, as well as removed the dozen or so toolbars and useless programs that are inevitably on this type of box.

The problem they were having still persists. If I browse to c:\legacy and scroll down a bit my explorer.exe jumps to 100%. Keep in mind I'm not actually clicking or launching a thing. I can end it, restart it using new task run explorer and everything resumes normal performance. Odd thing is I can browse other folders perfectly fine. I can even start > run and open c:\legacy\data fiine. Heck I can even start > run to c:\legacy (as long as I don't scroll) everything is fine. As soon as I scroll down it jumps.

What possible mechanisms could be at play at this basic level? Nothing is being opened or even clicked on just a file list (detail view) displayed. Thought maybe it could be a virus scan, but MS Security Essentials is the only program they have, and it is still sitting at 0% CPU. I could understand if it were in thumbnail view or something, but this is detail view.

I'm honestly stumped and I've seen some odd stuff in my day, but I have no idea what OS mechanisms can even be at play here.  Anecdotally they think it all started happening when they upgraded to IE8 in November, but I've already rest it to no avail.
0
Comment
Question by:bhieb
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
13 Comments
 

Author Comment

by:bhieb
ID: 34875428
To add to it explore.exe is the CPU culprit, it just gets stuck in a loop consistently increasing its memory usage as well.
0
 
LVL 17

Expert Comment

by:houssam_ballout
ID: 34875447

did you remove your antivirus & try?

also try to do sfc /scannow


or


try windows repair:

http://michaelstevenstech.com/XPrepairinstall.htm
0
 
LVL 31

Expert Comment

by:Wayne Barron
ID: 34875466
There is something bad inside of the folder, if not found and deleted it can cause Explorer to crash.
Check in the EventViewer and see if there is anything recorded there.

Suggestions from my own personal experiance with a video file that was bad.

Option #1:
Create another folder.
c:\legacy_backup
Open up
c:\legacy
And start copy the files from the top of the folder into the Backup folder.
Continue to do this until you reach the area that is spiking your CPU
Then you can start attempting to track down the bad file and [delete] it.

Option #2:
Do the same as above, create a folder c:\legacy_backup
And copy everything from the c:\legacy folder.
Go into the c:\legacy_backup folder and see if it spikes the CPU.
If it does not, then [Delete] then c:\legacy folder
And then rename the c:\legacy_backup to c:\legacy

Good Luck
Carrzkiss
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
LVL 66

Expert Comment

by:johnb6767
ID: 34877198
Dl Process Explorer to find out what's really using the Cpu...

http://live.sysinternals.com/procexp.exe

Doble click explorer.exe, and hit the Threads tab. Paste a screenshot.

Then, double click the biggest cpu hog again, and paste those results as well. Might be a corrupted shell extension, menu handler etc...

That should pinpoint it well enuff...
0
 
LVL 3

Expert Comment

by:goldsix
ID: 34878096
1. try to perform an full scan of your anti-virus programs in Safe Mode
2. if still not work, try new account
3. if you are familiar with system tools, you can use procexp or ShellExView to remove add-on or dll files attached to your Windows Explorer
0
 

Author Comment

by:bhieb
ID: 34889613
@John6767

Attached is the screen shot. Here is the thread detail from the thread in question.


ntkrnlpa.exe!KiUnexpectedInterrupt+0x8d
ntkrnlpa.exe!PsLookupThreadByThreadId+0x4abc
ntkrnlpa.exe!KiDeliverApc+0xb3
ntkrnlpa.exe!KiUnexpectedInterrupt+0xbe
ntdll.dll!KiFastSystemCallRet
QtCoreRebit4.dll!QFSFileEngine::drives+0x2d1

process.bmp
0
 

Author Comment

by:bhieb
ID: 34889633
@ others

I have completely removed all AV products and it still happens. Also I have completely removed this application from add/remove. Then deleted the folder in question. Then reinstalled. Still same result.

Don't have time atm to copy them one by one into the folder, but I will if John's efforts don't pan out. Thing is this program worked fine until November (interestingly the same time they installed IE8).
0
 

Author Comment

by:bhieb
ID: 34889669
Ok the sfc /scannow came back with.

Files that are required to run properly have been replaced by unrecognized files.. blah blah insert Windows XP Pro SP3 disk. Problem is they don't have such a disk as they installed SP3 via windows update.

Do I have to slipstream it onto an XP Pro install and mail it to them or is their an easier way?
0
 
LVL 66

Accepted Solution

by:
johnb6767 earned 2000 total points
ID: 34889718
Whats this file belong to?

QtCoreRebit4.dll Dont see anything solid on a quick search about it....

Take it and scan it here if needed....

http://www.virustotal.com

0
 

Author Comment

by:bhieb
ID: 34889772
Aww now it is becoming clearer. The path is a Segate Replica folder. It is a replication program that came with a Seagate backup drive. I will check to see if they have anything on their support site, or possibly a new version.
0
 
LVL 2

Expert Comment

by:jatremillo
ID: 34890020
Run Spybot in safemode and also run this program called: SmitFraudFix: http://siri.urz.free.fr/Fix/SmitfraudFix.exe   

That should take care of your problem.
0
 

Author Comment

by:bhieb
ID: 34906846
Well it definitely was the Seagate Replica software. I've made a simple batch file to backup their data instead, and uninstalled it. Everything is smooth now. Thanks John for the tip on using the expanded process viewer. I've used it before, but not this in-depth, I'm sure it will come in handy in the future.
0
 
LVL 66

Expert Comment

by:johnb6767
ID: 34907069
Glad it helped......
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Can I legally transfer my OEM version of Windows to another PC?  (AKA - Can I put a new systemboard in my OEM PC?) Few of us are both IT and legal experts but we all have our own views of Microsoft's licensing rules and how they apply.  There are…
If your system is showing symptoms of browser hijacks or 'google search redirects' check out my other article (http://rdsrc.us/u3GP7A) first and run the tool TDSSKiller (http://rdsrc.us/GDBBs4) to get rid of the infection. Once done, and if the …
Two types of users will appreciate AOMEI Backupper Pro: 1 - Those with PCIe drives (and haven't found cloning software that works on them). 2 - Those who want a fast clone of their boot drive (no re-boots needed) and it can clone your drive wh…
We’ve all felt that sense of false security before—locking down external access to a database or component and feeling like we’ve done all we need to do to secure company data. But that feeling is fleeting. Attacks these days can happen in many w…

610 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question