Unexplained Explorer.EXE crashes...

Avast Free Antivirus / Premium Security
1

Was getting some very unstable behaviour out of explorer. (So first step was disabling known shell extensions, as these are a KNOWN concern)

However this didn’t resolve the issue , so I dug a little deeper, The Nirsoft Crashreporter found the concerns attached.

If Avast is working properly there ideally shouldn’t be any bug-checks, internal exceptions NOR should Explorer.exe be falling over on XP. (I’m still strongly suspecting a shell-extension/plugin is not doing quite what it’s expected to, but lack the advanced debugging tools to dig any further.)

OS: XP SP3 Avast: : 12.3.2280 buld 122.3.2154.2

2

More bug checks this morning. This was after removing Java 8, and DISABLING many other unknown shell extensions.

This means that whatever is causing a failure in Explorer is highly likely to be some interaction between Windows Explorer, Avast and Comodo Internet Security. (All of which are as far as I know at current builds.)

As I’m reaching the limit of the tools I have available to diagnose what’s causing the crashes, I would appreciate a definite confirmation that people here are NOT aware of any known issues between Avast and Comodo.

3

No problems here.

4

Thanks, this means it’s an unknown interaction (not confirmed as Avast.).

Is there a tool for disabling shell extensions / BHO’s selectively?

5
  • Which Avast…? (Free/Pro/IS/Premier)
  • Other security related software installed…?
  • Which AV(s) did you use before Avast…?
6

Avast Free -( Build as given in the previous postings)

I also use Comodo Internet Security() and Spybot Search and Destroy

Before Avast I was using AVG, but that was as I understood that had been completely uninstalled.

Other (Non Microsoft ) shell extensions I found were:-

Java
Acrobat Reader
7 Zip
Win Rar
Notepad++
Libre Office.

But these were disabled in case of an incompatibility.

7

First, be sure to get rid of Spybot…!!

Then:

  1. Download Avast Free Antivirus: https://files.avast.com/iavs9x/avast_free_antivirus_setup_offline.exe
  2. Follow instructions: https://www.avast.com/uninstall-utility (Run this tool for all prior installed Avast versions…!!)
  3. Reinstall Avast with the downloaded installer from point 1.
  4. Reboot.
8

Comodo Internet Security is a resident AV and also shouldn’t be there.Never use more than one resident AV at a time.

9

It’s not an AV, It’s a firewall. If Avast can’t recognise the difference then that’s unfortunate.

10

http://screencast-o-matic.com/screenshots/u/Lh/1473530076934-83992.png

11

Well I checked and what I seem to have is Comodo Firewall, not “Internet Security”, so it doesn’t have AV capability as such. However it DOES have something called Defense+/HIPS
which may be the cause of the interaction.

12

Comodo HIPS shouldn’t be a problem, follow my advice (Reply #6).

13

Did so. Seems to have reinstalled cleanly enough… Is there an option in the paid version to scan for “bad shell extensions/ BHO” specifcally.

I know it’s probably beyond an anti virus program, but do you know of any tools that can take a random EXE and do some form of static/huerstical analysis? I am very strongly thinking it’s a “Non Avast” shell extension/BHO that caused the headaches…

14

Hmm, but Cavshell.dll might be , It described itself as “…Anti Virus” when I ran a shell extension checker. (Disabled temporarily as precautionry measure. - Will be running a FULL Scan shortly.

RESOLVED - In respect of Avast involvment, so I’ll be directing further comments in the directions of other vendors…

Thank you for your patience.

Feature Suggestions for the Paid/Pro version,
*A scan on “crash”-tool that can advise what went wrong in an app that crashed (such as explorer.exe), and possibly scan the modules mentioned in a stack trace for odd signatures. (I find the normal “X has encountered a problem” dialog a little misleading sometimes.

15

You’re welcome.

16

Comodo hasn’t been just a firewall for a long time.
And even if you think just to install the firewall, it installs some av components as well.

https://blog.kaspersky.com/multiple-antivirus-programs-bad-idea/2670/

For the best protection security software digs itself deep into the OS nowadays.
When multiple security software are installed they are trying to take the same space in the OS and it is not uncommon to lead to conflicts.

17

(Adding additional information.)

Having had to reinstate Comodo after some erratic internet behaviour, I found the Explorer.exe fault reccured. I then did a a check of Shell extensions, and found that Cavshell.dll had re-enabled itself. Disabling the relevant shell extension seemingly removed the Fault condition.

So as I said earlier I think the fault is either a bug in Cavshell, or it’s an interaction conflict between Comodo and Avast. I lack the tools to dig into this further, but would appreciate it if
more effort was made between Security software providers, so that they communicate interaction issues and bugs. Perhaps this is something that could be raised by the Avast developers with Comodo? I consider a silent installation/re-enable of shell extension which when Avast is also running causes a major part of Windows (explorer) to crash to be a bit concerning, and something someone with less honurable intentions might try to exploit. :frowning:

18

A simple solution is to forget about Comodo. :slight_smile: