4

I have been having some issues with explorer.exe hanging when I create a new folder.

If I use Analyse Wait Chain in the Resource Monitor it says "One or more threads of explorer.exe are waiting to finish network I/O".

When I look at the offending thread in Process Explorer it reveals nothing interesting:

ntdll.dll!ZwWaitForMultipleObjects+0xa 
KERNELBASE.dll!GetCurrentThread+0x36 
kernel32.dll!WaitForMultipleObjectsEx+0xb3 
USER32.dll!PeekMessageW+0x1cd 
USER32.dll!MsgWaitForMultipleObjectsEx+0x2a 
USER32.dll!MsgWaitForMultipleObjects+0x20 
SHELL32.dll!SHAppBarMessage+0x41e 
SHELL32.dll!DragAcceptFiles+0x2a3c 
SHELL32.dll!DragAcceptFiles+0x2a4f 
SHELL32.dll!Ordinal211+0x124 
SHELL32.dll!SHChangeNotification_Unlock+0x12f4 
USER32.dll!GetSystemMetrics+0x2b1 
USER32.dll!IsDialogMessageW+0x19b 
USER32.dll!IsDialogMessageW+0x1e1 
ntdll.dll!KiUserCallbackDispatcher+0x1f 
USER32.dll!PeekMessageW+0xba 
USER32.dll!PeekMessageW+0x89 
SHELL32.dll!SHChangeNotification_Unlock+0xd9f 
SHELL32.dll!Ordinal885+0x1407 
SHLWAPI.dll!SHRegGetUSValueW+0x306 
kernel32.dll!BaseThreadInitThunk+0xd 
ntdll.dll!RtlUserThreadStart+0x21

While I was looking at the explorer.exe threads I did notice a fair few that talk about ETW (Event Tracing for Windows) so obviously explorer.exe uses tracing.

So I decided to try and user TraceView.exe to try and listen in on the explorer.exe traces.

The problem is TraceView requires some difficult-to-come-by stuff... either pdbs, or CTL files, and .TMF files. I tried using the explorer.pdb that comes with the Windows SDK but that did not work. I do not see explorer.exe in the "named providers". And I have no idea where to locate the ctl or .TMF files for explorer.exe.

So the question is: Is there a way to view the ETW trace messages from explorer?

Or shall I just not bother and go back to the age old technique of disabling every explorer extenion one-by-one in the hope its one of them. (Prefer the former as I like to get to the bottom of things!!)

Schneider
  • 818
  • 4
  • 14
  • 22
  • Interesting, I've started seeing this too in the last week or so, and assumed it must just be something weird on my system, but maybe not... – Whisk Oct 04 '09 at 22:08
  • I never did solve this. I think it was a shell add in, possibly teracopy or tortoisesvn that was causing the problem – Schneider Jul 12 '10 at 08:15

4 Answers4

3

I don't know if you've seen them, but Mark Russinovich of Microsoft (formerly of SysInternals who originally wrote Process Explorer) writes regular articles on his blog about diagnosing Windows problems using the Sysinternals tools.

This one demonstrates his process as he tries to track down an intermittent Explorer hang (which almost certainnly isn't the same as yours but does show the process he uses) http://blogs.technet.com/markrussinovich/archive/2005/08/28/the-case-of-the-intermittent-and-annoying-explorer-hangs.aspx

He uses other techniques (including grabbing the symbols from MS servers) diagnosing slow Windows performance here: http://blogs.technet.com/markrussinovich/archive/2008/09/24/3126858.aspx

GAThrawn
  • 2,424
  • 3
  • 20
  • 38
  • Word. Russinovich is a f**ing deity in my book, and his tools keep me out of trouble at work almost all day. – songei2f Jul 21 '10 at 19:37
1

The first thing I would do is run checkdisk on the drive in question. Rule out the simplest reasons first.

JamesRyan
  • 8,138
  • 2
  • 24
  • 36
0

This happens consistently to me in Windows 7 after waking up from hibernate. Both "New Folder" and "Rename Folder" bring explorer.exe to a long hang. Eventually comes back, but kills whatever momentum you had. A little dismaying to see this on a brand new W7 laptop.

My workaround: Launch Task Manager Kill explorer.exe. Taskbar will disappear. File -> New Task -> explorer.exe. Taskbar should reappear. Close Task Manager

Problem was immediately cleared. But it'll be back tonight...

0

The solution presented by Scott works perfect.

I am using Windows 7 (64-bit) on Dell Inspiron 1564.

Seems to be an inherent bug in 7.