explorer.exe crash

[shionn999]

my explorer.exe crashed after i open the windows search (Search Companion).

I discovered the window search was connected to 207.46.248.249, only coincidence? what the experts can tell me based on the error message:

Faulting application explorer.exe, version 6.0.3790, faulting module ntdll.dll, version 5.2.3790

(error msg in event views)

THANK YOU

[cluberti]

Maybe a coincidence, maybe not. However, the IP address isn't malicious:

IP address:					 207.46.248.249
Reverse DNS:					sa.windows.com.
Reverse DNS authenticity:	   [Verified]
ASN:							8070
ASN Name:					   MICROSOFT-CORP---MSN-AS-BLOCK
IP range connectivity:		  2
Registrar (per ASN):			ARIN
Country (per IP registrar):	 US [United States]
Country Currency:			   USD [United States Dollars]
Country IP Range:			   207.46.0.0 to 207.46.255.255
Country fraud profile:		  Normal
City (per outside source):	  Redmond, Washington
Country (per outside source):   US [United States]
Private (internal) IP?		  No
IP address registrar:		   whois.arin.net

As to the crash, the only thing I can tell you is that something running inside explorer.exe crashed during an API call (ntdll.dll is the Windows "API" .dll for most usermode calls), so a crash in ntdll.dll only means that something running inside explorer.exe was attempting ... something.

Can you gather a user mode dump for a crashing process, as per my instructions here? The resulting .dmp file will be useful in tracking this down.

[shionn999]

thanks, it not crashed for a while, I put the explorer search in the classic mod

if crash once more i'll post my memory dump as you said.