Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

DEP error and Explorer.exe crash on multiple computers?

Posted on 2008-10-01
12
Medium Priority
?
2,634 Views
Last Modified: 2013-12-04
Since Monday (it's now Wednesday) some users on our network have been getting the Data Execution error and when clicking close Explorer.exe error occurs, task bar disappears and comes back and all is fine again.

It seems to happen when programs are closed.

It started on one machine, then a 2nd machine started yesterday and today a 3rd machine. I am worried this issue is spread to the whole network. It is very annoying and obviously a huge interruption to work.

I'm not going to post the whole message as I have trouble replicating the error on demand and don't have a copy of it, however when I did some googling on the error, because the event error says unkown module in explorer.exe caused the error I presume the whole message won't help in this case.

So I guess I am asking, has anyone else had a issue like this recently?

Could it be an antivirus (sophos) update? The 3 machines in question all have sophos and office. 2 have SP3 and 1 has SP2. 2 have office 2007 and 1 has office 2003, so only sophos is the same on all machines, yet all our other 15 machines remain unaffected so far.

If it is a Sophos update causing this then I expect all machines to suffer from it soon and I expect many people around the world to have the same issue.

I don't think it's a domain error as one machine is set to log on locally and not the domain.

The machines in question also lost their desktop wallpaper randomly over the past few weeks so this could be related.

I have used shell viewer to close all non-microsoft modules but I think this led to the corruption of an outlook mail box, either way I tried disabling different modules on each machine and so far the problem hasnt occurred.

The only other thing I can think would cause this would be Spiceworks, perhaps it's scanning and causing this.

If anyone has seen a similar issue or could take a guess at what it is to help save me some time it would be much appreciated.

Otherwise I will have to figure out what module is causing the issue and then try to fix the problem from the source and not the explorer.exe module.

...All machines are windows XP

Thanks
0
Comment
Question by:jdunnill
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
12 Comments
 

Expert Comment

by:securestep_technology
ID: 22616522
Have you added any hardware or printers to the network lately? Have you done a spyware scan on the PCs?
0
 
LVL 18

Expert Comment

by:sk_raja_raja
ID: 22617694
download superantispyware from www.superantispyware.com and do a full scan...its free
0
 

Expert Comment

by:jd0323
ID: 22619254
Getting similar error.  What is the test of the error in the application log?

Ours is...
Faulting application explorer.exe, version 6.0.2900.2894, faulting module unknown, version 0.0.0.0, fault address 0x5a022e08.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

We are running Sophos, Windows XP SP2, and Office 2003 sp2 as primary.  Also, I lost the capability to update about 20 servers.
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
LVL 2

Expert Comment

by:slotb007
ID: 22622066
The problem is caused by the last engine update of sophos antivirus.
I temperarly excludes explore.exe from the DEP feature from microsoft.


In windows 2003:

Properties of My Computer - advanced tab - Performance option - Tab Data Execution Prevention - Option Turn on DEP for all programs and ....... - Add explore.exe.

I have opened a Support incident at Sophos, if I have a solution I will add it to this post.

Marcel
0
 

Author Comment

by:jdunnill
ID: 22622668
I thought it would be related to an update. As a temporary fix till sophos and MS address this I have used shell viewer and disabled the sophos modules in explorer.exe

slotb007, I look forward to your post following Sophos' analysis of the error.

jd0323, We use Sophos also and juding by slotb007's post, looks like Sophos are to blame! I was beginning to regret installing SP3 but then realised one of the affected machines has SP2 still.
0
 

Expert Comment

by:IT-Jockey
ID: 22626642
All,
Have a look at the KB below
Sophos have acknowledged the issue and it should be fixed in 7.6.1
A workaround is detailed.

I'm suffering from the same issue.

http://www.sophos.com/support/knowledgebase/article/46484.html
0
 
LVL 1

Expert Comment

by:mike2747
ID: 22664990
JOIN THE CLUB.... Only Sophos is not even part of our equation. I've had the DEP and Explorer crash errors on four computers in the last 24 hours. This was with an clean, OEM install of XP Pro (SP3 integrated) just after running windows updates... I believe Java, Flash player, and Adobe Reader were the only pieces of software installed. What's going on??????

Faulting application explorer.exe, version 6.0.2900.5512, faulting module unknown, version 0.0.0.0, fault address 0x016b0644
0
 
LVL 1

Expert Comment

by:mike2747
ID: 22734692
Does anyone have a solution yet? This problem is EVERYWHERE and is caused by an update from Microsoft without question. Sophos may be part of the problem for some, but Sophos has not been on any of the ten computers i've seen in the past two weeks that have this issue. Again, this has happened on a clean XP install, just after windows updates. It's happened on SP2 and SP3 builds, laptops, desktops, different networks, etc...

Some others that are stumped:

http://www.edugeek.net/forums/windows/24681-explorer-crashing-dep-3.html#post238367

http://www.suggestafix.com/index.php?showtopic=31055

http://forums.techguy.org/malware-removal-hijackthis-logs/759194-windows-explorer-has-encountered-problem.html
0
 
LVL 1

Expert Comment

by:mike2747
ID: 22734815
This error is now on my personal laptop. If I go to add/remove programs and show updates, the following updates were installed on 9/25/08. One of these is the culprit!

KB938127-V2
KB951978
KB952287
KB952954
KB953839
KB951072-V2
KB951698
KB938464
KB946648
KB951748
KB950762
KB951376-V2
KB951066
KB950974
0
 

Author Comment

by:jdunnill
ID: 22739191
I have no idea what's causing it. But I managed to stop it on two machines by installing shellview and disabling all processings within explorer.exe that were not Microsoft. It worked on 3 out of 4 machines. Try that. Sounds like it is a Microsoft issue. A worker here said it happened on her home computer and she uses Norton.

Do you have any AV on minimal machines you're getting the issue with?

I'm, just trying to sit tight till the problem goes away. Even the machine that couldn't be fixed using the above method seems to do it a hell of alot less. It used to be all the time.
0
 
LVL 1

Accepted Solution

by:
Computer101 earned 0 total points
ID: 22965644
PAQed with points refunded (500)

Computer101
EE Admin
0

Featured Post

Automating Your MSP Business

The road to profitability.
Delivering superior services is key to ensuring customer satisfaction and the consequent long-term relationships that enable MSPs to lock in predictable, recurring revenue. What's the best way to deliver superior service? One word: automation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

No security measures warrant 100% as a "silver bullet". The truth is we also cannot assume anything but a defensive and vigilance posture. Adopt no trust by default and reveal in assumption. Only assume anonymity or invisibility in the reverse. Safe…
Users of Windows 10 Professional can disable automatic reboots using the policy editor. This tool is not included in the Windows home edition. But don't worry! Follow the instructions below to install (a Win7) policy editor on your Windows 10 Home e…
Two types of users will appreciate AOMEI Backupper Pro: 1 - Those with PCIe drives (and haven't found cloning software that works on them). 2 - Those who want a fast clone of their boot drive (no re-boots needed) and it can clone your drive wh…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

604 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question