DEP error and Explorer.exe crash on multiple computers?

Since Monday (it's now Wednesday) some users on our network have been getting the Data Execution error and when clicking close Explorer.exe error occurs, task bar disappears and comes back and all is fine again.

It seems to happen when programs are closed.

It started on one machine, then a 2nd machine started yesterday and today a 3rd machine. I am worried this issue is spread to the whole network. It is very annoying and obviously a huge interruption to work.

I'm not going to post the whole message as I have trouble replicating the error on demand and don't have a copy of it, however when I did some googling on the error, because the event error says unkown module in explorer.exe caused the error I presume the whole message won't help in this case.

So I guess I am asking, has anyone else had a issue like this recently?

Could it be an antivirus (sophos) update? The 3 machines in question all have sophos and office. 2 have SP3 and 1 has SP2. 2 have office 2007 and 1 has office 2003, so only sophos is the same on all machines, yet all our other 15 machines remain unaffected so far.

If it is a Sophos update causing this then I expect all machines to suffer from it soon and I expect many people around the world to have the same issue.

I don't think it's a domain error as one machine is set to log on locally and not the domain.

The machines in question also lost their desktop wallpaper randomly over the past few weeks so this could be related.

I have used shell viewer to close all non-microsoft modules but I think this led to the corruption of an outlook mail box, either way I tried disabling different modules on each machine and so far the problem hasnt occurred.

The only other thing I can think would cause this would be Spiceworks, perhaps it's scanning and causing this.

If anyone has seen a similar issue or could take a guess at what it is to help save me some time it would be much appreciated.

Otherwise I will have to figure out what module is causing the issue and then try to fix the problem from the source and not the explorer.exe module.

...All machines are windows XP

Thanks
jdunnillAsked:
Who is Participating?
 
Computer101Commented:
PAQed with points refunded (500)

Computer101
EE Admin
0
 
securestep_technologyCommented:
Have you added any hardware or printers to the network lately? Have you done a spyware scan on the PCs?
0
 
sk_raja_rajaCommented:
download superantispyware from www.superantispyware.com and do a full scan...its free
0
Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

 
jd0323Commented:
Getting similar error.  What is the test of the error in the application log?

Ours is...
Faulting application explorer.exe, version 6.0.2900.2894, faulting module unknown, version 0.0.0.0, fault address 0x5a022e08.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

We are running Sophos, Windows XP SP2, and Office 2003 sp2 as primary.  Also, I lost the capability to update about 20 servers.
0
 
slotb007Commented:
The problem is caused by the last engine update of sophos antivirus.
I temperarly excludes explore.exe from the DEP feature from microsoft.


In windows 2003:

Properties of My Computer - advanced tab - Performance option - Tab Data Execution Prevention - Option Turn on DEP for all programs and ....... - Add explore.exe.

I have opened a Support incident at Sophos, if I have a solution I will add it to this post.

Marcel
0
 
jdunnillAuthor Commented:
I thought it would be related to an update. As a temporary fix till sophos and MS address this I have used shell viewer and disabled the sophos modules in explorer.exe

slotb007, I look forward to your post following Sophos' analysis of the error.

jd0323, We use Sophos also and juding by slotb007's post, looks like Sophos are to blame! I was beginning to regret installing SP3 but then realised one of the affected machines has SP2 still.
0
 
IT-JockeyCommented:
All,
Have a look at the KB below
Sophos have acknowledged the issue and it should be fixed in 7.6.1
A workaround is detailed.

I'm suffering from the same issue.

http://www.sophos.com/support/knowledgebase/article/46484.html
0
 
mike2747Commented:
JOIN THE CLUB.... Only Sophos is not even part of our equation. I've had the DEP and Explorer crash errors on four computers in the last 24 hours. This was with an clean, OEM install of XP Pro (SP3 integrated) just after running windows updates... I believe Java, Flash player, and Adobe Reader were the only pieces of software installed. What's going on??????

Faulting application explorer.exe, version 6.0.2900.5512, faulting module unknown, version 0.0.0.0, fault address 0x016b0644
0
 
mike2747Commented:
Does anyone have a solution yet? This problem is EVERYWHERE and is caused by an update from Microsoft without question. Sophos may be part of the problem for some, but Sophos has not been on any of the ten computers i've seen in the past two weeks that have this issue. Again, this has happened on a clean XP install, just after windows updates. It's happened on SP2 and SP3 builds, laptops, desktops, different networks, etc...

Some others that are stumped:

http://www.edugeek.net/forums/windows/24681-explorer-crashing-dep-3.html#post238367

http://www.suggestafix.com/index.php?showtopic=31055

http://forums.techguy.org/malware-removal-hijackthis-logs/759194-windows-explorer-has-encountered-problem.html
0
 
mike2747Commented:
This error is now on my personal laptop. If I go to add/remove programs and show updates, the following updates were installed on 9/25/08. One of these is the culprit!

KB938127-V2
KB951978
KB952287
KB952954
KB953839
KB951072-V2
KB951698
KB938464
KB946648
KB951748
KB950762
KB951376-V2
KB951066
KB950974
0
 
jdunnillAuthor Commented:
I have no idea what's causing it. But I managed to stop it on two machines by installing shellview and disabling all processings within explorer.exe that were not Microsoft. It worked on 3 out of 4 machines. Try that. Sounds like it is a Microsoft issue. A worker here said it happened on her home computer and she uses Norton.

Do you have any AV on minimal machines you're getting the issue with?

I'm, just trying to sit tight till the problem goes away. Even the machine that couldn't be fixed using the above method seems to do it a hell of alot less. It used to be all the time.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.