Kelly_W
asked on
Windows 2003 Server Application Error (explorer.exe)
Hello all,
This is a very strange problem but rather long, so please bear with me.
This is on a NEW server 2003 R2 terminal server with all the latest patches. By new I mean one week old. And no, it does not have any viruses or maleware. I have run both types of scans and everything reports clean.
What is happening is that whenever anyone with admin rights logs in through RDP/terminal server We get the following in succession in the event viewer:
First:
Source: Application Error
Category: (100)
Event ID: 1000
Description: Faulting application explorer.exe, version 6.0.3790.3959, faulting module kernel32.dll, version 5.2.3790.4480, fault address 0x0000bef7.
Second:
Source: DrWatson
Category: None
Event ID: 4097
Description: The application, C:\WINDOWS\Explorer.EXE, generated an application error The error occurred on <date> @ <time> The exception generated was 800000001 at address 77EF4BEF7 (kernel32! RaiseException)
Third:
Source: Winlogon
Category: None
Event ID: 1002
Description: The shell stopped unexpectedly and Explorer.exe was restarted.
These come up within three seconds from the first to the third message. The user has to click on Close button on two different Windows Explorer error boxes. After these messages go past, everything seems fine. I am very leery of letting this one slide by, I am just wondering if it is a sign of some bigger problem.
By the way, every night I have a program that will automatically reboot this server and logon with an admin equivalent user and I get these errors not only on the console but also whenever an admin equivalent user logs on through terminal services.
This is a production server so I cannot up and reboot anything during the day. It has to be done after hours.
Thank you,
Kelly W.
This is a very strange problem but rather long, so please bear with me.
This is on a NEW server 2003 R2 terminal server with all the latest patches. By new I mean one week old. And no, it does not have any viruses or maleware. I have run both types of scans and everything reports clean.
What is happening is that whenever anyone with admin rights logs in through RDP/terminal server We get the following in succession in the event viewer:
First:
Source: Application Error
Category: (100)
Event ID: 1000
Description: Faulting application explorer.exe, version 6.0.3790.3959, faulting module kernel32.dll, version 5.2.3790.4480, fault address 0x0000bef7.
Second:
Source: DrWatson
Category: None
Event ID: 4097
Description: The application, C:\WINDOWS\Explorer.EXE, generated an application error The error occurred on <date> @ <time> The exception generated was 800000001 at address 77EF4BEF7 (kernel32! RaiseException)
Third:
Source: Winlogon
Category: None
Event ID: 1002
Description: The shell stopped unexpectedly and Explorer.exe was restarted.
These come up within three seconds from the first to the third message. The user has to click on Close button on two different Windows Explorer error boxes. After these messages go past, everything seems fine. I am very leery of letting this one slide by, I am just wondering if it is a sign of some bigger problem.
By the way, every night I have a program that will automatically reboot this server and logon with an admin equivalent user and I get these errors not only on the console but also whenever an admin equivalent user logs on through terminal services.
This is a production server so I cannot up and reboot anything during the day. It has to be done after hours.
Thank you,
Kelly W.
Brum07
what other software is installed on the server?
ASKER
Hello,
The only other software is:
1) Adobe Reader 8.0
2) AVG File Server Edition
3) Backup Exec Remote Agent (12.5)
4) Misys Tiger (canned medical software)
5) Word 2000 (This is the only version of Word that Misys Tiger will work with - it will not work correctly 2003 or 2007)
That is it.
Thanks,
Kelly W.
The only other software is:
1) Adobe Reader 8.0
2) AVG File Server Edition
3) Backup Exec Remote Agent (12.5)
4) Misys Tiger (canned medical software)
5) Word 2000 (This is the only version of Word that Misys Tiger will work with - it will not work correctly 2003 or 2007)
That is it.
Thanks,
Kelly W.
ASKER
Hello all,
Also various HP printer drivers
Thanks,
Kelly W.
Also various HP printer drivers
Thanks,
Kelly W.
Do non admin users who log into the server get these errors?
ASKER
Hello all,
No they do not, at least the error messages for them to click on the close button do not come up.
I have not seen these error messages come up in the event viewer for the users.
Thanks,
Kelly W.
No they do not, at least the error messages for them to click on the close button do not come up.
I have not seen these error messages come up in the event viewer for the users.
Thanks,
Kelly W.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
That worked great. Thank you!