Category Archives: Windows Server 2003

Print Spooler (spoolsv.exe) crashes repeatedly – find corrupt/unsupported drivers

If you find that your print spooler service continuously crashes or won’t even start at all, it could be due to an unsupported or corrupted printer driver. To help determine what the cause of the issue is, you will need to do the following.

  1. Download Windows Debugging Tools SDK from this location and install them to a location you’ll remember.
  2. Create a folder on your C: drive named debug.
  3. Open a command prompt change directory to the folder where you installed the debugging tools.
  4. Change directory again to “Debuggers\x86.” (Note: This location may change depending on operating system. You are looking for the file location of adplus.exe.)
  5. Run the following command: adplus -crash -pmn “spoolsv.exe” -o C:\debug.
  6. Start the Print Spooler service.

The adplus command will wait for the print spooler service to start then attach itself to it for debugging purposes. When the service crashes, it will create a folder inside of C:\debug with a date/timestamp similar to this: 20120807_095027_Crash_Mode. Inside of that folder will be a couple of log files. Examine the log files and search for verify. In my case, it found the following line: *** WARNING: Unable to verify checksum for C:\Windows\System32\XRZWSLAI.DLL. Next, we need to delete the printer and drivers from the registry.

To delete the printer and drivers from the registry, do the following:

  1. Open the registry editor.
  2. Browse to: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Print\Environments\Windows NT x86\Drivers\ (Note: If you’re running the 64-bit version of Windows, the registry location will most likely be Windows x64 rather than Windows NT x86.)
  3. There will be a subkey Version-2 or Version-3 depending on your operating system.
  4. Export the registry key before deletion to ensure you have a backup.
  5. Delete the appropriate key that relates to the corrupt/unsupported driver.
  6. Browse to: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Print\Printers.
  7. Export the registry key before deletion to ensure you have a backup.
  8. Delete the appropriate key that relates to the printer.
  9. Start the Print Spooler service.

Disable SSLv2 on IIS 6 for Windows 2003

SSLv2 should be disabled on any machine running IIS as a security precaution. To do this, open a command prompt on the target server and run the following commands to add values to the registry to disable it.

REG ADD “HKLM\System\CurrentControlSet\Control\SecurityProviders\SChannel\Protocols\PCT 1.0\Server” /v Enabled /t REG_DWORD /d 0 /f

REG ADD “HKLM\System\CurrentControlSet\Control\SecurityProviders\SChannel\Protocols\SSL 2.0\Server” /v Enabled /t REG_DWORD /d 0 /f

Windows 2003 RDP Desktop session or parts of Desktop session is black

I had an issue today where I was connecting to a Windows Server 2003 machine and after logging in my RDP desktop was black.  I could see icons, but text, menus, etc., did not show up.  This is due to corrupted/incorrect color settings in the registry.

Here is what I did to fix it.  Replace the bold parts with your SID.

  1. Opened the registry and browsed to HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\PROFILELIST and found the SID associated with my login account. In this case, it was S-1-5-21-269 (part of the SID omitted)
  2. Still in registry editor, browsed to HKEY_USERS\S-1-5-21-269\CONTROL PANEL\COLORS
  3. I noticed most of the values, if not all, were set to ‘0 0 0’.  I backed up the registry key.
  4. Create a new registry editor file (.reg) and paste these values into it:
    [HKEY_USERS\S-1-5-21-269\Control Panel\Colors]
    “ActiveBorder”=”212 208 200”
    “ActiveTitle”=”0 84 227”
    “AppWorkSpace”=”128 128 128”
    “Background”=”0 78 152”
    “ButtonAlternateFace”=”181 181 181”
    “ButtonDkShadow”=”113 111 100”
    “ButtonFace”=”236 233 216”
    “ButtonHilight”=”255 255 255”
    “ButtonLight”=”241 239 226”
    “ButtonShadow”=”172 168 153”
    “ButtonText”=”0 0 0”
    “GradientActiveTitle”=”61 149 255”
    “GradientInactiveTitle”=”157 185 235”
    “GrayText”=”172 168 153”
    “Hilight”=”49 106 197”
    “HilightText”=”255 255 255”
    “HotTrackingColor”=”0 0 128”
    “InactiveBorder”=”212 208 200”
    “InactiveTitle”=”122 150 223”
    “InactiveTitleText”=”216 228 248”
    “InfoText”=”0 0 0”
    “InfoWindow”=”255 255 225”
    “Menu”=”255 255 255”
    “MenuText”=”0 0 0”
    “Scrollbar”=”212 208 200”
    “TitleText”=”255 255 255”
    “Window”=”255 255 255”
    “WindowFrame”=”0 0 0”
    “WindowText”=”0 0 0”
    “MenuHilight”=”49 106 197”
    “MenuBar”=”236 233 216”
  5. Place the .reg file on the machine in question and import the settings into the registry.  Log on with the user and all color settings should be restored.