How to solve Windows system crashes in minutes

June 27, 2007

http://www.networkworld.com/news/2005/041105-windows-crash.html?page=1

This primer will show you how to solve problems quickly. Using a tool that costs nothing, you can solve approximately 50% of Windows server and workstation crashes in a few minutes. The tool is WinDbg , the free Windows debugger.


You receive a 0x80245003 error when you attempt to install updates from the Windows Update Web site

June 26, 2007

When you attempt to install updates using the Windows Update Web site, you receive an error similar to:

Error number:0x80245003. Windows Update has encountered an error and cannot display the requested page.

This behavior occurs because the redirector identification number of the downloaded Wuredir.cab file is lower than the redirector identification number of the %SystemRoot%\SoftwareDistribution\Wuredir.cab file.

To workaround this issue:

1. Open a CMD.EXE window.

2. Type net stop wuauserv and press Enter.

3. Type rmdir /s /q %windir%\softwaredistribution\wuredir and press Enter.

4. Type net start wuauserv and press Enter.

Try using the Windows Update Web site to install updates.


No Security Tab in Windows XP By Default

June 21, 2007

When Windows XP is a member of a workgroup, the security tab in the properties window may not be displayed by default.  This Microsoft article discusses it:

http://support.microsoft.com/kb/290403

Basically, change the following registry key to 0:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\ForceGuest


Control Panel Applets or MMC’s from run command

May 17, 2007

Here are some examples of  shortcuts to type from Start –> run

control userpasswords2 
user accounts 
devmgmt.msc
windows hardware device manager
services.msc
windows services
regedit
registry editor
appwiz.cpl
add/remove programs
dfrg.msc
disk defragmenter
diskmgmt.msc
disk management panel
eventvwr.msc
event viewer
ncpa.cpl
network connections panel
printers
printers and faxes panel
msconfig
system configuration and startup options
nusrmgr.cpl
user management panel
control
opens the control panel
secpol.msc 
opens Local Security Policy Settings
gpedit.msc 
opens Group Policy

Fix for SVCHost at 100% CPU

May 17, 2007

 Blog info:

http://blogs.technet.com/wsus/archive/2007/05/15/srvhost-msi-issue-follow-up.aspx

What you need:

1) Microsoft KB 927891 – link

2) Build 0374 AU client/ WSUS 3.0 client: – link

 Other related too: Microsoft (SysInternals) Process Explorer – link


Remote Web Workplace for SBS2003

April 25, 2007

See: Remote Web Workplace Part 1 (PDF) for more info

Basic Setup:

Configure Internet and Email access settings to allow access to the Remote Web Workplace web service from the Internet (Server Management -> Connect to the Internet -> Web Services Configuration)

Configure the IIS Web application named Remote to Allow access by Default ( ISS Manager -> Web Sites -> Default Web Site -> Remote -> Properties -> Directory Security -> IP address and Domain Name restrictions -> Edit)

Configure the Firewall to allow SSH (Port 443)  to the SBS box from the WAN.  Create a custom service for RWW (Port 4125) and allow access to that service from the WAN to the SBS box.

Connecting client machines must be Windows XP Pro or better

Access the site to test:
From the LAN  https://SBSSERVER/Remote
From the WAN:  https://mail.domainname.com/Remote


Eliminate the Annoying Extra Prompt in Vista and RDP 6.0

April 11, 2007

With Vista and RDP 6.0, you will see an extra warning message when connecting to remote PCs saying something like:

 

“Remote Desktop cannot verify the identity of the computer you want to connect to…”

To eliminate this, set the following registry key to 0.  Create the key if it doesn’t exist.

\\HKCU\Software\Microsoft\Terminal Server Client\AuthenticationLevelOverride


RTHDCPL.EXE – Illegal System DLL Relocation Error

April 6, 2007

RTHDCPL.EXE – Illegal System DLL Relocation 

The system DLL user32.dll was relocated in memory.  The application will not run properly.  The relocation occurred because the DLLC:\WINDOWS\system32\JJCTRL.OCX occupied an address range reserved for Windows system DLLs.  The vendor supplying the DLL should be contacted for a new DLL. 

Caused by Microsoft Security Update KB925902 or KB928843.  The update to correct the issue can be found here.

The full article where I found this can be found here:
http://www.lancelhoff.com/2007/04/04/rthdcplexe-illegal-system-dll-relocation-error/


When you run Windows Update to scan for updates that use Windows Installer CPU utilization may reach 100 percent for prolonged periods

April 5, 2007

http://support.microsoft.com/kb/932494
FIX: When you run Windows Update to scan for updates that use Windows Installer, including Office updates, CPU utilization may reach 100 percent for prolonged periods

SYMPTOMS
You use Automatic Updates (Svchost.exe) to scan for updates or to apply updates to any applications that use Microsoft Windows Installer 3.1. Then, you experience issues when you use the following update mechanisms:
• Microsoft Update
• Windows Server Update Services (WSUS)
• The Microsoft Baseline Security Analyzer (MBSA) 2.0
• Microsoft Systems Management Server Inventory Tool for Microsoft Updates (SMS ITMU)

Some of the applications that use Windows Installer include Microsoft Office 2003, Microsoft Office XP, and Microsoft Windows Defender. These applications experience the following issues:
• The Svchost.exe process may spike the CPU usage to 100 percent during update detection or update installation. Also, the Svchost.exe process causes the computer to stop responding for various lengths of time.
• The Svchost.exe process produces an access violation during update detection or update installation. Additionally, you receive the following error message:
SVCHOST.exe Application Error
The instruction at 0x0745F2780 referenced memory at 0x000000000 the memory could not be read.
• The Svchost.exe process leaks memory during update detection or update installation.

Microsoft has released a hotfix to correct the problem. You can find the hotfix here:

http://support.microsoft.com/kb/927891/

This update replaces update 916089, the orignal fix which is noted in the KB932494.
(http://support.microsoft.com/kb/916089/) When you run Windows Update to scan for updates that use Windows Installer, including Office updates, CPU utilization may reach 100 percent for prolonged periods.


Process Explorer for Windows v10.21

March 27, 2007

Ever wondered which program has a particular file or directory open? Now you can find out. Process Explorer shows you information about which handles and DLLs processes have opened or loaded.The Process Explorer display consists of two sub-windows. The top window always shows a list of the currently active processes, including the names of their owning accounts, whereas the information displayed in the bottom window depends on the mode that Process Explorer is in: if it is in handle mode you’ll see the handles that the process selected in the top window has opened; if Process Explorer is in DLL mode you’ll see the DLLs and memory-mapped files that the process has loaded. Process Explorer also has a powerful search capability that will quickly show you which processes have particular handles opened or DLLs loaded.http://www.microsoft.com/technet/sysinternals/ProcessesAndThreads/ProcessExplorer.mspx