April 6, 2007
RTHDCPL.EXE – Illegal System DLL Relocation
The system DLL user32.dll was relocated in memory. The application will not run properly. The relocation occurred because the DLLC:\WINDOWS\system32\JJCTRL.OCX occupied an address range reserved for Windows system DLLs. The vendor supplying the DLL should be contacted for a new DLL.
Caused by Microsoft Security Update KB925902 or KB928843. The update to correct the issue can be found here.
The full article where I found this can be found here:
April 5, 2007
FIX: When you run Windows Update to scan for updates that use Windows Installer, including Office updates, CPU utilization may reach 100 percent for prolonged periods
You use Automatic Updates (Svchost.exe) to scan for updates or to apply updates to any applications that use Microsoft Windows Installer 3.1. Then, you experience issues when you use the following update mechanisms:
• Microsoft Update
• Windows Server Update Services (WSUS)
• The Microsoft Baseline Security Analyzer (MBSA) 2.0
• Microsoft Systems Management Server Inventory Tool for Microsoft Updates (SMS ITMU)
Some of the applications that use Windows Installer include Microsoft Office 2003, Microsoft Office XP, and Microsoft Windows Defender. These applications experience the following issues:
• The Svchost.exe process may spike the CPU usage to 100 percent during update detection or update installation. Also, the Svchost.exe process causes the computer to stop responding for various lengths of time.
• The Svchost.exe process produces an access violation during update detection or update installation. Additionally, you receive the following error message:
SVCHOST.exe Application Error
The instruction at 0x0745F2780 referenced memory at 0x000000000 the memory could not be read.
• The Svchost.exe process leaks memory during update detection or update installation.
Microsoft has released a hotfix to correct the problem. You can find the hotfix here:
This update replaces update 916089, the orignal fix which is noted in the KB932494.
(http://support.microsoft.com/kb/916089/) When you run Windows Update to scan for updates that use Windows Installer, including Office updates, CPU utilization may reach 100 percent for prolonged periods.
March 27, 2007
Ever wondered which program has a particular file or directory open? Now you can find out. Process Explorer shows you information about which handles and DLLs processes have opened or loaded.The Process Explorer display consists of two sub-windows. The top window always shows a list of the currently active processes, including the names of their owning accounts, whereas the information displayed in the bottom window depends on the mode that Process Explorer is in: if it is in handle mode you’ll see the handles that the process selected in the top window has opened; if Process Explorer is in DLL mode you’ll see the DLLs and memory-mapped files that the process has loaded. Process Explorer also has a powerful search capability that will quickly show you which processes have particular handles opened or DLLs loaded.http://www.microsoft.com/technet/sysinternals/ProcessesAndThreads/ProcessExplorer.mspx