Solved Windows update keeps failing

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

rhoag

Thread Starter
Joined
Jun 2, 2005
Messages
154
Dr.M: Really, I want to thank you so much. I hope this helps some others with this problem.
 

rhoag

Thread Starter
Joined
Jun 2, 2005
Messages
154
Is there anyway of telling from all that's been done what the problem was? Is there any log file from the MS reinstall that would indicate what the problem was so others can benefit from it?
 

DR.M

Malware Specialist
Joined
Sep 4, 2019
Messages
2,216
YES!!!


The cause about the problem might be anything. The computer had some malicious files, the previous antivirus (Norton) was still present and although the DISM and SFC commands we used twice to fix any corruptions had a good outcome, the in-place upgrade was needed at the end.

It seems that Restoro is running after you! I don't think you will ever forget it! :LOL:

As you see, the several sites have adds. It's the way they work. The problem is that the sites have no option to select what adds are shown in public. If you want to prevent adds from showing, then the best solution is using add blockers in all the browsers you have.

I am using UBlock Origin and I'm happy with it. You can get it for Edge, Firefox and Chrome.

Since we tried a lot of things the last couple of days, I would like to see fresh FRST logs now, before "I release" you. :)

  • Double-click on the FRST icon to run it, as you did before. When the tool opens click Yes to disclaimer.
  • Press Scan button and wait for a while.
  • The scanner will produced two logs on your Desktop: FRST.txt and Addition.txt.
  • Please attach the content of these two logs in your next reply.
 

DR.M

Malware Specialist
Joined
Sep 4, 2019
Messages
2,216
Hi, rhoag. :)

I hope the doctor appointment went good.

I see that you didn't install an add blocker. It's your choice, of course, but I am sure it will improve your web surfing experience.

Let's continue.

FRST fix

Please do the following to run a FRST fix.


NOTICE: This script was written specifically for this user. Running it on another machine may cause damage to your operating system
  • Please select the entire contents of the code box below, from the "Start::" line to "End::", including both lines. Right-click and select "Copy ". No need to paste anything to anywhere.
Code:
Start::
CreateRestorePoint:
CloseProcesses:
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
AlternateDataStreams: C:\WINDOWS\system32\Drivers\muqqqscy.sys:changelist [1258]
FirewallRules: [{C9B70DF6-3CB5-42AC-9DE3-6A0E1C192420}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{01DF0815-250E-4BEF-A399-C43432F6D46B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{9E6EFAB9-EFA3-4B1E-B67D-E4ECCBA59176}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{480C6602-A8F0-4CD4-AA2D-AB8069EA5E9D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
Task: {4561F264-8D04-4EEF-A667-74328F33B590} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\doane\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [18007968 2021-08-05] (ESET, spol. s r.o. -> ESET)
Task: {661385DC-A38F-4DD8-9711-DB69C9ADE2A7} - System32\Tasks\Tweaking.com - Windows Repair Tray Icon => C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe [220816 2019-09-30] (Tweaking LLC -> Tweaking.com)
Task: {DB10A75E-6A58-4D8A-863B-8C4B3AD4DE7F} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\doane\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [18007968 2021-08-05] (ESET, spol. s r.o. -> ESET)
EmptyTemp:
End::
  • Please right-click on FRST64 on your Desktop, to run it as administrator. When the tool opens, click "yes" to the disclaimer.
  • Press the Fix button once and wait.
  • FRST will process fixlist.txt
  • When finished, it will produce a log fixlog.txt on your Desktop.
  • Please post the log in your next reply.

In your next reply please post:
  1. The fixlog.txt
  2. Feedback: How is the computer running now? Any remaining issues/questions/concerns?
 

rhoag

Thread Starter
Joined
Jun 2, 2005
Messages
154
OK, I thought we were through? It all seems to be running fine, as far as I can tell. I think I'll keep that Malwarebytes program and use it regularly, maybe even buy it, seems to do a really thorough job.
 

Attachments

DR.M

Malware Specialist
Joined
Sep 4, 2019
Messages
2,216
Yes, now we have done. :)

The following tool will remove the tools we used as well as reset system restore points:

Download KpRm by kernel-panik and save it to your desktop.
  • Right-click kprm_(version).exe and select Run as Administrator.
  • Read and accept the disclaimer.
  • When the tool opens, ensure all boxes under Actions are checked.
  • Under Delete Quarantines select Delete Now, then click Run.
  • Once complete, click OK.
  • A log will open in Notepad titled kprm-(date).txt.
  • Please copy and paste its contents in your next reply.
 

rhoag

Thread Starter
Joined
Jun 2, 2005
Messages
154
Do I need to uninstall or somehow remove any of the many programs you used? (except for malwarebytes)
And are there any of them you think I should keep for some reason?
I haven't tried your suggested ad blocker yet.
 

DR.M

Malware Specialist
Joined
Sep 4, 2019
Messages
2,216
The tool above will remove everything except Malwarebytes and Tweaking.com. I recommend you to keep Malwarebytes. As I already told you, keeping the free version or going to the Premium one, is up to you.
 

rhoag

Thread Starter
Joined
Jun 2, 2005
Messages
154
We must have cross posted on your post 83 and my 84.
I just dl'd the kprm and tried to run as an admin. A Win Defender Smartscreen prevented it from starting saying it might put my pc at risk. If I close the Win window, it does't run. I checked the file with the right clk MS Defender Scan and it says it's fine.
 

rhoag

Thread Starter
Joined
Jun 2, 2005
Messages
154
OK, under more info it gave the option to run the program, which I did and this is the result:

# Run at 8/9/2021 5:17:01 PM
# KpRm (Kernel-panik) version 2.9.2
# Website https://kernel-panik.me/tool/kprm/
# Run by doane from C:\Users\doane\Desktop
# Computer Name: DOANE-PC
# OS: Windows 10 X64 (19043)
# Number of passes: 1

- Checked options -

~ Registry Backup
~ Delete Tools
~ Restore System Settings
~ UAC Restore
~ Delete Restore Points
~ Create Restore Point
~ Delete Quarantines

- Create Registry Backup -

~ [OK] Hive C:\WINDOWS\System32\config\SOFTWARE backed up
~ [OK] Hive C:\Users\doane\NTUSER.dat backed up

[OK] Registry Backup: C:\KPRM\backup\2021-08-09-17-17-01

- Delete Tools -


## AdwCleaner
[OK] C:\Users\doane\Desktop\AdwCleaner.exe deleted
[OK] C:\AdwCleaner deleted

## ESET Online Scanner
[OK] C:\Users\doane\Desktop\esetonlinescanner.exe deleted
[OK] C:\Users\doane\AppData\Local\ESET\ESETOnlineScanner deleted

## FRST
[OK] C:\Users\doane\Desktop\FRST Addition 8-9.txt deleted
[OK] C:\Users\doane\Desktop\FRST Fixlog 8-9a.txt deleted
[OK] C:\Users\doane\Desktop\FRST scan 8-9.txt deleted
[OK] C:\Users\doane\Desktop\Frst-Fixlog 8-8a.txt deleted
[OK] C:\Users\doane\Desktop\FRST-OlderVersion deleted
[OK] C:\Users\doane\Desktop\FRST64.exe deleted
[OK] C:\FRST deleted

## FSS
[OK] C:\Users\doane\Desktop\FSS.exe deleted

- Restore System Settings -

[OK] Reset WinSock
[OK] FLUSHDNS
[OK] Hide Hidden file.
[OK] Show Extensions for known file types
[OK] Hide protected operating system files

- Restore UAC -

[OK] Set EnableLUA with default (1) value
[OK] Set ConsentPromptBehaviorAdmin with default (5) value
[OK] Set ConsentPromptBehaviorUser with default (3) value
[OK] Set EnableInstallerDetection with default (0) value
[OK] Set EnableSecureUIAPaths with default (1) value
[OK] Set EnableUIADesktopToggle with default (0) value
[OK] Set EnableVirtualization with default (1) value
[OK] Set FilterAdministratorToken with default (0) value
[OK] Set PromptOnSecureDesktop with default (1) value
[OK] Set ValidateAdminCodeSignatures with default (0) value

- Clear Restore Points -

~ [OK] RP named Windows Modules Installer created at 08/08/2021 20:48:53 deleted
[OK] All system restore points have been successfully deleted

- Create Restore Point -

[OK] System Restore Point created

- Display System Restore Point -

~ RP named KpRm created at 08/10/2021 00:17:17

-- KPRM finished in 35.85s --
 

DR.M

Malware Specialist
Joined
Sep 4, 2019
Messages
2,216
Hi, rhoag.

All the tools we used are safe and any detection (sometimes) from some security programs are just false-positive detections.

And now I can give you the GREEN PASS. ALL CLEAN. (y)

Now your computer is clean, here are some final tips about your computer's security from now on:

Some of the following, are from Klein's (2005) article, So how did I get infected in the first place. Since then, the article has been reproduced or linked to in dozens of locations. As a result, many malware experts have continued updating it, to include current operating systems and software program information. My source is Security Garden, and I marked for you the following:

1. Keep your Windows updated!
It is important always to keep current with the latest security fixes from Microsoft. This can patch many of the security holes through which attackers can infect your computer.

2. Update 3rd Party Software Programs
Third Party software programs have long been targets for malware creators. It has been stated that "Adobe’s Reader and Flash and all versions of Java are together responsible for a total of 66 percent of the vulnerabilities in Windows systems exploited by malware.'' It's important to keep everything updated.

3. Update the browsers you use
Many malware infections install themselves by exploiting security holes in the Internet browser that you use. So... Keep them updated.

4. Be careful about what you download and what you open!
  • Many "freeware" programs come with an enormous amount of bundled spyware that will slow down your system, spawn pop-up advertisements, or just plain crash your browser or even Windows itself. Watch for pre-checked options such as toolbars that are not essential to the operation of the installed software.
  • Peer-to-peer (P2P) programs like Kazaa, BearShare, Imesh, Warez P2P, and others, allow the creation of a network enabling people to connect with other users and upload or download material in a fast efficient manner. BUT even if the P2P software you are using is "clean", a large percentage of the files served on the P2P network are likely to be infected.
  • Cracked or pirated programs are not only illegal, but also can make your computer a malware target. Have this in mind.
  • Do not open any files without being certain of what they are!
5. Avoid questionable web sites!
Visit web sites that are trustworthy and reputable. Many disreputable sites will attempt to install malware on your system through "drive-by" exploits just by visiting the site in your browser. Lyrics sites, free software sites (especially ones that target young children), cracked software sites, and pornography sites are some of the worst offenders. Also, never give out personal information of any sort online or click "OK" to a pop-up unless it is signed by a reputable company and you know what it is.

6. Registry cleaners/driver boosters/system optimizers
I do not recommend registry cleaners, system optimizers, driver boosters and the like. It is your computer and certainly your choice. However, please consider that modifying registry keys incorrectly can cause Windows instability, or make Windows unbootable. With registry cleaner and system optimization software programs, the potential is ever present to cause more problems than they claim to fix. Do note, however, that Microsoft does not support the use of registry cleaners. See Microsoft support policy for the use of registry cleaning utilities.

7. PC means personal computer!
Don't give access to your computer to friends or family who appear to be clueless about what they are doing.

8. Back-up your work!
Make back-ups of your personal files frequently. You never know when you'll have to reformat and start from scratch. You can always reformat and reinstall programs, but you cannot replace your data if you haven't made backups.

9. Must-Have Software
An anti-virus and an anti-spyware program is a necessity for the security of your computer. Be sure that you keep them updated, and that real time protection is enabled. In your case, Windows Defender and Malwarebytes (since it's the free version, you will have to run it once every few days, depending on how often you use the computer) can keep you safe.

I'm glad I was able to help you.

Take care, stay safe!
 

rhoag

Thread Starter
Joined
Jun 2, 2005
Messages
154
Again, you have been a lifesaver and I can't thank you enough. I will follow the advice about updates, etc.
Can I depend on Windows to find updated drivers? I realize you just said you are against this, but I was using IObit Driverbooster, but removed it for fear that it might have added malware when I was having the problems of the updates. I looked again on line and most reviews give it high marks, but I found remarks like this: " To be very precise, It’s safe to download and use the IObit Driver Booster software on your Windows computer. However, you’ll need to be careful while installing this tool because some of the integrated third-party offers or some antivirus tool installation may also get included during the setup process on both the free and pro versions." Should I not chance it and just depend on Windows?
 

DR.M

Malware Specialist
Joined
Sep 4, 2019
Messages
2,216
Can I depend on Windows to find updated drivers?
Yes and ... yes. :)
Windows knows better what is needed for the operating system and every program these days has its own notifications for updates. I don't recommend any third party software for updating any driver.

Again, you have been a lifesaver and I can't thank you enough.
Thank you. You are most welcome. (y)
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Members online

Top