Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Question
Friday, October 5, 2018 1:37 AM
Update: I tried to run 1803 setup from MCT iso and insider version through WU(my latest try) but got the same failure message so I think this issue doesn't related to 1809 but a generic error... So I edited the title.
Hello everyone,
I know this might be asked for thousands of times and might not have a specific solution, but I still want to have a try.
I'm running Windows 10 1803, Pro for Workstation, zh-cn. I installed Avira but now I have uninstalled it.
I have tried using Windows update, "media creation tool", "troubleshooting", "Dism /Online /Cleanup-Image /ScanHealth", "sfc".
The iso file is intact. When the first process (haven't any reboot) of installation reached about more than 60%, it reports failed.
I want to keep my desktop apps so I haven't tried "keep personal files only" or fully new installation.
If you want some more information, please feel free to reply.
In Windows update, the failure code is 0x80070003; MCT doesn't directly give an error code.
Sorry for no image becuase I got "Body text cannot contain images or links until we are able to verify your account" when I upload one.
Here is the log generated by Get-WindowsUpdateLog, but I only paste the failed part because the log is too long. Hope this lite one could be less disturbing.
2018/10/05 19:02:30.6472015 3012 12788 Misc *FAILED* [8024000C] LoadHistoryEventFromRegistry completed
2018/10/05 19:02:30.6479976 3012 11908 Agent *FAILED* [80240013] m_services.Add()
2018/10/05 19:02:30.6480013 3012 11908 Agent *FAILED* [80240013] Method failed [CAgentServiceManager::CreateServiceObjectAndAddIntoMap:2099]
2018/10/05 19:02:30.6480033 3012 11908 Agent *FAILED* [80240013] Method failed [CAgentServiceManager::DelayedInit:2743]
2018/10/05 19:02:30.6566474 3012 6460 Agent *FAILED* [80240007] Method failed [CAgentServiceManager::GetTargetedServiceMapping:3010]
2018/10/05 19:10:09.3480325 3012 1400 WebServices WS error: ???https://fe3.delivery.mp.microsoft.com/ClientWebService/client.asmx???????????
2018/10/05 19:10:09.3480350 3012 1400 WebServices WS error: ????????
2018/10/05 19:10:09.3480937 3012 1400 WebServices *FAILED* [80240438] Web service call
2018/10/05 19:10:09.3480949 3012 1400 WebServices Current service auth scheme=0.
2018/10/05 19:10:09.3480958 3012 1400 WebServices Current Proxy auth scheme=0.
2018/10/05 19:10:11.3485712 3012 1400 WebServices Auto proxy settings for this web service call.
2018/10/05 19:10:39.6160758 3012 1400 WebServices WS error: ???https://fe3.delivery.mp.microsoft.com/ClientWebService/client.asmx???????????
2018/10/05 19:10:39.6160799 3012 1400 WebServices WS error: ????????
2018/10/05 19:10:39.6162290 3012 1400 WebServices *FAILED* [80240438] Web service call
2018/10/05 19:10:39.6162593 3012 1400 ProtocolTalker *FAILED* [80240438] StartCategoryScan_WithRecovery failed
2018/10/05 19:10:39.6162758 3012 1400 IdleTimer WU operation (CAgentProtocolTalker::StartCategoryScan_WithRecovery, operation # 56) stopped; does use network; is at background priority
2018/10/05 19:10:39.6162860 3012 1400 ProtocolTalker *FAILED* [80240438] StartCategoryScan_WithRecovery failed
2018/10/05 19:10:39.6162922 3012 1400 ProtocolTalker *FAILED* [80240438] StartCategoryScan failed
2018/10/05 19:13:31.6468382 3012 12732 DownloadManager *FAILED* [8024000E] Method failed [CAgentDownloadManager::GetTLUExpirationMaximumRetryCount:23733]
2018/10/05 19:18:35.1353078 3012 10288 DataStore Failed to find update with global id of D9565F43-9754-40E2-88BF-0CB76CA107BE.2 (sessiondata = (null))
2018/10/05 19:18:35.1353168 3012 10288 DownloadManager No locked revisions found for update D9565F43-9754-40E2-88BF-0CB76CA107BE.2 (SessionData = (null)); locking the user-specified revision.
2018/10/05 19:18:35.1353250 3012 10288 DataStore Failed to find update with global id of D9565F43-9754-40E2-88BF-0CB76CA107BE.2 (sessiondata = (null))
2018/10/05 19:18:35.1357011 3012 10288 DataStore Failed to find update with global id of 3DFFCE16-6C0C-4F2C-8C4B-C5535CD12615.2 (sessiondata = (null))
2018/10/05 19:18:35.1357072 3012 10288 DownloadManager No locked revisions found for update 3DFFCE16-6C0C-4F2C-8C4B-C5535CD12615.2 (SessionData = (null)); locking the user-specified revision.
2018/10/05 19:18:35.1357130 3012 10288 DataStore Failed to find update with global id of 3DFFCE16-6C0C-4F2C-8C4B-C5535CD12615.2 (sessiondata = (null))
2018/10/05 19:18:35.1363772 3012 10288 DataStore Failed to find update with global id of C2556635-2D0A-48B9-BBF6-B21461D6562A.2 (sessiondata = (null))
2018/10/05 19:18:35.1363863 3012 10288 DownloadManager No locked revisions found for update C2556635-2D0A-48B9-BBF6-B21461D6562A.2 (SessionData = (null)); locking the user-specified revision.
2018/10/05 19:18:35.1363957 3012 10288 DataStore Failed to find update with global id of C2556635-2D0A-48B9-BBF6-B21461D6562A.2 (sessiondata = (null))
2018/10/05 19:18:35.1368141 3012 10288 DataStore Failed to find update with global id of DC76B006-0EE4-4AF3-A051-02AA89475C56.2 (sessiondata = (null))
2018/10/05 19:18:35.1368223 3012 10288 DownloadManager No locked revisions found for update DC76B006-0EE4-4AF3-A051-02AA89475C56.2 (SessionData = (null)); locking the user-specified revision.
2018/10/05 19:18:35.1368313 3012 10288 DataStore Failed to find update with global id of DC76B006-0EE4-4AF3-A051-02AA89475C56.2 (sessiondata = (null))
2018/10/05 19:21:41.2690106 3012 10288 DownloadManager *FAILED* [8024000C] DynamicDownloadDataFetcher Refresh complete
2018/10/05 19:21:42.7444054 3012 10288 Handler ResetPendingBlocks: Directory C:\WINDOWS\SoftwareDistribution\Download\c94573e267aaaf9658f2276de9b0e198 failed, 0x80070002
2018/10/05 19:21:42.7448340 3012 10288 Handler Handler received download job cancellation for DC76B006-0EE4-4AF3-A051-02AA89475C56
2018/10/05 19:21:42.7448377 3012 10288 Handler ShutdownDataSourcesAndDeployment: Running down deployment for DC76B006-0EE4-4AF3-A051-02AA89475C56
2018/10/05 19:21:42.7449042 3012 10288 Handler ResetPendingBlocks: Directory C:\WINDOWS\SoftwareDistribution\Download\edbefd15697eb5a27a59afc41d9a7541 failed, 0x80070002
2018/10/05 19:21:42.8404277 3012 8508 Agent *FAILED* [80240008] Fail to get custom reporting data for install started event.
2018/10/05 19:21:43.4778532 3012 8508 Handler *FAILED* [80070002] AddFlightObjects failed2018/10/05 19:55:25.2121998 11092 4268 Handler Install complete for update ID: 9E0E0F20-6BB5-413B-8A99-850EE78692DE.1 Return code is 0x80070003. Requires Reboot:No
2018/10/05 19:55:25.2125684 11092 4268 Handler *FAILED* [80070003] Leave deployment handler Install
2018/10/05 19:55:25.3470801 3012 7820 ComApi Exit code = 0x00000000; Call error code = 0x80240022
Here is the content of C:\WINDOWS.~BT\Sources\Panther\setuperr.log
2018-10-05 23:26:33, Error CSI 00000001 (F) STATUS_OBJECT_NAME_NOT_FOUND #70# from Windows::Rtl::SystemImplementation::DirectRegistryProvider::SysQueryValueKey(flags = 0, key = b44 ('\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Fonts'), vn = [l:21 ml:22]'Arial Nova (TrueType)', kvic = 2, kvi = 2, disp = 0)[gle=0xd0000034]
2018-10-05 23:26:33, Error CSI 00000002 (F) STATUS_OBJECT_NAME_NOT_FOUND #69# from Windows::Rtl::SystemImplementation::CKey::QueryValue(flags = 0, kn = [l:69]'\Registry\Machine\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Fonts\', vn = [l:21 ml:22]'Arial Nova (TrueType)', ic = KeyValuePartialInformation, info = {l:0 b:}, disp = 0)[gle=0xd0000034]
2018-10-05 23:27:12, Error CONX 0xd0000034 Failed to add user mode driver [%SystemRoot%\system32\DRIVERS\UMDF\uicciso.dll]
2018-10-05 23:34:54, Error SP pSPRemoveUpgradeRegTree: failed to delete reg tree HKLM\SYSTEM\Setup\Upgrade[gle=0x00000005]
2018-10-05 23:35:22, Error CSI 00000001 (F) 80220008 [Error,Facility=FACILITY_STATE_MANAGEMENT,Code=8] #166717# from CWcmScalarInstanceCore::GetCurrentValue(options = 393216, status = '(null)', value = { type: 40972, bytes ( 12 ): 7a0068002d0043004e000000 })
[gle=0x80004005]
2018-10-05 23:35:44, Error CSI 00000002 (F) 80220008 [Error,Facility=FACILITY_STATE_MANAGEMENT,Code=8] #247195# from CWcmScalarInstanceCore::GetCurrentValue(options = 393216, status = '(null)', value = { type: 40972, bytes ( 12 ): 7a0068002d0043004e000000 })
[gle=0x80004005]
2018-10-05 23:35:57, Error [0x080831] MIG CSIAgent: Invalid xml format: FormatException: Component with display name: Plugin/{C939EC0F-2F56-4CE8-AF56-2336596A5FA7} already loaded __cdecl Mig::CMXEMigrationXml::CMXEMigrationXml(class Mig::CPlatform *,class UnBCL::String *,class UnBCL::XmlDocument *,class UnBCL::String *,class UnBCL::String *)
2018-10-05 23:37:32, Error [0x080389] MIG Failure while calling IDiscovery->Gather for Plugin={ServerPath="%SystemRoot%\System32\Setup\msdtcstp.dll", CLSID={342992B2-913C-4C36-9DB7-6C68ABD1F079}, ThreadingModel=Apartment}. Error: 0x80070002
2018-10-05 23:37:32, Error SP Error READ, 0x00000002 while gathering/applying object: pre-scan, Action,CMXEPlugin,C:\$WINDOWS.~BT\Work\MachineSpecific\Working\agentmgr\CCSIAgent,%SystemRoot%\System32\Setup\msdtcstp.dll,{342992B2-913C-4C36-9DB7-6C68ABD1F079},Apartment. Will return 2[gle=0x000000cb]
2018-10-05 23:37:54, Error CSetupAutomation::Resurrect: File not found: C:\$WINDOWS.~BT\Sources\Panther\automation.dat[gle=0x00000002]
2018-10-05 23:37:54, Error SP CSetupPlatform::ResurrectAutomation: Failed to resurrect automation: 0x80070002[gle=0x00000002]
2018-10-05 23:37:56, Error SP CMountWIM::DoExecute: Failed to mount WIM file C:\$WINDOWS.~BT\Sources\SafeOS\winre.wim. Error 0x80070003[gle=0x00000003]
2018-10-05 23:37:56, Error SP Operation failed: Mount WIM file C:\$WINDOWS.~BT\Sources\SafeOS\winre.wim, index 1 to C:\$WINDOWS.~BT\Sources\SafeOS\SafeOS.Mount. Error: 0x80070003[gle=0x000000b7]
2018-10-05 23:37:56, Error SP ExecuteOperations: Failed execution phase Pre-Finalize. Error: 0x80070003
2018-10-05 23:37:56, Error MOUPG MoSetupPlatform: ExecuteCurrentOperations reported failure!
2018-10-05 23:37:56, Error MOUPG MoSetupPlatform: Using action error code: [0x80070003]
2018-10-05 23:37:56, Error MOUPG CDlpActionPreFinalize::ExecuteRoutine(545): Result = 0x80070003
2018-10-05 23:37:56, Error MOUPG CDlpActionImpl<class CDlpErrorImpl<class CDlpObjectInternalImpl<class CUnknownImpl<class IMoSetupDlpAction> > > >::Execute(441): Result = 0x80070003
2018-10-05 23:37:56, Error MOUPG CDlpTask::ExecuteAction(3259): Result = 0x80070003
2018-10-05 23:37:56, Error MOUPG CDlpTask::ExecuteActions(3413): Result = 0x80070003
2018-10-05 23:37:56, Error MOUPG CDlpTask::Execute(1644): Result = 0x80070003
2018-10-05 23:37:56, Error MOUPG CSetupManager::ExecuteTask(2478): Result = 0x80070003
2018-10-05 23:37:56, Error MOUPG CSetupManager::ExecuteTask(2441): Result = 0x80070003
2018-10-05 23:37:56, Error MOUPG CSetupManager::ExecuteInstallMode(883): Result = 0x80070003
2018-10-05 23:37:56, Error MOUPG CSetupManager::ExecuteDownlevelMode(390): Result = 0x80070003
2018-10-05 23:37:56, Error SP CDeploymentBase::CleanupMounts: Unable to unmount the directory C:\$WINDOWS.~BT\Sources\SafeOS\SafeOS.Mount. Error: 0xC142011C[gle=0xc142011c]
2018-10-05 23:38:08, Error MOUPG CSetupManager::Execute(282): Result = 0x80070003
2018-10-05 23:38:08, Error MOUPG CSetupHost::Execute(400): Result = 0x80070003
All replies (19)
Friday, October 5, 2018 1:44 AM
I shall suggest you to run Windows Update Troubleshooter.
From Windows Settings -> Go to Update & Security > Troubleshoot. Then select windows update and Run The Troubleshooter.
Run System file checker open command prompt as administrator then type sfc /scannow
If all these fail then you may backup all your files and go for a Clean install.
S.Sengupta,Microsoft MVP Windows and Devices for IT, Windows Insider MVP
Friday, October 5, 2018 2:04 AM
I shall suggest you to run Windows Update Troubleshooter.
From Windows Settings -> Go to Update & Security > Troubleshoot. Then select windows update and Run The Troubleshooter.
Run System file checker open command prompt as administrator then type sfc /scannow
If all these fail then you may backup all your files and go for a Clean install.
S.Sengupta,Microsoft MVP Windows and Devices for IT, Windows Insider MVP
Hi, thank you for your suggestion. But I don't want to have a clean install, at least not now...
sfc says it didn't find any integrity violations. Troubleshooter don't help either.
Friday, October 5, 2018 3:48 AM
Hi
Download the Windows 10 iso or insider>extract in place on your desktop then access the installation folder to update your Windows and keep files and apps.
Momominta
Hi, I'm exactly using iso file...
As to insider, can I change to standard channel when the next big update come out? If can, I will try this when there is no other way. Otherwise I just choose a clean install then.
Saturday, October 6, 2018 2:23 AM
The Microsoft website as of October 5, 2018 has remove the 1809 iso and replaced it with the 1803 iso.
Plan to retry the installation using the MCT once the 1809 iso is again available on the website.
Windows 10 April 2018 Update now available
The Update Assistant can help you update to the latest version of Windows 10. To get started, click Update now.
https://www.microsoft.com/en-us/software-download/windows10
Saturday, October 6, 2018 3:30 AM
Hi,
Please check if the following files are present (exists) for analysis:
C:\$Windows.~BT\Sources\Rollback\setupact.log
C:\$Windows.~BT\Sources\Rollback\setupact.err
If not, please see the following article: Log files that are created when you upgrade to a new version of Windows.
Avis de non-responsabilité:
Mon opinion ne peut pas coïncider avec la position officielle de Microsoft.
Bien cordialement, Andrei ...
MCP
Saturday, October 6, 2018 1:33 PM
Hi,
Please check if the following files are present (exists) for analysis:
C:\$Windows.~BT\Sources\Rollback\setupact.log C:\$Windows.~BT\Sources\Rollback\setupact.errIf not, please see the following article: Log files that are created when you upgrade to a new version of Windows.
Avis de non-responsabilité:
Mon opinion ne peut pas coïncider avec la position officielle de Microsoft.Bien cordialement, Andrei ...
MCP
Hi,
I have:
C:\Windows\inf\setupapi.dev.log
C:\Windows.~BT\Sources\panther\setupact.log
C:\Windows.~BT\Sources\panther\miglog.xml
C:\Windows\Logs\MoSetup\BlueBox.log
And a file your link doesn't show: C:\WINDOWS.~BT\Sources\Panther\setuperr.log. This file is short so I add it to F1, please review.
Saturday, October 6, 2018 1:39 PM
The Microsoft website as of October 5, 2018 has remove the 1809 iso and replaced it with the 1803 iso.
Plan to retry the installation using the MCT once the 1809 iso is again available on the website.
Windows 10 April 2018 Update now available
The Update Assistant can help you update to the latest version of Windows 10. To get started, click Update now.
Thanks for your reply. But now my issue seems unrelated to 1809...
Saturday, October 6, 2018 2:29 PM
Hi,
I have:
C:\Windows\inf\setupapi.dev.log
C:\Windows.~BT\Sources\panther\setupact.log
C:\Windows.~BT\Sources\panther\miglog.xml
C:\Windows\Logs\MoSetup\BlueBox.logAnd a file your link doesn't show: C:\WINDOWS.~BT\Sources\Panther\setuperr.log. This file is short so I add it to F1, please review.
Hi,
Could you please show me the following file?
C:\$Windows.~BT\Sources\panther\setupact.log
Could you please see, if you have also the following file?
C:\Windows\setupapi.log
Avis de non-responsabilité:
Mon opinion ne peut pas coïncider avec la position officielle de Microsoft.
Bien cordialement, Andrei ...
MCP
Sunday, October 7, 2018 1:58 AM
Hi,
Could you please show me the following file?
C:\$Windows.~BT\Sources\panther\setupact.logCould you please see, if you have also the following file?
C:\Windows\setupapi.logAvis de non-responsabilité:
Mon opinion ne peut pas coïncider avec la position officielle de Microsoft.Bien cordialement, Andrei ...
MCP
I upload it here: https://gist.github.com/imba-tjd/f08fd813f0229dec7834fb4706fadcab
And I don't have setupapi.log
Thank you for your help
Sunday, October 7, 2018 2:02 AM
Hi
Well let's try this procedure below
1.Open an elevated command prompt or windows powershell admin (winlogo + X)
2.Run the following command:
net stop bits
net stop wuauserv
net stop appidsvc
net stop cryptsvc
ren C:\Windows\SoftwareDistribution SoftwareDistribution.old
ren C:\Windows\System32\catroot2 catroot2.old
net start bits
net start wuauserv
net start appidsvc
net start cryptsvc
- Exit command prompt, restart your computer and check if the issue persists
Momominta
I have already tried this batch, which from another MS community.
set b=0
:bits
set /a b=%b%+1
if %b% equ 3 (
goto end1
)
net stop bits
echo Checking the bits service status.
sc query bits | findstr /I /C:"STOPPED"
if not %errorlevel%==0 (
goto bits
)
goto loop2
:end1
cls
echo.
echo Failed to reset Windows Update due to bits service failing to stop.
echo.
pause
goto Start
:loop2
set w=0
:wuauserv
set /a w=%w%+1
if %w% equ 3 (
goto end2
)
net stop wuauserv
echo Checking the wuauserv service status.
sc query wuauserv | findstr /I /C:"STOPPED"
if not %errorlevel%==0 (
goto wuauserv
)
goto loop3
:end2
cls
echo.
echo Failed to reset Windows Update due to wuauserv service failing to stop.
echo.
pause
goto Start
:loop3
set app=0
:appidsvc
set /a app=%app%+1
if %app% equ 3 (
goto end3
)
net stop appidsvc
echo Checking the appidsvc service status.
sc query appidsvc | findstr /I /C:"STOPPED"
if not %errorlevel%==0 (
goto appidsvc
)
goto loop4
:end3
cls
echo.
echo Failed to reset Windows Update due to appidsvc service failing to stop.
echo.
pause
goto Start
:loop4
set c=0
:cryptsvc
set /a c=%c%+1
if %c% equ 3 (
goto end4
)
net stop cryptsvc
echo Checking the cryptsvc service status.
sc query cryptsvc | findstr /I /C:"STOPPED"
if not %errorlevel%==0 (
goto cryptsvc
)
goto Reset
:end4
cls
echo.
echo Failed to reset Windows Update due to cryptsvc service failing to stop.
echo.
pause
goto Start
:Reset
Ipconfig /flushdns
del /s /q /f "%ALLUSERSPROFILE%\Application Data\Microsoft\Network\Downloader\qmgr*.dat"
cd /d %windir%\system32
if exist "%SYSTEMROOT%\winsxs\pending.xml.bak" del /s /q /f "%SYSTEMROOT%\winsxs\pending.xml.bak"
if exist "%SYSTEMROOT%\winsxs\pending.xml" (
takeown /f "%SYSTEMROOT%\winsxs\pending.xml"
attrib -r -s -h /s /d "%SYSTEMROOT%\winsxs\pending.xml"
ren "%SYSTEMROOT%\winsxs\pending.xml" pending.xml.bak
)
if exist "%SYSTEMROOT%\SoftwareDistribution.bak" rmdir /s /q "%SYSTEMROOT%\SoftwareDistribution.bak"
if exist "%SYSTEMROOT%\SoftwareDistribution" (
attrib -r -s -h /s /d "%SYSTEMROOT%\SoftwareDistribution"
ren "%SYSTEMROOT%\SoftwareDistribution" SoftwareDistribution.bak
)
if exist "%SYSTEMROOT%\system32\Catroot2.bak" rmdir /s /q "%SYSTEMROOT%\system32\Catroot2.bak"
if exist "%SYSTEMROOT%\system32\Catroot2" (
attrib -r -s -h /s /d "%SYSTEMROOT%\system32\Catroot2"
ren "%SYSTEMROOT%\system32\Catroot2" Catroot2.bak
)
if exist "%SYSTEMROOT%\WindowsUpdate.log.bak" del /s /q /f "%SYSTEMROOT%\WindowsUpdate.log.bak"
if exist "%SYSTEMROOT%\WindowsUpdate.log" (
attrib -r -s -h /s /d "%SYSTEMROOT%\WindowsUpdate.log"
ren "%SYSTEMROOT%\WindowsUpdate.log" WindowsUpdate.log.bak
)
sc.exe sdset bits D:(A;;CCLCSWRPWPDTLOCRRC;;;SY)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCSWLOCRRC;;;AU)(A;;CCLCSWRPWPDTLOCRRC;;;PU)
sc.exe sdset wuauserv D:(A;;CCLCSWRPWPDTLOCRRC;;;SY)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCSWLOCRRC;;;AU)(A;;CCLCSWRPWPDTLOCRRC;;;PU)
regsvr32.exe /s atl.dll
regsvr32.exe /s urlmon.dll
regsvr32.exe /s mshtml.dll
regsvr32.exe /s shdocvw.dll
regsvr32.exe /s browseui.dll
regsvr32.exe /s jscript.dll
regsvr32.exe /s vbscript.dll
regsvr32.exe /s scrrun.dll
regsvr32.exe /s msxml.dll
regsvr32.exe /s msxml3.dll
regsvr32.exe /s msxml6.dll
regsvr32.exe /s actxprxy.dll
regsvr32.exe /s softpub.dll
regsvr32.exe /s wintrust.dll
regsvr32.exe /s dssenh.dll
regsvr32.exe /s rsaenh.dll
regsvr32.exe /s gpkcsp.dll
regsvr32.exe /s sccbase.dll
regsvr32.exe /s slbcsp.dll
regsvr32.exe /s cryptdlg.dll
regsvr32.exe /s oleaut32.dll
regsvr32.exe /s ole32.dll
regsvr32.exe /s shell32.dll
regsvr32.exe /s initpki.dll
regsvr32.exe /s wuapi.dll
regsvr32.exe /s wuaueng.dll
regsvr32.exe /s wuaueng1.dll
regsvr32.exe /s wucltui.dll
regsvr32.exe /s wups.dll
regsvr32.exe /s wups2.dll
regsvr32.exe /s wuweb.dll
regsvr32.exe /s qmgr.dll
regsvr32.exe /s qmgrprxy.dll
regsvr32.exe /s wucltux.dll
regsvr32.exe /s muweb.dll
regsvr32.exe /s wuwebv.dll
regsvr32 /s wudriver.dll
netsh winsock reset
netsh winsock reset proxy
:Start
net start bits
net start wuauserv
net start appidsvc
net start cryptsvc
echo Task completed succesfully!Please restart your computer and check for the updates again.
Sunday, October 7, 2018 2:56 AM
Hi,
Could you please provide me the following logs.
- Please download Farbar Recovery Scan Tool and save it to your Desktop.
Note: You need to run the 64-bit Version so please ensure you download that one. - Right click to run as administrator. When the tool opens click Yes to disclaimer.
- Please ensure you place a check mark in the Addition.txt check box at the bottom of the form before running (if not already).
- Press Scan button.
- It will produce a log called FRST.txt in the same directory the tool is run from (which should now be the desktop)
- Please attach the log back here.
- Another log (Addition.txt - also located in the same directory as FRST64.exe) will be generated Please also attach that along with the FRST.txt in your reply.
Avis de non-responsabilité:
Mon opinion ne peut pas coïncider avec la position officielle de Microsoft.
Bien cordialement, Andrei ...
MCP
Sunday, October 7, 2018 3:21 AM
Hi,
Could you please provide me the following logs.
- Please download Farbar Recovery Scan Tool and save it to your Desktop.
Note: You need to run the 64-bit Version so please ensure you download that one.- Right click to run as administrator. When the tool opens click Yes to disclaimer.
- Please ensure you place a check mark in the Addition.txt check box at the bottom of the form before running (if not already).
- Press Scan button.
- It will produce a log called FRST.txt in the same directory the tool is run from (which should now be the desktop)
- Please attach the log back here.
- Another log (Addition.txt - also located in the same directory as FRST64.exe) will be generated Please also attach that along with the FRST.txt in your reply.
Avis de non-responsabilité:
Mon opinion ne peut pas coïncider avec la position officielle de Microsoft.Bien cordialement, Andrei ...
MCP
Please review here: https://gist.github.com/imba-tjd/f643c3f4dea2f3a794deab984f7e344e
Because I'm using zh-cn, there are many chinese program. I was using Avira so I don't think my OS got infected.
There is a Hacknet.exe, which is a steam game, not a virus.
If you find anything strange, please let me know and I will explain.
Sunday, October 7, 2018 3:45 AM
You can delete FRST log. As I see you have other antiviruses 360 and Tencent.
Could you tell me if you installed them yourself?
And I see you have Avira:
HKLM\...\StartupApproved\Run32: => "Avira System Speedup User Starter"
2018-10-01 13:02 - 2018-10-01 13:02 - 000000000 ____D C:\Users\imbat\AppData\Local\AviraSpeedup
2018-10-01 10:21 - 2018-10-01 10:21 - 000000000 ____D C:\Users\imbat\AppData\Local\Avira
2018-10-01 08:15 - 2018-10-01 08:15 - 000000000 ____D C:\WINDOWS\System32\Tasks\Avira
2018-10-05 08:40 - 2018-01-19 21:42 - 000000000 ____D C:\Program Files (x86)\Avira
2018-10-05 08:39 - 2018-01-19 21:42 - 000000000 ____D C:\ProgramData\Avira
Avis de non-responsabilité:
Mon opinion ne peut pas coïncider avec la position officielle de Microsoft.
Bien cordialement, Andrei ...
MCP
Sunday, October 7, 2018 3:54 AM
You can delete FRST log. As I see you have other antiviruses 360 and Tencent.
Could you tell me if you installed them yourself?
And I see you have Avira:
HKLM\...\StartupApproved\Run32: => "Avira System Speedup User Starter" 2018-10-01 13:02 - 2018-10-01 13:02 - 000000000 ____D C:\Users\imbat\AppData\Local\AviraSpeedup 2018-10-01 10:21 - 2018-10-01 10:21 - 000000000 ____D C:\Users\imbat\AppData\Local\Avira 2018-10-01 08:15 - 2018-10-01 08:15 - 000000000 ____D C:\WINDOWS\System32\Tasks\Avira 2018-10-05 08:40 - 2018-01-19 21:42 - 000000000 ____D C:\Program Files (x86)\Avira 2018-10-05 08:39 - 2018-01-19 21:42 - 000000000 ____D C:\ProgramData\AviraAvis de non-responsabilité:
Mon opinion ne peut pas coïncider avec la position officielle de Microsoft.Bien cordialement, Andrei ...
MCP
I installed other products of 360 and Tencent, no anti-virus program.
360 driver master, 360zip.
Tencent QQ which is a chat program similar to skype. Although this one would load driver, it has been installed widely in China, having lettle error possibility.
Now I don't have 3rd party anti-virus program and WD is disabled by group policy.
Sunday, October 7, 2018 4:58 AM
I installed other products of 360 and Tencent, no anti-virus program.
360 driver master, 360zip.
Tencent QQ which is a chat program similar to skype. Although this one would load driver, it has been installed widely in China, having lettle error possibility.
Thank you for your details. I misread the following one:
Tencent\QQ\QQAntiPhishing\AccountProtect.dll
Avis de non-responsabilité:
Mon opinion ne peut pas coïncider avec la position officielle de Microsoft.
Bien cordialement, Andrei ...
MCP
Sunday, October 7, 2018 5:32 AM
Could you please show me the result of the following command (cmd.exe):
reg query "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Fonts" | findstr "Arial"
Avis de non-responsabilité:
Mon opinion ne peut pas coïncider avec la position officielle de Microsoft.
Bien cordialement, Andrei ...
MCP
Sunday, October 7, 2018 6:10 AM
Could you please show me the result of the following command (cmd.exe):
reg query "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Fonts" | findstr "Arial"Avis de non-responsabilité:
Mon opinion ne peut pas coïncider avec la position officielle de Microsoft.Bien cordialement, Andrei ...
MCP
Arial (TrueType) REG_SZ arial.ttf
Arial Black (TrueType) REG_SZ ariblk.ttf
Arial Bold (TrueType) REG_SZ arialbd.ttf
Arial Bold Italic (TrueType) REG_SZ arialbi.ttf
Arial Italic (TrueType) REG_SZ ariali.ttf
Arial Narrow Bold (TrueType) REG_SZ ARIALNB.TTF
Arial Narrow Bold Italic (TrueType) REG_SZ ARIALNBI.TTF
Arial Narrow Italic (TrueType) REG_SZ ARIALNI.TTF
Arial Rounded MT Bold (TrueType) REG_SZ ARLRDBD.TTF
Sunday, October 7, 2018 1:03 PM
The result is fine.
Strange following error in the log.
2018-10-05 23:26:33, Error CSI 00000001 (F) STATUS_OBJECT_NAME_NOT_FOUND #70# from Windows::Rtl::SystemImplementation::DirectRegistryProvider::SysQueryValueKey(flags = 0, key = b44 ('\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Fonts'), vn = [l:21 ml:22]'Arial Nova (TrueType)', kvic = 2, kvi = 2, disp = 0)[gle=0xd0000034]
Microsoft has stopped distributing its latest Windows 10 October 2018 Update due to some issues.
P.S. So it's probably better to wait for a new one. Please install back antivirus.
Avis de non-responsabilité:
Mon opinion ne peut pas coïncider avec la position officielle de Microsoft.
Bien cordialement, Andrei ...
MCP
Monday, October 8, 2018 5:43 AM
The result is fine.
Strange following error in the log.
2018-10-05 23:26:33, Error CSI 00000001 (F) STATUS_OBJECT_NAME_NOT_FOUND #70# from Windows::Rtl::SystemImplementation::DirectRegistryProvider::SysQueryValueKey(flags = 0, key = b44 ('\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Fonts'), vn = [l:21 ml:22]'Arial Nova (TrueType)', kvic = 2, kvi = 2, disp = 0)[gle=0xd0000034]Microsoft has stopped distributing its latest Windows 10 October 2018 Update due to some issues.
P.S. So it's probably better to wait for a new one. Please install back antivirus.
Avis de non-responsabilité:
Mon opinion ne peut pas coïncider avec la position officielle de Microsoft.Bien cordialement, Andrei ...
MCP
Fine. Thank you for your watching and time. 🙂