Solved Report On Multiple Windows Update Failures from Dec 2018 On

[malletKATman]

Thanks for the logs, don't need persist now.
Summary:
Seconds executed: 649
Found 55362 errors
CSI Missing Deployment Key Total count: 2053
CBS MUM Missing Total count: 5
CBS Watchlist Package Missing Total count: 36588
CBS Watchlist Component Missing Total count: 16716

You have a misunderstanding of System Update Readiness Tool, which checks for issues before you upgrade windows. It detects missing, corrupt files/folders or registry issues that you currently have with your computer (55362 errors) It sometimes can repair some issues it finds i.e. below the (f) entry will be a (fix) entry meaning the error was corrected, usually missing files or folders. You have 5 missing mum files which SURT could not find a replacement, thus no (fix).

I could provide the 5 mums but it doesn't address 55000 other errors.
Let me do a little research on the correcting Watchlist Packet and Component errors.

[FONT=&quot]I appreciate your help, Snick.[/FONT]

[FONT=&quot]>[/FONT]You have a misunderstanding of System Update Readiness Tool, which checks for issues before you upgrade windows…[FONT=&quot]<[/FONT]

[FONT=&quot]Well, the name ought to say it: “System Upgrade Readiness Tool” would be a better description of its purpose. I have not read the CheckSUR.log summary before this in that I don’t understand some of the terms. But I must say this system has run under state of the art malware protection for 9.5 years with very little trouble. Operation has included robust uses of most of Microsoft Office 2010, the Microsoft Visual C++ development suite running both on Windows 7 and Windows XP in the hardware-assisted Windows XP Mode virtual machine, a complex database application running in that XP virtual machine, sophisticated photo editing, CD production using the Windows Media Player, extensive third-party applications and many other demanding uses. Everything has worked well and continues to, with the notable exception of Windows Update starting with the last 2018 x64 Quality Rollup. Windows Update worked correctly all those years until December 2018. There can’t be that much seriously wrong with my system if all those other things work perfectly without exception. Some application uninstall and installation failure recovery procedures are sloppy and leave junk lying around, particularly in the Registry, but that is almost always harmless; it just slows down Registry searches.[/FONT]

[FONT=&quot]All this also begs the question: would repeated runs of the SURT tool make cascaded corrections, as is sometimes the case with SFC /SCANNOW as I have already experienced?[/FONT]

[FONT=&quot]My sessions with the Microsoft Premium Support team produced one possible all-encompassing correction: an Upgrade installation from a runable version of the latest Windows 7 PRO 64-Bit MSI file. (By Upgrade they here mean replacing the Win 7 system executables with those from in the MSI, not upgrading to Windows 8 or 10.) But this refuses to run because my system’s users are defined with their User Profile on a different partition than Windows (in my case “E:\users\<user name>”, as I documented in an earlier post to this thread, to wit:[/FONT]
[FONT=&quot]
[/FONT][FONT=&quot]To upgrade Windows, the Users, Program Files, and Windows directories need to be on the same partition. Upgrading when these directories are not on the same partition is not supported. Moving these directories so that they are on the same partition is also not supported. You can choose to install a new copy of Windows 7 Professional instead, but this is different from an upgrade, and does not keep your files, settings, and programs. You’ll need to reinstall any programs using the original installation discs or files. To save your files before installing Windows, back them up to an external location such as a CD, DVD, or external hard drive. To install a new copy of Windows 7 Professional, click the Back button in the upper left-hand corner, and select “Custom (advanced)”.[/FONT]

[FONT=&quot]This I cannot do under any circumstances. I would not be able to reconstitute the hardware-assisted Windows XP Mode virtual machine. I can conceive of no fundamental reason why this cannot be supported. The Reimage Repair software has already done this on my system and produced running results, although that did not fix my Windows Update problems.
[/FONT]

 

[wither 2]

Any reason you can't make a copy of the Users information to the C: drive, where they're normally located?

I guess you never found Malwarebytes on your system. If you had to look for it, it probably wouldn't be an issue because it would be out of date and the Windows update problem in December was caused by a new version.

I wonder if you would consider installing the updates manually from the Microsoft Update Catalog? If you would like to try that, I would set Windows Update to Never check for Updates and reboot, before doing that. You might also want to hide all the failed installs in the update history.

 

[malletKATman]

Any reason you can't make a copy of the Users information to the C: drive, where they're normally located?

I guess you never found Malwarebytes on your system. If you had to look for it, it probably wouldn't be an issue because it would be out of date and the Windows update problem in December was caused by a new version.

I wonder if you would consider installing the updates manually from the Microsoft Update Catalog? If you would like to try that, I would set Windows Update to Never check for Updates and reboot, before doing that. You might also want to hide all the failed installs in the update history.

[FONT=&quot]>Any reason you can't make a copy of the Users information to the C: drive, where they're normally located?<[/FONT]

[FONT=&quot]The failure message in the loadable MSI medium Setup.exe run for an Upgrade install says specifically this is not supported, to wit: “Moving these directories so that they are on the same partition is also not supported.” I would have to define new users on the Windows partition and get all the current functionality working for the corresponding new users. There likely are a lot of hard references to my E: hard drive in the “E:\Users\<user name>\AppData” sub-trees for these users that I would have to convert by hand, possibly some Registry entries as well. Then after I was convinced I had done all this work correctly (probably convinced incorrectly) I would have to wipe out the current E:-users, because it is clear that users defined on E: were detected by the MSI-Upgrade Install process. Getting Windows XP Mode working for the new C:-substitute users seems really problematic, and Microsoft dropped all support for that VM in 2014.[/FONT]

[FONT=&quot]>I guess you never found Malwarebytes on your system.<[/FONT]

[FONT=&quot]No, I never installed or used that product. Kaspersky Internet Security was installed at system purchase. After the US government intelligence determined in 2018 that Kaspersky might have been compromised by the Russian government, I replaced it with Webroot SecureAnywhere. Those are the only two malware protection services ever installed on this box.[/FONT]

[FONT=&quot]>I wonder if you would consider installing the updates manually from the Microsoft Update Catalog? If you would like to try that, I would set Windows Update to Never check for Updates and reboot, before doing that. <[/FONT]

[FONT=&quot]I have Windows Update set to “Check for updates but let me choose…”. Honestly, I don’t see what would be the difference between installing things manually - one at a time - from the Microsoft Update Catalog, and selecting from the automatic update list - one at a time – except that the latter method screens out things in the catalog that are already installed or are superseded.[/FONT]

[FONT=&quot]>You might also want to hide all the failed installs in the update history.<[/FONT]

[FONT=&quot]I watched three separate Microsoft Premium support technicians wipe out the entire update history on my system with a large BAT file they installed. The BAT file shut down several services first in order to remove the locks on the folders and files where the history is stored, and then restarted all the services. I don’t have a copy of that BAT file anymore and I don’t know what services have to be shut down before erasing and started up afterwards. It would be laborious indeed to search through all the system processes that have locks on the files and folders (with Process Explorer), shut them down with services.msi, and then start them up again, particularly because I would run into these locks one at a time. I don’t even know the path to the starting node of the file tree segment I have to wipe out.[/FONT]

 

[wither 2]

If you set Windows Update as I described then, it won't interfere with the manual installation. I thought maybe you could try it with one update, say from December.

I understand the rest you're saying.

I don't think snick is out of ideas yet.

 

[malletKATman]

If you set Windows Update as I described then, it won't interfere with the manual installation. I thought maybe you could try it with one update, say from December.

I understand the rest you're saying.

I don't think snick is out of ideas yet.

I just tried installing one the way you suggested (manually selecting it from the Microsoft Update Catalog). It failed; didn't bother to collect all the details which probably chow the same reason it failed many times before.

My thanks to both you and Snick for digging into this problem.

 

[malletKATman]

Just tried a manual download from the Update Catalog for the 2019-02 Security Update for Windows (KB4486563). It failed after the reboot during the "configuring Windows" startup phase. The logged details show Error details: Code 80070490.

This is what has been happening all along when trying to install this update by various means and in various hands, including the Microsoft Premium support team.

Here are the CBS.log and WindowsUpdate.log for the run.
View attachment 407008

 

[Snick]

I'll put together the missing mum files for you. Correcting your other issue is beyond my Windows Update training. After I provide you with the missing mums, I suggest you contact Sysnative Forums, Windows Update and post the logs I requested you post in this forum. They have many experts, including Niemiro, my Windows Update Instructor that can correct your issue. I'm not to the registry/hex tutorial yet unfortunately, and disappointed I cannot help you further at this time!
Here's the hyperlink
Sysnative Forums
I'll monitor your progress and learn more in the process.

Wish you the best,

Nic

 

[malletKATman]

Nic, I really appreciate the work you have put in on this issue. When you collect the "mum files" as you put it and deliver (how, in a ZIP?), I will need some instruction on how to disperse them to the correct locations. Obviously I don't know what a "mum file" is in this context. After I get them I certainly will join this new forum you suggest, and post the logs you requested and I posted to this thread.

Wishing you the best in your [FONT=&quot]endeavors[/FONT] to help others,
Dick

 

[Snick]

No problem, here's your missing cat/mum pairs.
View attachment Missing cat & mum files.zip
Extract the CheckSUR folder from the zip/compressed folder to desktop, copy and paste it into C:\Windows\Temp then run surt and post CheckSUR.log again please.

When you obtain a Windows security update through Windows Update or manually from the Windows Technet website, several files may be saved on your computer. A MUM file is one such file. It contains information about how the Windows Update application should apply a security patch or software update.

A digitally-signed catalog file (.cat) can be used as a digital signature for an arbitrary collection of files. A catalog file contains a collection of cryptographic hashes, or thumbprints. Each thumbprint corresponds to a file that is included in the collection.

Thus, the cat file is the digital signature part of the cat/mum pair.

 

[malletKATman]

No problem, here's your missing cat/mum pairs.
View attachment 407010
Extract the CheckSUR folder from the zip/compressed folder to desktop, copy and paste it into C:\Windows\Temp then run surt and post CheckSUR.log again please.

When you obtain a Windows security update through Windows Update or manually from the Windows Technet website, several files may be saved on your computer. A MUM file is one such file. It contains information about how the Windows Update application should apply a security patch or software update.

A digitally-signed catalog file (.cat) can be used as a digital signature for an arbitrary collection of files. A catalog file contains a collection of cryptographic hashes, or thumbprints. Each thumbprint corresponds to a file that is included in the collection.

Thus, the cat file is the digital signature part of the cat/mum pair.

[FONT=&quot]Thanks for the cat/mum info. I followed your instructions for placing the CheckSUR directory in your ZIP file, and after nulling out the pertinent Log files, initiated another SURT run. Unfortunately the new CheckSUR.log summary looks about as bad as ever.[/FONT]

[FONT=&quot]Summary:[/FONT]
[FONT=&quot]Seconds executed: 368[/FONT]
[FONT=&quot] Found 55362 errors[/FONT]
[FONT=&quot] Fixed 5 errors[/FONT]
[FONT=&quot] CSI Missing Deployment Key Total count: 2053[/FONT]
[FONT=&quot] CBS MUM Missing Total count: 5[/FONT]
[FONT=&quot] Fixed: CBS MUM Missing. Total count: 5[/FONT]
[FONT=&quot] CBS Watchlist Package Missing Total count: 36588[/FONT]
[FONT=&quot] CBS Watchlist Component Missing Total count: 16716[/FONT]
[FONT=&quot] Fixed: CBS Paired File. Total count: 5[/FONT]

[FONT=&quot]Here is the ZIP file with the CBS.log, CheckSUR.log and WindowsUpdate.log files that you requested. I will await further instructions from you before contacting the people at Sysnative Forums.[/FONT]
[FONT=&quot]View attachment 02-18 SURT Run Log Files.zip[/FONT]

[FONT=&quot]Thanks again, Snick
[/FONT]

 

[Snick]

Missing Cat/Mum pairs have been replaced. I know of one or two individuals here on SevenForums that are able to assist you with the other errors. Tom982 for sure and maybe Noel DP.

As I stated previously head over to Sysnative and post in Windows Update. Include fresh CBS.log, CheckSUR.log you just uploaded and fresh WindowsUpdate.log. Any of the staff that respond will be able to correct all those & I will monitor your post for educational purposes. Please post your results on this thread and if your issues were resolved there, please mark this thread as solved.


Wishing you the best,


Bill

 

[wither 2]

I wonder if this would help-

Access Denied

I think he's already tried the troubleshooter portion.

 

[malletKATman]

I wonder if this would help-

Access Denied

I think he's already tried the troubleshooter portion.

Indeed I have. It didn't help. I'm taking this material to the Sysnative Forums as requested by Snick. I will post here periodically about progress there as requested, and will close this thread if and when it is resolved by efforts on the Sysnative Forum.

One question about closing this thread: will it still be visible to me ? I wish to preserve the material posted here and need to know if I have to archive it myself before closing it.

Thanks to wither 2 and Snick for their help.

 

[malletKATman]

As requested by Snick I have joined the Sysnative.com forum group and posted a link to this thread in their Windows Update forum (see Windows 7 PRO SP1 64-Bit Multiple Windows Update Failures from Dec 2018 On | Sysnative Forums). Their pre-posting requirements include running a program called SFCFix written by a power user on that forum, niemiro, which analyzes the CheckSUR.log file from a SURT run and tries to fix the unfixed errors documented in tht log file. Here is the summary from the SFCFix.txt file where SFCFix logs its actions.

====================================
SUMMARY: Some corruptions could not be fixed automatically. Seek advice from helper or sysnative.com.
CBS & SFC total detected corruption count: 0
CBS & SFC total unimportant corruption count: 0
CBS & SFC total fixed corruption count: 0
SURT total detected corruption count: 54976
SURT total unimportant corruption count: 0
SURT total fixed corruption count: 55072
AutoAnalysis:: directive completed successfully.

Successfully processed all directives.
SFCFix version 3.0.1.0 by niemiro has completed.
Currently storing 2662 datablocks.
================================

I have yet to receive a response from anyone on the Sysnative.com Windows Update forum.

 

[wither 2]

Interesting that the fixed corruption count is higher than the detected corruption count and there are still come corruptions.

Did you try any installations or are you waiting to get further advice from the forum?

 

[malletKATman]

Yes, I tried one of the smaller Important install packages. It failed the same way as before.

I'm now going to rerun SURT now and SFCFix overnight to see if iteration helps. I still have no responses on the Sysnative Windows Update forum to my thread postings.

 

[malletKATman]

Here's the latest SURT Run CheckSUR.log. I'll run SFCFix on it tonight. Interesting summary, to wit:
==================================
Summary:
Seconds executed: 283
Found 17954 errors
CSI Missing Deployment Key Total count: 2053
CBS Watchlist Component Missing Total count: 15901
==================================
View attachment 02-20 12-18PM SURT Run Log.zip

 

[wither 2]

Did you change the Windows Update from "Never.." back to the normal setting.

 

[Snick]

OP has component hive corruption, registry entries, etc. OP will most probably have to run a custom script via SFCFix.exe for his particular need. It involves hexadecimals to correct the errors. Sysnative staff can do this. Repair Install is the other alternative which OP stated reason it can't be done because of configuration.


The missing pairs of the prior CheckSUR.log were provided and OP correctly replaced them. Nothing else was addressed or corrected.

 

[malletKATman]

OP has component hive corruption, registry entries, etc. OP will most probably have to run a custom script via SFCFix.exe for his particular need. It involves hexadecimals to correct the errors. Sysnative staff can do this. Repair Install is the other alternative which OP stated reason it can't be done because of configuration.

The missing pairs of the prior CheckSUR.log were provided and OP correctly replaced them. Nothing else was addressed or corrected.

So, Snick, are you saying that the SFCFix run was all for naught? The only thing corrected so far in this whole megilla was the missing cab/mum pairs that you provided me? (I assume that "OP" in your reply refers to me.) Would you care to speculate as to the cause of "component hive corruption"? The only fundamental Windows resource I know that comes in "hives" is the Registry. Presumably both SURT and SCFFix are capable of repairing Registry problems.