KB2732487 is unable to update - Error Code 800700B7

ern815 · 15 Mar 2013

The results seems to be the same for both:

Normal mode:

Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation. All rights reserved.
C:\windows\system32>SC QUERYEX SCHEDULE
SERVICE_NAME: SCHEDULE
TYPE : 20 WIN32_SHARE_PROCESS
STATE : 4 RUNNING
(STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0
PID : 1464
FLAGS :
C:\windows\system32> REN C:\Windows\System32\winevt\logs\Application.evtx App.ol
d
The process cannot access the file because it is being used by another process.
C:\windows\system32> REN C:\Windows\System32\winevt\logs\System.evtx Sys.old
The process cannot access the file because it is being used by another process.
C:\windows\system32>
C:\windows\system32>

Safe mode:

Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation. All rights reserved.
C:\Users\user>SC QUERYEX SCHEDULE
SERVICE_NAME: SCHEDULE
TYPE : 20 WIN32_SHARE_PROCESS
STATE : 1 STOPPED
WIN32_EXIT_CODE : 1084 (0x43c)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0
PID : 0
FLAGS :
C:\Users\user> REN C:\Windows\System32\winevt\logs\Application.evtx App.old
The process cannot access the file because it is being used by another process.
C:\Users\user> REN C:\Windows\System32\winevt\logs\System.evtx Sys.old
The process cannot access the file because it is being used by another process.
C:\Users\user>

NoelDP · 15 Mar 2013

Bother!-
Boot to safe mode, then run the following commands.

NET STOP EVENTLOG
REN C:\Windows\System32\winevt\logs\Application.evtx App.old
REN C:\Windows\System32\winevt\logs\System.evtx Sys.old

(I forgot that even though the Task Scheduler doesn't run in Safe Mode, the Event Log service does

)

ern815 · 15 Mar 2013

Here it is, thanks!

Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation. All rights reserved.
C:\Users\user>SC QUERYEX SCHEDULE
SERVICE_NAME: SCHEDULE
TYPE : 20 WIN32_SHARE_PROCESS
STATE : 1 STOPPED
WIN32_EXIT_CODE : 1084 (0x43c)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0
PID : 0
FLAGS :
C:\Users\user> REN C:\Windows\System32\winevt\logs\Application.evtx App.old
The process cannot access the file because it is being used by another process.
C:\Users\user> REN C:\Windows\System32\winevt\logs\System.evtx Sys.old
The process cannot access the file because it is being used by another process.
C:\Users\user>
C:\Users\user>

ern815 · 15 Mar 2013

Sorry, I think this should be the correct one:

Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation. All rights reserved.
C:\Users\user>NET STOP EVENTLOG
The Windows Event Log service is stopping.
The Windows Event Log service was stopped successfully.

C:\Users\user> REN C:\Windows\System32\winevt\logs\Application.evtx App.old
C:\Users\user> REN C:\Windows\System32\winevt\logs\System.evtx Sys.old
C:\Users\user>REN C:\Windows\System32\winevt\logs\Application.evtx App.old
The system cannot find the file specified.
C:\Users\user> REN C:\Windows\System32\winevt\logs\System.evtx Sys.old
The system cannot find the file specified.

NoelDP · 15 Mar 2013

OK
Now please run the following commands in Normal Mode, and post the results, then run another CheckSUR report and post the results.

DIR C:\Windows\System32\winevt\logs\app*.*
DIR C:\Windows\System32\winevt\logs\sys*.*

ern815 · 15 Mar 2013

Done, here it is:

Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation. All rights reserved.
C:\windows\system32>DIR C:\Windows\System32\winevt\logs\app*.*
Volume in drive C is S3A5912D001
Volume Serial Number is 5461-260C
Directory of C:\Windows\System32\winevt\logs
15/03/2013 09:17 PM 20,975,616 App.old
15/03/2013 10:00 PM 69,632 Application.evtx
2 File(s) 21,045,248 bytes
0 Dir(s) 260,619,030,528 bytes free
C:\windows\system32> DIR C:\Windows\System32\winevt\logs\sys*.*
Volume in drive C is S3A5912D001
Volume Serial Number is 5461-260C
Directory of C:\Windows\System32\winevt\logs
15/03/2013 09:17 PM 20,975,616 Sys.old
15/03/2013 10:06 PM 1,118,208 System.evtx
2 File(s) 22,093,824 bytes
0 Dir(s) 260,619,030,528 bytes free
C:\windows\system32>

NoelDP · 15 Mar 2013

Great- that's cleared the Event log errors from the CheckSUR, so at least you'll be able to read the event logs properly from here on in :)

I've uploaded afile - ernaa.zip - to my SkyDrive at Noel's SkyDrive

Please downloadand save it.

Right-click onthe downloaded file, and select Extract all…

Extract to thedefault location - which will create a new folder ernaain the same place.

Open this folder- there should be one folders inside it (Packages)

Copy the content of the Packages folder to thefolder

C:\Windows\Temp\CheckSur\Servicing\Packages

Nowrun the CheckSUR tool again (it may take a while)

Postthe new CheckSUR.log file, and the CheckSUR.persist.log file.

ern815 · 15 Mar 2013

Yes, here are the attached files! Seems like it's going the right way! :)

NoelDP · 15 Mar 2013

Good - that's cleared the CheckSUR log.
Now go to Windows Update, and do a Check for Updates.
What's listed?
Just try to install the oldest update at first - does it work? if not, what error message do you get?

ern815 · 15 Mar 2013

Unfortunately the updates did not work. I tried updating the earliest 1st but it still failed. Here are the files pending for updates (from earliest to latest)

KB2719857 - 11/09/2012
KB2732487 - 09/10/2012
KB2791765 - 12/03/2013
KB2807986 - 12/03/2013
KB2809289 - 12/03/2013
Internet Explorer 10 -12/03/2013

Error code remains the same - 8007007B00700B7