This appears to be the root error in the WindowsUpdate log...
Code:
2015-05-29 07:16:30:797 952 3c0 Misc Microsoft signed: Yes
2015-05-29 07:16:30:797 952 3c0 PT +++++++++++ PT: Synchronizing server updates +++++++++++
2015-05-29 07:16:30:797 952 3c0 PT + ServiceId = {9482F4B4-E343-43B6-B170-9A65BC822C77}, Server URL = https://www.update.microsoft.com/v6/...ce/client.asmx
2015-05-29 07:16:31:795 952 3c0 Agent WARNING: Failed to evaluate Installed rule, updateId = {2A1234D0-3E2D-4D9E-AA5E-3430A20EDC11}.100, hr = 80242013
2015-05-29 07:16:32:107 952 3c0 Misc Validating signature for C:\Windows\SoftwareDistribution\WuRedir\9482F4B4-E343-43B6-B170-9A65BC822C77\muv4wuredir.cab:
2015-05-29 07:16:32:107 952 3c0 Misc Microsoft signed: Yes
2015-05-29 07:16:32:123 952 3c0 Misc Validating signature for C:\Windows\SoftwareDistribution\WuRedir\9482F4B4-E343-43B6-B170-9A65BC822C77\muv4wuredir.cab:
2015-05-29 07:16:32:123 952 3c0 Misc Microsoft signed: Yes
Here's a string of errors during the rollback phase, that may be part of the problem (from the most recent Persist file)...
Code:
Line 163451: 2015-05-29 14:54:58, Error CSI 00000012 (F) Logged @2015/5/29:21:54:58.743 : [ml:148{74},l:146{73}]"FirewallConfigInstaller:AddRemoveFirewallConfig() installation type is 4."
Line 163453: 2015-05-29 14:54:58, Error CSI 00000013 (F) Logged @2015/5/29:21:54:58.743 : [ml:132{66},l:130{65}]"FirewallConfigInstaller:AddRemoveFirewallConfig() SERVICING is 1."
Line 163455: 2015-05-29 14:54:58, Error CSI 00000014 (F) Logged @2015/5/29:21:54:58.743 : [ml:660{330},l:658{329}]"FirewallConfigInstaller:AddRemoveFirewallConfig() installing <firewallRule xmlns="urn:schemas-microsoft-com:asm.v3" Action="Allow" Active="FALSE" Binary="System" Desc="@FirewallAPI.dll,-28756" Dir="In" LPort="3389" Name="@FirewallAPI.dll,-28753" Protocol="6" group="@FirewallAPI.dll,-28752" internalName="RemoteDesktop-In-TCP" />"
Line 163457: 2015-05-29 14:54:58, Error CSI 00000015 (F) Logged @2015/5/29:21:54:58.743 : [ml:142{71},l:140{70}]"FirewallConfigInstaller:AddRemoveFirewallConfig() Installing a rule..."
Line 163459: 2015-05-29 14:54:58, Error CSI 00000016 (F) Logged @2015/5/29:21:54:58.743 : [ml:228{114},l:226{113}]"FirewallConfigInstaller::AddFirewallRule DEFAULTS adding rule (RemoteDesktop-In-TCP | @FirewallAPI.dll,-28753, 7)"
Line 163461: 2015-05-29 14:54:58, Error CSI 00000017 (F) Logged @2015/5/29:21:54:58.743 : [ml:242{121},l:240{120}]"FirewallConfigInstaller::AddFirewallRule POLICY adding rule (RemoteDesktop-In-TCP | @FirewallAPI.dll,-28753, 2147483647)"
Line 163463: 2015-05-29 14:54:58, Error CSI 00000018 (F) Logged @2015/5/29:21:54:58.743 : [ml:152{76},l:150{75}]"FirewallConfigInstaller::AddFirewallRule Active - Inactive Profiles (0 - 0)"
Line 163465: 2015-05-29 14:54:58, Error CSI 00000019 (F) Logged @2015/5/29:21:54:58.743 : [ml:152{76},l:150{75}]"FirewallConfigInstaller::AddFirewallRule Active - Inactive Profiles (0 - 7)"
Line 163467: 2015-05-29 14:54:58, Error CSI 0000001a (F) Logged @2015/5/29:21:54:58.743 : [ml:228{114},l:226{113}]"FirewallConfigInstaller::AddFirewallRule adding INACTIVE rule (RemoteDesktop-In-TCP | @FirewallAPI.dll,-28753, 7)"
Line 163469: 2015-05-29 14:54:58, Error CSI 0000001b (F) Logged @2015/5/29:21:54:58.774 : [ml:214{107},l:212{106}]"FirewallConfigInstaller::AddFirewallRule - CFirewall::AddRule/SetRule failed: 0x80070005 (Status: 0x10000)"
Line 163471: 2015-05-29 14:54:58, Error CSI 0000001c (F) Logged @2015/5/29:21:54:58.774 : [ml:178{89},l:176{88}]"FirewallConfigInstaller:AddRemoveFirewallConfig() AddFirewallRule() failed. (0x80070005)"
Looking back at the install pahse, we get the same set of errors, followed by...
Code:
2015-05-29 14:45:00, Error CSI 0000001d@2015/5/29:21:45:00.392 (F) CMIADAPTER: Inner Error Message from AI HRESULT = HRESULT_FROM_WIN32(ERROR_ACCESS_DENIED)
[
[19]"Access is denied.
"
]
[gle=0x80004005]
2015-05-29 14:45:00, Error CSI 0000001e@2015/5/29:21:45:00.392 (F) CMIADAPTER: AI failed. HRESULT = HRESULT_FROM_WIN32(ERROR_ACCESS_DENIED)
Element:
[268]"<firewallRule xmlns="urn:schemas-microsoft-com:asm.v3" Action="Allow" Active="FALSE" Binary="System" Desc="@FirewallAPI.dll,-28756" Dir="In" LPort="3389" Name="@FirewallAPI.dll,-28753" Protocol="6" group="@FirewallAPI.dll,-28752" internalName="RemoteDesktop-In-TCP" />"
[gle=0x80004005]
2015-05-29 14:45:00, Error CSI 00000838@2015/5/29:21:45:00.392 (F) d:\win7sp1_gdr\base\wcp\cmiadapter\installers.cpp(352): Error HRESULT_FROM_WIN32(ERROR_ACCESS_DENIED) originated in function Windows::WCP::CmiAdapter::CMIWrapperBasicInstaller::ResolveAndInvokeInstaller expression: hr
[gle=0x80004005]
2015-05-29 14:45:00, Info CBS Progress: UI message updated. Operation type: Service Pack. Stage: 1 out of 1. Percent progress: 96.
2015-05-29 14:45:07, Error CSI 0000001f@2015/5/29:21:45:07.740 (F) CMIADAPTER: Exiting with HRESULT code = HRESULT_FROM_WIN32(ERROR_ACCESS_DENIED).
[gle=0x80004005]
2015-05-29 14:45:07, Error CSI 00000839@2015/5/29:21:45:07.740 (F) d:\win7sp1_gdr\base\wcp\cmiadapter\installers.cpp(123): Error HRESULT_FROM_WIN32(ERROR_ACCESS_DENIED) originated in function Windows::WCP::CmiAdapter::CMIWrapperBasicInstaller::Install expression: hr
[gle=0x80004005]
What AV is currently installed? What other security software has ever been installed?