Jump to content

Windows 7 update KB3175443 failure


Recommended Posts

Hello,
I have experienced a Windows 7 update KB3175443 failure on the laptop I am using now on this forum. I am asking for help to fix this problem. I have been helped by a nice guy on Microsoft Community for the last approximately 1 week, but when this problem wasn't solved, he suggested this forum, among others for additional help. If helpful and allowed by this forum, I can provide a link to the thread, which explains the process I went through to fix, and the results I got.

I can use my computer. Upon startup, it tries to run the update, fails, and reverts back to the previous configuration, which takes about 15 minutes before I can log in.

After the process described in the link I can provide, yesterday morning I manually downloaded the update KB3175443, and ran it, but it resulted in a message "not applicable to your computer."

Attached are the FRST logs

Thank you,
Jeff

FRST.txt

Addition.txt

Link to post
Share on other sites

  • Replies 120
  • Created
  • Last Reply

Top Posters In This Topic

Hi siltyclaycorvair :)

My name is Aura and I'll be assisting you with your malware issue. Since we'll be working together, you can call me Aura or Yoan, which is my real name, it's up to you! Now that we've broke the ice, I'll just ask you a few things during the time we'll be working together to clean your system and get it back to an operational state.

  • As you'll notice, the logs we are asking for here are quite lenghty, so it's normal for me to not reply exactly after you post them. This is because I need some time to analyse them and then act accordingly. However, I'll always reply within 24 hours, 48 hours at most if something unexpected happens;
  • As long as I'm assisting you on Malwarebytes Forums, in this thread, I'll ask you to not seek assistance anywhere else for any issue related to the system we are working on. If you have an issue, question, etc. about your computer, please ask it in this thread and I'll assist you;
  • The same principle applies to any modifications you make to your system, I would like you to ask me before you do any manipulations that aren't in the instructions I posted. This is to ensure that we are operating in sync and I know exactly what's happening on your system;
  • If you aren't sure about an instruction I'm giving you, ask me about it. This is to ensure that the clean-up process goes without any issue. I'll answer you and even give you more precise instructions/explanations if you need. There's no shame in asking questions here, better be safe than sorry!;
  • If you don't reply to your thread within 3 days, I'll bump this thread to let you know that I'm waiting for you. If you don't reply after 5 days, it'll be closed. If you return after that period, you can send me a PM to get it unlocked and we'll continue where we left off;
  • Since malware can work quickly, we want to get rid of them as fast as we can, before they make unknown changes to the system. This being said, I would appreciate if you could reply to this thread within 24 hours of me posting. This way, we'll have a good clean-up rhythm and the chances of complications will be reduced;
  • I'm against any form of pirated, illegal and counterfeit software and material. So if you have any installed on your system, I'll ask you to uninstall them right now. You don't have to tell me if you indeed had some or not, I'll give you the benefit of the doubt. Plus, this would be against Malwarebytes Forums's rules;
  • In the end, you are the one asking for assistance here. So if you wish to go a different way during the clean-up, like format and reinstall Windows, you are free to do so. I would appreciate you to let me know about it first, and if you need, I can also assist you in the process;
  • I would appreciate if you were to stay with me until the end, which means, until I declare your system clean. Just because your system isn't behaving weirdly anymore, or is running better than before, it doesn't mean that the infection is completely gone;
    This being said, I have a full time job, and I also have night classes on Mondays and Wednesdays, which means that if you reply during these two days, it'll take longer for me to reply to you. Don't worry, you'll be my first priority as soon as I get home and have time to look at your thread;


This being said, it's time to clean-up some malware, so let's get started, shall we? :)

Do you have your Windows installation media, or a Windows Recovery media? A media can be a CD, DVD or USB Flash Drive.

Link to post
Share on other sites

Hello Yoan,

I purchased my laptop in 2011 by mail order, and Win7 home premium was pre-installed - I don't have the Win install media you asked.

My real name is Jeff and I'm a retired geotechnical professional engineer of 45 years in that profession, living in Southeast Wisconsin. I am technical oriented, but I am out of my element with this problem. I have used computers for some 30 years; but trained by myself, so now you know that my computer tech background is insufficient.

Thank you for your reply. I understand the commitment you are asking for, which I will abide by.  I am asking this computer failure fix question on numerous forums.  My first post above says I've been helped by Microsoft Community, but my problem persists. I ran through a bunch of software procedures which are described on that forum. I can link, if you want, and if allowed by this forum.  Another forum has asked me to download the Win7 update manualy and install it. Upon doing that I received a message that the update is "not applicable to your computer." That is nonsense.Other forums have not replied. So here I am.

Thank you,

Jeff

Link to post
Share on other sites

Alright, we'll do without it :)

Before we get started, there's only a few entries I would like to remove with FRST.

iO3R662.pngFarbar Recovery Scan Tool (FRST) - Fix mode
Follow the instructions below to execute a fix on your system using FRST, and provide the log in your next reply.

  • Download the attached fixlist.txt file, and save it on your Desktop (or wherever your FRST.exe/FRST64.exe executable is located);
  • Right-click on the FRST executable and select Spcusrh.pngRun as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users);
  • Click on the Fix button;
    NYA5Cbr.png
  • On completion, a message will come up saying that the fix has been completed and it'll open a log in Notepad;
  • Copy and paste its content in your next reply;

Also, do you know a program called "Driven v1.2"? There's a folder for in C:\Program Files (x86) but it doesn't seems installed on your system.

Your next reply(ies) should include:

  • Copy/pasted content of FRST's fixlog.txt;
  • Answer to my question about Driven v1.2;

fixlist.txt

Link to post
Share on other sites

Hello,

Driven is a geotechnical engineering calculation program. Its been on my computer for years, and I haven't used it so I probably never installed it.

Here is the text file:

Fix result of Farbar Recovery Scan Tool (x64) Version: 31-08-2016
Ran by Miller (01-09-2016 13:38:03) Run:1
Running from C:\Users\Miller\Desktop
Loaded Profiles: Miller (Available Profiles: Miller)
Boot Mode: Normal
==============================================

fixlist content:
*****************
CloseProcesses:
CreateRestorePoint:

Task: {1075DEB9-18A2-40C9-8577-A73B18F0FD27} - System32\Tasks\{E1569553-AE94-4877-9A36-9B3F21132E95} => E:\AUTORUN.EXE
Task: {12D81885-BD01-4F47-B95B-98E862B11742} - System32\Tasks\{2D806EA6-E939-48D7-911A-A645E980718E} => C:\Program Files (x86)\Driven v1.2\setup32.exe [2011-01-13] () <==== ATTENTION
Task: {1CD4A8DB-3BEC-4613-AA36-5E793E7D5B76} - System32\Tasks\{3BD73B73-00F3-49BC-B2FE-DE55D899E922} => C:\Program Files (x86)\Driven v1.2\setup32.exe [2011-01-13] () <==== ATTENTION
Task: {1ED48C0C-9DCB-4381-84B3-77B503F6C964} - System32\Tasks\{B2A48363-F296-43E2-BB36-6177A7CE8796} => E:\AUTORUN.EXE
Task: {1F4A54B6-7FB8-4548-AD9B-040F2481F7A4} - System32\Tasks\{94C40670-DC40-48EB-A3A3-11E8F0C8577B} => E:\AUTORUN.EXE
Task: {24D94B33-8ED7-475B-95DF-9168018A5F0F} - System32\Tasks\{5B348CF1-E7A7-4882-B193-613E1254E7D6} => E:\AUTORUN.EXE
Task: {2FCB07DB-4984-424E-B8C6-A6D3715C0E39} - System32\Tasks\{A8E02C09-7B39-48CB-B89A-0C927F8747DC} => E:\AUTORUN.EXE
Task: {3745FAE1-FC8C-4C6C-91B9-B3D1107BF4D8} - System32\Tasks\{0A99F083-0176-49CF-A3D1-4E909FFB5A26} => E:\AUTORUN.EXE
Task: {403DE1C5-A080-4CB1-8338-09F9D8289A7D} - System32\Tasks\{D592DE13-0DD9-4491-B4EA-E3160E42F733} => E:\AUTORUN.EXE
Task: {4B542325-AA70-43C8-A23F-CD059F17D888} - System32\Tasks\{8F3A898A-51B0-44AB-87F2-E9E1299A52DB} => E:\AUTORUN.EXE
Task: {56D22524-926F-4A38-906E-65DEE5879AF1} - System32\Tasks\{D4C52B54-FBE3-43E6-8866-605E7B82D785} => C:\Program Files (x86)\Driven v1.2\setup32.exe [2011-01-13] () <==== ATTENTION
Task: {5A95AE4D-7AD9-4401-9226-7E3819E1AF43} - System32\Tasks\{A9806E08-4FC8-4232-9492-2CD01BA1BBE1} => E:\AUTORUN.EXE
Task: {606599F0-EDEB-401F-B1F2-124DAF8311D9} - System32\Tasks\{A7ED2BD7-70AB-49E8-A793-86841C8D5D93} => E:\AUTORUN.EXE
Task: {66C6E33F-9E10-4E7F-8D4C-7FA5B9458C77} - System32\Tasks\{FF937E65-C020-4213-AA70-24D7F9F93684} => pcalua.exe -a E:\MSETUP.EXE -d E:\
Task: {6BADE1E8-088C-49FF-98C3-438B1A9F752C} - System32\Tasks\{95CF6177-9924-4EE6-AAFD-BE5EF3D42E22} => E:\AUTORUN.EXE
Task: {745BFE3F-80D8-4D10-88F5-5FA803DF436C} - System32\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv => C:\Windows\TEMP\{B694ABA9-411B-4A2B-A6AC-51FFF2DA225F}.exe <==== ATTENTION
Task: {790BCB5F-F608-4E24-AE41-42EE47A34A81} - System32\Tasks\{F02559F3-A506-4741-B7AC-196DA47FF870} => E:\AUTORUN.EXE
Task: {7CBA6D00-D6FD-488D-A405-EAA782396ACB} - System32\Tasks\{76A98CAC-39AE-4D8B-8451-F466119C079C} => C:\Program Files (x86)\Driven v1.2\setup32.exe [2011-01-13] () <==== ATTENTION
Task: {7D25D9C6-7DC9-4AD6-9CE8-D32631F86244} - System32\Tasks\{CBAC3919-6EE7-4AE8-9DC8-A0F3E7A99E3C} => E:\AUTORUN.EXE
Task: {7D9FF5F3-3D2A-4485-99B1-C763C9C1FD7E} - System32\Tasks\{C6FEEED2-1296-4F15-B2D0-E3C61C099EEE} => E:\AUTORUN.EXE
Task: {81DB0E5A-AE30-419D-913B-5A24CFFB260F} - System32\Tasks\{A14833D2-54D7-4577-8CAB-253192FC013E} => E:\AUTORUN.EXE
Task: {88CE4A41-3DCC-4ECF-A62B-2E9FFB5196E8} - System32\Tasks\{22685A03-55EB-4F00-86F4-F9270A598020} => E:\AUTORUN.EXE
Task: {8E3D6A73-51C3-41C1-9118-0896CA86C192} - System32\Tasks\{57CB5152-5E0B-42A2-A967-5B30EC91C25D} => C:\Program Files (x86)\Driven v1.2\setup32.exe [2011-01-13] () <==== ATTENTION
Task: {9D48CAC6-C6F0-4640-9396-3308608720F4} - System32\Tasks\{93383623-0283-47DC-8833-C5B688871329} => E:\AUTORUN.EXE
Task: {AB7A04A1-156B-4796-A035-09A6D15CDB9F} - System32\Tasks\{FE3930D7-B9DD-4001-BF62-87B50DF4E453} => C:\Program Files (x86)\Driven v1.2\setup32.exe [2011-01-13] () <==== ATTENTION
Task: {B62F4DFB-3460-4560-ABD4-2285A83F9A8A} - System32\Tasks\{353D5C07-2F62-4108-A82A-63F336DDFC7C} => E:\AUTORUN.EXE
Task: {CCFF06D5-3358-47D0-ABB3-212F56330D7B} - System32\Tasks\{DB4440FE-66B8-4180-B609-58441CA3F6A8} => C:\Program Files (x86)\Driven v1.2\setup32.exe [2011-01-13] () <==== ATTENTION
Task: {CF2A6A93-959F-46F0-BC1F-863991B8C2F6} - System32\Tasks\{A3FE5CDA-7ECD-40D0-B907-0C0ABEF6171E} => C:\Program Files (x86)\Driven v1.2\setup32.exe [2011-01-13] () <==== ATTENTION
Task: {D46E1232-D810-44C0-9AE6-9A1E5E4E2B94} - System32\Tasks\{F90B011A-80BA-4ADF-AE48-4E3AA91E2214} => E:\AUTORUN.EXE
Task: {D90ED47A-3D41-4F9C-B07C-4BB41202731F} - System32\Tasks\{9EB81200-CADD-44E0-8957-EC0D118CC5DC} => pcalua.exe -a "C:\Program Files (x86)\Driven v1.2\setup32.exe" -d "C:\Program Files (x86)\Driven v1.2"
Task: {DEFF8B62-5064-43AD-B6FF-46CEC85D3BB8} - System32\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv => C:\Windows\TEMP\{742D328E-02D2-4F3E-A4C8-4A40D5F2858F}.exe <==== ATTENTION
Task: {E554A557-39DD-4673-978E-ED4E821C990B} - System32\Tasks\{D08C5DD2-9C54-4EFB-B8A7-0BC1C41DD107} => E:\AUTORUN.EXE
Task: {E66BC01F-49FF-4964-AAFD-7CEB0CEC6DE7} - System32\Tasks\{4CCCE7CC-B114-48A7-A562-16C59CEAC3C6} => E:\AUTORUN.EXE
Task: {F2D1FC3C-7B9A-4955-A2EA-07D4904902E1} - System32\Tasks\{0FA125FE-C578-4046-A049-7D4501F7CA54} => E:\AUTORUN.EXE
Task: {F9F70C7B-6EF1-45D9-8DD3-09E7DFF9CB98} - System32\Tasks\{02DF3295-474A-4F2A-B59B-F7E0F900B58D} => C:\Program Files (x86)\Driven v1.2\setup32.exe [2011-01-13] () <==== ATTENTION

EmptyTemp:
*****************

Processes closed successfully.
Restore point was successfully created.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1075DEB9-18A2-40C9-8577-A73B18F0FD27}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1075DEB9-18A2-40C9-8577-A73B18F0FD27}" => key removed successfully
C:\Windows\System32\Tasks\{E1569553-AE94-4877-9A36-9B3F21132E95} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{E1569553-AE94-4877-9A36-9B3F21132E95}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{12D81885-BD01-4F47-B95B-98E862B11742}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{12D81885-BD01-4F47-B95B-98E862B11742}" => key removed successfully
C:\Windows\System32\Tasks\{2D806EA6-E939-48D7-911A-A645E980718E} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{2D806EA6-E939-48D7-911A-A645E980718E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1CD4A8DB-3BEC-4613-AA36-5E793E7D5B76}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1CD4A8DB-3BEC-4613-AA36-5E793E7D5B76}" => key removed successfully
C:\Windows\System32\Tasks\{3BD73B73-00F3-49BC-B2FE-DE55D899E922} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{3BD73B73-00F3-49BC-B2FE-DE55D899E922}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1ED48C0C-9DCB-4381-84B3-77B503F6C964}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1ED48C0C-9DCB-4381-84B3-77B503F6C964}" => key removed successfully
C:\Windows\System32\Tasks\{B2A48363-F296-43E2-BB36-6177A7CE8796} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{B2A48363-F296-43E2-BB36-6177A7CE8796}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1F4A54B6-7FB8-4548-AD9B-040F2481F7A4}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1F4A54B6-7FB8-4548-AD9B-040F2481F7A4}" => key removed successfully
C:\Windows\System32\Tasks\{94C40670-DC40-48EB-A3A3-11E8F0C8577B} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{94C40670-DC40-48EB-A3A3-11E8F0C8577B}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{24D94B33-8ED7-475B-95DF-9168018A5F0F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{24D94B33-8ED7-475B-95DF-9168018A5F0F}" => key removed successfully
C:\Windows\System32\Tasks\{5B348CF1-E7A7-4882-B193-613E1254E7D6} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{5B348CF1-E7A7-4882-B193-613E1254E7D6}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2FCB07DB-4984-424E-B8C6-A6D3715C0E39}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2FCB07DB-4984-424E-B8C6-A6D3715C0E39}" => key removed successfully
C:\Windows\System32\Tasks\{A8E02C09-7B39-48CB-B89A-0C927F8747DC} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{A8E02C09-7B39-48CB-B89A-0C927F8747DC}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3745FAE1-FC8C-4C6C-91B9-B3D1107BF4D8}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3745FAE1-FC8C-4C6C-91B9-B3D1107BF4D8}" => key removed successfully
C:\Windows\System32\Tasks\{0A99F083-0176-49CF-A3D1-4E909FFB5A26} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{0A99F083-0176-49CF-A3D1-4E909FFB5A26}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{403DE1C5-A080-4CB1-8338-09F9D8289A7D}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{403DE1C5-A080-4CB1-8338-09F9D8289A7D}" => key removed successfully
C:\Windows\System32\Tasks\{D592DE13-0DD9-4491-B4EA-E3160E42F733} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{D592DE13-0DD9-4491-B4EA-E3160E42F733}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4B542325-AA70-43C8-A23F-CD059F17D888}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4B542325-AA70-43C8-A23F-CD059F17D888}" => key removed successfully
C:\Windows\System32\Tasks\{8F3A898A-51B0-44AB-87F2-E9E1299A52DB} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{8F3A898A-51B0-44AB-87F2-E9E1299A52DB}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{56D22524-926F-4A38-906E-65DEE5879AF1}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{56D22524-926F-4A38-906E-65DEE5879AF1}" => key removed successfully
C:\Windows\System32\Tasks\{D4C52B54-FBE3-43E6-8866-605E7B82D785} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{D4C52B54-FBE3-43E6-8866-605E7B82D785}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5A95AE4D-7AD9-4401-9226-7E3819E1AF43}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5A95AE4D-7AD9-4401-9226-7E3819E1AF43}" => key removed successfully
C:\Windows\System32\Tasks\{A9806E08-4FC8-4232-9492-2CD01BA1BBE1} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{A9806E08-4FC8-4232-9492-2CD01BA1BBE1}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{606599F0-EDEB-401F-B1F2-124DAF8311D9}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{606599F0-EDEB-401F-B1F2-124DAF8311D9}" => key removed successfully
C:\Windows\System32\Tasks\{A7ED2BD7-70AB-49E8-A793-86841C8D5D93} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{A7ED2BD7-70AB-49E8-A793-86841C8D5D93}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{66C6E33F-9E10-4E7F-8D4C-7FA5B9458C77}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{66C6E33F-9E10-4E7F-8D4C-7FA5B9458C77}" => key removed successfully
C:\Windows\System32\Tasks\{FF937E65-C020-4213-AA70-24D7F9F93684} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{FF937E65-C020-4213-AA70-24D7F9F93684}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6BADE1E8-088C-49FF-98C3-438B1A9F752C}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6BADE1E8-088C-49FF-98C3-438B1A9F752C}" => key removed successfully
C:\Windows\System32\Tasks\{95CF6177-9924-4EE6-AAFD-BE5EF3D42E22} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{95CF6177-9924-4EE6-AAFD-BE5EF3D42E22}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{745BFE3F-80D8-4D10-88F5-5FA803DF436C}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{745BFE3F-80D8-4D10-88F5-5FA803DF436C}" => key removed successfully
C:\Windows\System32\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVG-Secure-Search-Update_JUNE2013_HP_rmv" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{790BCB5F-F608-4E24-AE41-42EE47A34A81}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{790BCB5F-F608-4E24-AE41-42EE47A34A81}" => key removed successfully
C:\Windows\System32\Tasks\{F02559F3-A506-4741-B7AC-196DA47FF870} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{F02559F3-A506-4741-B7AC-196DA47FF870}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7CBA6D00-D6FD-488D-A405-EAA782396ACB}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7CBA6D00-D6FD-488D-A405-EAA782396ACB}" => key removed successfully
C:\Windows\System32\Tasks\{76A98CAC-39AE-4D8B-8451-F466119C079C} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{76A98CAC-39AE-4D8B-8451-F466119C079C}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7D25D9C6-7DC9-4AD6-9CE8-D32631F86244}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7D25D9C6-7DC9-4AD6-9CE8-D32631F86244}" => key removed successfully
C:\Windows\System32\Tasks\{CBAC3919-6EE7-4AE8-9DC8-A0F3E7A99E3C} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{CBAC3919-6EE7-4AE8-9DC8-A0F3E7A99E3C}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7D9FF5F3-3D2A-4485-99B1-C763C9C1FD7E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7D9FF5F3-3D2A-4485-99B1-C763C9C1FD7E}" => key removed successfully
C:\Windows\System32\Tasks\{C6FEEED2-1296-4F15-B2D0-E3C61C099EEE} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C6FEEED2-1296-4F15-B2D0-E3C61C099EEE}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{81DB0E5A-AE30-419D-913B-5A24CFFB260F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{81DB0E5A-AE30-419D-913B-5A24CFFB260F}" => key removed successfully
C:\Windows\System32\Tasks\{A14833D2-54D7-4577-8CAB-253192FC013E} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{A14833D2-54D7-4577-8CAB-253192FC013E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{88CE4A41-3DCC-4ECF-A62B-2E9FFB5196E8}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{88CE4A41-3DCC-4ECF-A62B-2E9FFB5196E8}" => key removed successfully
C:\Windows\System32\Tasks\{22685A03-55EB-4F00-86F4-F9270A598020} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{22685A03-55EB-4F00-86F4-F9270A598020}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8E3D6A73-51C3-41C1-9118-0896CA86C192}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8E3D6A73-51C3-41C1-9118-0896CA86C192}" => key removed successfully
C:\Windows\System32\Tasks\{57CB5152-5E0B-42A2-A967-5B30EC91C25D} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{57CB5152-5E0B-42A2-A967-5B30EC91C25D}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9D48CAC6-C6F0-4640-9396-3308608720F4}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9D48CAC6-C6F0-4640-9396-3308608720F4}" => key removed successfully
C:\Windows\System32\Tasks\{93383623-0283-47DC-8833-C5B688871329} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{93383623-0283-47DC-8833-C5B688871329}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AB7A04A1-156B-4796-A035-09A6D15CDB9F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AB7A04A1-156B-4796-A035-09A6D15CDB9F}" => key removed successfully
C:\Windows\System32\Tasks\{FE3930D7-B9DD-4001-BF62-87B50DF4E453} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{FE3930D7-B9DD-4001-BF62-87B50DF4E453}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B62F4DFB-3460-4560-ABD4-2285A83F9A8A}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B62F4DFB-3460-4560-ABD4-2285A83F9A8A}" => key removed successfully
C:\Windows\System32\Tasks\{353D5C07-2F62-4108-A82A-63F336DDFC7C} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{353D5C07-2F62-4108-A82A-63F336DDFC7C}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CCFF06D5-3358-47D0-ABB3-212F56330D7B}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CCFF06D5-3358-47D0-ABB3-212F56330D7B}" => key removed successfully
C:\Windows\System32\Tasks\{DB4440FE-66B8-4180-B609-58441CA3F6A8} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{DB4440FE-66B8-4180-B609-58441CA3F6A8}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CF2A6A93-959F-46F0-BC1F-863991B8C2F6}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CF2A6A93-959F-46F0-BC1F-863991B8C2F6}" => key removed successfully
C:\Windows\System32\Tasks\{A3FE5CDA-7ECD-40D0-B907-0C0ABEF6171E} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{A3FE5CDA-7ECD-40D0-B907-0C0ABEF6171E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D46E1232-D810-44C0-9AE6-9A1E5E4E2B94}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D46E1232-D810-44C0-9AE6-9A1E5E4E2B94}" => key removed successfully
C:\Windows\System32\Tasks\{F90B011A-80BA-4ADF-AE48-4E3AA91E2214} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{F90B011A-80BA-4ADF-AE48-4E3AA91E2214}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D90ED47A-3D41-4F9C-B07C-4BB41202731F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D90ED47A-3D41-4F9C-B07C-4BB41202731F}" => key removed successfully
C:\Windows\System32\Tasks\{9EB81200-CADD-44E0-8957-EC0D118CC5DC} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{9EB81200-CADD-44E0-8957-EC0D118CC5DC}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{DEFF8B62-5064-43AD-B6FF-46CEC85D3BB8}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DEFF8B62-5064-43AD-B6FF-46CEC85D3BB8}" => key removed successfully
C:\Windows\System32\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVG-Secure-Search-Update_JUNE2013_TB_rmv" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E554A557-39DD-4673-978E-ED4E821C990B}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E554A557-39DD-4673-978E-ED4E821C990B}" => key removed successfully
C:\Windows\System32\Tasks\{D08C5DD2-9C54-4EFB-B8A7-0BC1C41DD107} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{D08C5DD2-9C54-4EFB-B8A7-0BC1C41DD107}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E66BC01F-49FF-4964-AAFD-7CEB0CEC6DE7}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E66BC01F-49FF-4964-AAFD-7CEB0CEC6DE7}" => key removed successfully
C:\Windows\System32\Tasks\{4CCCE7CC-B114-48A7-A562-16C59CEAC3C6} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{4CCCE7CC-B114-48A7-A562-16C59CEAC3C6}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F2D1FC3C-7B9A-4955-A2EA-07D4904902E1}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F2D1FC3C-7B9A-4955-A2EA-07D4904902E1}" => key removed successfully
C:\Windows\System32\Tasks\{0FA125FE-C578-4046-A049-7D4501F7CA54} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{0FA125FE-C578-4046-A049-7D4501F7CA54}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F9F70C7B-6EF1-45D9-8DD3-09E7DFF9CB98}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F9F70C7B-6EF1-45D9-8DD3-09E7DFF9CB98}" => key removed successfully
C:\Windows\System32\Tasks\{02DF3295-474A-4F2A-B59B-F7E0F900B58D} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{02DF3295-474A-4F2A-B59B-F7E0F900B58D}" => key removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 12582912 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 121943843 B
Java, Flash, Steam htmlcache => 523 B
Windows/system/drivers => 3697691742 B
Edge => 0 B
Chrome => 0 B
Firefox => 80392606 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 42319997 B
systemprofile32 => 82472 B
LocalService => 132244 B
NetworkService => 226706 B
Miller => 1711977903 B
TEMP => 66228 B

RecycleBin => 0 B
EmptyTemp: => 5.3 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 13:40:15 ====

Thank you,

Jeff

Link to post
Share on other sites

Good :) Alright, let's see if we're able to stop that update from attempting to install on every reboot, as it could possibly get in the way of our troubleshooting.

Restart your computer and right after your computer manufacturer splash screen/logo (like Dell, Lenovo, HP, etc.) and right before you boot in Windows, press on F8 repeatedly. You should end up with the Advanced Boot Options menu. In it, select Repair Your Computer and press on Enter. From there you'll enter the Recovery PE, which will offer you a window with a few options. Click on the last one, Command Prompt, and enter the following command:

DISM /image:C:\ /cleanup-image /revertpendingactions

You should receive a message saying this:

Reverting pending actions from the image…. The operation completed.  Any revert of pending actions will be attempted after reboot.

Let me know if that's the case or not.

Link to post
Share on other sites

Alright, it looks like we won't be able to do anything from the Recovery PE. We'll jump straight to the analysis. Follow the instructions below please.

IGJdB0T.pngSystem Update Readiness Tool (SURT) - Scan
Follow the instructions below to run a scan with the System Update Readiness Tool (SURT) and provide a log;

  • Download the right version of SURT for your system;
    • Your version of Windows is: Windows 7 SP1 x64
  • Once downloaded, execute the installer, and go throught the installation (this process can take around 15-20 minutes);
  • On completion, a log will be created in C:\Windows\Logs\CBS\CheckSUR.log;
  • Attach this log in your next reply;


Alternatively, if these instructions are unclear for you, you can follow the tutorial below.

System Update Readiness Tool (SURT)

Link to post
Share on other sites

Hello Yoan,

This is what I downloaded. Is this the correct SURT? Because clicking your link resulted in "page not found" so I typed in System....  and clicked on this, and downloaded it:

System Update Readiness Tool for Windows 7 for x64-based Systems (KB947821) [October 2014]

and the file name is Windows6.1KB947821-v34-x64.msu  and its 538 mb in size.  I'll install it after your approval.

Thanks,

Jeff

Link to post
Share on other sites

Hello Yoan,

The log file is attached.

Question: At the time of my last post, I saved the file I downloaded, but by accident, not to my desktop.  Rather I saved it to another folder that I made a handwritten note of.  I powered down my computer for a number of hours.  When I started it up, I couldn't find it, even by search.  I downloaded it again to the desktop, and ran it to get the log attached.  But I want to find the lost file so I can delete it. How do I find it? After we are finished and my computer is fixed, please instruct me on what files I can delete.

Thanks,

Jeff

CheckSUR.log

Link to post
Share on other sites

Hello Yoan,

Is AppData/Local/Temp a hidden file?  That is where I saved the Windows6.1-KB***.msu file earlier today.

 

Also, the Microsoft Community forum person that helped me last week is asking that I post a link to this forum thread.  Do I have your permission to link it?  Will I be violating this forum's rules?

Thank you,

Jeff

Link to post
Share on other sites

You could just do a search on your whole computer for CheckSUR.log. Usually, SURT saves the log in C:\Windows\Logs\CBS\CheckSUR.log (and also CheckSUR.persist.log).

Temp is a visible folder where temporary files and folders are kept. You can always empty it without worries of breaking anything.

And yes, you can link him this thread, there's no rules against :)

SURT returned a clean CheckSUR.log, let's see if it's the same for SFC.

EndqYRa.pngSystem File Checker (SFC)
Follow the instructions below to run a SFC scan on your system and to provide the CBS log in your next reply;

  • On Windows Vista & 7, click on the Windows Start Menu, then enter cmd in the search box, right-click on the cmd icon and select Spcusrh.pngRun as Administrator
  • On Windows 8, drag your cursor in the bottom-left corner, and right-click on the metro menu preview, then select Command Prompt (Admin);
  • On Windows 8.1 and Windows 10, right click on the Windows logo in the bottom-left corner and select Command Prompt (Admin);
  • Enter the command below and press on Enter;
    sfc /scannow

    Note: There's a space between "sfc" and "/scannow";
  • Once the scan is complete, enter the command below and press on Enter
    copy %windir%\logs\cbs\cbs.log "%userprofile%\Desktop\cbs.txt"
  • A file called cbs.txt will have appeared on your Desktop. Upload the file on Dropbox, Google Drive or OneDrive and post the download URL for it here;


Note: Please note that the CBS.log is volatile, which means that if you don't upload it after the SFC scan is completed, it won't have the information from the scan anymore. So archive it and upload it as soon as you can.

Link to post
Share on other sites

Hello,

I'll do that and post the results. 

 

Thanks for information, but I can't find the AppData subfolder ( AppData/Local/Temp ) with Windows explorer, which is the subfolder I earlier saved a copy of the 530mb size Windows6.1***.msu file that I want to delete. 

But when I click on the CheckSUR log link in my last night's post, a window appears for opening the file with Notepad. The log opens alongwith a Temp subfolder where the address bar shows C -Users-Miller-AppData-Local-Temp (the address I can not find with >Search>Search programs and files>). The subfolder contains the   CheckSUR log file, but not the 530mb size Windows6.1 file.

Link to post
Share on other sites

The AppData folder is an hidden one. If you enter %temp% in the Windows Explorer address bar, it'll bring you in the temp folder. Your CBS.txt log is around 800MB, so depending on your upload speed, it might have taken a while to upload. I see that a lot of corruption (corrupt system files) were repaired with it. I'll ask you to run SFC once more and provide me a new CBS.txt log following the same instructions as before once it's done, since it's not unusual for corruption to comeback and/or SFC to fix more corrupt files after fixing some of them.

Link to post
Share on other sites

Alright that looks better. Now, let's do something before moving on.

88fYBWt.pngRename CBS.log file
Follow the instructions below to rename your CBS.log file.

  • On Windows Vista & 7, click on the Windows Start Menu, then enter cmd in the search box, right-click on the cmd icon and select Spcusrh.pngRun as Administrator
  • On Windows 8, drag your cursor in the bottom-left corner, and right-click on the metro menu preview, then select Command Prompt (Admin);
  • On Windows 8.1 and Windows 10, right click on the Windows logo in the bottom-left corner and select Command Prompt (Admin);
  • Enter the command below and press on Enter;
    ren %windir%\Logs\CBS\CBS.log CBS_old.log

    Note: If it says that the file is actually in use, restart your computer and try the command again.

Once you're done renaming the CBS.log file in CBS_old.log, restart your computer to trigger the update install. If it fails, after the restart, upload both these files for me so I can review them.

C:\Windows\WindowsUpdate.log
C:\Windows\Logs\CBS\CBS.log

Link to post
Share on other sites

Hello Yoan,

I had problems. Renaming, I got a reply: "The process cannot access the file because it is being used by another process."  I shut down the computer and started it again, renamed, got message "... cannot access... used by another process."  Shut computer down, started, did the F*  Advanced Boot Option, Command Prompt, failure error message, I clicked on restart button and my win login screen appeared. I re-tried the rename, got answer "... cannot access... used by another process." 

What can I do now?

Thanks, Jeff

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.