Category Archives: Troubleshooting

Assessing Generic WU Error Fixes

Here’s an interesting situation. Right now, my Windows 10 production PC (22H2 Build 19045.5247) has been showing a “perfect” Reliability index since December 21 (21 days). That said, this same device threw a “Failed Windows Update” error 4 times in the period from December 30 through January 6. In researching the error it shows mostly gobbledygook: error 0x80073D02: 9P6PMZTM93LR-Microsoft.6365217CE6EB4. Furthermore, it has me assessing generic WU error fixes, because I can find no definite prescription to fix this recurring item.

Why I’m Assessing Generic WU Errror Fixes

Take a look at the reliability monitor output in the lead-in graphic. It shows a Windows 10 PC that’s working as well as it can for an extended period of time (3 weeks). It also shows 4 instances of the same gobblydygook error string reproduced in the preceding paragaph that occurred about every other day over an 8-day period.

To begin with, the 10 reliability index convinces me that whatever is wrong isn’t really serious. Next, conventional wisdom when troubleshooting WU errors is to “try a bunch of stuff, and hope something works.” Indeed, here’s what Copilot — affirmed by other reliable sources including TenForums.com — recommends for this error:

  1. Run Windows Store Apps Troubleshooter: Go to Settings > System > Troubleshoot > Other troubleshooters, and find the Windows Store Apps troubleshooter.
  2. Reset Microsoft Store Cache: Press Windows Key + R to open the Run dialog, type WSReset.exe, and press Enter.
  3. Uninstall/resinstall Windows Store (Winget does this nicely with Microsoft.WindowsStore as the targeting ID.
  4. Re-register Windows Store: Open PowerShell as an administrator and run the following commands:

Set-ExecutionPolicy Unrestricted
Get-AppXPackage -AllUsers | Foreach {Add-AppxPackage -DisableDevelopmentMode -Register “$ ($_.InstallLocation)\\AppXManifest.xml”}

  1. Check System Files for Corruption: Run the SFC and DISM commands to check and repair potential corruption.

The problem with this kind of approach is that it involves “try everything, and hope something works.” Mostly, the Store is working well enough to avoid uninstall/reinstall (Item 3 above) and also unregistering then re-registering all Store contents (item 4) above.

So I tried items 1, 2 and 5, which took under 7 minutes to complete. None said they fixed anything, either. So far, no repeat errors in the past four days. Is the problem fixed? As with most mysterious Windows weirdnesses, only time will tell.

If It Ain’t Broke…

One thing I’ve learned in tinkering with Windows versions since 3.1 and forever afterward (3.11. 95, 98, Me, NT, 2000, XP, 7, 8, 10 and 11) is that fixing problems that aren’t really problems only makes things worse. Here I took the approach of “do the easy stuff, save the hard risky stuff if it comes back later.” So now, fingers crossed, I’m watching to see what happens next. Hoping for that to be “little or nothing.”

 

Facebooklinkedin
Facebooklinkedin

DSA Update Succeeds Where Lenovo Vantage Fails

Go figure! When Lenovo Vantage reported this morning that the ThinkStation P3 Ultra needed a new Intel Wi-Fi driver, I thought nothing of it. I elected the install, fired it off, and waited for the results. Oops: “Failed to install.” Tried again, and got the same result. So I checked Intel’s Driver and Support Assistant (DSA). Sure enough it reported the same outdated driver (23.60.0.10) and the same incoming new replacement (23.100.0.4). But that DSA update succeeds where Lenovo Vantage fails. As you can see in the lead-in graphic, a subsequent Vantage update check post-DSA reports no updates available (and shows a failed attempt below).

Guessing Why DSA Update Succeeds Where Lenovo Vantage Fails

I’m a great believer in the old principle that “if one tool fails, try a different one.” What’s trickier is figuring out why Vantage falls over while DSA does the job correctly. Copilot speculates it could have to do with compatibility, permissions, or software conflicts. Turns out one must enable a registry setting to get Vantage to log and report on failures — absent on the P3 Ultra, alas — so I can’t really tell what went south when Commercial Vantage did its thing.

If it were really important (and I hadn’t found an immediate and easy workaround) that’s what I’d be doing next. The key string involved is:

HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Lenovo\
SystemUpdateAddin\Logs

The REG-SZ (registry string) value named “EnableLogs” needs to be changed from its default value of “False” to “True” for subsequent logging to occur. I’ve made that change, and will check out if and when future Vantage install or other update errors occur. Good stuff!

Prepped for the next gotcha: logging enabled.

Hopefully next time I won’t have to guess what happened. The log should tell me something. Whether I can parse its meaning is a whole ‘nother challenge!

Facebooklinkedin
Facebooklinkedin

Identify Spurious Windows Reclaimables

OK, then: thanks to some excellent detective work by ElevenForum stalwart @Bree, it looks like DISM can tell curious Windows users which packages are “stuck.” That is, you run the DISM command sequence: Analyze-Clean-Analyze, with a positive number of reclaimable packages still showing. (You can find all the details in my 11/2023 blog post on this topic.) This time around, I’ll show you how to list out the actual items that identify spurious Windows reclaimables. Warning: some PowerShell hacking is involved!

How-to: Identify Spurious Windows Reclaimables

@Bree shows the source for the data needed to identify these strange offenders. It’s based on analyzing data within a DISM generated text file. Here’s the specific command that creates that data:

DISM /ONLINE /GET-PACKAGES /FORMAT:TABLE > KB.txt

What this does is to inspect the current running Windows image (/online), grab all packages it finds with some related data (/get-packages),  and format it into a table (/format:table). That last bit (> KB.txt) redirects command output into that named file. The column headings in that output read: Package Identity, State, Release Type, and Install Time with vertical bars (‘|’) used to separate entries.

Bree’s analysis concurs with my own prior inspection of this same kind of output. We both agree that only lines with the strings “Staged” and “Feature Pack” in them point to spurious Windows packages. His analysis depends on sucking the output into a text file, converting to Excel format, sorting by State, and counting groups of lines to match the spurious reclaimable count to what’s reported by DISM /AnalyzeCompontentStore. Remember: those are packages that stay in the component store even after a DISM /cleanup-image operation has completed successfully. I simply write the output from the /Get-Packages DISM command to a file named KB.txt and filter its results.

Automating Analysis of KB.txt Contents

Next, my PowerShell script comes into play (such as it is, it’s pretty primitive). Unzip kbfilt.zip and then move kbfilt.ps1 to the directory where you created kb.txt (to run this file type .\kbfilt.ps1 inside an administrative PS Terminal window: screenshot follows later).

# Path to the input text file
$inputFilePath = "kb.txt"

# Path to the output text file
$outputFilePath = "kbfilt.txt"

# Read the file line by line and filter the lines
Get-Content $inputFilePath | ForEach-Object {
# Check if the line contains both "Staged" and "Feature Pack"
if ($_ -match "Staged" -and $_ -match "Feature Pack") {
# Output the line to the output file
$_ | Out-File -FilePath $outputFilePath -Append}}

# Confirm the script has finished
Write-Host "Lines w/ 'Staged' and 'Feature Pack' written to $outputFilePath"
Write-Host "Remember to delete kb.txt, kbfilt.txt before next use"

I used the -Append directive for Out-file which means the script appends text to the file and doesn’t over-write (“clobber” in PS-speak) other content. That’s why you’ll want to delete these files if you want to run the script again.

My Copilot+ PC (an Intel Aura Yoga Slim 7 model from Lenovo), running Windows 11 24H2 Build 26100.2134, has 2 spurious packages as shown here:

2 packages with LONG names (typical for Windows)
[Click image to view full-sized.]

This investigation is simply to show you which packages are stuck. You can get rid ofthem with DISM /Remove-Package. But if you do, they’ll most likely pop back up again after you install the next Cumulative Update (CU). Windows images are funny that way. But at least, now you can identify the packages involved.

Facebooklinkedin
Facebooklinkedin

Persistent Revo Requires Disabling Task

Drat! After returning from vakay, I noticed Revo Uninstaller still popping up after Startup. My November 21 post mentioned disabling some settings. Autoruns (see lead-in graphic) also tells me there’s a scheduled task that must be disabled to prevent its “helper” (and the app) from launching after startup.  Indeed, this persistent Revo requires disabling task for its helper.exe. Go figure!

It Irks Me That Persistent Revo Requires Disabling Task

When software makers offer free versions of their applications, they seem to feel entitled to let that version do various things to Windows PCs — not all of them desirable or well-behaved. I take umbrage with Revo, and other publishers who do likewise. That goes double, especially when they offer no opt-out in their installers, nor warnings for users. It seems they’re resolved that their software is going to make itself run at startup whether you like it or not.

Methinks it’s because such vendors seek added upsell opportunities. Alas, it only proves irksome and bothersome instead. This time, I had to call out the heavy artillery — namely, SysInternals Autoruns, capable of showing and stopping anything and everything that touches startup behavior on a Windows PC.

This isn’t the first time I’ve found myself saying “Thank you, Mark Russinovich and the rest of the SysInternals team.” It won’t be the last, either. In fact, that litany will no doubt continue until I stop running Windows (unlikely) or you pry it out of my cold, dead hands (inevitable, but hopefully not for some time yet).

Facebooklinkedin
Facebooklinkedin

Windows Resiliency Initiative Includes Quick Machine Recovery

It’s that time of year again, when MS meetings and conferences — Ignite 2024, in this case — heat things up with future promises and new idea campaigns. Yesterday’s Windows Experience Blog from David Weston (MS VP Enterprise & OS Security) is a case in point. Entitled Windows security and resiliency: Protecting your business, it asserts that a new Windows Resiliency Initiative includes Quick Machine Recovery as a key capability. Very interesting!

Explaining Windows Resiliency Initiative Includes Quick Machine Recovery

This new initiative “takes four areas of focus” as its goal — namely (all bullet points quoted verbatim from the afore-linked blog post, except for my [bracketed] commentary):

  • Strengthen reliability based on learnings from the incident we saw in July. [Crowdstrike kernel mode error took down 8.5M Windows PCs.]
  • Enabling more apps and users to run without admin privileges.
  • Stronger controls for what apps and drivers are allowed to run.
  • Improved identity protection to prevent phishing attacks.

The first and arguably most impactful preceding item is what led MS to its announcement of Quick Machine Recovery. Here’s how Weston explains it:

This feature will enable IT administrators to execute targeted fixes from Windows Update on PCs, even when machines are unable to boot, without needing physical access to the PC. This remote recovery will unblock your employees from broad issues much faster than what has been possible in the past. Quick Machine Recovery will be available to the Windows Insider Program community in early 2025.

In other words, this new feature should enable what savvy administrators had to do using OOB access to affected machine via KVMs smart enough to bootstrap machines otherwise unable to boot.

Great Addition: How’s the Execution?

IMO this is something MS should’ve built into Windows long ago. I’m curious to see how (and how well) it works. I’m also curious to see if it will be available for Windows 10 as well as 11. Only time will tell, but I’ll be all over this when it hits Insider Builds early next year. Good stuff — I hope!!

Facebooklinkedin
Facebooklinkedin

Forced 24H2 Upgrade Throws BSOD

I couldn’t help myself: I HAD to try it. On the Lenovo ThinkStation P3 Ultra, I used the Windows 11 Installation Assistant to bring on the newest version. Alas, my forced 24H2 upgrade throws BSOD with error code 0X85 SETUP_FAILURE. Quick research found an MS Learn article on that very topic. Alas, it also says “a fatal error occurred during setup” and suggests unplugging peripherals and trying again, but provides no real repair advice. You can see my iPhone BSOD photo, skews and all, as the lead-in graphic here.

Bad Cess As Forced 24H2 Upgrade Throws BSOD

Please note: even though the BSOD text reads in part “We’ll restart for you,” I had to toggle the power button to bring the P3 Ultra back to life. Sigh: looks like its Intel i9-13900 Intel CPU is subject to some documented issues. Indeed, I just found an Intel Community post that says if Turbo Boost is enabled in the BIOS, it can crash during the Windows 11 upgrade process.

So I visited Settings > System > Recovery > Advanced Startup and then entered the BIOS. Sure enough, Turbo Mode was enabled, so I disabled same. Now, I’m running the Installation Assistant again. It zoomed through download and verification phases, so the files from the original download were obviously still present. Now it’s doing the GUI install portion …

Is the 2nd Try Charmed, or Doomed?

It took about 10-15 minutes for GUI install to complete. Turning off Turbo Mode notably slows things down. The post-GUI install went much slower, though: it zoomed up to 71% in 5-8 minutes, then took the better part of an hour to work its way to completion and OOBE.

But I’ve now got a working 24H2 installation on the ThinkStation P3 Ultra,  as you can see in the next screencap. It shows Lenovo Vantage device info, above which I’ve positioned Winver output. Then I had to go back into the BIOS and turn Turbo Mode back on. With Turbo Mode restored, the system runs very much faster.

Winver 24H2 in front, Lenovo Vantage Device Details in back.

Now, I have to ask: is this disable/enable in BIOS looming over all future upgrades, or is it just a one-time 24H2 thing? As the clue that pointed me toward this fix came from 22H2, probably not. Another thing for me to remember, in that case…

And isn’t that just the ways things go from time to time, here in Windows-World? You betcha!

 

Facebooklinkedin
Facebooklinkedin

BIOS Update Demands Cable Switch

Whoa: this time, things got just a little bit TOO interesting. I’ve got a Lenovo P360 Ultra ThinkStation on loan, and a BIOS update came through today (to version S0JKT2AA). But when I would install the update, the usual BIOS flash screens did not come up after a reboot. It wasn’t until I swapped the graphics cable from the full-size DP to full-size DP port, to a full-size DP (monitor) to mini DP (PC) that the splash screen showed up at boot, and the BIOS flash ran through to completion. Thus, the BIOS update demands cable switch to succeed. Go figure!

How Did I Figure Out That BIOS Update Demands Cable Switch

By watching the post-reboot behavior on-screen, I realized it wasn’t showing me what it was supposed to. Basically, the screen stayed black post-restart until the lock screen for Windows 11 appeared. I knew I was supposed to see the boot-up splash screen (which reads “Lenovo” in white letters on a black background on this device). But instead: nada.

So on a whim, I brought down the video & power cables box from atop my bookshelves. Then, I grabbed a full-size DisplayPort to mini-DP cable and used it to replace the full-size DP to full-size DP I was currently using. Immediately thereafter, I got a splash screen and the BIOS update started processing. It took a while, but it eventually ground through to a successful update.

What About those Intel Graphics?

The next item of business was to get the built-in Intel graphics (UHD Graphics 770) updated. After a handful of failed attempts to get the Lenovo version to run, I visited the Intel DSA (Driver & Support Assistant) and installed that version instead. It worked. You can see the results for my final — and entirely welcome — update check using the Lenovo Commercial Vantage tool as the lead-in graphic above.

That was a wild ride. But indeed, that’s the way things go in Windows-World far too often, based on my current level of interest vs. fatigue. Today, fatigue wins out. Sigh.

Facebooklinkedin
Facebooklinkedin

MX Error Provokes Outlook Account Fix

Ever since Microsoft pushed an Outlook update in late September, Outlook hasn’t let me access my primary email account. Something about handling of DNS info related to mailservers changed, and not for the better. Simply put, the configuration I’d been using to ingest incoming email and send outgoing email quit working. But when I checked the dreamhost config recommendations, everything agreed with same.  Despite repeated fix attempts, account setup kept foundering because of a reset to some whacko domain I never heard or read about –namely: smtp. mailchannels.net. This morning I had an astonishingly positive encounter with Microsoft 365 chat support, during which an MX error provokes Outlook account fix. Buckle up: this is going to take some explaining…

How an MX Error Provokes Outlook Account Fix

Outlook is obviously reading from MX records for the domain names it runs into. The only way I can get my home account (the one for this very website, in fact) to work is by over-riding both incoming and outgoing mail server values that the lookup process finds on its own.

It gets worse. If I tell Outlook to repair itself, it overwrites my over-rides with those selfsame values again. Fortunately, I’ve now got all this stuff memorized and I know how to fix it. But it wasn’t until we tried and failed to use my domain name (edtittel.com) for the mail servers that the inbuilt Outlook facility started reading the right MX records. Only then was I able to use those for the email host instead of whatever Outlook was dredging out of the MX records it finds on my behalf. Sigh.

Automation Had Best Be Correct…

I understand that MS is just trying to help by automating the mail server lookups and name assignments. That’s terrif, as long as they get those lookups right. But as I’ve just learned, over-riding errors in such lookups can get excessively interesting.

Shoot! I couldn’t even get email to work in Outlook until I figured out I should ignore its findings and insist on what the provider’s configuration page told me I should use. What’s interesting is that’s what was in there in the first place, and quit working late last month. I wasn’t able to get back into the fold, however, until I tried my own domain name, at which point the error trail finally located workable MX records.

Go figure! That’s what keeps me on the edge of my seat, and makes Windows-World an always-interesting place to work and live.

Facebooklinkedin
Facebooklinkedin

Uncovering Create Dev Drive Gotcha

Yesterday, I blogged about a real, but apparently small, performance boost for ReFS volumes vis-a-vis NTFS ones. While I was undertaking that testing, I switched a USB4 NVMe from NTFS to ReFS to keep everything else the same. I’m pretty sure that’s the best way to isolate file system differences because port, cable, enclosure and drive all remained the same. Along the way, I found myself uncovering “Create Dev Drive” gotcha. Let me explain.

Uncovering Create Dev Drive Gotcha:
Two Create Dev Drive Buttons

If you attach an unallocated drive to a Windows PC, then navigate to System > Storage > Disks & Volumes, you’ll not only see the “Create Dev Drive button” at the top of that UI pane as shown in the lead-in graphic. Should you scroll down to said unallocated drive, you can evoke a different Create Dev Drive button by clicking on the down-caret for “Create volume” like so:

Here’s the gotcha: if you use the upper Create Dev Drive button, everything works as it should. But if you use the lower one, the create operation fails every time, and reports it fails because the drive is read-only. Here’s what the Settings UI looks like after that error:

Something odd and interesting apparently happens when you use this button instead. I’m reporting this to Feedback Hub. Here’s that link, if you’d care to upvote: Create a dev drive button doesn’t work.

Clean-Up and Fix

Once you do this to yourself, you need to clean things up before you can set things up correctly using (only) the upper “Create Dev Drive” button. You must open Disk Management and delete the RAW volume you’ll now see there (right-click, and select Delete Volume… from the pop-up menu). Then you can return to Settings > System > Storage >Disks & volumes and do it right this time. Enjoy!

One more thing: the Dev Home app is a great place to get started when creating an ReFS volume. It does the Settings navigation for you and drops you right where you want to be. Just remember: it only works when you select the upper, general “Create Dev Drive” button, NOT the lower, device-specific “Create Dev Drive” button. I have no idea why this is so, but that’s the way it seems to work at present. Mysteries like these are what keep me forever fascinated with the wrinkles in Windows-World.

 

Facebooklinkedin
Facebooklinkedin

Chkdsk /f Fixes DISM Issues

Here’s an interesting item. As part of routine maintenance, I ran DISM /online /cleanup-image /analyzecomponentstore on the P16 Mobile Workstation this morning. Imagine my surprise when it threw  “Error 2; The system cannot find the file specified.” at about 80% complete. I’d never run across this one before. But a Google Search soon revealed that this happens when DISM encounters a corrupted entry in the component store. MS Answers also reported that, nearly always, chkdsk /f fixes DISM issues of this kind. So that’s what I tried: as you can see from the lead-in graphic, it worked!

How Chkdsk /f Fixes DISM Issues

This particular disk scanning operation repairs any corrupted files it finds, if it can. That has me wondering if sfc /scannow might not have had the same salutary effect. I think that’s at least possible, so I’ll have to try it next time around. The only follow-on is that repairs to the C: drive (especially for the kinds of files that DISM cares about) must run while the Windows OS image is not in use. That means scheduling that check and repair during boot-up before the OS takes over operation of the PC (that is, while the boot loader is running things).

Thus, I had to reboot the P16, and watch the check run as a pre-boot task (large white text against a black screen). Here’s a capture from inside a Hyper-V VM (otherwise, it’s challenging to grab boot-time screens from Windows).

Once that repair had completed, I was able to run the previously inoperative DISM command without trouble. Every now and then, one gets lucky in Windows-World. This time, the repair worked just like it was supposed to. Good stuff!

 

Facebooklinkedin
Facebooklinkedin