[SOLUTION] KB3185330 FAILING! – October 2016 Security Monthly Quality Rollup for Windows 7

Many of my clients are having Windows Update failures, particularly with the October Security rollup (KB3185330), but also KB3133977 and KB3033929 in some cases. I have resolved the issue — all is explained below.

THE FACTS:

— My Dell Optiplex 780 and 790 models are affected for sure, as I’m hearing from my clients and working with my test computers. (Also, Dell Inspiron 15-3537 in one case)

— My test computers have no hidden updates and have all other Windows Update up-to-date.

— My test computers have no antivirus.

— When the KB3185330 is run and I restart, it goes to 79% complete in configuring, then it goes to:

IMG_3282x

Failure configuring Windows updates, Reverting changes. Do not turn off your computer.

— Something this leads to hours and hours of hard drive writing, even to the point of filling the drive (in the (C:\Windows\logs\CBS folder).

— I’ve run the Microsoft System Readiness Tool (32-bit link, 64-bit link), which seems to check the integrity of some of the Windows Update folders. It leaves a CheckSUR.log file in the C:\Windows\logs\CBS folder. Whether it comes back clean or fixes something, it doesn’t prevent the October security rollup from failing.

— I made sure drivers were all up-to-date.

— I tried disabling from unnecessary devices (Intel Active Mgmt SOL, COM1, LPT1), no success.

— I tried changing the drive boot from AHCI to Legacy, no success.

POTENTIAL REASON FOR FAILURE

Some have reported using GRUB or other booting methods other than booting straight to Windows. Try booting directly to Windows. That’s not my problem.

Thanks to an anonymous poster, I figured my problem out. I searched for “Computer Management” in the Start menu (or right-click on Computer, Manage). In here, I have a Recovery partition built by Dell from their OEM image. In the computers that are failing, the Recovery partition has no room left. (In this picture, the RECOVERY partition has 1.96GB of space after I fixed it.

CompMgmt

I used Acronis Disk Director to shrink the C drive by 2 GB before the partition and then increased the size of the Recovery partition, rebooted, ran the KB3185330 and it worked!!!

This is for the technically minded, I know. I’ll see if I can figure out a simpler way. Here is a decent place to read up on removing the Recovery partition, which I haven’t tried yet.

The reason this has happened to computers I’ve setup is because I use Acronis True Image to image OEM drives — usually to SSDs that are smaller than the original 500GB OEM hard drive. Acronis’s software slices off free space in the Recovery partition when fitting to a smaller drive, hence the lack of space on the Recovery partition.

This may also affect KB3133977 and KB3033929.

Please share thoughts and what fixed this for you!

ESET forces resellers to order through Ingram Micro

I’d love to get in touch with other ESET resellers that are now required to order through Ingram Micro. If you are effected by this,  please comment below, I’d love to reach out to you. I will keep comments private unless you consent otherwise.

[FOR SALE] 2016 Kaplan Pocket Tables (Tax Tables)

Kaplan’s 2016 Pocket Tables, or as some people call them, Tax Tables.

OUT OF STOCK! I don’t intend on getting any more.

 

 

 

NOTE: You can pay with a credit card without signing into PayPal by clicking “Pay with a debit or credit card” — see image:

Paypal

Suspicious charges from J2 eReceptionist & Freeparking.co.uk

One of my clients has me investigating suspicious charges on their bank statements that looks to have come from their debit card.

  • J2 eReceptionist
    • 11/16/2015 $15.19
  • Freeparking.co.uk
    • 11/4/2015 $20.61
    • 11/6/2015 $22.78
    • 11/16/2015 $58.60

The client does not use either company and all of these charges appears to come from reputable companies. Unlike what you’ll find on another site of mine, www.digitalagefraud.com, this doesn’t appear to be a case of a fraudulent company setup to steal money.

If you see anything like this, PLEASE comment below. I’ll update this post if I learn anything more.

[FOR SALE] 2015 Kaplan Pocket Tables (Tax Tables)

Kaplan’s 2015 Pocket Tables, or as some people call them, Tax Tables.

All orders include free shipping to the US only. Email (brian AT brianmorristech.com) or Comment below if you want me to send them and bill you. Otherwise, pay with a credit or debit card by clicking one of the Buy Now buttons below.

[NOTE: You can pay with a credit card without signing into PayPal by clicking “Pay with a debit or credit card”.]

________________________________
Pack of 3 Pocket Tables ($12):




________________________________
Pack of 10 Pocket Tables ($26):




________________________________
Pack of 20 Pocket Tables ($40):




________________________________
Pack of 50 Pocket Tables ($65):




________________________________

[FOR SALE] 2014 Kaplan Pocket Tables (Tax Tables)

SORRY, I AM OUT OF STOCK OF 2014, but CLICK HERE TO ORDER 2015 POCKET TABLES

Kaplan’s 2014 Pocket Tables, or as some people call them, Tax Tables.

All orders include free shipping to the US only. Email (brian AT brianmorristech.com) or Comment below if you want me to send them and bill you. Otherwise, pay with a credit or debit card by clicking one of the Buy Now buttons below:

___________________________

Pack of 3 Pocket Tables ($11):

___________________________
Pack of 10 Pocket Tables ($25):

___________________________
Pack of 20 Pocket Tables ($40):

___________________________
Pack of 50 Pocket Tables ($65):

___________________________
NOTE: You can pay with PayPal or with a credit card without signing into PayPal by clicking “Pay with a debit or credit card…” as seen here:

Install an SSD in your Dell Optiplex 790, 7010 minitower

I’ve been blown away by the performance improvements that SSDs make, even in older computers. The desktops that I sold for the last few years is the minitower version of the Dell Optiplex 790 and 7010. Since the hard drive bracket in those models is made for a 3.5 inch hard drive, SSDs don’t fit. I tried a few of the popular 3.5 to 2.5 inch adapters, but they didn’t work (as shown in this good blog post).

I finally found an adapter that does the job, not perfectly, but it’s not bad. It is a Mushkin 2.5″ to 3.5″ SSD adapter (Amazon link).

Install it in the adapter this like this and it pops into the Dell hard drive caddy like so (it only fits with two of the four holes, but it is relatively secure):

Stick it in the case and you are ready to fly!

 

Install an SSD in your Dell Optiplex 745, 755, 760, 780 minitower

I’ve been blown away by the performance improvements that SSDs make, even in older computers. The desktops that I sold for years was the minitower version of the Dell Optiplex 745, 755, 760 and 780. Since the hard drive bracket in those models is made for a 3.5 inch hard drive, SSDs don’t fit. I tried a few of the popular 3.5 to 2.5 inch adapters, but they didn’t work (as shown in this good blog post).

I finally found an adapter that does the job, not perfectly, but it’s not bad. It is a Mushkin 2.5″ to 3.5″ SSD adapter (Amazon link).

Install it in the adapter this like this and it pops into the Dell hard drive caddy (it only fits with two of the four holes, but it is relatively secure), then stick it in the case and you are ready to fly!

Uninstall Comcast AntiSpy Service (ComcastAntiSpy.exe)

I was working on speeding up a computer for a client and noticed that ComcastAntiSpy.exe was using quite a bit of CPU for long periods of time.

Thanks to the tips on this forum, I found how to remove it.

Go the the C:\Program Files (x86)\comcasttb\ComcastSpywareScan folder (for a 32-bit system, omit the x86 part)

 

In this folder, double-click the Uninstall.exe file.

Click Next, follow the prompts and it won’t slow you down again!

Malware that restarts your computer (Legacy API shutdown, 0x80070000)

On 6/6/2013 I had my first case of this malware that restarts your computer without asking. I believe it was a drive-by download that did it and when the computer rebooted the file was gone. Here is what was in the Event Log:

The process C:\Users\user\AppData\Local\Temp\notepad.exe (computer name) has initiated the restart of computer computer name on behalf of user computer name\user for the following reason: Legacy API shutdown
Reason Code: 0x80070000
Shutdown Type: restart

That notepad.exe is obviously malware, but it’s not there after restarting. I can’t find any other evidence of infection. I suspect that it was trying to write to the Master Boot Record (MBR), but due to encryption software it may not have gotten the job done.

I’m posting this here hoping that other researchers and IT support folks will find this and do some more investigating. Please comment here.