Type in "sfc /scannow". let it run to see if it finds / repairs anything.
Then try "DISM /Online /Cleanup-Image /RestoreHealth"
Then try "DISM /Online /Cleanup-Image /RestoreHealth"
-
IMPORTANT: Only authorized members may reply to threads in this forum due to the complexity of the malware removal process. Authorized members include Malware Specialists and Trainees, Administrators, Moderators, and Trusted Advisors. Regular members are not permitted to reply, and any such posts will be deleted without notice or further explanation. Notice
Error 0x80070422
I have a Windows 10 Home 64-bit AiO desktop.
I was trying to install iTunes from the Microsoft Store. There was an error when installing it, so I clicked to see the details and it said about an error 0x80070422 and that I need to run Windows Update to automatic. So, to check, I went onto my Windows Update on the settings, I clicked on updates, but it kept on saying “retry”. I did try troubleshooting, but it said that it couldn’t find any problems.
So, I went onto “services.msc” and went onto “WindowsUpdate”, right-clicked on “properties”, I selected “automatic”, then clicked “apply”, then “OK”. Then I went and clicked “start” to start the service, but there was no “start”or “restart” after I did that, so I refreshed and then the “WindowsUpdate” has gone back to disabled.
What can I do?
I was trying to install iTunes from the Microsoft Store. There was an error when installing it, so I clicked to see the details and it said about an error 0x80070422 and that I need to run Windows Update to automatic. So, to check, I went onto my Windows Update on the settings, I clicked on updates, but it kept on saying “retry”. I did try troubleshooting, but it said that it couldn’t find any problems.
So, I went onto “services.msc” and went onto “WindowsUpdate”, right-clicked on “properties”, I selected “automatic”, then clicked “apply”, then “OK”. Then I went and clicked “start” to start the service, but there was no “start”or “restart” after I did that, so I refreshed and then the “WindowsUpdate” has gone back to disabled.
What can I do?
- Status
- Not open for further replies.
1 - 20 of 43 Posts
0x80070422
1. Right click on Windows button and click on "Windows PowerShell (Admin)"
2. If prompted for password, enter administrator password and click "Yes" to continue
3. Copy all of the code below at once, right click into console to paste and press enter
4. This will create folder named "PSLogs" and zip file named "PSLogs.zip" in your C:\ root drive
5. Attach "PSLogs" zip file to your new reply
6. Feel free to delete "PSLogs" folder and zip file when done
ERROR_SERVICE_DISABLED
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
To possibly see why please share event logs:so I refreshed and then the "WindowsUpdate" has gone back to disabled
1. Right click on Windows button and click on "Windows PowerShell (Admin)"
2. If prompted for password, enter administrator password and click "Yes" to continue
3. Copy all of the code below at once, right click into console to paste and press enter
Code:
ni -ItemType Directory $env:SystemDrive\PSLogs\EventLog\ | Out-Null
Get-EventLog -LogName System -EntryType Error | ? Source -ne DCOM |
select EventID, TimeGenerated, Source, Message | sort TimeGenerated -Descending |
fl > $env:SystemDrive\PSLogs\EventLog\system.log
Get-EventLog -LogName HardwareEvents -EntryType Error, Warning -Newest 200 -EA Ignore |
select EventID, TimeGenerated, Source, Message | sort TimeGenerated -Descending |
fl > $env:SystemDrive\PSLogs\EventLog\hardware.log
Get-EventLog -LogName system -Source user32 | select EventID, EntryType, TimeGenerated, Source, Message |
sort TimeGenerated -Descending | fl > $env:SystemDrive\PSLogs\EventLog\shutdown.log
Get-WinEvent -LogName Setup | select Id, TimeCreated, LevelDisplayName, Message |
fl > $env:SystemDrive\PSLogs\EventLog\setup.log
Get-EventLog -LogName Application -EntryType Error, Warning |
select EventID, TimeGenerated, Source, Message | sort TimeGenerated -Descending |
fl > $env:SystemDrive\PSLogs\EventLog\application.log
Compress-Archive -Force -Path $env:SystemDrive\PSLogs -DestinationPath $env:SystemDrive\PSLogs.zip5. Attach "PSLogs" zip file to your new reply
6. Feel free to delete "PSLogs" folder and zip file when done
What I got was this.Type in "sfc /scannow". let it run to see if it finds / repairs anything.
Then try "DISM /Online /Cleanup-Image /RestoreHealth"
Microsoft Windows [Version 10.0.19042.630]
(c) 2020 Microsoft Corporation. All rights reserved.
C:\WINDOWS\system32>sfc/scannow
Beginning system scan. This process will take some time.
Beginning verification phase of system scan.
Verification 100% complete.
Windows Resource Protection found corrupt files and successfully repaired them.
For online repairs, details are included in the CBS log file located at
windir\Logs\CBS\CBS.log. For example C:\Windows\Logs\CBS\CBS.log. For offline
repairs, details are included in the log file provided by the /OFFLOGFILE flag.
C:\WINDOWS\system32>DISM /Online /Cleanup-Image /RestoreHealth
Deployment Image Servicing and Management tool
Version: 10.0.19041.572
Error: 2
An error occurred while attempting to start the servicing process for the image located at C:\.
For more information, review the log file.
The DISM log file can be found at C:\WINDOWS\Logs\DISM\dism.log
C:\WINDOWS\system32>
Here you go.Also, can you confirm what build version you have by typing winver in the search bar for Windows and press enter. You should see a box like this:
View attachment 282955
Attachments
-
65.9 KB Views: 19
restart the computer and do the DISM one again.
Still the same message.restart the computer and do the DISM one again.
Error: 2
An error occurred while attempting to start the servicing process for the image located at C:\.
For more information, review the log file.
The DISM log file can be found at C:\WINDOWS\Logs\DISM\dism.log
C:\WINDOWS\system32>
Is this any good?0x80070422
To possibly see why please share event logs:
1. Right click on Windows button and click on "Windows PowerShell (Admin)"
2. If prompted for password, enter administrator password and click "Yes" to continue
3. Copy all of the code below at once, right click into console to paste and press enter
4. This will create folder named "PSLogs" and zip file named "PSLogs.zip" in your C:\ root driveCode:ni -ItemType Directory $env:SystemDrive\PSLogs\EventLog\ | Out-Null Get-EventLog -LogName System -EntryType Error | ? Source -ne DCOM | select EventID, TimeGenerated, Source, Message | sort TimeGenerated -Descending | fl > $env:SystemDrive\PSLogs\EventLog\system.log Get-EventLog -LogName HardwareEvents -EntryType Error, Warning -Newest 200 -EA Ignore | select EventID, TimeGenerated, Source, Message | sort TimeGenerated -Descending | fl > $env:SystemDrive\PSLogs\EventLog\hardware.log Get-EventLog -LogName system -Source user32 | select EventID, EntryType, TimeGenerated, Source, Message | sort TimeGenerated -Descending | fl > $env:SystemDrive\PSLogs\EventLog\shutdown.log Get-WinEvent -LogName Setup | select Id, TimeCreated, LevelDisplayName, Message | fl > $env:SystemDrive\PSLogs\EventLog\setup.log Get-EventLog -LogName Application -EntryType Error, Warning | select EventID, TimeGenerated, Source, Message | sort TimeGenerated -Descending | fl > $env:SystemDrive\PSLogs\EventLog\application.log Compress-Archive -Force -Path $env:SystemDrive\PSLogs -DestinationPath $env:SystemDrive\PSLogs.zip
5. Attach "PSLogs" zip file to your new reply
6. Feel free to delete "PSLogs" folder and zip file when done
Attachments
-
200.2 KB Views: 6
Some recent errors are related:
Follow these steps to verify files and share signature status:
1. Press Windows key
2. type sigverif
3. run "sigverif" as Administrator
4. If prompted for password, enter administrator password and click "Yes" to continue
5. click "start" button
6. wait until complete
Step 2:
1. Right click on Windows button and select "Windows PowerShell (Admin)"
2. If prompted for password, enter administrator password and click "Yes" to continue
3. Copy all of the code below at once, right click into console to paste and press enter
4. This will create folder named "PSLogs" and zip file named "PSLogs.zip" in your C:\ root drive
5. Attach "PSLogs" zip file to your new reply
6. Feel free to delete "PSLogs" folder and zip file when done
An attempt was made to access a socket in a way forbidden by its access permissions
Windows cannot verify the digital signature for this file.
A recent hardware or software change might have installed a file that is signed incorrectly or damaged,
or that might be malicious software from an unknown source.
Only you can answer if you recall installing anything that is suspicious?the process MsMpEng.exe has initiated the restart of computer for the following reason:
Security issue
Follow these steps to verify files and share signature status:
1. Press Windows key
2. type sigverif
3. run "sigverif" as Administrator
4. If prompted for password, enter administrator password and click "Yes" to continue
5. click "start" button
6. wait until complete
Step 2:
1. Right click on Windows button and select "Windows PowerShell (Admin)"
2. If prompted for password, enter administrator password and click "Yes" to continue
3. Copy all of the code below at once, right click into console to paste and press enter
Code:
ni -ItemType Directory $env:SystemDrive\PSLogs\Signature\ -EA Ignore | Out-Null
Get-ItemProperty HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\* |
Select-Object DisplayName, DisplayVersion, Publisher, InstallDate |
Format-Table -AutoSize > $env:SystemDrive\PSLogs\Signature\Software64.txt
Get-ItemProperty HKLM:\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\* |
Select-Object DisplayName, DisplayVersion, Publisher, InstallDate |
Format-Table -AutoSize > $env:SystemDrive\PSLogs\Signature\Software86.txt
Copy-Item -Path C:\Users\Public\Documents\SIGVERIF.TXT -Destination $env:SystemDrive\PSLogs\Signature
Get-WmiObject -Class Win32_SystemDriver | ForEach-Object {
Get-AuthenticodeSignature -FilePath $_.PathName } > $env:SystemDrive\PSLogs\Signature\Drivers.log
Compress-Archive -Force -Path $env:SystemDrive\PSLogs -DestinationPath $env:SystemDrive\PSLogs.zip5. Attach "PSLogs" zip file to your new reply
6. Feel free to delete "PSLogs" folder and zip file when done
Here is this that I have attached.Some recent errors are related:
Only you can answer if you recall installing anything that is suspicious?
Follow these steps to verify files and share signature status:
1. Press Windows key
2. type sigverif
3. run "sigverif" as Administrator
4. If prompted for password, enter administrator password and click "Yes" to continue
5. click "start" button
6. wait until complete
Step 2:
1. Right click on Windows button and select "Windows PowerShell (Admin)"
2. If prompted for password, enter administrator password and click "Yes" to continue
3. Copy all of the code below at once, right click into console to paste and press enter
4. This will create folder named "PSLogs" and zip file named "PSLogs.zip" in your C:\ root driveCode:ni -ItemType Directory $env:SystemDrive\PSLogs\Signature\ -EA Ignore | Out-Null Get-ItemProperty HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\* | Select-Object DisplayName, DisplayVersion, Publisher, InstallDate | Format-Table -AutoSize > $env:SystemDrive\PSLogs\Signature\Software64.txt Get-ItemProperty HKLM:\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\* | Select-Object DisplayName, DisplayVersion, Publisher, InstallDate | Format-Table -AutoSize > $env:SystemDrive\PSLogs\Signature\Software86.txt Copy-Item -Path C:\Users\Public\Documents\SIGVERIF.TXT -Destination $env:SystemDrive\PSLogs\Signature Get-WmiObject -Class Win32_SystemDriver | ForEach-Object { Get-AuthenticodeSignature -FilePath $_.PathName } > $env:SystemDrive\PSLogs\Signature\Drivers.log Compress-Archive -Force -Path $env:SystemDrive\PSLogs -DestinationPath $env:SystemDrive\PSLogs.zip
5. Attach "PSLogs" zip file to your new reply
6. Feel free to delete "PSLogs" folder and zip file when done
Attachments
-
205 KB Views: 6
I'm sorry to bother you but I'm not able to read contents of a zipped file for some reason, just in case I tested my own steps and it went fine, it could be you did something wrong.
Please delete pslogs zip and pslogs folder in C drive manually and re-run my code above and share new zip file.
Please delete pslogs zip and pslogs folder in C drive manually and re-run my code above and share new zip file.
Okay, here you go.I'm sorry to bother you but I'm not able to read contents of a zipped file for some reason, just in case I tested my own steps and it went fine, it could be you did something wrong.
Please delete pslogs zip and pslogs folder in C drive manually and re-run my code above and share new zip file.
Attachments
-
21.2 KB Views: 10
It may help to also share logs from DISM and SFC..
Can you please run following (same as before) and share new PSLogs zip file:
Right click on Windows button and select "Windows PowerShell (Admin)"
Copy all of the code below at once, right click into console to paste and press enter
Can you please run following (same as before) and share new PSLogs zip file:
Right click on Windows button and select "Windows PowerShell (Admin)"
Copy all of the code below at once, right click into console to paste and press enter
Code:
ni -ItemType Directory $env:SystemDrive\PSLogs\SfcDism\ -EA Ignore | Out-Null
cpi -Path $env:windir\Logs\CBS\*.log -Destination $env:SystemDrive\PSLogs\SfcDism\
findstr /c:"[SR]" $env:windir\logs\CBS\cbs.log > $env:SystemDrive\PSLogs\SfcDism\sfcdetails.txt
cpi -Path $env:windir\Logs\DISM\*.log -Destination $env:SystemDrive\PSLogs\SfcDism\
ni -ItemType Directory $env:SystemDrive\PSLogs\Signature\ -EA Ignore | Out-Null
Get-ItemProperty HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\* | ? DisplayName |
Select-Object DisplayName, DisplayVersion, Publisher, InstallDate | sort Publisher |
fl > $env:SystemDrive\PSLogs\Signature\Software64.txt
Get-ItemProperty HKLM:\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\* |
? DisplayName | Select-Object DisplayName, DisplayVersion, Publisher, InstallDate | sort Publisher |
fl > $env:SystemDrive\PSLogs\Signature\Software86.txt
Compress-Archive -Force -Path $env:SystemDrive\PSLogs -DestinationPath $env:SystemDrive\PSLogs.zipI hope that these are okay.It may help to also share logs from DISM and SFC..
Can you please run following (same as before) and share new PSLogs zip file:
Right click on Windows button and select "Windows PowerShell (Admin)"
Copy all of the code below at once, right click into console to paste and press enter
Code:ni -ItemType Directory $env:SystemDrive\PSLogs\SfcDism\ -EA Ignore | Out-Null cpi -Path $env:windir\Logs\CBS\*.log -Destination $env:SystemDrive\PSLogs\SfcDism\ findstr /c:"[SR]" $env:windir\logs\CBS\cbs.log > $env:SystemDrive\PSLogs\SfcDism\sfcdetails.txt cpi -Path $env:windir\Logs\DISM\*.log -Destination $env:SystemDrive\PSLogs\SfcDism\ ni -ItemType Directory $env:SystemDrive\PSLogs\Signature\ -EA Ignore | Out-Null Get-ItemProperty HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\* | ? DisplayName | Select-Object DisplayName, DisplayVersion, Publisher, InstallDate | sort Publisher | fl > $env:SystemDrive\PSLogs\Signature\Software64.txt Get-ItemProperty HKLM:\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\* | ? DisplayName | Select-Object DisplayName, DisplayVersion, Publisher, InstallDate | sort Publisher | fl > $env:SystemDrive\PSLogs\Signature\Software86.txt Compress-Archive -Force -Path $env:SystemDrive\PSLogs -DestinationPath $env:SystemDrive\PSLogs.zip
Attachments
-
4.6 MB Views: 7
-
1.2 MB Views: 7
Then try "DISM /Online /Cleanup-Image /RestoreHealth"
[/QUOTE]
Here is this.
[/QUOTE]
Here is this.
restart the computer and do the DISM one again.
Attachments
-
4.6 MB Views: 7
Hello, thank you fresh logs!
Please run DISM in administrator command prompt like this:
If this does not fail and finishes normally then run:
Regardless if DISM results in error or not share fresh logs when it's done.
There doesn't seem to be any rouge software installed but that doesn't mean PC is clean of malware.
What antivirus scans did you run so far?
Please run DISM in administrator command prompt like this:
Code:
mkdir C:\Scratch
dism /Online /Cleanup-Image /RestoreHealth /ScratchDir:C:\Scratchsfc /scannowRegardless if DISM results in error or not share fresh logs when it's done.
There doesn't seem to be any rouge software installed but that doesn't mean PC is clean of malware.
What antivirus scans did you run so far?
I used a full scan of Windows Security from the 30th of November and left it running until the morning of the 1st of December. I did remove the threats. But I might do it again.Hello, thank you fresh logs!
Please run DISM in administrator command prompt like this:
If this does not fail and finishes normally then run:Code:mkdir C:\Scratch dism /Online /Cleanup-Image /RestoreHealth /ScratchDir:C:\Scratch
sfc /scannow
Regardless if DISM results in error or not share fresh logs when it's done.
There doesn't seem to be any rouge software installed but that doesn't mean PC is clean of malware.
What antivirus scans did you run so far?
I also used Rogue Killer and removed the further threats on there.
Still no luck with the Windows Update, though.
I did the sfc /scannow. It says "Windows Resource Protection did not find any integrity violations."
Attachments
-
4.6 MB Views: 6
for SFC to make sense DISM must succeed first but it didn't.I did the sfc /scannow
To make it succeed you'll need to run it with secondary offline image which is not straightforward to do, and is explained here:
https://techguy.org/1235557
In that thread jump to text that says: "If the above DISM does not fix your problem"
But before you do so I would first ensure you get your PC free of known malware.
Malwarebytes Download - Free Virus Scan & Virus Protection Tool
Download free version, install and run antivirus scan for entry C drive.
When done if it finds something let it remove malware then uninstall malwarebytes and finally restart computer.
Next use trial version of Kaspersky antivirus:
Kaspersky Anti-Virus (2021) Free Trial Download | Kaspersky
Activate trial license and run virus scan for entry C drive.
Same as with malwarebytes, if it finds something let it remove malware, uninstall kaspersky and restart computer.
Let us know if these 2 find anything, and try to run DISM again, if it fails see linked thread above to run it with offline image.
I hope that I have followed everything correctly with what you explained above.for SFC to make sense DISM must succeed first but it didn't.
To make it succeed you'll need to run it with secondary offline image which is not straightforward to do, and is explained here:
https://techguy.org/1235557
In that thread jump to text that says: "If the above DISM does not fix your problem"
But before you do so I would first ensure you get your PC free of known malware.
Malwarebytes Download - Free Virus Scan & Virus Protection Tool
Download free version, install and run antivirus scan for entry C drive.
When done if it finds something let it remove malware then uninstall malwarebytes and finally restart computer.
Next use trial version of Kaspersky antivirus:
Kaspersky Anti-Virus (2021) Free Trial Download | Kaspersky
Activate trial license and run virus scan for entry C drive.
Same as with malwarebytes, if it finds something let it remove malware, uninstall kaspersky and restart computer.
Let us know if these 2 find anything, and try to run DISM again, if it fails see linked thread above to run it with offline image.
C:\WINDOWS\system32>DISM /Online /Cleanup-Image /RestoreHealth
Deployment Image Servicing and Management tool
Version: 10.0.19041.572
Error: 2
An error occurred while attempting to start the servicing process for the image located at C:\.
For more information, review the log file.
The DISM log file can be found at C:\WINDOWS\Logs\DISM\dism.log
C:\WINDOWS\system32>sfc /scannow
Beginning system scan. This process will take some time.
Beginning verification phase of system scan.
Verification 100% complete.
Windows Resource Protection did not find any integrity violations.
And here is the DISM text file.
Attachments
-
4.7 MB Views: 5
1 - 20 of 43 Posts
- Status
- Not open for further replies.
Tech Support Guy
A forum community dedicated to tech experts and enthusiasts. Come join the discussion about articles, computer security, Mac, Microsoft, Linux, hardware, networking, gaming, reviews, accessories, and more!
Full Forum Listing
Explore Our Forums
