WppRecorder.sys problem when updating Windows 10 from 1909 to 20H2

Page 11 of 15 FirstFirst ... 910111213 ... LastLast

  1. smartcooky
    Posts : 221
    Windows 10 Pro 64 bit (22H2)
    Thread Starter
       New #101

    I have just got a Windows Defender warning for FRST.exe



    I have deleted it and FRST64.exe as a precaution
      My Computers
    Quote Quote

  3. zbook
    Posts : 41,462
    windows 10 professional version 1607 build 14393.969 64 bit
       New #102

    Run: https://www.malwarebytes.com/mwb-download/

    Post report.
      My Computer
    Quote Quote

  4. smartcooky
    Posts : 221
    Windows 10 Pro 64 bit (22H2)
    Thread Starter
       New #103

    OK, Tuneup.bat completes then the commuter crashes before I can get the data.... not a BSOD, a BlackSOD, the screen goes black and the monitor goes into standby... the power light is still on and the HDD light is flashing but the mouse and keyboard are unresponsive.

    I suspect WDV so I'm going to turn it off and run tuneup.bat again


    Will run malwarebytes first
      My Computers
    Quote Quote

  6. zbook
    Posts : 41,462
    windows 10 professional version 1607 build 14393.969 64 bit
       New #104

    Ok.

    Post a new V2.



    During the last upgrade attempt there was a BSOD that created a setupmem.dmp.

    The misbehaving driver was TeeDriverW10.sys


    Uninstall and reinstall: teedriverw10.sys

    Code:
    mei	Intel(R) Management Engine Interface	c:\windows\system32\driverstore\filerepository\heci.inf_x86_3fec17f874687c29\x86\teedriverw10.sys	Kernel Driver	Yes	Manual	Running	OK	Normal	No	Yes

    Also uninstall the Intel GPU driver using DDU (display driver uninstaller)
    Re-install the Intel GPU driver using the Intel driver and support assistant:
    Download Intel(R) Driver & Support Assistant

    Display Driver Uninstaller Download version 18.0.3.5 (or newer version if available)
    Official Display Driver Uninstaller DDU Download

    Display Driver Uninstaller: How to use - Windows 7 Help Forums
    Display Driver Uninstaller: How to use - Windows 7 Help Forums

    Code:
    Driver	C:\WINDOWS\SYSTEM32\DRIVERS\IGDKMD32.SYS (20.19.15.4624, 6.77 MB (7,102,960 bytes), 17/03/2017 11:38 PM)
    Code:
    TeeDriverW10.sys Sun Aug 23 14:29:50 2020 (5F42C3AE)
      My Computer
    Quote Quote

  7. smartcooky
    Posts : 221
    Windows 10 Pro 64 bit (22H2)
    Thread Starter
       New #105

    Here is the malwarebytes report - can't see anything serious

    Dropbox - MWB20210425-1917.txt

    Maybe it was just a false positive on FRST.exe
      My Computers
    Quote Quote

  8. Tekkie Boy
    Posts : 850
    Win 10
       New #106

    Hello @smartcooky and @zbook

    I hope it's okay if I disturb you.

    Can you do the following:

    Push the Windows Button, type cmd and then select the option "Run as administrator".

    In the command prompt run this command:
    wmic.exe /Namespace:\\root\default Path SystemRestore Call CreateRestorePoint "Driver install", 100, 12

    After run the command, you should see:
    Code:
    Executing (SystemRestore)->CreateRestorePoint()
Method execution successful.
Out Parameters:
instance of __PARAMETERS
{
        ReturnValue = 0;
};
    That creates the Systemrestore point with the name: Driver Install.

    When you see a other message let me known.

    Then close the window and download and install this Intel MEI Driver:
    Package removed

    This is a driver from Intel that is supplied to OEMs and is therefore not available for download on the Intel website.


    After install, restart the pc and then creates and share a new drivers.txt file with the following command in the command prompt as administrator:
    Dism /online /get-drivers /format:table > "%userprofile%\desktop\drivers.txt"


    Friendly greetings
    Last edited by Tekkie Boy; 26 Apr 2021 at 06:06.
      My Computer
    Quote Quote

  9. smartcooky
    Posts : 221
    Windows 10 Pro 64 bit (22H2)
    Thread Starter
       New #107

    Didn't crash this time

    Here is the tuneup.bat data

    ###########################################################
    # The following commands will be run in sequence. #
    # The first 5 will take quite a while to run, be patient. #
    ###########################################################

    sfc /scannow
    dism /online /cleanup-image /scanhealth
    dism /online /cleanup-image /restorehealth
    sfc /scannow

    chkdsk /scan

    wmic recoveros get autoreboot
    wmic recoveros set autoreboot = false
    wmic recoveros get autoreboot
    wmic recoveros get DebugInfoType
    wmic recoveros set DebugInfoType = 7
    wmic recoveros get DebugInfoType

    wmic pagefile list /format:list
    wmic Computersystem where name="PHOTOLAB" get AutomaticManagedPagefile
    wmic Computersystem where name="PHOTOLAB" set AutomaticManagedPagefile=True
    wmic Computersystem where name="PHOTOLAB" get AutomaticManagedPagefile

    bcdedit /enum {badmemory}


    C:\WINDOWS\system32>sfc /scannow

    Beginning system scan. This process will take some time.

    Beginning verification phase of system scan.
    Verification 100% complete.

    Windows Resource Protection did not find any integrity violations.

    C:\WINDOWS\system32>dism /online /cleanup-image /scanhealth

    Deployment Image Servicing and Management tool
    Version: 10.0.18362.1316

    Image Version: 10.0.18363.1500

    [==========================100.0%==========================] No component store corruption detected.
    The operation completed successfully.

    C:\WINDOWS\system32>dism /online /cleanup-image /restorehealth

    Deployment Image Servicing and Management tool
    Version: 10.0.18362.1316

    Image Version: 10.0.18363.1500

    [==========================100.0%==========================] The restore operation completed successfully.
    The operation completed successfully.

    C:\WINDOWS\system32>sfc /scannow

    Beginning system scan. This process will take some time.

    Beginning verification phase of system scan.
    Verification 100% complete.

    Windows Resource Protection did not find any integrity violations.

    C:\WINDOWS\system32>chkdsk /scan
    The type of the file system is NTFS.

    Stage 1: Examining basic file system structure ...
    724736 file records processed.
    File verification completed.
    11161 large file records processed.
    0 bad file records processed.

    Stage 2: Examining file name linkage ...
    28649 reparse records processed.
    919570 index entries processed.
    Index verification completed.
    0 unindexed files scanned.
    0 unindexed files recovered to lost and found.
    28649 reparse records processed.

    Stage 3: Examining security descriptors ...
    Security descriptor verification completed.
    97418 data files processed.
    CHKDSK is verifying Usn Journal...
    35546080 USN bytes processed.
    Usn Journal verification completed.

    Windows has scanned the file system and found no problems.
    No further action is required.

    116400228 KB total disk space.
    92964420 KB in 343835 files.
    291928 KB in 97419 indexes.
    0 KB in bad sectors.
    837612 KB in use by the system.
    65536 KB occupied by the log file.
    22306268 KB available on disk.

    4096 bytes in each allocation unit.
    29100057 total allocation units on disk.
    5576567 allocation units available on disk.

    C:\WINDOWS\system32>wmic recoveros get autoreboot
    AutoReboot
    FALSE


    C:\WINDOWS\system32>wmic recoveros set autoreboot = false
    Updating property(s) of '\\PHOTOLAB\ROOT\CIMV2:Win32_OSRecoveryConfiguration.Name="Microsoft Windows 10 Home|C:\\WINDOWS|\\Device\\Harddisk0\\Partition1"'
    Property(s) update successful.

    C:\WINDOWS\system32>wmic recoveros get autoreboot
    AutoReboot
    FALSE


    C:\WINDOWS\system32>wmic recoveros get DebugInfoType
    DebugInfoType
    7


    C:\WINDOWS\system32>wmic recoveros set DebugInfoType = 7
    Updating property(s) of '\\PHOTOLAB\ROOT\CIMV2:Win32_OSRecoveryConfiguration.Name="Microsoft Windows 10 Home|C:\\WINDOWS|\\Device\\Harddisk0\\Partition1"'
    Property(s) update successful.

    C:\WINDOWS\system32>wmic recoveros get DebugInfoType
    DebugInfoType
    7


    C:\WINDOWS\system32>wmic pagefile list /format:list


    AllocatedBaseSize=4352
    CurrentUsage=396
    Description=C:\pagefile.sys
    InstallDate=20210419142927.018032+720
    Name=C:\pagefile.sys
    PeakUsage=435
    Status=
    TempPageFile=FALSE




    C:\WINDOWS\system32>wmic Computersystem where name="PHOTOLAB" get AutomaticManagedPagefile
    AutomaticManagedPagefile
    TRUE


    C:\WINDOWS\system32>wmic Computersystem where name="PHOTOLAB" set AutomaticManagedPagefile=True
    Updating property(s) of '\\PHOTOLAB\ROOT\CIMV2:Win32_ComputerSystem.Name="PHOTOLAB"'
    Property(s) update successful.

    C:\WINDOWS\system32>wmic Computersystem where name="PHOTOLAB" get AutomaticManagedPagefile
    AutomaticManagedPagefile
    TRUE


    C:\WINDOWS\system32>bcdedit /enum {badmemory}

    RAM Defects
    -----------
    identifier {badmemory}

    C:\WINDOWS\system32>Echo off
    ###################################################################################
    # How to capture batch file data and post in your thread in the BSOD forum #
    # #
    # Batch files and instructions for use in BSOD debugging[Part Two-Four] #
    # #
    # Press [V] to visit the above web page for detailed instructions. #
    # Press [C] to close this window. #
    ###################################################################################
      My Computers
    Quote Quote

  10. zbook
    Posts : 41,462
    windows 10 professional version 1607 build 14393.969 64 bit
       New #108

    Run the scan again enabling rootkit testing.

    See edited earlier post.
      My Computer
    Quote Quote

  12. smartcooky
    Posts : 221
    Windows 10 Pro 64 bit (22H2)
    Thread Starter
       New #109

    I'm going to restart WDV on the test you want me to do, and then call it a night.

    I will come back through on the way home and check to see if any crashes have happened

    I will catch up on post #108 and techieboy's post tomorrow
      My Computers
    Quote Quote

  13. zbook
    Posts : 41,462
    windows 10 professional version 1607 build 14393.969 64 bit
       New #110

    Hi Tekkie Boy,

    Lots of logs.
    So far setupmem.dmp.

    After replacing both Intel drivers, if malwarebytes is clean, planning:

    1) uninstallation malwarebytes using the applicable uninstall tool
    2) placing the computer in clean boot
    3) in place upgrade repair

    Please comment for any additional steps.





    Please post a new V2 and CBS before retiring.

    Thx.
      My Computer
    Quote Quote

 

  Related Discussions
Good day everyone. I have an issue. I hope you can help me. The place where I work has a PC with Windows 10 Home, which needs to be updated. Current version is 1909, build 18363.1316. It isn't updated to 2004, so it's going to be from 1909...
This is something I've been trying to resolve for weeks. I'm willing to pay someone for any type of avail or resolution to this issue. I'm currently on Windows 10 version 20H2 (OS Build 19042.661) I've tried updating to the latest KBs on this...
Updating from Windows 1803 to 20H2
in Installation and Upgrade

Hi all: I've got a Toshiba laptop that has been sitting for years because it had become un-useable due to extreme slow performance. Last update was October 2018 - Version 1803. Decided to try to revive it this week. It's working fine now but...
Hi, I am a new member and have signed up as I am pulling my hair out trying to figure this out for the past few months. I currently have Windows 10 Pro 1909 installed and Windows update has tried to install Windows 2004, however whilst...
How do I do that from a USB drive?
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

 © Designer Media Ltd
All times are GMT -5. The time now is 22:07.
Find Us




Windows 10 Forums