Windows 10 System Problems

Today, multiple Windows 10 Pro 1709 computers were hit with a strange set of problems:
At first, it was noticed because some apps wouldn't work right and printing was a problem as well.
But, now it seems that there are some common issues:

From the WIndows 10 Desktop Start Button:
- Task manager will open
- Search won't open
- Settings won't open
- File Explorer won't open
- Search won't open
- RUN will open

Task Bar
- Right click on icons does nothing.
- Task Bar Left click on icons opens app

Windows Credentials can only be opened via the command line
Desktop Personalize won't open.
Cortana icon is nonresponsive.
Control Panel can be opened from a control panel icon but not from a command line.  If there's no icon set up then it won't run.
Some applications won't run.
CMD and PowerShell will run.
Control Panel can be opened from a control panel icon but not from a command line.  If there's no icon set up then it won't run.
Some applications won't run and often this is the result:Starting control panel from PS / CMDIt doesn't seem to matter which User profile is being used - the situation seems constant.

We use Windows Defender and Malwarebytes.  
I've added scans with HitManPro.
There's no indication of parasites.

I rather suspect recent Windows Updates but, without Settings, it's hard to check.  I can run PS>Get-WindowsUpdateLog and see a cryptic list.  The damaged computers had 5 or 6 updates today but so did some that aren't damaged.  
We have turned off Windows Updates for now.

We are using GFI Languard and it's supposed to be set to NOT mitigate anything.  But, I've seen messages on workstations that say it's done something.  We're in the early stages of implementing it and have run scans with automatic mitigation turned off (supposedly).

I need ideas.  Ideas for prevention.  Ideas for fixing the damaged computers.
LVL 27
Fred MarshallPrincipalAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

JohnBusiness Consultant (Owner)Commented:
We use Windows Defender and Malwarebytes.     <-- You should not have both running at the same time.

I rather suspect recent Windows Updates  <-- Nope. I hear this all time here, but on a good computer, updates are fine.

We are using GFI Languard and it's supposed to be set to NOT mitigate anything.  <-- Can you uninstall this completely and test?

 need ideas.  Ideas for prevention.  <-- Windows Defender on V1709 is fine.

Take one problem machine, uninstall GFI, Malwarebytes, and any legacy software.

Now:   Go to the Media Creation Link

Windows 10 is running, so click on the Download button (not Upgrade Button, select Open (Run) but NOT Save. Allow the program to run. Allow drivers to update. Then select Keep Everything.  Keep Everything is non-destructive.

Restart after all this. Does the machine now run properly?
Fred MarshallPrincipalAuthor Commented:
John Hurst:  Great idea!  Thanks.  
Unfortunately, the first computer I tried it on ended up saying some thing short like "Windows Installation failed".
I'll try it on another of the damaged ones.
is there enought free disk space?  are all the pc's same model - and if yes - what model?
Acronis True Image 2019 just released!

Create a reliable backup. Make sure you always have dependable copies of your data so you can restore your entire system or individual files.

Fred MarshallPrincipalAuthor Commented:
Nobus:  Mixed computer models.  Disk space is very much not the problem.

I now find that the problem has disappeared from some of the computers that were at issue this morning.
I don't know whether to laugh or cry!

I'm looking at another right now and some things seem to be working but Settings still doesn't open on this one from the start menu.
But, the PowerShell / cmd / control panel does work.
RaminTechnical AdvisorCommented:
It can also be a Permission issue.
i have often seen crippled pc's after updating
a couple of reboots fixed these in most cases
JohnBusiness Consultant (Owner)Commented:
Unfortunately, the first computer I tried it on ended up saying some thing short like "Windows Installation failed"

I also have seen a few reboots fix this issue - 1 in 3 times. The other thing that could have gone wrong is Drivers way behind.

From the Media Creation Link, make a USB Key for another machine. Take the problem machine above (I assume you have a backup) and do a fresh install of Windows 10. This will update drivers and install Windows. Then restore applications and data.

Does this work?

I have not seen multiple machines go south all at once like this. Consider:

1. Virus outbreak.
2. Very old drivers.
3. Legacy / incompatible software.
Fred MarshallPrincipalAuthor Commented:
John Hurst:  Thank you.
- As I mentioned, I've already addressed virus outbreak.  I've just not found a smoking gun. It's certainly not like the 100's or 1,000's of computers I've cleaned up.  
- Very old drivers are a possibility if Windows update doesn't deal with those things.
- Legacy software is on ALL the problem computers - and it's not going away.  Thanks for focusing me on that aspect.
JohnBusiness Consultant (Owner)Commented:
Windows 10 can be difficult in that it moves (every 6 months) and old stuff does not. I have had to ditch some software because vendors are not keeping up.

Please keep us posted as you go.
Fred MarshallPrincipalAuthor Commented:
Ramin:  Yes it could be a permission issue.  But how, why and what to do about it?  Any ideas regarding detection?  That would be great!

Nobus and John Hurst:  Well, it certainly looked like the process was all done.  What happens after a reboot?  Is there an announcement thereafter?  How might one confirm that it happened successfully?
JohnBusiness Consultant (Owner)Commented:
I have not seen a permission issue on Windows 10 that causes this. You / they did not turn UAC OFF I hope or try to use the Administrator user name.
Fred MarshallPrincipalAuthor Commented:
John Hurst:  I didn't turn UAC OFF nor try to use the system Administrator as a User.  The User was sometimes an Administrator User and sometimes not in doing the examination.
could be the antivirus needs disabling temporarily also
RaminTechnical AdvisorCommented:
Create a new account and check if it acts the same behavior.
JohnBusiness Consultant (Owner)Commented:
Please look at the first post here. A new user account was already tried
Fred MarshallPrincipalAuthor Commented:
OK.  We've created a working hypothesis.  Here are some details:
One of the machines that was damaged on 1/4 installed KB4056892.
That same day, the system stopped working.
This system uses an important legacy application.
I now have that system back up and running OK - but without instantiating the legacy software.

So now I'm going to try running it:
Sure enough, the system is now "damaged" again.

If I look in Control Panel, using the desktop icon to open it, and look in Programs and Features and on to View Installed Updates, it shows that there are no updates installed.
However, before it was damaged, looking at Settings, Security and Updates, it showed a history of updates that included KB4056892.
I would very much like to uninstall KB4056892 but I don't seem to be able to open the necessary interfaces to make that happen.  I can't open Settings now.  Any suggestions for *that*?

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
JohnBusiness Consultant (Owner)Commented:
This system uses an important legacy application.  ..  I now have that system back up and running OK - but without instantiating the legacy software.  

That is important and relevant because Windows 10 is changing faster than vendors can keep up. Can you tell us what legacy software?

I suggest you contact Microsoft Support for a link to an earlier branch of Windows 10 (V1607 say) - a link to a version that will not require updates.
Fred MarshallPrincipalAuthor Commented:
We aren't out of the woods yet on this one but have made fairly good progress:
- We uninstalled the legacy software.  In some cases, this "fixed" the broken system functions.
- We installed Windows 10 Pro "live" from the MS website per John Hurst's suggestion.
- We reinstalled the legacy software.  If we run it, the computer becomes damaged again as well as the app not working.

I'm not clear on what the "live" install really does as it seems to not fix all problems on all computers - that "seem" to be OS related.

I'll post another question regarding managing updates.

Thanks all!!
JohnBusiness Consultant (Owner)Commented:
The software vendor needs to fix their product, or you need to backpedal on the version of Windows 10 used. Microsoft will support you using a LTS version that will only do security updates.
dbruntonQuid, Me Anxius Sum?  Illegitimi non carborundum.Commented:
What processors are on the affected machines?  There are problems with some AMD processors with the latest update.

KB4056892 appears to be the patch for the Meltdown and the Spectre problems and is the one causing problems with some of the AMD processors.
Fred MarshallPrincipalAuthor Commented:
dbrunton:  That's correct.  I just got word.
Microsoft just announced that this is an issue that will be resolved in February.
"On Monday, Microsoft confirmed to Information Security Media Group that it was investigating the reports, which had been documented in long discussion threads on Microsoft's support forum starting on Thursday, that its KB4056892 security update for Windows, designed in part to mitigate the Meltdown and Spectre vulnerabilities, was leaving some systems unbootable.

Funny, that's the exactly the update that I targeted in the last few days - out of a list of 9 or 10 that have been identified as problematic.  In our case, it's affecting systems with Intel chips as well.

An old colleague often would say:
"Want it bad, get it bad".
I am now loathe to suggest that legacy software is the only culprit - while in our case it is a contributor.
Andrew LeniartFreelance Journalist & IT ConsultantCommented:
We use Windows Defender and Malwarebytes.     <-- You should not have both running at the same time.

Sorry, Fred, I know this comment doesn't address your current issue, but I felt I'd be remiss if I did not comment on the above statement by John Hurst.

Whilst I have a lot of respect for John's technical abilities, the above recommendation he made, in my opinion, is simply incorrect.

I look after an Accounting firm running 7 x Windows 10 workstations with Windows Defender and Malwarebytes Premium, both actively defending their systems with zero issues and that's been the case for well over 12 months now.  

I myself also run Malwarebytes Premium alongside Avast Internet Security on a couple of Windows 7 Pro machines and Windows Defender with Malwarebytes Premium on 2 x Windows 10 machines and I've never had an issue either.

It is absolutely fine to run both of those security products together as you've already been doing and I encourage you to keep doing so.

Malwarebytes is designed to be able to run alongside other security products.  I've even published an article about it here.

My apologies for the slightly off topic comment.
Fred MarshallPrincipalAuthor Commented:
Now that a week has gone by, our approach is fundamentally this:

1) Disable the Windows Update service until further notice.  Things are just too dynamic right now.  KB4056892 remains "coming right at ya".  And, we have no idea what may come next!!

2) Perhaps "belt and suspenders" but we will also "hide" KB4056892 using wuShowHide.  The problem with wuShowHide as I understand it, it won't list updated UNTIL they are "coming right at ya".  Because updates can happen at any time, this is only a reactive approach then.  It's redundant with disabling Windows Update service but an added precaution as we learn what's bad for us.  But, yes, it could be deemed "unnecessary" given the *intended* state of the machines.  

3) We may institute a "lab computer" for update testing.  But what's the best way to prevent updates from happening in the mean time.  Windows Update service disabled is the only way I know of.  THEN, how to install the "tested OK" updates?  I must say that this is NOT a great solution for a small organization.

4) Other approaches like LTSB are intriguing but aren't going to happen over night.  For one thing, MS will likely deem the affected computers as "general purpose" so we'd have a chore on our hands it appears.  Right now we're too busy digging out of this hole.

This is a serious real-time operational problem that is taxing our IT resources to the limit.
At first our ASP denied the problem was widespread (it's their legacy software on our workstations that makes the problem worse - leading to clean reinstalls of Windows).  But, we can't rule out that damage will occur minus their software as others have seen.
Now our ASP has acknowledged the "AMD chip" problem with the update but we have the trouble on Intel-based machines.  So that issue has NOT been acknowledged.
I can imagine this scenario:
The ASP software is indeed legacy software.  Let's assume that it doesn't meet "current" standards/requirements.  Let's assume that it would take years to fix/replace.  So, they may well avoid the reality.
At that, "what is the reality?".  Microsoft says they will have something out in February.  I have read that these updates have been ceased.  But they seem to still be "coming right at ya".  :-(
The reality may be that Microsoft will fix this situation in due course.  So, it's reasonable to hope for that and use interim approaches in the meantime - while planning for longer-term approaches should the hope not bear fruit.
Fred MarshallPrincipalAuthor Commented:
dbrunton:  Mostly INTEL cpu's.
Fred MarshallPrincipalAuthor Commented:
Thanks all.  It *was* KB4056892 combined with legacy software.  One terrible mess.  Many computers damaged and had to have complete new software installs from scratch.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows 10

From novice to tech pro — start learning today.