Author: Bob Lin

Situation: The client has SEP in his Windows 10 machine. He keep receive this essage:

[APPLICATION] has changed since the last time you used it

Troubleshooting: upgrade SEP latest version may fix the problem.

or Work around:

1. Open SEP client GUI
2. Choose [Change Settings] 
3. Click [Configure Settings] for Network and Host Exploit Mitigation.
4. In [Firewall] tab, enable [Enable network application monitoring] once then push OK.
5. Click [Configure Settings] for Network and Host Exploit Mitigation again.
6. disable [Enable network application monitoring] then push OK.
7. Close SEP client GUI.

Situation: The client has two WiFi networks in his home. Randomly, he has a problem to print.

Cause: The two WiFi routers make two different networks. When the computers and printers are in the different network, he can’t print.

Resolution:

The resolution is keep only one wifi network and we may have these options.

1. Get rid of D-link router and use ARRIS only
2. Get rid of ARRIS and use D-link only.
3. Combine ARRIS and D-link into one WiFi.
4. Or setup the WiFi using different passwords so that printer always connects to one wifi.

Situation: the cline has Windows 10 computer with SEP. He can’t access the network shared drives. If he uninstalls the SEP, he can access those network drives.

Cause: The SEP firewall may block network traffic that the network application requires to function properly

Resolution: 1. re-configure SEP firewall.

2. Disable the SEP firewall.

3. Create allow rule on SEP.

Situation: After the user setup a new computer. When opening a word merge document, he may see this screen popup. After he clicks Yes and merge a word document, the merge doesn’t work.

Troubleshooting: Copy Winword folder from old PC.

Situation: The client is running WSUS on their Windows 2012 R2. Many computers have failure with this message: Unable to Find Resource

Troubleshooting: 1. Try add MIME Type:

•Check that the KB3159706 for decryption of ESD content is installed

•Checked that the prerequisites for KB3095113 are all installed

•Checked that the KB3095113 for WSUS support for Windows 10 feature upgrades.

•Set the MIME type on the IIS Server for the .esd file and .msu file types(which the above update should have sorted).

•Removed the Windows Update cache from the machines, stopped the BITS/Windows Update services and restarted.

•Restarted IIS Website

•Rebooted WSUS server

•Checked Windows Firewall status (disabled on Server)

•Asked the Windows 10 machine to get updates from Windows Updates rather than WSUS (this appeared to download and install OK) so this makes me think it’s an issue with our WSUS server.

•Installed the Windows 10 ADMX templates and set the “Download Mode” in GPO to both “Bypass” and “HTTP only”.

•Set WSUS to download express installation files

2. If the 1703 upgrade is synced into WSUS before KB3159706 was installed, then after performing the necessary update of KB3159706 and its post-installing servicing (link), we still need to follow the instructions here:https://social.technet.microsoft.com/Forums/en-US/b1165b9d-bad3-4ce3-9fc1-0fe3876df5c6/0xc1800118-with-1506301703171834rs2esd-after-kb3159706-manual-steps-the-decryptionkey-in?forum=winserverwsus.

There are basically 4 steps to be performed:

1 – Remove packages synced before KB3159706 is installed. Via WSUS server’s powershell:Get-WsusClassification | Where-Object -FilterScript {$_.Classification.Title -Eq “Upgrades”} | Set-WsusClassification -Disable$s = Get-WsusServer$1703Updates = $s.SearchUpdates(“version 1703”)$1703Updates | foreach { $_.Decline() }$1703Updates | foreach { $s.DeleteUpdate($_.Id.UpdateId) }Get-WsusClassification | Where-Object -FilterScript {$_.Classification.Title -Eq “Upgrades”} | Set-WsusClassification.

2 – Delete from WSUS databse the bad contents about upgrade 1703, run from database. Mind: remove the trailing semi-colon from the SQL script in the post. They might result in the error of “table variable not declared”declare @NotNeededFiles table (FileDigest binary(20) UNIQUE)insert into @NotNeededFiles(FileDigest) (select FileDigest from tbFile where FileName like ‘%15063%.esd’ except select FileDigest from tbFileForRevision)delete from tbFileOnServer where FileDigest in (select FileDigest from @NotNeededFiles)delete from tbFile where FileDigest in (select FileDigest from @NotNeededFiles)`

3 – Restart syncing by WSUS GUI or powershell command, on WSUS server.$s = Get-WsusServer$sub = $s.GetSubscription()$sub.StartSynchronization().

4 – Repair client computers that has the error, on client computer: Control Panel->Troubleshooting->Windows Update->Try troubleshooting as an administratorDuring all these activities, no reboot is required. Then, retry and good-luck!

•Build a different Windows Server 2012 R2 machine, updated Windows Update GPO policy and got machines checking in, but download of this one update does still not happen.

3. Modify Group Policy

It sounds like you need to change Group Policy settings; that’s usually how clients are pointed at the WSUS server in the first place, instead of Microsoft for updates.Edit GP and look in Comp Config -> Admin Temp -> Win Comp -> Win Update. Start by making sure Specify Intranet… is disabled. Disabled == clients will look to MS for updates.If GP isn’t specifying an intranet updates server, then perhaps someone manually configured the clients’ reg keys. Check a client’s HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\WindowsUpdate to confirm.

4. Add .esd

1. In Products/Classifications, make sure to check off the Upgrades box or Windows 10 will not be available to deploy. 2. You also will need to add a MIME type for *.esd as application/octet-stream at the top level in IIS. To do this: Open IIS Manager > Select the server name > From the “IIS” section in the centre of IIS Manager, open “MIME Types” > Click “Add…” > File Mame Extention: = .esd MIME type: application/octet-stream

Q: What’s different Windows black screen and blue screen?

A: In most cases, Windows blue screen is hardware, drivers and system files issues. The resolutions could be 1) unplug the hardware; 2) upgrade the drivers; 3) Restore system files.

Windows black screen could be registry issue, for example the registry files or setting has been damaged and modified. please refer to this article to troubleshoot it.

Windows OS goes to black screen after Windows update

Situation: After a Windows update, the client’s Outlook doesn’t work with trying to connect shown right blow corner.

Fix: Disable the Symantec Endpoint Protection and then re-enable it.

Situation: After a new windows update, I can’t access any websites. However, I can ping them such as google.com and yahoo.com. I just can’t access them with page can’t be displayed message.

Troubleshooting: 1. If you have any anti virus or security software, disable it for a test.

2. Reinstall Drivers.

3. ipconfig /release /renew.

4. Change the DNS server, for example use 8.8.8.8.

5. Flush DNS by running these commands: ipconfig /flushdns and ipconfig /registerdns.

6. Run netsh winsock reset command.

7. Make sure no proxies set -> all default obtain automatically.

8. Make sure it is multihomed computer or the computer with multiple Network connections..

Symptom: The client has a windows 7 PC. Windows OS goes to black screen after Windows update. It boots, but it goes to black screen after Windows popup.

Troubleshooting: 1. Safe mode and last known good configuration don’t fix the problem. Refer to this psot:

How to boot into Windows 10 Safe Mode in black screen

2. Run Windows repair locally, but can’t access because incorrect password.

3. Run Windows bootable DVD and run repair. But it doesn’t fix the problem.

4. Run Windows repair and select System restore. Select early system point, but that doesn’t fix the problem.

5. Run Windows repair and select command. The restore backup registry files. That fixes the problem. The step by step procedure can be find here:

How to recover a Windows system that does not start because of corruption in the registry

Note: 1. The registry backup files have been remove from \windows\repair in Windows XP to \windows\system32\config\regback in Windows 7 and 10.

2. OS may install on differnet drive instead of C drive.

Situation: The client has booting issue on his laptop running windows 10. It shows a BSOD with a “CRITICAL_SERVICE_FAILED” error, then restarts, goes back to the BSOD with the same error 3 seconds later, resets, and so on.

Troubleshooting: 1. This error is usually caused by a missing or corrupted device driver, or incompatibility issues with a newly installed hardware or driver. So as an initial recommendation, I would suggest you to disconnect any peripheral devices except for the mouse and keyboard and check if it helps.

2. Automatic Repair is a Windows recovery tool that can fix certain system problems that might prevent Windows from starting. Automatic Repair scans your computer for the problem and then tries to fix it so your computer can start correctly. Run Automatic repair and check the issue status.