I can't get any windows updates and cannot find windows update service

[De3rcr]

I have not been able to get the last 2 windows updates and cannot find the windows update service running.  Also in the windows update settings there is "Your device is missing important security and quality fixes." and will not run check for updates.  I also reinstalled bitdefender and now when i start it always says thank you for installing and never really stays active. 

mbam.txt

FRST.txt

Addition.txt

AdwCleaner[S00].txt

[nasdaq]

Hello, Welcome to Malwarebytes.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

It looks like the Bitdefender download failed and the program is not installed correctly.
Download their uninstaller program and run it.
https://www.bitdefender.com/uninstall/

===

This fix will clean the empty items found in your registry.
I do not think that nothing will be changed as far as the Windows Updates are concerned with this fix.

Please download the attached Fixlist.txt file to  the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the FRST.txt log you have submitted.

Run FRST and click Fix only once and wait.

The tool will create a log (Fixlog.txt) please post it to your reply.
===

Download   Farbar's Service Scanner utility
http://www.bleepingcomputer.com/download/farbar-service-scanner/dl/62/
and Save to your Desktop.
If using Windows 7 or above, Right-Click on fss.exe and select Run As Administrator.
If using XP, double-click to start.
Answer Yes to ok when prompted.
If your firewall then puts out a prompt, again, allow it to run.
Once FSS is on-screen, be sure the following items are checkmarked:
Internet Services
Windows Firewall
System Restore
Security Center/Action Center
Windows Update
Windows Defender
Other Services
  
Click on "Scan".
It will create a log (FSS.txt) in the same directory the tool is run.
Copy & Paste contents of FSS.txt into your reply.
===

Please post the logs for my review.

fixlist.txt

[De3rcr]

Ok, I unistalled bitdefender and here are the two logs

Fix result of Farbar Recovery Scan Tool (x64) Version: 24.10.2018
Ran by Ken (02-11-2018 10:39:48) Run:1
Running from C:\Users\Ken\Desktop
Loaded Profiles: Ken (Available Profiles: Ken & DefaultAppPool)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CreateRestorePoint:
EmptyTemp:
CloseProcesses:

BHO: No Name -> {A30738C7-75B1-4901-8402-2502B3D975C8}' -> No File
BHO-x32: No Name -> {A30738C7-75B1-4901-8402-2502B3D975C8}' -> No File
FF Extension: (No Name) - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [not found]
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [No File]
2018-10-27 12:42 - 2018-10-27 12:42 - 000073728 _____ () C:\Users\Ken\AppData\Local\Temp\4E46.tmp.exe
2018-10-26 07:03 - 2018-10-26 07:03 - 000073728 _____ () C:\Users\Ken\AppData\Local\Temp\907F.tmp.exe

CustomCLSID: HKU\S-1-5-21-1970292746-2093942196-1292018288-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Ken\AppData\Local\Microsoft\OneDrive\17.3.6816.0313\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-1970292746-2093942196-1292018288-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Ken\AppData\Local\Microsoft\OneDrive\17.3.6816.0313\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-1970292746-2093942196-1292018288-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Ken\AppData\Local\Microsoft\OneDrive\17.3.6816.0313\amd64\FileSyncShell64.dll => No File
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} =>  -> No File
Task: {03AEBFCA-6724-4490-9BD6-2E71C5913F1B} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {2410C9C9-8902-46DB-B540-C920B6C55122} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {4E739E75-F021-495E-8D35-028F824ABF0A} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {6210D5AF-7B80-4B05-BCE4-3952F608C3D8} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {6B62A1E7-B714-4093-9794-B5E015AB71E4} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {82AA7542-FA45-4479-A4C8-3415BC285294} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {86246E69-98D2-457C-9E73-49A69619C958} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {8EB262C0-0981-4F3A-ADA8-4359EA051DC4} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {998EDFCF-25FF-495C-8B5B-B1C30BBAAE17} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {A648509B-3FAF-472D-88B3-F18DD75FABFD} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {B7DEB959-91D3-4064-94B9-EC1069A4C963} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {BC45A3BA-4A38-4740-964C-0A13061ADEF8} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {C72BD613-817F-45BD-8EB8-913D3AC3D224} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {C7DD50C9-94A7-4CB5-973D-0B04688FB3E4} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {EB8D75C7-7F3D-45DE-9F4E-608E46989F0F} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> No File <==== ATTENTION
AlternateDataStreams: C:\ProgramData\TEMP:268A5068 [268]
AlternateDataStreams: C:\ProgramData\TEMP:2CB9631F [110]
AlternateDataStreams: C:\ProgramData\TEMP:61B54B15 [107]
AlternateDataStreams: C:\ProgramData\TEMP:7687A3E3 [146]
AlternateDataStreams: C:\ProgramData\TEMP:CD387F1D [284]
AlternateDataStreams: C:\ProgramData\TEMP:D2DDC99D [252]
AlternateDataStreams: C:\ProgramData\TEMP:EC3A9923 [111]
AlternateDataStreams: C:\Users\Ken\Downloads\tdsskiller.exe:BDU [0]

Reboot:
End

*****************

Restore point was successfully created.
Processes closed successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A30738C7-75B1-4901-8402-2502B3D975C8}' => removed successfully
HKLM\Software\Classes\CLSID\{A30738C7-75B1-4901-8402-2502B3D975C8}' => not found
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A30738C7-75B1-4901-8402-2502B3D975C8}' => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{A30738C7-75B1-4901-8402-2502B3D975C8}' => not found
C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com => path removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf => removed successfully
C:\Users\Ken\AppData\Local\Temp\4E46.tmp.exe => moved successfully
C:\Users\Ken\AppData\Local\Temp\907F.tmp.exe => moved successfully
HKU\S-1-5-21-1970292746-2093942196-1292018288-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E} => removed successfully
HKU\S-1-5-21-1970292746-2093942196-1292018288-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C} => removed successfully
HKU\S-1-5-21-1970292746-2093942196-1292018288-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E} => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Classes\CLSID\{9AA2F32D-362A-42D9-9328-24A483E2CCC3} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
HKLM\Software\Classes\CLSID\{C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{9AA2F32D-362A-42D9-9328-24A483E2CCC3} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => not found
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\Gadgets => removed successfully
HKLM\Software\Classes\CLSID\{6B9228DA-9C15-419e-856C-19E768A13BDC} => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{03AEBFCA-6724-4490-9BD6-2E71C5913F1B}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{03AEBFCA-6724-4490-9BD6-2E71C5913F1B}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2410C9C9-8902-46DB-B540-C920B6C55122}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2410C9C9-8902-46DB-B540-C920B6C55122}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4E739E75-F021-495E-8D35-028F824ABF0A}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4E739E75-F021-495E-8D35-028F824ABF0A}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6210D5AF-7B80-4B05-BCE4-3952F608C3D8}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6210D5AF-7B80-4B05-BCE4-3952F608C3D8}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6B62A1E7-B714-4093-9794-B5E015AB71E4}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6B62A1E7-B714-4093-9794-B5E015AB71E4}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{82AA7542-FA45-4479-A4C8-3415BC285294}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{82AA7542-FA45-4479-A4C8-3415BC285294}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{86246E69-98D2-457C-9E73-49A69619C958}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{86246E69-98D2-457C-9E73-49A69619C958}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8EB262C0-0981-4F3A-ADA8-4359EA051DC4}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8EB262C0-0981-4F3A-ADA8-4359EA051DC4}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{998EDFCF-25FF-495C-8B5B-B1C30BBAAE17}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{998EDFCF-25FF-495C-8B5B-B1C30BBAAE17}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A648509B-3FAF-472D-88B3-F18DD75FABFD}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A648509B-3FAF-472D-88B3-F18DD75FABFD}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B7DEB959-91D3-4064-94B9-EC1069A4C963}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B7DEB959-91D3-4064-94B9-EC1069A4C963}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BC45A3BA-4A38-4740-964C-0A13061ADEF8}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BC45A3BA-4A38-4740-964C-0A13061ADEF8}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C72BD613-817F-45BD-8EB8-913D3AC3D224}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C72BD613-817F-45BD-8EB8-913D3AC3D224}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C7DD50C9-94A7-4CB5-973D-0B04688FB3E4}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C7DD50C9-94A7-4CB5-973D-0B04688FB3E4}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EB8D75C7-7F3D-45DE-9F4E-608E46989F0F}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EB8D75C7-7F3D-45DE-9F4E-608E46989F0F}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-Weekend" => removed successfully
C:\ProgramData\TEMP => ":268A5068" ADS removed successfully
C:\ProgramData\TEMP => ":2CB9631F" ADS removed successfully
C:\ProgramData\TEMP => ":61B54B15" ADS removed successfully
C:\ProgramData\TEMP => ":7687A3E3" ADS removed successfully
C:\ProgramData\TEMP => ":CD387F1D" ADS removed successfully
C:\ProgramData\TEMP => ":D2DDC99D" ADS removed successfully
C:\ProgramData\TEMP => ":EC3A9923" ADS removed successfully
C:\Users\Ken\Downloads\tdsskiller.exe => ":BDU" ADS removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 7888896 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 95267468 B
Java, Flash, Steam htmlcache => 552047 B
Windows/system/drivers => 32037607 B
Edge => 4287782 B
Chrome => 220872308 B
Firefox => 1108555897 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 16674 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 432 B
LocalService => 110354 B
LocalService => 0 B
NetworkService => 0 B
NetworkService => 0 B
Ken => 261245197 B
DefaultAppPool => 33058 B

RecycleBin => 0 B
EmptyTemp: => 1.6 GB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 10:52:24 ====

Service Scan

Farbar Service Scanner Version: 27-01-2016
Ran by Ken (administrator) on 02-11-2018 at 10:38:22
Running from "C:\Users\Ken\Desktop"
Microsoft Windows 10 Pro  (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.

Windows Firewall:
=============

Firewall Disabled Policy:
==================

System Restore:
============

System Restore Policy:
========================

Security Center:
============

Windows Update:
============
wuauserv Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.

Windows Autoupdate Disabled Policy:
============================

Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.

Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1

Other Services:
==============

File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed

**** End of log ****

[nasdaq]

Hi,

Repair these services.

Boot with Safe Mode with Networking. Execute the following.

Please Download Tweaking.com - Windows Repair from Here

• Install and then run the program
• Execute the instructions on Step 1 Important
• Click Next on Step 2 Optional, do the Pre Scan skip Step 3 and 4 Optional for now.
• On Step 5 Backup System Restore Do a Registry backup. When you have completed this click Next
• Click Repairs - Open Repairs in the bottom right corner
• Uncheck the All repair button then select just the item(s) listed below
• 
  

  01 - Repair Registry Permissions
  03 - Reset Service permissions
  04 - Register System Files
  05 - Repair WMI
  10 - Remove Policies Set By Infections
  16 - Repair Windows Updates
  20 - Repair MSI (Windows Installer)
  25 - Restore Important Windows Services
  26 - Set Windows Service to Default Startup

• Click the Start button and let the process run to completion. Copy any error messages into Notepad, Save it on your Desktop. ( Reboot if asked to do so)
• Please copy and paste the Contents of this file on your next reply.

===

Restart the computer normally.

How is the computer running now?

[De3rcr]

Hi Nasdaq,

I ran windows repair as instructed and there were some reparse points errors, I repaired them and continued with the repairs, all logs below.  After the reboot everything seems to be normal( repairs must have reset all of the default apps, got messages that they had been changed).  I checked to see if windows update service was there and running( it is).  I  had it check for updates and got this error

There were problems installing some updates, but we'll try again later. If you keep seeing this and want to search the web or contact support for information, this may help:

2018-10 Cumulative Update for Windows 10 Version 1803 for x64-based Systems (KB4462933) - Error 0x800706be

Gonna reboot and try again

 

 

_Windows_Repair_Log.txt

HKLM_Restore_Default_Permissions_Error_Log.txt

Repair_MSI_Windows_Installer.txt

Repair_Windows_Updates.txt

Repair_WMI.txt

Tweaking.com - Windows Repair 2018 - Pre-Scan.txt

Tweaking.com - Windows Repair 2018 - Repair Repair Reparse Points Log.txt

[De3rcr]

I rebooted and checked windows update

I have not installed this and have not reinstalled Bitdefender

[nasdaq]

Hi,

Let just install one update and see how it goes.

If successful try one or 2 more, if all is well continue.

p.s.

It's important to wait until the updates are all installed to used the computer.

Do not stop any yourself.

Let me know how it goes.

 

[De3rcr]

OK,   Tried to install KB4462933 by clicking  install now  and it failed after about 10% and gave this error

Retried second time got the same.  Then I downloaded the standalone install from Microsoft, rebooted and tried to install it and that failed also

 

[nasdaq]

Hi,

Try this. Follow the instructions on each step.

Locate the CMD.EXE and run it as an Administrator.

At the DOS prompt execute this command in bold.

net stop wuauserv

Renames the C:\Windows\SoftwareDistribution folder to C:\Windows\SoftwareDistribution.old , essentially clearing the Windows Update download cache so that it can start over.

Restart the Windows Update service net start wuauserv

Restart the computer normally.

Try the update now.

How is it?
<<<>>>

[De3rcr]

OK  I renamed the directory, stopped and started the service rebooted and got the same error as post 8

[nasdaq]

Hi,

Quote

Then I downloaded the standalone install from Microsoft, rebooted and tried to install it and that failed also

Please disable Bitdefender and try again to install the stand alone update file.

It that fails, continue.
===

Press the windows key Press the Windows key + r on your keyboard at the same time. This will open the RUN BOX.+ r on your keyboard at the same time. This will open the RUN BOX.
Type Notepad and and click the OK key.
Please copy the entire contents of the code box below to the a new file.
 

start
	CloseProcesses:
	cmd: sc qc wuauserv
cmd: sc queryexwuauserv
cmd: sc queryex bfe
cmd: sc qc bfe
End

Save the file as fixlist.txt in the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the Farbar log you have submitted.

Run FRST and click Fix only once and wait.

The tool will create a log (Fixlog.txt) please post it to your reply.
===

Edited November 6, 2018 by nasdaq

[De3rcr]

I have not reinstalled Bitdefender yet since I uninstalled it and both Malwarebytes and windows defender were(and still are) disabled when I tried the standalone.

Here is the fixlog

Fix result of Farbar Recovery Scan Tool (x64) Version: 24.10.2018
Ran by Ken (06-11-2018 19:29:55) Run:3
Running from C:\Users\Ken\Desktop
Loaded Profiles: Ken (Available Profiles: Ken & DefaultAppPool)
Boot Mode: Normal
==============================================

fixlist content:
*****************
start
    CloseProcesses:
    cmd: sc qc wuauserv
cmd: sc queryex wuauserv
cmd: sc queryex bfe
cmd: sc qc bfe
End
*****************

Processes closed successfully.

========= sc qc wuauserv =========

[SC] QueryServiceConfig SUCCESS

SERVICE_NAME: wuauserv
        TYPE               : 20  WIN32_SHARE_PROCESS
        START_TYPE         : 3   DEMAND_START
        ERROR_CONTROL      : 1   NORMAL
        BINARY_PATH_NAME   : C:\WINDOWS\system32\svchost.exe -k netsvcs -p
        LOAD_ORDER_GROUP   :
        TAG                : 0
        DISPLAY_NAME       : Windows Update
        DEPENDENCIES       : rpcss
        SERVICE_START_NAME : LocalSystem

========= End of CMD: =========

========= sc queryex wuauserv =========

SERVICE_NAME: wuauserv
        TYPE               : 20  WIN32_SHARE_PROCESS  
        STATE              : 4  RUNNING
                                (STOPPABLE, NOT_PAUSABLE, ACCEPTS_SHUTDOWN)
        WIN32_EXIT_CODE    : 0  (0x0)
        SERVICE_EXIT_CODE  : 0  (0x0)
        CHECKPOINT         : 0x0
        WAIT_HINT          : 0x0
        PID                : 2604
        FLAGS              :

========= End of CMD: =========

========= sc queryex bfe =========

SERVICE_NAME: bfe
        TYPE               : 20  WIN32_SHARE_PROCESS  
        STATE              : 4  RUNNING
                                (STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
        WIN32_EXIT_CODE    : 0  (0x0)
        SERVICE_EXIT_CODE  : 0  (0x0)
        CHECKPOINT         : 0x0
        WAIT_HINT          : 0x0
        PID                : 1436
        FLAGS              :

========= End of CMD: =========

========= sc qc bfe =========

[SC] QueryServiceConfig SUCCESS

SERVICE_NAME: bfe
        TYPE               : 20  WIN32_SHARE_PROCESS
        START_TYPE         : 2   AUTO_START
        ERROR_CONTROL      : 1   NORMAL
        BINARY_PATH_NAME   : C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
        LOAD_ORDER_GROUP   : NetworkProvider
        TAG                : 0
        DISPLAY_NAME       : Base Filtering Engine
        DEPENDENCIES       : RpcSs
        SERVICE_START_NAME : NT AUTHORITY\LocalService

========= End of CMD: =========

 

The system needed a reboot.

==== End of Fixlog 19:29:56 ====

[De3rcr]

I did try the standalone again and it failed after about 5 minutes

[nasdaq]

Hi,

SERVICE_NAME: wuauserv

        TYPE               : 20  WIN32_SHARE_PROCESS
        START_TYPE         : 3   DEMAND_START
        ERROR_CONTROL      : 1   NORMAL
        BINARY_PATH_NAME   : C:\WINDOWS\system32\svchost.exe -k netsvcs -p
        LOAD_ORDER_GROUP   :
        TAG                : 0
        DISPLAY_NAME       : Windows Update
        DEPENDENCIES       : rpcss
        SERVICE_START_NAME : LocalSystem

This service is running normally.
It's exactly as mine.

I can only suggest you check with Microsoft Support. As this is not caused by malware.
https://support.microsoft.com/

Or you can check with this Windows 10 support at BleepingComputer.
https://www.bleepingcomputer.com/forums/f/229/windows-10-support/

Good luck.

[De3rcr]

Alright I'll check with bleepingcomputer, but there was malware right?

Thank you for your help, i'll reinstall Bitdefender

[nasdaq]

Yes but as far as I'm concerned it's gone.

I suspect that the problem was caused by a recent Windows Update.

 

[AdvancedSetup]

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread.

Thanks