Windows Update not working again

[cars11]

I don't know how to reopen this ticket?

#2118

Windows Update is failing for me. Just ran an install of MicroWin and can't update now.

[Nigel1992]

Did you try resetting Updates to default ?
WinUtil> Updates> Default Settings.

If that didn't work, try running this script to fix Windows Update.

<#
.SYNOPSIS
    Fixes Windows Update after MicroWin image installation
.DESCRIPTION
    Restores critical Windows Update services and components that may have been
    affected during MicroWin image creation, particularly when services were
    set to manual start.
#>

function Write-Log {
    param([string]$Message)
    Write-Host "[$(Get-Date -Format 'yyyy-MM-dd HH:mm:ss')] $Message"
}

# Check for admin privileges
if (!([Security.Principal.WindowsPrincipal][Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole]::Administrator)) {
    Write-Host "Please run this script as Administrator" -ForegroundColor Red
    exit 1
}

Write-Log "Starting Windows Update service repair..."

# Critical services that need to be running for Windows Update
$criticalServices = @(
    'wuauserv',          # Windows Update
    'bits',              # Background Intelligent Transfer
    'cryptsvc',          # Cryptographic Services
    'trustedinstaller',  # Windows Modules Installer
    'appidsvc',          # Application Identity
    'gpsvc',            # Group Policy Client
    'DcomLaunch',       # DCOM Server Process Launcher
    'RpcSs',            # Remote Procedure Call
    'LanmanServer',     # Server
    'LanmanWorkstation', # Workstation
    'EventLog',         # Windows Event Log
    'mpssvc',           # Windows Defender Firewall
    'WinDefend'         # Windows Defender Service
)

try {
    # Reset services to their default startup type
    Write-Log "Resetting service startup types..."
    foreach ($service in $criticalServices) {
        Write-Log "Processing service: $service"
        try {
            # Set service to Automatic start
            Set-Service -Name $service -StartupType Automatic -ErrorAction Stop
            Start-Service -Name $service -ErrorAction Stop
            Write-Log "Successfully configured $service"
        }
        catch {
            Write-Log "Warning: Could not configure $service - $($_.Exception.Message)"
        }
    }

    # Fix registry entries that MicroWin might have modified
    Write-Log "Fixing registry entries..."
    $registryPaths = @(
        "HKLM:\SYSTEM\CurrentControlSet\Services",
        "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate",
        "HKLM:\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate"
    )

    foreach ($path in $registryPaths) {
        if (Test-Path $path) {
            Write-Log "Processing registry path: $path"
            if ($path -like "*CurrentControlSet\Services") {
                # Reset Windows Update service specific registry values
                Set-ItemProperty -Path "$path\wuauserv" -Name "Start" -Value 2 -Type DWord -ErrorAction SilentlyContinue
                Set-ItemProperty -Path "$path\bits" -Name "Start" -Value 2 -Type DWord -ErrorAction SilentlyContinue
                Set-ItemProperty -Path "$path\TrustedInstaller" -Name "Start" -Value 3 -Type DWord -ErrorAction SilentlyContinue
            }
        }
    }

    # Reset Windows Update components
    Write-Log "Resetting Windows Update components..."
    $commands = @(
        "net stop wuauserv",
        "net stop cryptSvc",
        "net stop bits",
        "net stop msiserver",
        "ren C:\Windows\SoftwareDistribution SoftwareDistribution.old",
        "ren C:\Windows\System32\catroot2 catroot2.old",
        "net start wuauserv",
        "net start cryptSvc",
        "net start bits",
        "net start msiserver"
    )

    foreach ($cmd in $commands) {
        Write-Log "Executing: $cmd"
        Start-Process "cmd.exe" -ArgumentList "/c $cmd" -Wait -WindowStyle Hidden -ErrorAction SilentlyContinue
    }

    # Run DISM and SFC
    Write-Log "Running system file checks..."
    Start-Process "DISM.exe" -ArgumentList "/Online /Cleanup-Image /RestoreHealth" -Wait -NoNewWindow
    Start-Process "sfc.exe" -ArgumentList "/scannow" -Wait -NoNewWindow

    Write-Log "Repair completed successfully"
    Write-Host "`nRepair process completed. Please restart your computer for changes to take effect." -ForegroundColor Green
    
    $restart = Read-Host "Would you like to restart now? (y/n)"
    if ($restart -eq 'y') {
        Restart-Computer -Force
    }
}
catch {
    Write-Log "Error occurred: $($_.Exception.Message)"
    Write-Host "`nAn error occurred during the repair process. Please check the logs above." -ForegroundColor Red
}

[cars11]

Tried Winutil>Default Settings already to no avail (it did say "Warnings occurred for some attributes during this operation. It's okay to ignore the warning") and after peeking in the log file it seems to want to reset services that are not installed, i.e: Error 1060: The specified service does not exist as an installed service.
Error opening ntmssvc.

I also tried Winutil > Config > Reset Windows Update
but that does not seem to have any effect at all (no output in the console)

And sorry, not technically competent enough to know how/where to run that script you provided. Can you assist?
It doesn't look like a windows batch file?

[edamamet]

It doesn't look like a windows batch file?

It looks like a PowerShell script (the same filetype as winutil)

Just name it with the .ps1 extension, then right click > Run with Powershell

[cars11]

Script hangs at "Executing: net stop cryptSvc" and doesn't continue

Also had a lot of erors before that such as "Group Policy Client (gpsvc)' cannot be configured due to the following error: Access is denied"

[edamamet]

You'll most likely need to run PowerShell as an admin.

Open PowerShell as admin and simply type the location of the script

./script.ps1

[cars11]

Yes, I did. I ran it as admin via a shortcut

[Nigel1992]

@cars11

Try this one?

<#
.SYNOPSIS
    Advanced Windows Update Repair Script (AIO)
.DESCRIPTION
    Comprehensive Windows Update repair script that fixes issues caused by 
    system modifications, MicroWin installations, and general Windows Update problems.
    Version: 1.0.0
    Author: Nigel1992
#>

function Write-Log {
    param(
        [string]$Message,
        [string]$Type = "INFO"  # INFO, ERROR, WARNING, SUCCESS
    )
    $timestamp = Get-Date -Format 'yyyy-MM-dd HH:mm:ss'
    switch ($Type) {
        "ERROR"   { $color = "Red" }
        "WARNING" { $color = "Yellow" }
        "SUCCESS" { $color = "Green" }
        default   { $color = "White" }
    }
    Write-Host "[$timestamp] $Type : $Message" -ForegroundColor $color
}

function Test-AdminPrivileges {
    $identity = [Security.Principal.WindowsIdentity]::GetCurrent()
    $principal = New-Object Security.Principal.WindowsPrincipal($identity)
    return $principal.IsInRole([Security.Principal.WindowsBuiltInRole]::Administrator)
}

function Stop-ServiceSafely {
    param([string]$ServiceName)
    
    try {
        $service = Get-Service -Name $ServiceName -ErrorAction Stop
        if ($service.Status -eq "Running") {
            Write-Log "Stopping service: $ServiceName" 
            Stop-Service -Name $ServiceName -Force -ErrorAction Stop
            Start-Sleep -Seconds 2
            Write-Log "Successfully stopped $ServiceName" "SUCCESS"
            return $true
        }
        return $true
    }
    catch [Microsoft.PowerShell.Commands.ServiceCommandException] {
        Write-Log "Service $ServiceName does not exist - skipping" "WARNING"
        return $true
    }
    catch {
        Write-Log "Could not stop $ServiceName : $($_.Exception.Message)" "ERROR"
        return $false
    }
}

function Start-ServiceSafely {
    param([string]$ServiceName)
    
    try {
        $service = Get-Service -Name $ServiceName -ErrorAction Stop
        if ($service.Status -ne "Running") {
            Write-Log "Starting service: $ServiceName"
            Set-Service -Name $service -StartupType Automatic -ErrorAction SilentlyContinue
            Start-Service -Name $ServiceName -ErrorAction Stop
            Start-Sleep -Seconds 2
            Write-Log "Successfully started $ServiceName" "SUCCESS"
        }
        return $true
    }
    catch [Microsoft.PowerShell.Commands.ServiceCommandException] {
        Write-Log "Service $ServiceName does not exist - skipping" "WARNING"
        return $true
    }
    catch {
        Write-Log "Could not start $ServiceName : $($_.Exception.Message)" "ERROR"
        return $false
    }
}

function Reset-WindowsUpdateComponents {
    Write-Log "Resetting Windows Update components..." "INFO"

    # Reset Windows Update folder permissions
    $paths = @(
        "$env:SystemRoot\SoftwareDistribution",
        "$env:SystemRoot\System32\catroot2"
    )

    foreach ($path in $paths) {
        if (Test-Path $path) {
            Write-Log "Resetting permissions for $path"
            takeown /f $path /r /d y | Out-Null
            icacls $path /grant:r Administrators:F /t | Out-Null
            if ($path -like "*SoftwareDistribution*") {
                Get-ChildItem -Path $path -Recurse | Remove-Item -Force -Recurse -ErrorAction SilentlyContinue
            }
            Write-Log "Reset permissions for $path" "SUCCESS"
        }
    }

    # Reset Windows Update registry keys
    Write-Log "Resetting Windows Update registry keys..."
    $regPaths = @(
        "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate",
        "HKLM:\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate",
        "HKLM:\SYSTEM\CurrentControlSet\Services\wuauserv"
    )

    foreach ($regPath in $regPaths) {
        if (Test-Path $regPath) {
            try {
                Set-ItemProperty -Path $regPath -Name "WUServer" -Value "" -ErrorAction SilentlyContinue
                Set-ItemProperty -Path $regPath -Name "WUStatusServer" -Value "" -ErrorAction SilentlyContinue
                Write-Log "Reset registry keys in $regPath" "SUCCESS"
            }
            catch {
                Write-Log "Could not reset registry keys in $regPath" "WARNING"
            }
        }
    }

    # Reset network components
    Write-Log "Resetting network components..."
    $commands = @(
        "netsh winsock reset",
        "netsh winhttp reset proxy",
        "bitsadmin.exe /reset /allusers"
    )

    foreach ($cmd in $commands) {
        try {
            $result = Invoke-Expression $cmd
            Write-Log "Successfully executed: $cmd" "SUCCESS"
        }
        catch {
            Write-Log "Failed to execute: $cmd" "ERROR"
        }
    }
}

# Check for admin privileges
if (-not (Test-AdminPrivileges)) {
    Write-Log "This script requires administrator privileges. Please run as administrator." "ERROR"
    exit 1
}

Write-Log "Starting comprehensive Windows Update repair process..."

# Critical services that need to be managed
$criticalServices = @(
    'wuauserv',          # Windows Update
    'bits',              # Background Intelligent Transfer
    'cryptsvc',          # Cryptographic Services
    'trustedinstaller',  # Windows Modules Installer
    'appidsvc',          # Application Identity
    'gpsvc',            # Group Policy Client
    'DcomLaunch',       # DCOM Server Process Launcher
    'RpcSs',            # Remote Procedure Call
    'LanmanServer',     # Server
    'LanmanWorkstation', # Workstation
    'EventLog',         # Windows Event Log
    'mpssvc',           # Windows Defender Firewall
    'WinDefend',        # Windows Defender Service
    'msiserver'         # Windows Installer
)

try {
    # Create restore point
    Write-Log "Creating system restore point..."
    Checkpoint-Computer -Description "Before Windows Update Repair" -RestorePointType "MODIFY_SETTINGS" -ErrorAction SilentlyContinue

    # Stop critical services first
    Write-Log "Stopping critical services..."
    foreach ($service in $criticalServices) {
        Stop-ServiceSafely -ServiceName $service
    }
    
    # Reset services to their default startup type
    Write-Log "Resetting service startup types..."
    foreach ($service in $criticalServices) {
        try {
            Set-Service -Name $service -StartupType Automatic -ErrorAction SilentlyContinue
            Write-Log "Set $service to Automatic startup" "SUCCESS"
        }
        catch {
            Write-Log "Could not set startup type for $service - $($_.Exception.Message)" "WARNING"
        }
    }

    # Reset Windows Update Components
    Reset-WindowsUpdateComponents

    # Rename Windows Update folders with error handling
    Write-Log "Renaming Windows Update folders..."
    $foldersToRename = @{
        "C:\Windows\SoftwareDistribution" = "C:\Windows\SoftwareDistribution.old"
        "C:\Windows\System32\catroot2" = "C:\Windows\System32\catroot2.old"
    }

    foreach ($folder in $foldersToRename.GetEnumerator()) {
        if (Test-Path $folder.Key) {
            try {
                # Remove old backup if it exists
                if (Test-Path $folder.Value) {
                    Remove-Item -Path $folder.Value -Recurse -Force
                }
                Rename-Item -Path $folder.Key -NewName ($folder.Value.Split('\')[-1]) -Force
                Write-Log "Successfully renamed $($folder.Key)" "SUCCESS"
            }
            catch {
                Write-Log "Could not rename $($folder.Key): $($_.Exception.Message)" "ERROR"
            }
        }
    }

    # Start services again
    Write-Log "Starting critical services..."
    foreach ($service in $criticalServices) {
        Start-ServiceSafely -ServiceName $service
    }

    # Run system file checks
    Write-Log "Running system file checks (this may take a while)..."
    
    $dismResult = Start-Process "DISM.exe" -ArgumentList "/Online /Cleanup-Image /RestoreHealth" -Wait -NoNewWindow -PassThru
    if ($dismResult.ExitCode -eq 0) {
        Write-Log "DISM repair completed successfully" "SUCCESS"
    } else {
        Write-Log "DISM repair completed with errors" "WARNING"
    }

    $sfcResult = Start-Process "sfc.exe" -ArgumentList "/scannow" -Wait -NoNewWindow -PassThru
    if ($sfcResult.ExitCode -eq 0) {
        Write-Log "SFC scan completed successfully" "SUCCESS"
    } else {
        Write-Log "SFC scan completed with errors" "WARNING"
    }

    # Force Windows Update detection
    Write-Log "Forcing Windows Update detection..."
    wuauclt /resetauthorization /detectnow

    Write-Log "Repair process completed" "SUCCESS"
    Write-Host "`nA system restart is required for changes to take effect." -ForegroundColor Yellow
    
    $restart = Read-Host "Would you like to restart now? (y/n)"
    if ($restart -eq 'y') {
        Restart-Computer -Force
    }
}
catch {
    Write-Log "Critical error occurred: $($_.Exception.Message)" "ERROR"
    Write-Host "`nThe repair process encountered errors. Please check the logs above." -ForegroundColor Red
}

[cars11]

Now it is running (I wonder if there is a difference to running it from a shortcut vs in powershell directly?)
Errors were: 5 services that are not installed (gpsvc, dcomlaunch, rpcss, mpssc, windefend).
I now get a new error in Windows update: Download error - 0x80248007. I tried clicking download anyway a few min later and then it worked, but still failed with the install error 0x800f081f

[cars11]

I'm starting to think it might not be related to MicroWin but some sort of error related to my specific system. As one Windows Update did manage to get through, it's only one that does not install (KB5051987). I decided to check in the Update history and noticed that there was a successful installation of another update.
I thought my latest win11 iso had all the updates and this was the first and immediately problematic.
But I am not sure

[FatBastard0]

I dont think so because its not working for me

[Nigel1992]

@cars11

After analyzing the issue thread and the code, here's a comprehensive solution for the Windows Update issues:

Current Situation

1. Windows Update initially failed after MicroWin installation
2. Some updates are working, but KB5051987 specifically fails with error 0x800f081f
3. Previous script execution showed missing services (gpsvc, dcomlaunch, rpcss, mpssc, windefend)
4. Running the script through PowerShell directly worked better than through a shortcut

Root Cause Analysis

The error 0x800f081f typically indicates:

• Component Store corruption
• Incomplete or interrupted previous updates
• System file integrity issues
• Service configuration problems

The fact that some updates work while KB5051987 fails suggests this isn't a complete Windows Update system failure, but rather a specific compatibility or component issue.

Solution

Here's a refined approach that takes into account the MicroWin environment and specifically targets KB5051987:

1. First, save this script as fix_kb5051987.ps1:

<#
.SYNOPSIS
    Targeted Fix for KB5051987 Installation Issues
.DESCRIPTION
    Specifically addresses error 0x800f081f while preserving MicroWin optimizations
    Author: Nigel1992
#>

function Write-Log {
    param(
        [string]$Message,
        [string]$Type = "INFO"
    )
    $timestamp = Get-Date -Format 'yyyy-MM-dd HH:mm:ss'
    $color = switch ($Type) {
        "ERROR"   { "Red" }
        "WARNING" { "Yellow" }
        "SUCCESS" { "Green" }
        default   { "White" }
    }
    Write-Host "[$timestamp] $Type : $Message" -ForegroundColor $color
}

# Only check for essential services that we know exist in MicroWin
$essentialServices = @(
    'wuauserv',    # Windows Update
    'bits',        # Background Intelligence
    'cryptsvc'     # Cryptographic Services
)

try {
    Write-Log "Starting targeted Windows Update repair for KB5051987..."

    # 1. Clear pending updates that might be stuck
    Write-Log "Clearing pending updates..."
    if (Test-Path "$env:SystemRoot\SoftwareDistribution\Download") {
        Remove-Item "$env:SystemRoot\SoftwareDistribution\Download\*" -Recurse -Force -ErrorAction SilentlyContinue
    }

    # 2. Reset only essential services
    foreach ($service in $essentialServices) {
        Write-Log "Processing $service..."
        try {
            Stop-Service -Name $service -Force -ErrorAction SilentlyContinue
            Set-Service -Name $service -StartupType Automatic -ErrorAction SilentlyContinue
            Start-Service -Name $service -ErrorAction SilentlyContinue
            Write-Log "Successfully reset $service" "SUCCESS"
        }
        catch {
            Write-Log "Warning: Issue with $service - continuing anyway" "WARNING"
        }
    }

    # 3. Clear CBS log which can sometimes cause issues
    if (Test-Path "$env:SystemRoot\Logs\CBS\CBS.log") {
        Remove-Item "$env:SystemRoot\Logs\CBS\CBS.log" -Force -ErrorAction SilentlyContinue
    }

    # 4. Run DISM with progress reporting
    Write-Log "Running DISM repair (this might take a while)..."
    $dismProcess = Start-Process -FilePath "DISM.exe" -ArgumentList "/Online /Cleanup-Image /RestoreHealth" -NoNewWindow -PassThru -Wait
    if ($dismProcess.ExitCode -eq 0) {
        Write-Log "DISM repair completed successfully" "SUCCESS"
    }

    # 5. Reset Windows Update components
    Write-Log "Resetting Windows Update components..."
    $commands = @(
        "wuauclt /resetauthorization /detectnow",
        "UsoClient.exe RefreshSettings"
    )
    foreach ($cmd in $commands) {
        try {
            Invoke-Expression $cmd -ErrorAction SilentlyContinue
            Write-Log "Successfully executed: $cmd" "SUCCESS"
        }
        catch {
            Write-Log "Warning: Could not execute $cmd - continuing anyway" "WARNING"
        }
    }

    Write-Log "Repair process completed" "SUCCESS"
    Write-Log "Please try installing KB5051987 again" "INFO"
    
    $restart = Read-Host "Would you like to restart now? (y/n)"
    if ($restart -eq 'y') {
        Restart-Computer -Force
    }
}
catch {
    Write-Log "Error occurred: $($_.Exception.Message)" "ERROR"
}

How to Use the Script

1. Open PowerShell as Administrator
2. Run these commands:

Set-ExecutionPolicy Bypass -Scope Process -Force
.\fix_kb5051987.ps1

Important Notes

1. This script is specifically designed for MicroWin environments and:

   • Only targets essential services that should exist in MicroWin
   • Preserves MicroWin optimizations
   • Focuses on fixing KB5051987 specifically

2. The missing services warnings (gpsvc, dcomlaunch, rpcss, mpssc, windefend) are expected in a MicroWin environment and can be safely ignored.

3. If the update still fails after running this script, we can try these alternative approaches:

   a. Manual Update Installation:

   • Visit the Microsoft Update Catalog
   • Search for KB5051987
   • Download the appropriate version for your system
   • Install manually

   b. System Information Check:

   Get-ComputerInfo | Select WindowsVersion,OsBuildNumber

   Please share your build number if the issue persists, as it might help identify version-specific problems.

Prevention

To avoid similar issues in future MicroWin installations:

1. Make sure to run Windows Update immediately after installation
2. Consider creating a restore point before major updates
3. Keep track of which updates succeed vs fail to identify patterns

Let me know if you need any clarification or if the issue persists after trying these solutions. Also, please share your Windows build number if the problem continues - it might help us identify any version-specific issues.

---

Note: Remember to run PowerShell as Administrator when executing these commands. The script has been designed to be as safe as possible while maintaining MicroWin's optimizations.

[cars11]

Thank you. I did all that, to no avail.
Same error.
Build is 26100.3194. Standalone installer also did not work.

While googling about I think I recall reading that the update KB 5051987 corresponds to the same build. But I'm not sure how good that source was. And if I did have the update already as part of the build number I would assume that it would vanish in windows update and go away on it's on?

[stutzmp]

I am having what appears to be the same problem with this update (2025-02 Cumulative Update for Windows 11 Version 24H2 for x64-based Systems (KB5051987)).

Ran the script as described and am still receiving the update error: Install error - 0x800f081f

WindowsVersion OsBuildNumber
-------------- -------------
2009           26100

Manually downloaded the cumulative update and found 2 separate msu files.

windows11.0-kb5043080-x64_953449672073f8fb99badb4cc6d5d7849b9c83e8.msu indicates it's not applicable to my system

windows11.0-kb5051987-x64_199ed7806a74fe78e3b0ef4f2073760000f71972.msu runs but then results in error code 0x800f081f

Not entirely convinced this is a winutil problem. Windows could do this on it's own.

[Nigel1992]

@cars11 I've created an enhanced Windows Update repair script specifically targeting build 26100 and the KB5051987 update issues. This script includes more robust error handling, service management, and system checks.

# Fix Windows Update for Build 26100
# Author: Nigel1992
# Version: 1.0.0
# Last Modified: March 2025

#Requires -RunAsAdministrator
[CmdletBinding()]
param()

function Write-LogMessage {
    param(
        [Parameter(Mandatory = $true)]
        [string]$Message,
        
        [Parameter(Mandatory = $false)]
        [ValidateSet('INFO', 'WARNING', 'ERROR', 'SUCCESS')]
        [string]$Type = 'INFO'
    )
    
    $timestamp = Get-Date -Format "yyyy-MM-dd HH:mm:ss"
    $color = switch ($Type) {
        "ERROR"   { "Red" }
        "WARNING" { "Yellow" }
        "SUCCESS" { "Green" }
        default   { "White" }
    }
    
    Write-Host "[$timestamp] $Type : $Message" -ForegroundColor $color
}

function Test-PendingReboot {
    $pendingRebootTests = @(
        @{
            Name = 'RebootPending'
            Path = 'HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\'
            Property = 'RebootPending'
        },
        @{
            Name = 'RebootRequired'
            Path = 'HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\'
            Property = 'RebootRequired'
        },
        @{
            Name = 'PendingFileRenameOperations'
            Path = 'HKLM:\SYSTEM\CurrentControlSet\Control\Session Manager\'
            Property = 'PendingFileRenameOperations'
        }
    )

    $pending = $false
    foreach ($test in $pendingRebootTests) {
        if (Test-Path $test.Path) {
            $value = Get-ItemProperty -Path $test.Path -Name $test.Property -ErrorAction SilentlyContinue
            if ($value -ne $null) {
                $pending = $true
                break
            }
        }
    }
    return $pending
}

function Reset-WindowsUpdateComponents {
    Write-LogMessage "Starting Windows Update components reset..." -Type INFO
    
    $services = @(
        'wuauserv',      # Windows Update
        'bits',          # Background Intelligence Transfer
        'cryptsvc',      # Cryptographic Services
        'trustedinstaller', # Windows Modules Installer
        'UsoSvc'         # Update Orchestrator Service
    )

    try {
        # 1. Stop services
        foreach ($service in $services) {
            Stop-Service -Name $service -Force -ErrorAction SilentlyContinue
            Write-LogMessage "Stopped service: $service" -Type INFO
        }

        # 2. Clear software distribution folders
        $paths = @(
            "$env:SystemRoot\SoftwareDistribution",
            "$env:SystemRoot\System32\catroot2"
        )

        foreach ($path in $paths) {
            if (Test-Path $path) {
                $backupPath = "$path.old"
                if (Test-Path $backupPath) {
                    Remove-Item $backupPath -Recurse -Force
                }
                Rename-Item $path "$path.old" -Force
                Write-LogMessage "Renamed $path to $path.old" -Type SUCCESS
            }
        }

        # 3. Reset Windows Update policies
        Write-LogMessage "Resetting Windows Update policies..." -Type INFO
        $regPaths = @(
            "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate",
            "HKLM:\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate",
            "HKLM:\SYSTEM\CurrentControlSet\Services\wuauserv"
        )

        foreach ($regPath in $regPaths) {
            if (Test-Path $regPath) {
                $null = New-ItemProperty -Path $regPath -Name "WUServer" -Value "" -PropertyType String -Force -ErrorAction SilentlyContinue
                $null = New-ItemProperty -Path $regPath -Name "WUStatusServer" -Value "" -PropertyType String -Force -ErrorAction SilentlyContinue
            }
        }

        # 4. Reset Windows Update service security descriptors
        Write-LogMessage "Resetting service security descriptors..." -Type INFO
        Start-Process "sc.exe" -ArgumentList "sdset wuauserv D:(A;;CCLCSWRPWPDTLOCRRC;;;SY)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCSWLOCRRC;;;AU)(A;;CCLCSWRPWPDTLOCRRC;;;PU)" -Wait -NoNewWindow

        # 5. Reset Windows Update catalog
        Write-LogMessage "Resetting Windows Update catalog..." -Type INFO
        Start-Process "cmd.exe" -ArgumentList "/c echo y | regsvr32 /s %windir%\system32\catroot2\*.*" -Wait -NoNewWindow

        # 6. Restart services
        foreach ($service in $services) {
            Set-Service -Name $service -StartupType Automatic -ErrorAction SilentlyContinue
            Start-Service -Name $service -ErrorAction SilentlyContinue
            Write-LogMessage "Started service: $service" -Type SUCCESS
        }

        # 7. Run DISM and SFC
        Write-LogMessage "Running system health checks..." -Type INFO
        Start-Process "DISM.exe" -ArgumentList "/Online /Cleanup-Image /RestoreHealth" -Wait -NoNewWindow
        Start-Process "sfc.exe" -ArgumentList "/scannow" -Wait -NoNewWindow

        # 8. Force Windows Update detection
        Write-LogMessage "Forcing Windows Update detection..." -Type INFO
        wuauclt /resetauthorization /detectnow
        (New-Object -ComObject Microsoft.Update.AutoUpdate).DetectNow()

        Write-LogMessage "Windows Update components reset completed successfully" -Type SUCCESS
    }
    catch {
        Write-LogMessage "Error during reset: $($_.Exception.Message)" -Type ERROR
        return $false
    }
    return $true
}

# Main execution
Write-LogMessage "Starting Windows Update repair for Build 26100..." -Type INFO

# Check if running as admin
if (-not ([Security.Principal.WindowsPrincipal][Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole]::Administrator)) {
    Write-LogMessage "This script requires administrative privileges. Please run as Administrator." -Type ERROR
    exit 1
}

# Check Windows build
$buildInfo = Get-ComputerInfo | Select-Object WindowsVersion, OsBuildNumber
if ($buildInfo.OsBuildNumber -ne 26100) {
    Write-LogMessage "Warning: This script is optimized for Build 26100. Current build: $($buildInfo.OsBuildNumber)" -Type WARNING
}

# Check for pending reboots
if (Test-PendingReboot) {
    Write-LogMessage "System has pending reboot. Please restart your computer before running this script." -Type WARNING
    $restart = Read-Host "Would you like to restart now? (y/n)"
    if ($restart -eq 'y') {
        Restart-Computer -Force
    }
    exit 1
}

# Perform the reset
$success = Reset-WindowsUpdateComponents

if ($success) {
    Write-LogMessage "Repair process completed. Please try Windows Update again." -Type SUCCESS
    Write-LogMessage "If issues persist, please try the following:" -Type INFO
    Write-LogMessage "1. Download updates manually from Microsoft Update Catalog" -Type INFO
    Write-LogMessage "2. Check for any third-party antivirus interference" -Type INFO
    Write-LogMessage "3. Ensure all Windows Update related services are running" -Type INFO
    
    $restart = Read-Host "Would you like to restart now? (y/n)"
    if ($restart -eq 'y') {
        Restart-Computer -Force
    }
} else {
    Write-LogMessage "Repair process encountered errors. Please check the logs above." -Type ERROR
}

How to use:

1. Save the script as fix_windows_update.ps1
2. Open PowerShell as Administrator
3. Navigate to the script's directory
4. Run: Set-ExecutionPolicy Bypass -Scope Process -Force; .\fix_windows_update.ps1

Key improvements:

• Specifically targets Build 26100 issues
• Enhanced error handling and logging
• Checks for pending reboots before running
• Comprehensive service management
• Registry policy reset
• Security descriptor reset
• Automatic service restart
• System health checks with DISM and SFC
• Force update detection after repairs

Let me know if you encounter any issues or need further assistance!

[stutzmp]

Ran the above install/repair script and unfortunately am not able to resolve the issue. Windows Update still shows Install error 0x800f081f.

[Nigel1992]

@cars11 @stutzmp

After analyzing the issue thread and the error patterns, I've created a specialized fix for Windows Update issues in MicroWin environments, particularly targeting KB5051987 on Build 26100.

Analysis

1. Multiple users experiencing error 0x800f081f with KB5051987
2. Issue persists after standard Windows Update resets
3. Build 26100.3194 specific behavior
4. Previous attempts with various scripts haven't resolved it
5. MicroWin environment has modified service configurations

New Solution

I've created a MicroWin-specific Windows Update repair script that takes into account the unique environment:

MicroWin Update Fix Script (Click to expand)

<#
.SYNOPSIS
    MicroWin-Specific Windows Update Fix for KB5051987
.DESCRIPTION
    Targeted fix for Windows Update issues in MicroWin environments
    Specifically addresses KB5051987 on Build 26100
    Author: Nigel1992
    Version: 2.0.0
#>

function Write-LogMessage {
    param(
        [string]$Message,
        [ValidateSet('INFO', 'WARNING', 'ERROR', 'SUCCESS')]
        [string]$Type = 'INFO'
    )
    
    $timestamp = Get-Date -Format "yyyy-MM-dd HH:mm:ss"
    $color = switch ($Type) {
        "ERROR"   { "Red" }
        "WARNING" { "Yellow" }
        "SUCCESS" { "Green" }
        default   { "White" }
    }
    Write-Host "[$timestamp] $Type : $Message" -ForegroundColor $color
}

function Reset-MicroWinUpdate {
    Write-LogMessage "Starting MicroWin-specific update repair..." -Type INFO
    
    # Only essential services for MicroWin
    $services = @(
        'wuauserv',      # Windows Update
        'bits',          # Background Intelligence Transfer
        'cryptsvc'       # Cryptographic Services
    )

    try {
        # 1. Stop essential services
        foreach ($service in $services) {
            Stop-Service -Name $service -Force -ErrorAction SilentlyContinue
        }

        # 2. Clear update cache with proper permissions
        $paths = @(
            "$env:SystemRoot\SoftwareDistribution\Download",
            "$env:SystemRoot\SoftwareDistribution\DataStore"
        )

        foreach ($path in $paths) {
            if (Test-Path $path) {
                takeown /f $path /r /d y | Out-Null
                icacls $path /grant administrators:F /t | Out-Null
                Remove-Item -Path $path -Recurse -Force -ErrorAction SilentlyContinue
            }
        }

        # 3. Reset Windows Update database
        if (Test-Path "$env:SystemRoot\System32\catroot2") {
            Rename-Item "$env:SystemRoot\System32\catroot2" "$env:SystemRoot\System32\catroot2.old" -Force -ErrorAction SilentlyContinue
        }

        # 4. Clear Windows Update registry keys
        $regPaths = @(
            "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate",
            "HKLM:\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate"
        )

        foreach ($regPath in $regPaths) {
            if (Test-Path $regPath) {
                Remove-ItemProperty -Path $regPath -Name "AccountDomainSid" -ErrorAction SilentlyContinue
                Remove-ItemProperty -Path $regPath -Name "PingID" -ErrorAction SilentlyContinue
                Remove-ItemProperty -Path $regPath -Name "SusClientId" -ErrorAction SilentlyContinue
            }
        }

        # 5. Reset Windows Update components
        $commands = @(
            "sc.exe sdset bits D:(A;;CCLCSWRPWPDTLOCRRC;;;SY)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCSWLOCRRC;;;AU)(A;;CCLCSWRPWPDTLOCRRC;;;PU)",
            "sc.exe sdset wuauserv D:(A;;CCLCSWRPWPDTLOCRRC;;;SY)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCSWLOCRRC;;;AU)(A;;CCLCSWRPWPDTLOCRRC;;;PU)"
        )

        foreach ($cmd in $commands) {
            Start-Process "cmd.exe" -ArgumentList "/c $cmd" -Wait -WindowStyle Hidden
        }

        # 6. Start services
        foreach ($service in $services) {
            Set-Service -Name $service -StartupType Automatic -ErrorAction SilentlyContinue
            Start-Service -Name $service -ErrorAction SilentlyContinue
        }

        # 7. Force update detection
        Write-LogMessage "Forcing Windows Update detection..." -Type INFO
        Start-Process "wuauclt.exe" -ArgumentList "/resetauthorization /detectnow" -Wait -WindowStyle Hidden

        Write-LogMessage "MicroWin update repair completed" -Type SUCCESS
        
        # Check build number
        $build = (Get-ItemProperty "HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion").CurrentBuild
        if ($build -eq "26100") {
            Write-LogMessage "Note: KB5051987 might not be needed as you're already on build 26100" -Type WARNING
        }
    }
    catch {
        Write-LogMessage "Error during repair: $($_.Exception.Message)" -Type ERROR
        return $false
    }
    return $true
}

# Main execution
if (-not ([Security.Principal.WindowsPrincipal][Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole]::Administrator)) {
    Write-LogMessage "Please run as Administrator" -Type ERROR
    exit 1
}

Reset-MicroWinUpdate

$restart = Read-Host "A restart is recommended. Would you like to restart now? (y/n)"
if ($restart -eq 'y') {
    Restart-Computer -Force
}

How to Use

1. Save the script as fix_microwin_update.ps1
2. Open PowerShell as Administrator
3. Navigate to the script directory
4. Run: Set-ExecutionPolicy Bypass -Scope Process -Force; .\fix_microwin_update.ps1

Important Notes

1. This script is specifically designed for MicroWin environments and only touches essential services
2. Since you're on build 26100, there's a possibility that KB5051987 is actually not needed
3. The error 0x800f081f often indicates a component store corruption in MicroWin environments

Additional Troubleshooting

If the issue persists after running the script, you can verify if the update is actually needed:

Get-WmiObject -Class Win32_QuickFixEngineering | Where-Object { $_.HotFixID -eq "KB5051987" }

You can also check the Windows Update logs:

Get-WindowsUpdateLog

Manual Installation Alternative

If the script doesn't resolve the issue:

1. Download KB5051987 from Microsoft Update Catalog
2. Try manual installation:

DISM /Online /Add-Package /PackagePath:path_to_update.msu

Please let me know if you need any clarification or if the issue persists after trying these solutions.