locked
https://support.microsoft.com/en-gb/kb/971058 "netsh winsock reset" Fails RRS feed

  • Question

  • I recently implemented WSUS and about 75% of my computers have updates in error status.  It appears that implementing the procedures from KB/971058 will fix the issue. However, it also appears that registering the DLLs is corrupting the registry entries for WinSock.  When I issue the command "netsh winsock reset", I get an error that "NSHHTTP.DLL failed to start with error code 10107" and a message that the file could not be found.  At this point, the internet is down (although I can still access network shares) and the only resolution is to reboot to SAFE MODE WITH NETWORKING and issue the "netsh winsock reset" command again.  After another reboot, everything is back to normal and the updates will generally apply (not always).

    If it were one or two computers I would brute force it, but I'm trying to script the fix and apply it over the network.  As soon as winsock goes down, I'm required to go physically lay hands on the computer to get it working again.

    I've tried exporting the WinSock and WinSock2 registry entries, but whatever is corrupting the entries is preventing me from re-importing them.  I'm primarily seeing this on Windows 7 1607 Service Pack 1, although I've had the same issue with other flavors of Windows 7 and Windows 10.

    Does anyone know how to fix or prevent the issue with winsock?

    Thursday, January 4, 2018 7:09 PM

All replies

  • I'm not answering your question directly, as this is a really specific question, but rather I'm going to ask you to think differently about this situation.

    Setup and use my maintenance script on your WSUS Servers. This solves most problems with the default settings. Just because it's new server, doesn't mean that it is optimized or clean; it just means that it's new.

    Please have a look at the WSUS Automated Maintenance (WAM) system. It is an automated maintenance system for WSUS, the last system you'll ever need to maintain WSUS!

    https://community.spiceworks.com/scripts/show/2998-wsus-automated-maintenance-formerly-adamj-clean-wsus

    What it does:

    1. Add WSUS Index Optimization to the database to increase the speed of many database operations in WSUS by approximately 1000-1500 times faster.
    2. Remove all Drivers from the WSUS Database (Default; Optional).
    3. Shrink your WSUSContent folder's size by declining multiple types of updates including by default any superseded updates, preview updates, expired updates, Itanium updates, and beta updates. Optional extras: Language Packs, IE7, IE8, IE9, IE10, Embedded, NonEnglishUpdates, ComputerUpdates32bit, WinXP.
    4. Remove declined updates from the WSUS Database.
    5. Clean out all the synchronization logs that have built up over time (configurable, with the default keeping the last 14 days of logs).
    6. Compress Update Revisions.
    7. Remove Obsolete Updates.
    8. Computer Object Cleanup (configurable, with the default of deleting computer objects that have not synced within 30 days).
    9. Application Pool Memory Configuration to display the current private memory limit and easily set it to any configurable amount including 0 for unlimited. This is a manual execution only.
    10. Checks to see if you have a dirty database, and if you do, fixes it. This is primarily for Server 2012 WSUS, and is a manual execution only.
    11. Run the Recommended SQL database Maintenance script on the actual SQL database.
    12. Run the Server Cleanup Wizard.

    It will email the report out to you or save it to a file, or both.

    Although the script is lengthy, it has been made to be super easy to setup and use so don't over think it. There are some prerequisites and instructions at the top of the script. After installing the prerequisites and configuring the variables for your environment (email settings only if you are accepting all the defaults), simply run:

    .\Clean-WSUS.ps1 -FirstRun

    If you wish to view or increase the Application Pool Memory Configuration, or run the Dirty Database Check, you must run it with the required switch. See Get-Help .\Clean-WSUS.ps1 -Examples

    If you're having trouble, there's also a -HelpMe option that will create a log so you can send it to me for support.

    ===============

    If my script doesn't fix your issues directly (wait 48 hours - WSUS is SLOW as it's a pull system, not a push), combine it with the following client-side script.

    net stop bits
    net stop wuauserv
    reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate" /v AccountDomainSid /f
    reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate" /v PingID /f
    reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate" /v SusClientId /f
    reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate" /v SusClientIDValidation /f
    rd /s /q "C:\WINDOWS\SoftwareDistribution"
    net start bits
    net start wuauserv
    wuauclt /resetauthorization /detectnow
    PowerShell.exe (New-Object -ComObject Microsoft.Update.AutoUpdate).DetectNow()

    The combination of these 2 fixes most issues. If these don't fix your issues specifically, a bigger question is where did these Windows clients come from? A master image? Perhaps the master image is bad.


    Adam Marshall, MCSE: Security
    http://www.adamj.org
    Microsoft MVP - Windows and Devices for IT

    Friday, January 5, 2018 12:18 AM
  • Hello,

    In my point of view, it sounds like that you have third party add-on installed which may caused Winsock corrupt.

    Here is n article regarding to winsock corruption, please refer to it:

    https://support.microsoft.com/en-us/help/811259/how-to-determine-and-to-recover-from-winsock2-corruption-in-windows-se

    Do you have proxy software installed?

    I would like to suggest you remove the software and check whether issue still exist. 

    Regards,

    Yan


    Please remember to mark the replies as answers if they help. If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Friday, January 5, 2018 5:57 AM