Sqm: Failed to Start Upload With File Pattern: C:windowsservicingsqm*_std.sqm

#16

Shplad

• 
• Members
• four,534 posts
• OFFLINE

• Gender: Not Telling
• Location: Canada
• Local time: 08:38 AM

Posted 15 June 2020 - 06:xiv PM

My thoughts exactly. I urge you to keep researching, cause if it was corruption of a single bit on a bulldoze somewhere,

a reg. entry or any, if it happened in one case, information technology could happen again. And the last thing you want is a server that isn't

properly udpating itself, for obvious security reasons, amid others.

Every bit for the corrupted registry hive, what about your backups? I'm bold you do proper backups/system images?

TBH, I know nothing about this detail registry hive.

This is long-winded but seems relevant.

https://world wide web.sysnative.com/forums/threads/restoring-a-fill-in-of-the-components-hive-what-are-the-problems.11691/

Yous accept my sympathies on this one. I tin't even imagine how many hours you put in to try to resolve this problem.

Edited past Shplad, xv June 2020 - 06:xiv PM.

• Back to elevation

BC AdBot (Login to Remove)

• 
• BleepingComputer.com
• Annals to remove ads

#17 jat24788

jat24788

• Topic Starter


• 
• Members
• 13 posts
• OFFLINE

• Local time: 08:38 AM

Posted 15 June 2020 - 06:22 PM

@Shplad - I'thou calling Cisco Meraki Support correct at present; their hardware firewall is the only thing I can recollect of that would globally bear upon the network like that in a strange way; I'll have them review logs and do package captures.

Nosotros practise daily backups (I don't count RAID equally a backup) via TapeDrive (these are swapped weekly, 1 offsite at all times) too every bit a baremetal differential to an external SSD; I would have an external machine equally a VM backup/spinup for backup/disaster-recovery that too replicates to the cloud but the client is non-turn a profit and doesn't trust "the cloud".

If this turns out to exist a strange Meraki Firewall quirk I'll be extremely angry considering of the time spent on this merely also relieved if it explains what has happened and provides a resolution if there's a "side by side" time. Thanks once again for all the actress optics on this and suggestions. I'll post dorsum with my findings hopefully past tomorrow, 06/xvi/2020.

• Back to summit

#18 Shplad

Shplad

• 
• Members
• 4,534 posts
• OFFLINE

• Gender: Not Telling
• Location: Canada
• Local time: 08:38 AM

Posted xv June 2020 - 06:32 PM

This is a fascinating case, and I'k quite eager to hear the results of whatsoever you find. Keep us posted!

• Back to top

#19 jat24788

jat24788

• Topic Starter


• 
• Members
• 13 posts
• OFFLINE

• Local fourth dimension: 08:38 AM

Posted sixteen June 2020 - 09:16 AM

Cisco Meraki Support for their MX64 Firewall (Avant-garde licensing type) claimed they did not come across anything in the logs to indicate that the MX64 firewall had blocked whatsoever Windows Update connections/traffic (though they accept said this one time before, and I know for a fact from packet capture their logging just failed to report correctly and they eventually admitted they did find a bug in their backend reporting they would fix). So unfortunately I accept no definitive answer that it was the Firewall that acquired the network wide Windows Update Issue, but with all the information gathered, and the other opinions from hither I'm willing to bet it was the Firewall that caused the network wide Windows Updates to neglect. Of form if it happens again (network wide) I'll do my ain packet capture and phone call them dorsum for them to diagnose as the consequence is occurring.

Yet, while Meraki said the logs looked skillful, Meraki back up did say they do sometimes run across the kind of Windows Update issue I mentioned and when they do it almost ever has to practise with their MX Firewall Threat Protection options. One of which is AMP (Advanced Malware Protection), and the other is their IDS that I believe makes employ of Snort. They had me alter the IDS Style to the less aggressive "Detection" choice instead of the "Prevention" pick I initially chose when the MX64 firewall was installed and licensed 3 years ago (to the month really), which also led me to see that my client'south Meraki Advanced Licensing expired this month (licensing was for 3 years) and they were automatically put on a 30 day "Grace Flow" until they receive their new license from TechSoup (Meraki gear with no license or expired licenses ceases to part beyond powering on and are substantially paperweights from my understanding). So for all I know, due to the licensing not-compliance (despite the "grace period") this too could take played a role/part in this.

With that beingness said, windows update *appears* to be functioning, but I say "appears to" because the WindowsUpdate repair tool still claims there are broken Windows Update components when it is run. And while an

SFC /scannow

on the Server returns clean with no integrity violations, whenever I run the

Dism /Online /Cleanup-Image /RestoreHealth

control it claims to repair component store corruption every single time it is run (multiple runs, and some reboots afterwards for expert measure). I'thou offset to wonder if Windows Updates for the Server appear to work *right now*, but may still not exist functioning fully/properly as intended or may stop "appearing to work" altogether at some point in the future once more, and as well that the corruption detected by DISM may extend beyond Windows Update instability.

I'll post the Server's full CBS log - just from another forum (sysnative) that I was browsing, I accept a sinking feeling there's a possibility the Server'south "C:\Windows\System32\config\COMPONENTS" file may be corrupted (which from my research this is extremely fragile and sometimes repairable by one of their Windows Update experts, but other times the expert says the file/hive is completely borked and at that place'south no other repair choice other than a clean install).

Any extra eyes on the latest CBS log file would be profoundly appreciated - besides as whatsoever knowledge/thoughts/insight into my COMPONENTS file abuse theory.

Also, while I detest running this (especially on a Server, because it feels similar it takes forever), whatever thoughts on a

chkdsk C: /r

on startup in the hopes it might yield some boosted details (or at least another eliminated factor)? I merely ask because sometimes on Windows ten machines I've noticed DISM will say information technology repaired corruption, but doesn't fully repair information technology until a chkdsk is run (and finds repairs that need to be washed).

Latest full CBS log attached, only here is a snippet of some of the failures I'1000 seeing logged:

2020-06-sixteen 07:47:32, Info                  CBS    Could not load SrClient DLL from path: SrClient.dll.  Continuing without system restore points. 2020-06-16 07:47:32, Info                  CBS    SQM: Initializing online with Windows opt-in: False 2020-06-16 07:47:32, Info                  CBS    SQM: Cleaning up written report files older than 10 days. 2020-06-xvi 07:47:32, Info                  CBS    SQM: Requesting upload of all unsent reports. 2020-06-16 07:47:32, Info                  CBS    SQM: Failed to commencement upload with file design: C:\Windows\servicing\sqm\*_std.sqm, flags: 0x2 [HRESULT = 0x80004005 - E_FAIL] 2020-06-16 07:47:32, Info                  CBS    SQM: Failed to start standard sample upload. [HRESULT = 0x80004005 - E_FAIL] 2020-06-16 07:47:32, Info                  CBS    SQM: Queued 0 file(s) for upload with design: C:\Windows\servicing\sqm\*_all.sqm, flags: 0x6 2020-06-16 07:47:32, Info                  CBS    SQM: Warning: Failed to upload all unsent reports. [HRESULT = 0x80004005 - E_FAIL] 2020-06-16 07:47:32, Info                  CBS    NonStart: Gear up pending store consistency check. 2020-06-16 07:47:32, Info                  CBS    Session: 30819292_1298022865 initialized by customer WindowsUpdateAgent. 2020-06-sixteen 07:47:34, Info                  CBS    Session: 30819292_1320789063 initialized past client WindowsUpdateAgent. 2020-06-xvi 07:47:35, Info                  CBS    Session: 30819292_1324921681 initialized by customer WindowsUpdateAgent. 2020-06-16 07:47:35, Info                  CBS    Session: 30819292_1326776966 initialized by client WindowsUpdateAgent. 2020-06-16 07:47:35, Info                  CBS    Failed to internally open parcel. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE] 2020-06-16 07:47:35, Info                  CBS    Failed to OpenPackage using worker session [HRESULT = 0x800f0805] 2020-06-xvi 07:47:35, Info                  CBS    Session: 30819292_1326931041 initialized past customer WindowsUpdateAgent. 2020-06-16 07:47:35, Info                  CBS    Failed to internally open up package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE] 2020-06-16 07:47:35, Info                  CBS    Failed to OpenPackage using worker session [HRESULT = 0x800f0805] 2020-06-xvi 07:47:35, Info                  CBS    Session: 30819292_1326931042 initialized by client WindowsUpdateAgent. 2020-06-sixteen 07:47:35, Info                  CBS    Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE] 2020-06-16 07:47:35, Info                  CBS    Failed to OpenPackage using worker session [HRESULT = 0x800f0805] 2020-06-xvi 07:47:35, Info                  CBS    Session: 30819292_1326931043 initialized by client WindowsUpdateAgent. 2020-06-xvi 07:47:35, Info                  CBS    Session: 30819292_1326971059 initialized by client WindowsUpdateAgent. 2020-06-16 07:47:35, Info                  CBS    Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE] 2020-06-16 07:47:35, Info                  CBS    Failed to OpenPackage using worker session [HRESULT = 0x800f0805] 2020-06-xvi 07:47:35, Info                  CBS    Session: 30819292_1326971060 initialized past client WindowsUpdateAgent. 2020-06-sixteen 07:47:35, Info                  CBS    Failed to internally open packet. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE] 2020-06-16 07:47:35, Info                  CBS    Failed to OpenPackage using worker session [HRESULT = 0x800f0805] 2020-06-sixteen 07:47:35, Info                  CBS    Session: 30819292_1327011048 initialized by customer WindowsUpdateAgent. 2020-06-xvi 07:47:35, Info                  CBS    Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE] 2020-06-sixteen 07:47:35, Info                  CBS    Failed to OpenPackage using worker session [HRESULT = 0x800f0805] 2020-06-xvi 07:47:35, Info                  CBS    Session: 30819292_1327011049 initialized by customer WindowsUpdateAgent. 2020-06-16 07:47:35, Info                  CBS    Failed to internally open packet. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE] 2020-06-16 07:47:35, Info                  CBS    Failed to OpenPackage using worker session [HRESULT = 0x800f0805]

Edited by jat24788, sixteen June 2020 - 09:17 AM.

• Back to top

#20 sflatechguy

sflatechguy

• 
• BC Advisor
• 2,696 posts
• OFFLINE

• Gender: Male person
• Local time: 08:38 AM

Posted 16 June 2020 - 10:14 AM

An IDS in prevention mode is a likely culprit. The IDS is merely as good as the signatures information technology gets, and isn't always able to distinguish friendly from unfriendly network traffic. Information technology'south odd that it would block Windows Updates traffic, but I've seen firewalls with IDS block things that are totally harmless. It's always best to start in "detection" mode and whitelist things information technology may flag as harmful when they aren't.

If you suspect it is problems with the registry settings for Windows Updates, I would (once again) suggest opening a support ticket with Microsoft. Because information technology's Windows Server, you lot'll become improve response times and responses.

• Dorsum to pinnacle

#21 Shplad

Shplad

• 
• Members
• iv,534 posts
• OFFLINE

• Gender: Not Telling
• Location: Canada
• Local fourth dimension: 08:38 AM

Posted 16 June 2020 - ten:24 AM

IMO, Windows Update funcitonality is one of the near basic functions there is for a server. If  Cisco'south Meraki team tin can't assure you lot that the firewall won't block it, I'd be looking for another firewall solution (assuming that IS the issues). It doesn't say much that's good about Cisco's QA or back up attitudes.

Hither's a helpful page from MS nigh their Update log files:

https://docs.microsoft.com/en-usa/windows/deployment/update/windows-update-logs

And another one from MS list and describing the Windows Update mistake codes:

https://docs.microsoft.com/en-us/windows/deployment/update/windows-update-mistake-reference

Windows Update fault codes by Don Pick (Technet):

https://social.technet.microsoft.com/wiki/contents/articles/15260.windows-update-amanuensis-error-codes.aspx

I'thou still searching for a URL I saw that actually helps you with troubleshooting steps for some of the major

errors with WU. Can't find the darned thing.

And RE: what sflatechguy wrote, did you e'er exam the firewall by adding the WU URLs in question to a whitelist, or did information technology start working once more earlier you could do that? Maybe if it acts up again, you could try whitelisting the URLs.

EDIT: IIRC, sometimes when registry hives become corrupted, it's listed as an event in the System Log. Yous might

want to cheque at that place for clues. Even if it's not corrupted, the Organization Log might reveal some helpful diagnostic

data here. I'd take a careful await at information technology.

Edited by Shplad, xvi June 2020 - 10:53 AM.

• Dorsum to height

#22 jat24788

jat24788

• Topic Starter


• 
• Members
• 13 posts
• OFFLINE

• Local time: 08:38 AM

Posted xvi June 2020 - 10:51 AM

@sflatechguy - Yes, they are in Detection style for that exact reason now

@Shplad - Usually everything has been peachy with Meraki's firewall, but like sflatechguy said, the IDS is just as good as the signatures it gets, and I do call back they use Snort (peradventure in combination with other signatures). The WU hostnames were already whitelisted every bit role of my initial troubleshooting steps - nevertheless they apparently were just whitelisted under "Content Filtering" and not the actual Layer3 Firewall rules...

On that note I checked the dism.log file besides the CBS.log file and this is what stood out to me:

    Line 132735: 2020-06-12 22:13:25, Mistake                 DISM   DISM Package Manager: PID=332 TID=1820 Failed opening package. - CDISMPackageManager::Internal_CreatePackageByPath(hr:0x80070002)     Line 132736: 2020-06-12 22:13:25, Error                 DISM   DISM Packet Manager: PID=332 TID=1820 Failed to get the underlying CBS package. - CDISMPackageManager::OpenPackageByPath(hr:0x80070002)     Line 132737: 2020-06-12 22:xiii:25, Error                 DISM   DISM Package Director: PID=332 TID=1820 Failed to open the package at location: "C:\25097976_d500d0be79c5effb0407939c8b9777cef094af48.cab" - CPackageManagerCLIHandler::ProcessPackagePath(hr:0x80070002)     Line 132738: 2020-06-12 22:13:25, Fault                 DISM   DISM Package Managing director: PID=332 TID=1820 Failed while processing control add-package. - CPackageManagerCLIHandler::ExecuteCmdLine(hr:0x80070002)     Line 132740: 2020-06-12 22:13:25, Error                 DISM   DISM.EXE: DISM Parcel Manager processed the command line but failed. HRESULT=80070002     Line 132916: 2020-06-12 22:14:25, Error                 DISM   DISM Package Manager: PID=2884 TID=3460 Failed opening parcel. - CDISMPackageManager::Internal_CreatePackageByPath(60 minutes:0x80070002)     Line 132917: 2020-06-12 22:14:25, Error                 DISM   DISM Parcel Manager: PID=2884 TID=3460 Failed to get the underlying CBS package. - CDISMPackageManager::OpenPackageByPath(hour:0x80070002)     Line 132918: 2020-06-12 22:xiv:25, Error                 DISM   DISM Package Manager: PID=2884 TID=3460 Failed to open the packet at location: "C:\25097976_d500d0be79c5effb0407939c8b9777cef094af48.cab" - CPackageManagerCLIHandler::ProcessPackagePath(hour:0x80070002)     Line 132919: 2020-06-12 22:xiv:25, Error                 DISM   DISM Package Managing director: PID=2884 TID=3460 Failed while processing command add-package. - CPackageManagerCLIHandler::ExecuteCmdLine(hr:0x80070002)     Line 132921: 2020-06-12 22:xiv:25, Error                 DISM   DISM.EXE: DISM Package Manager processed the command line but failed. HRESULT=80070002     Line 133097: 2020-06-12 22:15:09, Error                 DISM   DISM Package Manager: PID=4676 TID=1396 Failed opening package. - CDISMPackageManager::Internal_CreatePackageByPath(hr:0x80070002)     Line 133098: 2020-06-12 22:15:09, Error                 DISM   DISM Parcel Manager: PID=4676 TID=1396 Failed to get the underlying CBS package. - CDISMPackageManager::OpenPackageByPath(hr:0x80070002)     Line 133099: 2020-06-12 22:15:09, Error                 DISM   DISM Package Manager: PID=4676 TID=1396 Failed to open the package at location: "C:\update\myupdate.cab" - CPackageManagerCLIHandler::ProcessPackagePath(hr:0x80070002)     Line 133100: 2020-06-12 22:15:09, Error                 DISM   DISM Package Manager: PID=4676 TID=1396 Failed while processing control add-package. - CPackageManagerCLIHandler::ExecuteCmdLine(hr:0x80070002)     Line 133102: 2020-06-12 22:15:09, Error                 DISM   DISM.EXE: DISM Parcel Manager candy the command line only failed. HRESULT=80070002

More than Specifically:

Error                 DISM   DISM Parcel Manager: PID=332 TID=1820 Failed to open the parcel at location: "C:\25097976_d500d0be79c5effb0407939c8b9777cef094af48.cab" - CPackageManagerCLIHandler::ProcessPackagePath(hour:0x80070002)

Fault                 DISM   DISM Bundle Manager: PID=2884 TID=3460 Failed to open the parcel at location: "C:\25097976_d500d0be79c5effb0407939c8b9777cef094af48.cab" - CPackageManagerCLIHandler::ProcessPackagePath(hr:0x80070002)

Error                 DISM   DISM Package Manager: PID=4676 TID=1396 Failed to open the packet at location: "C:\update\myupdate.cab" - CPackageManagerCLIHandler::ProcessPackagePath(hour:0x80070002)

And it would fail to open the cab file because no such file(s) be...

And I recall this correlates with the original CBS log that had the post-obit error entry when WU was failing altogether:

2020 - 06 - xiii 10 : 27 : 16 : 982 364 1888     PT    WARNING : ECP : Failed to download cab file from http : //download.windowsupdate.com/d/msdownload/update/others/2017/06/25097976_d500d0be79c5effb0407939c8b9777cef094af48.cab with mistake 0x80072efe

Edited by jat24788, 16 June 2020 - x:55 AM.

• Back to tiptop

#23 Shplad

Shplad

• 
• Members
• iv,534 posts
• OFFLINE

• Gender: Not Telling
• Location: Canada
• Local time: 08:38 AM

Posted 16 June 2020 - 12:27 PM

From the last link I sent yous:

https://docs.microsoft.com/en-us/windows/deployment/update/windows-update-troubleshooting

Is your firewall supporting RANGE rules?

Problems related to HTTP/Proxy

Windows Update uses WinHttp with Partial Range requests (RFC 7233) to download updates and applications from Windows Update servers or on-premises WSUS servers. Because of this proxy servers configured on the network must back up HTTP RANGE requests. If a proxy was configured in Internet Explorer (User level) just not in WinHTTP (System level), connections to Windows Update will fail.

To set up this issue, configure a proxy in WinHTTP by using the following netsh command:

Console

netsh winhttp gear up proxy ProxyServerName:PortNumber

The same doc. also lists some URLs to whitelist. Though this is for Windows ten, I'm sure it can't hurt to examination with them:

Device cannot admission update files

Cheque that your device can access these Windows Update endpoints:

• http://windowsupdate.microsoft.com
• http://*.windowsupdate.microsoft.com
• https://*.windowsupdate.microsoft.com
• http://*.update.microsoft.com
• https://*.update.microsoft.com
• http://*.windowsupdate.com
• http://download.windowsupdate.com
• https://download.microsoft.com
• http://*.download.windowsupdate.com
• http://wustat.windows.com
• http://ntservicepack.microsoft.com

There's more in that document I haven't included here. You might want to have a read through it too.

Edited by Shplad, 16 June 2020 - 12:48 PM.

• Back to height

#24 jat24788

jat24788

• Topic Starter


• 
• Members
• 13 posts
• OFFLINE

• Local time: 08:38 AM

Posted 16 June 2020 - 01:39 PM

@Shplad Yes, thank you for that link, I'm using it for boosted codes that are being returned (Warnings in the Dism log instead of Errors). Unfortunately I realized those Errors I only listed were non today just on June twelfth, which is still when the firewall was blocking admission, then both the errors you just listed brand perfect sense now and have me more convinced than ever that it was originally a Firewall issue like others here originally suggested/thought.

These are what I whitelisted in the firewall (just in case for the hereafter, and what Meraki recommended):

windowsupdate.microsoft.com update.microsoft.com windowsupdate.com download.windowsupdate.com download.windowsupdate.com wustat.windows.com ntservicepack.microsoft.com

The only thing I'm left scratching my head at at present is why the "Dism RestoreHealth" command withal reports corruption and says information technology is repaired simply upon subsequent runs says the aforementioned thing again!

Looking at the DISM log, this seems to exist the recurring theme for Warnings (no "Errors" are showing, and all other entries are "Info")

    Line 139074: 2020-06-16 08:eleven:48, Warning               DISM   DISM Provider Shop: PID=5180 TID=4892 Failed to get the IDismObject Interface - CDISMProviderStore::Internal_LoadProvider(hour:0x80004002)     Line 139075: 2020-06-16 08:11:48, Warning               DISM   DISM Provider Store: PID=5180 TID=4892 Failed to Load the provider: C:\Users\ADMINI~i\AppData\Local\Temp\58BDB8A8-5396-4D53-85B4-83919717F066\Wow64provider.dll. - CDISMProviderStore::Internal_GetProvider(60 minutes:0x80004002)     Line 139082: 2020-06-16 08:11:48, Alert               DISM   DISM Provider Store: PID=5180 TID=4892 Failed to Load the provider: C:\Users\ADMINI~ane\AppData\Local\Temp\58BDB8A8-5396-4D53-85B4-83919717F066\EmbeddedProvider.dll. - CDISMProviderStore::Internal_GetProvider(hour:0x8007007e)     Line 139240: 2020-06-16 08:43:34, Warning               DISM   DISM Provider Store: PID=1628 TID=5488 Failed to Load the provider: C:\Users\ADMINI~1\AppData\Local\Temp\63485198-18DC-40DD-9EFA-8543A82B2883\PEProvider.dll. - CDISMProviderStore::Internal_GetProvider(hr:0x8007007e)     Line 139266: 2020-06-16 08:43:34, Warning               DISM   DISM Provider Shop: PID=1628 TID=5488 Failed to Load the provider: C:\Users\ADMINI~one\AppData\Local\Temp\63485198-18DC-40DD-9EFA-8543A82B2883\IBSProvider.dll. - CDISMProviderStore::Internal_GetProvider(hr:0x8007007e)     Line 139279: 2020-06-sixteen 08:43:34, Warning               DISM   DISM Provider Shop: PID=1628 TID=5488 Failed to get the IDismObject Interface - CDISMProviderStore::Internal_LoadProvider(hr:0x80004002)     Line 139280: 2020-06-16 08:43:34, Warning               DISM   DISM Provider Store: PID=1628 TID=5488 Failed to Load the provider: C:\Users\ADMINI~one\AppData\Local\Temp\63485198-18DC-40DD-9EFA-8543A82B2883\Wow64provider.dll. - CDISMProviderStore::Internal_GetProvider(hr:0x80004002)     Line 139287: 2020-06-16 08:43:34, Warning               DISM   DISM Provider Store: PID=1628 TID=5488 Failed to Load the provider: C:\Users\ADMINI~one\AppData\Local\Temp\63485198-18DC-40DD-9EFA-8543A82B2883\EmbeddedProvider.dll. - CDISMProviderStore::Internal_GetProvider(hr:0x8007007e)

# for hex 0x80004002 / decimal -2147467262
COR_E_INVALIDCAST                                              corerror.h
# Indicates a bad cast condition
DIERR_NOINTERFACE                                              dinput.h
DSERR_NOINTERFACE                                              dsound.h
STIERR_NOINTERFACE                                             stierr.h
E_NOINTERFACE                                                  winerror.h
# No such interface supported
# v matches establish for "0x80004002"

# No results found for hex 0x8007007e / decimal -2147024770
# as an HRESULT: Severity: FAILURE (1), FACILITY_WIN32 (0x7), Code 0x7e
# for hex 0x7e / decimal 126
ERROR_MOD_NOT_FOUND                                            winerror.h
# The specified module could non exist found.
# 1 matches institute for "0x8007007e"

Withal the Dism log also reports the following fifty-fifty though Dism within CMD reports it has repaired corruption:

Checking System Update Readiness.   Summary: Operation: Detect and Repair Performance result: 0x0 Last Successful Step: Entire operation completes. Total Detected Abuse:    0     CBS Manifest Corruption:    0     CBS Metadata Corruption:    0     CSI Manifest Corruption:    0     CSI Metadata Corruption:    0     CSI Payload Corruption:    0 Total Repaired Corruption:    0     CBS Manifest Repaired:    0     CSI Manifest Repaired:    0     CSI Payload Repaired:    0     CSI Store Metadata refreshed:    True

If information technology weren't for DISM maxim corruption was repaired in CMD this is something I usually wouldn't worry nigh since the log looks expert/clean and only Warnings prove upwards instead of Errors (which I'm beingness told is normal). Is this somehow a false positive reported in CMD by Dism? Dism.log attached, CBS.log attached and screenshot attached of CMD window.

----EDIT----

@Shplad - the concluding link yous referenced "https://docs.microsoft.com/en-usa/windows/deployment/update/windows-update-troubleshooting" I went through extensively before my OP. That's likewise how I manually downloaded the latest server updates and installed them.

The firewall does allow for ranges, and I'll be calculation all those entries to the Layer3 to exist whitelisted for the time to come just in instance.

Fastened Files

Edited by jat24788, 16 June 2020 - 01:44 PM.

• Back to meridian

#25 Shplad

Shplad

• 
• Members
• 4,534 posts
• OFFLINE

• Gender: Not Telling
• Location: Canada
• Local time: 08:38 AM

Posted xvi June 2020 - 02:53 PM

I'one thousand non sure, just from a the looks of those errors from the DISM.log I'd say you should phone call MS support to inquire about those. They're pretty ambiguous/proprietary-looking.

• Back to top

#26 jat24788

jat24788

• Topic Starter


• 
• Members
• 13 posts
• OFFLINE

• Local time: 08:38 AM

Posted 18 June 2020 - ten:27 PM

Just an update: Microsoft refused to offer any back up for Server 2012 R2 (only Server 2016 and 2019) unless I paid them at to the lowest degree $499 for a "Single Incident" program. I guess extended back up for Server 2012 R2 until 2023 doesn't mean much other than continued Windows Update security patches (if you tin get Windows Update to work properly, that is). If I have to pay Microsoft that much just to get any kind of support for this issue, I might just do an in-place upgrade to Server 2019 (along with licensing updates, equally licensing changes/increases with CPU cores etc with Server 2019). Thoughts?

• Back to elevation

#27 Shplad

Shplad

• 
• Members
• 4,534 posts
• OFFLINE

• Gender: Not Telling
• Location: Canada
• Local time: 08:38 AM

Posted eighteen June 2020 - 10:43 PM

Hmm...that's disappointing. I've heard good things about both versions. I'd go with 2019 if it's within your budget, merely because at that place'll be less

worry about deprecation whatever time soon.

I advise you take a good look at the licensing details befor you make the jump. Microsoft has made the details very complicated when compared

with older versions.

Somewhere floating around the Web is a very well-designed matrix of all the licensing complexities, greatly simplified and made easier to grasp.

I can't find it right now.

• Dorsum to top

#28 Shplad

Shplad

• 
• Members
• 4,534 posts
• OFFLINE

• Gender: Not Telling
• Location: Canada
• Local time: 08:38 AM

Posted 18 June 2020 - ten:46 PM

Expect...I'k not articulate...did you always stop upwardly running a CHDSK on the main volume in question? If so, what were the results?

What about restoring that corrupted registry hive? Did you finish upward attempting that?

This isn't it, merely it's helpful:

Windows Server 2019 licensing datasheet

https://download.microsoft.com/download/7/C/E/7CED6910-C7B2-4196-8C55-208EE0B427E2/Windows_Server_2019_licensing_datasheet_EN_US.pdf

About CALs

https://www.microsoft.com/en-usa/licensing/product-licensing/client-admission-license

Double-check those resource. Sometimes, MS types up long docs and doesn't bother to bespeak whether

they only apply to volume-licensing or one-off packs etc.

Edited by Shplad, 18 June 2020 - 10:l PM.

• Back to top

#29 jat24788

jat24788

• Topic Starter


• 
• Members
• 13 posts
• OFFLINE

• Local time: 08:38 AM

Posted 18 June 2020 - 11:03 PM

@Shplad - Since the company owning the server is a non-profit they can get Server 2019 and licenses pretty cheap through TechSoup (probably way cheaper than $499).

I'm running "chkdsk C: /r" on the Server tonight, simply hoping it doesn't take overly long to run as business hours begin in 9 hours from now. I'll post back the results of the browse once information technology is completed; maybe I'll get lucky.

Every bit for the registry hive, and manually repairing corruption, I have no idea how to do that myself. I suppose I could try a mail at SysNative, which is where I heard about this kind of process - unless someone here knows how to analyze and do such a repair?

• Back to top

#thirty jat24788

jat24788

• Topic Starter


• 
• Members
• xiii posts
• OFFLINE

• Local fourth dimension: 08:38 AM

Posted xix June 2020 - 12:01 AM

Chkdsk returned the following after one run:

Checking file system on C: The blazon of the file organization is NTFS.  A disk check has been scheduled. Windows will now check the disk.                           Stage one: Examining bones file system structure ... Cleaning up instance tags for file 0x1acb8. Cleaning upward instance tags for file 0x268ac. Cleaning upwards case tags for file 0x26a85.   997632 file records processed.                                                         File verification completed.   22567 big file records processed.                                      0 bad file records processed.                                       Stage 2: Examining file name linkage ...   1115002 index entries processed.                                                        Alphabetize verification completed.   0 unindexed files scanned.                                           0 unindexed files recovered.                                        Stage 3: Examining security descriptors ... Cleaning up 1097 unused alphabetize entries from index $SII of file 0x9. Cleaning up 1097 unused index entries from index $SDH of file 0x9. Cleaning up 1097 unused security descriptors. Security descriptor verification completed.   58686 data files candy.                                            CHKDSK is verifying Usn Periodical... Usn Periodical verification completed.  Stage iv: Looking for bad clusters in user file data ...   997616 files processed.                                                                File data verification completed.  Stage 5: Looking for bad, free clusters ...   8193491 costless clusters processed.                                                        Free space verification is complete. CHKDSK discovered complimentary space marked as allocated in the volume bitmap.  Windows has fabricated corrections to the file system. No farther action is required.    83345407 KB total deejay space.   49326416 KB in 209323 files.     176264 KB in 58687 indexes.          0 KB in bad sectors.    1068759 KB in apply by the system.      65536 KB occupied by the log file.   32773968 KB bachelor on disk.        4096 bytes in each allocation unit.   20836351 total allocation units on deejay.    8193492 allocation units available on deejay.

DISM still reports abuse being repaired every time information technology is run.

2nd chkdsk run:

Checking file system on C: The blazon of the file arrangement is NTFS.  A disk check has been scheduled. Windows will now cheque the disk.                           Stage one: Examining bones file system structure ...   997632 file records processed.                                                         File verification completed.   22560 large file records processed.                                      0 bad file records processed.                                       Phase 2: Examining file proper name linkage ...   1115014 index entries processed.                                                        Index verification completed.   0 unindexed files scanned.                                           0 unindexed files recovered.                                        Phase 3: Examining security descriptors ... Cleaning upward 10 unused alphabetize entries from index $SII of file 0x9. Cleaning up ten unused alphabetize entries from alphabetize $SDH of file 0x9. Cleaning up 10 unused security descriptors. Security descriptor verification completed.   58692 data files candy.                                            CHKDSK is verifying Usn Periodical...   837832 USN bytes candy.                                                            Usn Journal verification completed.  Stage 4: Looking for bad clusters in user file data ...   997616 files candy.                                                                File data verification completed.  Phase v: Looking for bad, free clusters ...   8091862 complimentary clusters processed.                                                        Complimentary space verification is complete.  Windows has scanned the file system and found no issues. No farther action is required.    83345407 KB full disk space.   49731900 KB in 209342 files.     176272 KB in 58693 indexes.          0 KB in bad sectors.    1069787 KB in utilize past the system.      65536 KB occupied by the log file.   32367448 KB available on disk.        4096 bytes in each allocation unit.   20836351 total allocation units on disk.    8091862 allocation units available on disk.

Edited by jat24788, 19 June 2020 - 12:26 AM.

• Back to top

cainthorry.blogspot.com

Source: https://www.bleepingcomputer.com/forums/t/723993/windows-server-2012-r2-windows-update-fails-8024402f-not-wsus/page-2

Share this post