signature=cd5be26c7b782466fb7344fc4ddda3b3,Windows Update Fails with Error 0x80092004

CH

Created on July 23, 2015

Windows Update Fails with Error 0x80092004

Note this issue occurs across multiple machines in an environment, and it is different Windows Updates at different times. The same updates deploy fine to other machines with the same OS and applications.

Operating System

- Windows 7 x64 SP1

- 4GB RAM

- SCCM pushing software updates, CcmExec.exe is v4.0.6487.2000

Here is one example of a failed update:

Update Title: Security Update for Windows 7 for x64-based Systems (KB3035132)

Update ID: {FC71042C-F577-42CA-9A82-E358D0750CCB}.201

Bundled Update : {9DF0E4B2-9E94-4ACC-B7F7-288A329395D6}.201

Error Message: FATAL: CBS called Error with 0x80092004

This HRESULT code can mean "CRYPT_E_NOT_FOUND" Cannot find object or property.

Searching cbs.log for 0x80092004 error can't find it.

The following McAfee producsts are running on the machine, with up to date definitions:

NAI Product Manager (C:\Program Files (x86)\McAfee\Common Framework\naPrdMgr.exe)

McAfee HIP Main Service v8.0.0.2919 (C:\Program Files\McAfee\Host Intrusion Prevention\FireSvc.exe)

HIP lpc interface with MA 4.5+ v8.0.0.2919 (C:\Program Files (x86)\McAfee\Host Intrusion Prevention\HipMgmt.exe)

Framework Service v4.8.0.1500 (C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe)

Task Manager v8.8.0.1247 (C:\Program Files (x86)\McAfee\VirusScan Enterprise\VsTskMgr.exe)

VSCore Announcer v15.1.0.543 (C:\Program Files (x86)\McAfee\VirusScan Enterprise\mfeann.exe)

McAfee Process Validation Service v15.1.0.656 (C:\Windows\system32\mfevtps.ex)

McAfee Telemetry Service (C:\Program Files (x86)\McAfee\Telemetry\mctelsvc.exe)

McAfee On-Access Scanner service v15.1.0.543 (C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe)

McAfee Core Firewall Service (C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe)

Common User Interface (C:\Program Files (x86)\McAfee\Common Framework\UdaterUI.exe)

McTray Application v2.1.1.1236 (C:\Program Files (x86)\McAfee\Common Framework\McTray.exe)

Other information:

Running Windows Update "fix it" get the following result, but did not fix the problem

Issues found

Service registration is missing or corrupt Fixed Fixed - Reset service registration Completed

Problems installing recent updates - Fixed Repair Windows Update

REG KEY OPERATIONS

TrustedInstaller.exe

RegOpenKeyHKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB3035132~31bf3856ad364e35~amd64~~6.1.1.0SUCCESSDesired Access: Read/Write

TrustedInstaller.exe

RegQueryValueHKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB3035132~31bf3856ad364e35~amd64~~6.1.1.0\ApplicabilityStateSUCCESSType: REG_DWORD, Length: 4, Data: 112

TrustedInstaller.exe

RegQueryValueHKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB3035132~31bf3856ad364e35~amd64~~6.1.1.0\CurrentStateSUCCESSType: REG_DWORD, Length: 4, Data: 0

CCMExec.exe checks for

HKLM\Software\Wow6432Node\Microsoft\Sms\Mobile Client\Updates Management\Handler\UpdatesRebootStatus\9df0e4b2-9e94-4acc-b7f7-288a329395d6

but it is not found.

System Event Log

Event Type: Error

Event Source: Microsoft-Windows-WindowsUpdateClient

Event ID: 20

Message:

Installation Failure: Windows failed to install the following update with error 0x80092004: Security Update for Windows 7 for x64-based Systems (KB3035132).

Application Event Log

Event Type: Information

Event Source: Windows Error Reporting

Event ID: 1001

Message:

"Fault bucket 1164381215, type 21

Event Name: CbsPackageServicingFailure2

Response: Not available

Cab Id: 0

Problem signature:

P1: 6.1.7601.17592

P2: Package_for_KB3035132

P3: 6.1.1.0

P4: amd64

P5: unknown

P6: 80092004

P7: Resolve

P8: Absent

P9: Installed

P10: WindowsUpdateAgent

Attached files:

C:\Windows\Logs\CBS\CbsPersist_20150706034214.cab

C:\Windows\Logs\CBS\CbsPersist_20150706040423.cab

C:\Windows\Logs\CBS\CbsPersist_20150706081215.cab

C:\Windows\Logs\CBS\CbsPersist_20150707023539.cab

C:\Windows\Logs\CBS\CbsPersist_20150708075413.cab

C:\Windows\Logs\CBS\CBS.log

C:\Windows\servicing\Sessions\Sessions.xml

C:\Windows\winsxs\poqexec.log

C:\Windows\winsxs\pending.xml

C:\Windows\inf\setupapi.dev.log

These files may be available here:

C:\ProgramData\Microsoft\Windows\WER\ReportArchive\Critical_6.1.7601.17592_497e18e62a6b430c1c4a943dbca5e93999696e_17ee5ca0

Analysis symbol:

Rechecking for solution: 0

Report Id: fd2d0805-2698-11e5-a673-90b11c67b41c

Report Status: 0

Hashed bucket: %22"

WindowsUpdate.log

2015-07-1010:02:36:4466761b14DnldMgr***********  DnldMgr: Copy update to cache [UpdateId = {9DF0E4B2-9E94-4ACC-B7F7-288A329395D6}.201]  ***********

2015-07-1010:02:36:5326761b14DnldMgrAsking handler to generate non-range requests.

2015-07-1010:02:36:5326761b14HandlerGenerating request for CBS update 9DF0E4B2-9E94-4ACC-B7F7-288A329395D6 in sandbox C:\Windows\SoftwareDistribution\Download\294915c03eada78951aa103c7b4f0c14_ctc

2015-07-1010:02:36:5326761b14HandlerSelecting self-contained because update has express payload but server doesn't support it.

2015-07-1010:02:36:5326761b14HandlerSelected payload type is ptSelfContained

2015-07-1010:02:36:5326761b14HandlerDetected download state is dsStart

2015-07-1010:02:36:5326761b14HandlerAdding windows6.1-kb3035132-x64.cab (entire file) to request list.

2015-07-1010:02:36:5396761b14HandlerRequest generation for CBS update complete with hr=0x0 and pfResetSandbox=0

2015-07-1010:02:36:7646761b14MiscValidating signature for C:\Windows\SoftwareDistribution\Download\294915c03eada78951aa103c7b4f0c14_ctc\windows6.1-kb3035132-x64.cab with dwProvFlags 0x00000080:

2015-07-1010:02:36:7956761b14MiscMicrosoft signed: Yes

2015-07-1010:02:36:7956761b14DnldMgrAsking handler to generate non-range requests.

2015-07-1010:02:36:7976761b14HandlerGenerating request for CBS update 9DF0E4B2-9E94-4ACC-B7F7-288A329395D6 in sandbox C:\Windows\SoftwareDistribution\Download\294915c03eada78951aa103c7b4f0c14_ctc

2015-07-1010:02:36:7976761b14HandlerSelecting self-contained because update has express payload but server doesn't support it.

2015-07-1010:02:36:7976761b14HandlerSelected payload type is ptSelfContained

2015-07-1010:02:36:7986761b14HandlerDetected download state is dsHavePackage

2015-07-1010:02:36:7986761b14HandlerRequest generation for CBS update complete with hr=0x0 and pfResetSandbox=0

etc...

2015-07-1010:02:36:8316761804Agent *   Title = Security Update for Windows 7 for x64-based Systems (KB3035132)

2015-07-1010:02:36:8316761804Agent *   UpdateId = {FC71042C-F577-42CA-9A82-E358D0750CCB}.201

2015-07-1010:02:36:8316761804Agent *     Bundles 1 updates:

2015-07-1010:02:36:8316761804Agent *       {9DF0E4B2-9E94-4ACC-B7F7-288A329395D6}.201

...

2015-07-1010:15:45:3206761804AgentLogHistory called. idUpdate={F3201FB1-80AC-4E3E-917C-E945C37D340E}.201, resultMapped=0, resultUnMapped=0

2015-07-1010:15:45:4226761804DnldMgrPreparing update for install, updateId = {9DF0E4B2-9E94-4ACC-B7F7-288A329395D6}.201.

2015-07-1010:15:45:42342321a94Handler:::::::::::::

2015-07-1010:15:45:42342321a94Handler:: START ::  Handler: CBS Install

2015-07-1010:15:45:42342321a94Handler:::::::::

2015-07-1010:15:50:3206761a7cReportREPORT EVENT: {08020D5B-609D-46D5-A9B8-6C28B2510A9A}2015-07-10 10:15:45:320+10001184101{F3201FB1-80AC-4E3E-917C-E945C37D340E}2010CcmExecSuccessContent Install

Installation successful and restart required for the following update: Security Update for Microsoft Office 2010 (KB2956076) 32-Bit Edition

2015-07-1010:15:50:3206761a7cReportREPORT EVENT: {C2AE2E65-3FD3-418D-9B7B-83B51D67C0C6}2015-07-10 10:15:45:422+10001181101{FC71042C-F577-42CA-9A82-E358D0750CCB}2010CcmExecSuccessContent Install

Installation Started: Windows successfully started the following update: Security Update for Windows 7 for x64-based Systems (KB3035132)

2015-07-1010:16:26:61642321a94HandlerStarting install of CBS update 9DF0E4B2-9E94-4ACC-B7F7-288A329395D6

2015-07-1010:16:26:62042321a94HandlerCBS package identity: Package_for_KB3035132~31bf3856ad364e35~amd64~~6.1.1.0

2015-07-1010:16:26:62442321a94HandlerInstalling self-contained with source=C:\Windows\SoftwareDistribution\Download\294915c03eada78951aa103c7b4f0c14\windows6.1-kb3035132-x64.cab, workingdir=C:\Windows\SoftwareDistribution\Download\294915c03eada78951aa103c7b4f0c14\inst

2015-07-1010:17:13:39142321a18HandlerFATAL: CBS called Error with 0x80092004,

2015-07-1010:17:14:41742321a94HandlerFATAL: Completed install of CBS update with type=0, requiresReboot=0, installerError=1, hr=0x80092004

2015-07-1010:17:14:43742321a94Handler:::::::::

2015-07-1010:17:14:43742321a94Handler::  END  ::  Handler: CBS Install

2015-07-1010:17:14:43742321a94Handler:::::::::::::

CAS.log

[SMS_CodePage(437), SMS_LocaleID(1033)]

instance of SoftDistDownloadStartedEvent

{

ClientID = "GUID:290AE4FE-25E4-40ED-8375-6E11304BD9A5";

DateTime = "20150709071139.205000+000";

MachineName = "LMK-D3WLF2S";

PackageId = "c6c810b3-664c-4558-989e-7b5458f8ff8e";

PackageName = "c6c810b3-664c-4558-989e-7b5458f8ff8e";

PackageVersion = "1";

ProcessID = 2884;

SiteCode = "MEL";

ThreadID = 13048;

};

]LOG]!>

ContentTransferManager.log

(LOCAL) http://SVWUTODC976.AU.SERVER.COM/SMS_DP_SMSPKGE$/MEL001D4/c646d973-56dd-480c-83cd-4cfe066b2fea

(LOCAL) file:\\SVWUTODC976.AU.SERVER.COM\SMSPKGE$\MEL001D4\c646d973-56dd-480c-83cd-4cfe066b2fea]LOG]!>

DataTransferService.log

component="DataTransferService" context="" type="1" thread="12552" file="util.cpp:1964">

context="" type="1" thread="12552" file="datatransferservice.cpp:178">

Status : SUCCESS

Start time : 07/09/2015 17:11:02

Completion time : 07/09/2015 17:11:07

Elapsed time : 5 seconds]LOG]!>

LocationServices.log

', Signature='http://SVWUTODC976.AU.SERVER.COM/SMS_DP_SMSSIG$/MEL001D4.2.tar']LOG]!>

date="07-09-2015" component="LocationServices" context="" type="1" thread="3648" file="lsutils.cpp:315">

', Signature='']LOG]!>

date="07-09-2015" component="LocationServices" context="" type="1" thread="3648" file="lsutils.cpp:315">

SdmAgent.Log

version = 1]LOG]!>

component="SdmAgent" context="" type="1" thread="9588" file="packageloaderjob.cpp:2308">

component="SdmAgent" context="" type="1" thread="9588" file="packageloaderjob.cpp:2308">

date="07-13-2015" component="SdmAgent" context="" type="1" thread="9588" file="packageloaderjob.cpp:2308">

component="SdmAgent" context="" type="1" thread="9588" file="packageloaderjob.cpp:2308">

component="SdmAgent" context="" type="1" thread="9588" file="packageloaderjob.cpp:2308">

UpdatesHandler.log

file="bundledupdate.cpp:464">

UpdatesStore.log

context="" type="1" thread="1300" file="cupdatesstore.cpp:1189">

WUAHandler.log

BITS OPERATIONAL EVENT LOG

LevelDate and TimeSourceEvent IDTask Category

Information9/07/2015 17:11Microsoft-Windows-Bits-Client60NoneBITS stopped transferring the CCMDTS Job transfer job that is associated with the http://SVWUTODC976.AU.SERVER.COM:80/SMS_DP_SMSPKGE$/MEL001D4/9df0e4b2-9e94-4acc-b7f7-288a329395d6/windows6.1-kb3035132-x64.cab URL. The status code is 0x0.

Information9/07/2015 17:11Microsoft-Windows-Bits-Client203None"The BITS service provided job credentials in response to the NEGOTIATE authentication challenge from the SVWUTODC976.AU.SERVER.COM server for the CCMDTS Job transfer job that is associated with the following URL: /SMS_DP_SMSPKGE$/MEL001D4/9df0e4b2-9e94-4acc-b7f7-288a329395d6/windows6.1-kb3035132-x64.cab.

The credentials for the S-1-5-18 user were accepted."

Information9/07/2015 17:11Microsoft-Windows-Bits-Client59NoneBITS started the CCMDTS Job transfer job that is associated with the http://SVWUTODC976.AU.SERVER.COM:80/SMS_DP_SMSPKGE$/MEL001D4/9df0e4b2-9e94-4acc-b7f7-288a329395d6/windows6.1-kb3035132-x64.cab URL.

Information9/07/2015 17:11Microsoft-Windows-Bits-Client203None"The BITS service provided job credentials in response to the NEGOTIATE authentication challenge from the SVWUTODC976.AU.SERVER.COM server for the CCMDTS Job transfer job that is associated with the following URL: /SMS_DP_SMSPKGE$/MEL001D4/9df0e4b2-9e94-4acc-b7f7-288a329395d6/windows6.1-kb3035132-x64.cab.

The credentials for the S-1-5-18 user were accepted."

Information9/07/2015 17:11Microsoft-Windows-Bits-Client60NoneBITS stopped transferring the CCMDTS Job transfer job that is associated with the http://SVWUTODC976.AU.SERVER.COM:80/SMS_MP/.sms_dcm?Id&Name=Site_373D315D-7F48-45D7-98A4-12D0D305534C/SUM_9df0e4b2-9e94-4acc-b7f7-288a329395d6&Version=1&Compression=zlib

URL. The status code is 0x0.

Information9/07/2015 17:11Microsoft-Windows-Bits-Client59NoneBITS started the CCMDTS Job transfer job that is associated with the http://SVWUTODC976.AU.SERVER.COM:80/SMS_MP/.sms_dcm?Id&Name=Site_373D315D-7F48-45D7-98A4-12D0D305534C/SUM_9df0e4b2-9e94-4acc-b7f7-288a329395d6&Version=1&Compression=zlib URL.

This thread is locked. You can follow the question or vote as helpful, but you cannot reply to this thread.

I have the same question (97)

Subscribe

Subscribe

Subscribe to RSS feed

|

Report abuse

Report abuse

Type of abuse

Harassment or threats

Inappropriate/Adult content

Nudity

Profanity

Software piracy

SPAM/Advertising

Virus/Spyware/Malware danger

Other Term of Use or Code of Conduct violation

Child exploitation or abuse

Harassment is any behavior intended to disturb or upset a person or group of people. Threats include any threat of suicide, violence, or harm to another.

Any content of an adult theme or inappropriate to a community web site.

Any image, link, or discussion of nudity.

Any behavior that is insulting, rude, vulgar, desecrating, or showing disrespect.

Any behavior that appears to violate End user license agreements, including providing product keys or links to pirated software.

Unsolicited bulk mail or bulk advertising.

Any link to or advocacy of virus, spyware, malware, or phishing sites.

Any other inappropriate content or behavior as defined by the Terms of Use or Code of Conduct.

Any image, link, or discussion related to child pornography, child nudity, or other child abuse or exploitation.

Details (required):

250 characters remaining

Cancel

Submit

Replied on July 23, 2015

Report abuse

Report abuse

Type of abuse

Harassment or threats

Inappropriate/Adult content

Nudity

Profanity

Software piracy

SPAM/Advertising

Virus/Spyware/Malware danger

Other Term of Use or Code of Conduct violation

Child exploitation or abuse

Harassment is any behavior intended to disturb or upset a person or group of people. Threats include any threat of suicide, violence, or harm to another.

Any content of an adult theme or inappropriate to a community web site.

Any image, link, or discussion of nudity.

Any behavior that is insulting, rude, vulgar, desecrating, or showing disrespect.

Any behavior that appears to violate End user license agreements, including providing product keys or links to pirated software.

Unsolicited bulk mail or bulk advertising.

Any link to or advocacy of virus, spyware, malware, or phishing sites.

Any other inappropriate content or behavior as defined by the Terms of Use or Code of Conduct.

Any image, link, or discussion related to child pornography, child nudity, or other child abuse or exploitation.

Details (required):

250 characters remaining

Cancel

Submit

1 person found this reply helpful

·

Was this reply helpful?

Yes

No

Sorry this didn't help.

Great! Thanks for your feedback.

How satisfied are you with this reply?

Thanks for your feedback, it helps us improve the site.

How satisfied are you with this reply?

Thanks for your feedback.

CH

Replied on July 23, 2015

In reply to Mithilesh Kadam's post on July 23, 2015

This doesn't provide any steps in addition to what I've already tried with the Windows Update fix it tool, except manually installing the update. Manual installation is not going to be feasible as 100s of machines are affected, and which update is affected

differs across machines.

Report abuse

Report abuse

Type of abuse

Harassment or threats

Inappropriate/Adult content

Nudity

Profanity

Software piracy

SPAM/Advertising

Virus/Spyware/Malware danger

Other Term of Use or Code of Conduct violation

Child exploitation or abuse

Harassment is any behavior intended to disturb or upset a person or group of people. Threats include any threat of suicide, violence, or harm to another.

Any content of an adult theme or inappropriate to a community web site.

Any image, link, or discussion of nudity.

Any behavior that is insulting, rude, vulgar, desecrating, or showing disrespect.

Any behavior that appears to violate End user license agreements, including providing product keys or links to pirated software.

Unsolicited bulk mail or bulk advertising.

Any link to or advocacy of virus, spyware, malware, or phishing sites.

Any other inappropriate content or behavior as defined by the Terms of Use or Code of Conduct.

Any image, link, or discussion related to child pornography, child nudity, or other child abuse or exploitation.

Details (required):

250 characters remaining

Cancel

Submit

Was this reply helpful?

Yes

No

Sorry this didn't help.

Great! Thanks for your feedback.

How satisfied are you with this reply?

Thanks for your feedback, it helps us improve the site.

How satisfied are you with this reply?

Thanks for your feedback.