We have about a 20% failure rate on the deployment of Fixlet ID 402534103: MS17-JUL: Security Monthly Quality Rollup - Monthly Rollup - Windows 7 SP1 - KB4025341 (x64). The Action Script Execution Details all say Completed. Any idea how to get meaningful information out of these exit codes?
I’m certain that a hex translator would work but I wasn’t getting the expected results using Windows Calculator in Programmer mode; I double check and I see it is correct. I’m loosing my mind.
Manually installing it on a failed system using the same download and command line that the fixlet uses worked, so I’m going to redeploy just this patch (not forcing a reboot though). That should get my failure rate down. Still not sure why these would fail, these “Rollups” aren’t fun…
Click the “Binary Type” drop-down, and select “signed 32-bit”, then in the decimal field you can enter the original -2146885628 which yields hexadecimal 80092004.
Internally, the return value is simply 32-bits of binary values. It’s only when you try to represent it as a “signed integer” in the return code, that the highest bit is considered a “negative sign” bit and it’s displayed as a negative value. When representing a negative value, basically every bit is flipped, add a “1”, and display the result with a negative sign. But to display the (actual) result in hex, we have to “not do” all of that.
10000000000010010010000000000100 = 0x80092004
But, when displayed as a “signed integer” type, that leading 1 indicates a negative value, the two’s complement operation is performed on it, and you get a -2146885628 displayed.
The patch "4346084: Intel microcode updates - Windows 10 Version 1803 - KB4346084 (x64) (V3.0)"
Was failed with the exit code -2145124330 on one of the computer in our recent patching.
All the lines in the fixlet were completed successfully but it’s failed with the exit code.
Do you know what’s the solution for this exit code -2145124330?
That’s a Microsoft Exit code in decimal and you need to translate it into hexadecimal, which would be 0x80240016. You would then Google that code and find that it is the “it could be anything” error code.
Best way to fix is to create a baseline with the patch preceded by a “Windows Update Troubleshooting” fixlet, whose Action Script is:
// Checks to see if Windows Update service is Disabled
if {start type of service "wuauserv" = "disabled"}
waithidden cmd /C sc config {"wuauserv"} start= demand
endif
// Stops Windows Update service if running
if {state of service "wuauserv" = "Running"}
waithidden net stop wuauserv
endif
// Deletes Windows Update DataStore
folder delete "C:\windows\SoftwareDistribution\DataStore"
We actually not only run that, but run a SFC /scan now followed by a 20 minute delay, followed by the code above, followed by our troubled patch.
There is a great log viewer in the Microsoft SCCM Client Toolkit called CMTrace and this has a error code lookup feature (via Ctrl-L) that is great for searching various formats of Microsoft error codes.
FYI: Fixlet “4346084: Intel microcode updates - Windows 10 Version 1803 - KB4346084 (x64) (V3.0)” is not showing on the relevant for the problematic client.
So as you suggested still you want me to deploy a baseline with the below things?Please confirm me
1)Windows Update Troubleshooting Fixlet with the action script gave by you
2)Fixlet “4346084: Intel microcode updates - Windows 10 Version 1803 - KB4346084 (x64) (V3.0)”
i didn’t understood on the scan/SFC where i need to add with the which action script?
I don’t want you do to anything. They’re your systems. I was just trying to offer some helpful information. Bottom line: Your issues aren’t BigFix related and better suited for a Microsoft forum.
SFC is a very common Microsoft troubleshooting command.
AVT Thanks so much for this thread and everyone who contributed sensible resolutions! I’ve been trying to fully understand how to fix this for years and now I really feel empowered.
