Hi "kls01",
Herer is the full post from Dave M,
Subject: Windows Defender is Off and can't be turned on 6/12/2007 3:48 AM
PST
By: Undetected In: microsoft.private.security.spyware.general
http://www.microsoft.com/communitie...cc8f&mid=1889ab5c-f476-4371-b7c7-e4b52737cc8f
Hello,
I have a Windows Defender problem on Windows Vista Ultimate x64. It shows in
Security Center that Windows Defender is off, but when I click on the ballon
to fix it (or simply go straight to the Security Center) and click "Turn on"
button the definition update box pops up which sais "Searchin for
definitions..." after some time the box with the error sound shows up with
the message "There are no new definitions available to download for Windows
Defender" and Windows Defender stays off. I use only Vista-Integrated
security tools.
Please, help me slove this problem, as it's very annoying to see those
warnings.
Thanks
--
Dave M 6/12/2007 5:59 AM PST
Since you are running Vista not XP, navigate to the shortcut for the
Command Prompt from the Start menu and right click the shortcut and select
"run as Administrator." Then, enter the following command:
winmgmt /verifyrepository
Let us know the result displayed.
Regards, Dave
--
Undetected 6/12/2007 7:16 AM PST
Thank you for your replay, here is what i get after that command:
C:\Windows\system32>winmgmt /verifyrepository
WMI repository is consistent
C:\Windows\system32>
--
Dave M 6/12/2007 9:24 AM PST
I'm really surprised by that result. I expected it to tell you that your
repository is NOT consistent. Can you let us know what the Version numbers of
Defender show for you in the down arrow next to the ? > About Windows
Defender. I'm particularly interested in the Engine and Definition version
numbers as they exist currently.
How about any other security programs running AntiVirus or AntiSpyware or
Firewall... what are they and does security center also gripe about any of
them being turned off?
Also please confirm your system date and time are correct. Having it set
incorrectly can cause this type of behavior.
Can you update the engine and definition version numbers by going to the
malware protection center portal and downloading the Vista 64 bit definition
version manually?
Regards, Dave
--
Dave M 6/12/2007 9:30 AM PST
I intended to include the location of that portal, which can be found here:
<
http://www.microsoft.com/security/portal/>
--
Regards, Dave
--
Undetected 6/12/2007 11:00 AM PST
Thank You for advice. What is interesting, after several system reboots
problems with Windows Defender disappeared and everything works fine now. I
hope that these problems won't repeat in the future again.
--
Dave M 6/12/2007 11:51 AM PST
I wouldn't expect it, but keep those two checks handy if it should
reoccur... the WMI repository check and the system date/time check, both are
easy to fix but initially were hard to identify. They've both been reported a
few times in here as having caused problems with Defender like you
experienced.
Regards, Dave
--
dirtymoe77 6/17/2007 11:54 AM PST
Mine does this same thing and says inconsistent. How do I fix it?
--
Dave M 6/17/2007 12:52 PM PST
Hi dirtymoe77;
There are three methods, as far as I know... maybe more. I'll post all of
them here for you to take your choice:
1. If your on Vista (which is the only OS to support this command) run the
following from a command prompt as administrator not just using an admin
authority id. It may require multiple attempts to run until successful, so
just try entering it repeatedly, perhaps up to five times until completion:
winmgmt /salvagerepository
If your using Defender on any supported OS (XP or Vista) these techniques
are also claimed to work (courtesy of Steve Boots MVP):
This trick for fixing that issue in XP apparently works in Vista, too. In
Vista you probably need to run elevated. There are two ways of doing the same
thing - the first way is using the GUI and the second way is from the command
line. Your choice. Set a System Restore point first.
Method A
a.. Start>Run>services.msc [enter]
b.. Scroll down to Windows Management Instrumentation and double-click it.
Now click on the "Pause" button. Leave that window open and double-click My
Computer. Navigate to %systemroot%\Windows\System32\wbem (where %systemroot%
is the drive where XP is installed). Delete the Repository folder and *only*
the Repository folder. Now go back to the WMI service window you left open
and restart the service.
c.. This will rebuild the Repository and hopefully straighten out the
incorrect entries for all your duplicates.
d.. In order to see the Windows files, you may need to unhide them:
e.. Make sure you are able to see all hidden files and extensions (View tab
in Folder Options).
a.. Check "Display the contents of system folders".
b.. Check "Show hidden files and folders".
c.. Uncheck "Hide protected operating system files" and click "OK" to the
dialog box.
Method B from MVP Torgeir Bakken (more elegant)
Open a command window (Start/Run --> cmd.exe) and run the following commands:
net stop winmgmt
cd /d %windir%\system32\wbem
ren repository repository.old
(or delete it using the command "rd /s repository" instead of the
ren command)
net start winmgmt
It may take a minute or so to complete while WMI rebuilds the database.
Regards, Dave
