Carter said:Here are the last few lines, if you want more I have saved the report.
2006-05-25 17:35:46 3980 bdc COMAPI -- END -- COMAPI: Search [ClientId
=
Windows Defender]
2006-05-25 17:35:46 3980 bdc COMAPI -------------
2006-05-25 17:35:46 3980 c8c COMAPI WARNING: Operation failed due to
earlier
error, hr=80072EFD
2006-05-25 17:35:46 3980 c8c COMAPI FATAL: Unable to complete asynchronous
search. (hr=80072EFD)
2006-05-25 17:35:51 1016 d4 Report REPORT EVENT:
{51EC3FD6-26B4-4D1A-B132-830ABD99D69F} 2006-05-25
17:35:45+0200 1 148 101 {00000000-0000-0000-0000-000000000000} 0 80072efd
Windows
Defender Failure Software Synchronization Error: Agent failed detecting
with
reason: 0x80072efd
Thanks for your help
Bill Sanderson MVP said:This sounds very fixable--but I'm short on time now--will get back to
you.
I think it'd be good to have you do an attempted update (help, about,
check
for updates)--then open the windowsupdate log file in notepad, and cut
and
paste just the last part related to this update into a reply here:
start, run, notepad %windir%\windowsupdate.log
<enter>
Bill Sanderson MVP said:I'm particularly interested in the beginning---where it trys to get in touch
with the server--there should be a line including the string "server url".
Some lines on either side of that would probably be useful.
--
Carter said:Here are the last few lines, if you want more I have saved the report.
2006-05-25 17:35:46 3980 bdc COMAPI -- END -- COMAPI: Search [ClientId
=
Windows Defender]
2006-05-25 17:35:46 3980 bdc COMAPI -------------
2006-05-25 17:35:46 3980 c8c COMAPI WARNING: Operation failed due to
earlier
error, hr=80072EFD
2006-05-25 17:35:46 3980 c8c COMAPI FATAL: Unable to complete asynchronous
search. (hr=80072EFD)
2006-05-25 17:35:51 1016 d4 Report REPORT EVENT:
{51EC3FD6-26B4-4D1A-B132-830ABD99D69F} 2006-05-25
17:35:45+0200 1 148 101 {00000000-0000-0000-0000-000000000000} 0 80072efd
Windows
Defender Failure Software Synchronization Error: Agent failed detecting
with
reason: 0x80072efd
Thanks for your help
Bill Sanderson MVP said:This sounds very fixable--but I'm short on time now--will get back to
you.
I think it'd be good to have you do an attempted update (help, about,
check
for updates)--then open the windowsupdate log file in notepad, and cut
and
paste just the last part related to this update into a reply here:
start, run, notepad %windir%\windowsupdate.log
<enter>
--
One other thing: I downloaded the latest signatures, ran the exe file
and
restarted, but defender still says it has not been updated. Really
confusing
:
No, this is my own machine, connecting via adsl from home. It is set
up
for
a work network, however. Could this be a problem?
:
This error often indicates a machine restricted by policy settings
from
reaching Microsoft's servers. Is this a work machine, on a managed
network?
--
I have tried everthing from all the support pages, including the
process
shown below by Bill Sanderson MVP, but I apparently don't have a
winlogon.log
file. Would be really grateful for some help. Thanks.
Bill Sanderson MVP said:I still can't find that stuff-I posted it twice. However, here's an
equivalent from another user in your position.
[HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\WindowsUpdate]
I have no such key on my non-domain-joined system which has never been
connected to WSUS or SUS.
The other user did this:
"and found that two string values called "WUServer" and "WUStatusServer" are
both pointing to the National University of Singapore's server. Since these
are settings for custom update server, it can be removed. I removed them and
rebooted my machine."
However, since I don't have that key at all, I'd recommend saving the key by
exporting it to a .reg file, and then simply deleting it.
--
Bill Sanderson MVP said:Reverse the registry change. At some point, I found the instructions for
doing that (the change to manually install WSUS) and posted it twice in
these groups. However, I haven't been able to find either the original
source or those posts, looking for them yesterday.
Carter said:Forgive my possible ignorance, but how do I get to that
location?([HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\WindowsUpdate])
Bill Sanderson MVP said:I still can't find that stuff-I posted it twice. However, here's an
equivalent from another user in your position.
[HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\WindowsUpdate]
I have no such key on my non-domain-joined system which has never been
connected to WSUS or SUS.
The other user did this:
"and found that two string values called "WUServer" and "WUStatusServer"
are
both pointing to the National University of Singapore's server. Since
these
are settings for custom update server, it can be removed. I removed them
and
rebooted my machine."
However, since I don't have that key at all, I'd recommend saving the key
by
exporting it to a .reg file, and then simply deleting it.
--
Bill Sanderson MVP said:Reverse the registry change. At some point, I found the instructions
for
doing that (the change to manually install WSUS) and posted it twice in
these groups. However, I haven't been able to find either the original
source or those posts, looking for them yesterday.
--
Okay, that makes sense, I think I changed my registry at one point for
automatic updates to go through the server. If this is causing the
problem,
how can I undo it? Because I'd rather update from home anyway,
especially if
Defender can't update through that server.
:
OK - it's trying to connect to a WSUS (I think...) server at
10.0.xxx--which
is a non-routable private IP subnet.
So-- Autoupdate on your machine is locked into connecting to the
corporate
WSUS server, which can't be reached from your home (unless you
connect
via
VPN?)--and which probably isn't carrying Defender definitions anyway.
Want to reply to this thread or ask your own question?
You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.