Windows Defender is Off and can't be turned on

[Guest]

Hello,

I have a Windows Defender problem on Windows Vista Ultimate x64. It shows in
Security Center that Windows Defender is off, but when I click on the ballon
to fix it (or simply go straight to the Security Center) and click "Turn on"
button the definition update box pops up which sais "Searchin for
definitions..." after some time the box with the error sound shows up with
the message "There are no new definitions available to download for Windows
Defender" and Windows Defender stays off. I use only Vista-Integrated
security tools.

Please, help me slove this problem, as it's very annoying to see those
warnings.

Thanks

 

[Dave M]

Since you are running Vista not XP, navigate to the shortcut for the
Command Prompt from the Start menu and right click the shortcut and select
"run as Administrator." Then, enter the following command:

winmgmt /verifyrepository

Let us know the result displayed.

 

[Guest]

Thank you for your replay, here is what i get after that command:

C:\Windows\system32>winmgmt /verifyrepository
WMI repository is consistent

C:\Windows\system32>

 

[Dave M]

I'm really surprised by that result. I expected it to tell you that your
repository is NOT consistent. Can you let us know what the Version numbers
of Defender show for you in the down arrow next to the ? > About Windows
Defender. I'm particularly interested in the Engine and Definition version
numbers as they exist currently.

How about any other security programs running AntiVirus or AntiSpyware or
Firewall... what are they and does security center also gripe about any of
them being turned off?


Also please confirm your system date and time are correct. Having it set
incorrectly can cause this type of behavior.

Can you update the engine and definition version numbers by going to the
malware protection center portal and downloading the Vista 64 bit
definition version manually?

 

[Dave M]

I intended to include the location of that portal, which can be found here:

http://www.microsoft.com/security/portal/

 

[Guest]

Thank You for advice. What is interesting, after several system reboots
problems with Windows Defender disappeared and everything works fine now. I
hope that these problems won't repeat in the future again.

 

[Dave M]

I wouldn't expect it, but keep those two checks handy if it should
reoccur... the WMI repository check and the system date/time check, both
are easy to fix but initially were hard to identify. They've both been
reported a few times in here as having caused problems with Defender like
you experienced.

 

[Guest]

Mine does this same thing and says inconsistent. How do I fix it?

 

[Dave M]

Hi dirtymoe77;

There are three methods, as far as I know... maybe more. I'll post all of
them here for you to take your choice:

1. If your on Vista (which is the only OS to support this command) run the
following from a command prompt as administrator not just using an admin
authority id. It may require multiple attempts to run until successful, so
just try entering it repeatedly, perhaps up to five times until completion:

winmgmt /salvagerepository

If your using Defender on any supported OS (XP or Vista) these techniques
are also claimed to work (courtesy of Steve Boots MVP):

This trick for fixing that issue in XP apparently works in Vista, too. In
Vista you probably need to run elevated. There are two ways of doing the
same thing - the first way is using the GUI and the second way is from the
command line. Your choice. Set a System Restore point first.

Method A

a.. Start>Run>services.msc [enter]
b.. Scroll down to Windows Management Instrumentation and double-click
it.
Now click on the "Pause" button. Leave that window open and
double-click
My Computer. Navigate to %systemroot%\Windows\System32\wbem (where
%systemroot% is the drive where XP is installed). Delete the Repository
folder and *only* the Repository folder. Now go back to the WMI service
window you left open and restart the service.
c.. This will rebuild the Repository and hopefully straighten out the
incorrect entries for all your duplicates.
d.. In order to see the Windows files, you may need to unhide them:
e.. Make sure you are able to see all hidden files and extensions (View
tab
in Folder Options).
a.. Check "Display the contents of system folders".
b.. Check "Show hidden files and folders".
c.. Uncheck "Hide protected operating system files" and click "OK" to
the
dialog box.


Method B from MVP Torgeir Bakken (more elegant)

Open a command window (Start/Run --> cmd.exe) and run the following
commands:


net stop winmgmt
cd /d %windir%\system32\wbem
ren repository repository.old
(or delete it using the command "rd /s repository" instead of the
ren command)
net start winmgmt

It may take a minute or so to complete while WMI rebuilds the database.

 

[Guest]

Dave,

Thank you for the help. Step 1. worked on the second try. Everything seems
to be happy now. Sorry for the delayed response. Been out of town and just
got to it.

Thanks!!!!

Hi dirtymoe77;

There are three methods, as far as I know... maybe more. I'll post all of
them here for you to take your choice:

1. If your on Vista (which is the only OS to support this command) run the
following from a command prompt as administrator not just using an admin
authority id. It may require multiple attempts to run until successful, so
just try entering it repeatedly, perhaps up to five times until completion:

winmgmt /salvagerepository

If your using Defender on any supported OS (XP or Vista) these techniques
are also claimed to work (courtesy of Steve Boots MVP):

This trick for fixing that issue in XP apparently works in Vista, too. In
Vista you probably need to run elevated. There are two ways of doing the
same thing - the first way is using the GUI and the second way is from the
command line. Your choice. Set a System Restore point first.

Method A

a.. Start>Run>services.msc [enter]
b.. Scroll down to Windows Management Instrumentation and double-click
it.
Now click on the "Pause" button. Leave that window open and
double-click
My Computer. Navigate to %systemroot%\Windows\System32\wbem (where
%systemroot% is the drive where XP is installed). Delete the Repository
folder and *only* the Repository folder. Now go back to the WMI service
window you left open and restart the service.
c.. This will rebuild the Repository and hopefully straighten out the
incorrect entries for all your duplicates.
d.. In order to see the Windows files, you may need to unhide them:
e.. Make sure you are able to see all hidden files and extensions (View
tab
in Folder Options).
a.. Check "Display the contents of system folders".
b.. Check "Show hidden files and folders".
c.. Uncheck "Hide protected operating system files" and click "OK" to
the
dialog box.


Method B from MVP Torgeir Bakken (more elegant)

Open a command window (Start/Run --> cmd.exe) and run the following
commands:


net stop winmgmt
cd /d %windir%\system32\wbem
ren repository repository.old
(or delete it using the command "rd /s repository" instead of the
ren command)
net start winmgmt

It may take a minute or so to complete while WMI rebuilds the database.


--

Regards, Dave

Mine does this same thing and says inconsistent. How do I fix it?

 

[Dave M]

Thanks for letting us know, Moe.

--

Regards, Dave

Dave,

Thank you for the help. Step 1. worked on the second try. Everything
seems
to be happy now. Sorry for the delayed response. Been out of town and
just
got to it.

Thanks!!!!

Hi dirtymoe77;

There are three methods, as far as I know... maybe more. I'll post all
of
them here for you to take your choice:

1. If your on Vista (which is the only OS to support this command) run
the
following from a command prompt as administrator not just using an admin
authority id. It may require multiple attempts to run until successful,
so
just try entering it repeatedly, perhaps up to five times until
completion:

winmgmt /salvagerepository

If your using Defender on any supported OS (XP or Vista) these
techniques
are also claimed to work (courtesy of Steve Boots MVP):

This trick for fixing that issue in XP apparently works in Vista, too.
In
Vista you probably need to run elevated. There are two ways of doing the
same thing - the first way is using the GUI and the second way is from
the
command line. Your choice. Set a System Restore point first.

Method A

a.. Start>Run>services.msc [enter]
b.. Scroll down to Windows Management Instrumentation and
double-click
it.
Now click on the "Pause" button. Leave that window open and
double-click
My Computer. Navigate to %systemroot%\Windows\System32\wbem (where
%systemroot% is the drive where XP is installed). Delete the
Repository
folder and *only* the Repository folder. Now go back to the WMI
service
window you left open and restart the service.
c.. This will rebuild the Repository and hopefully straighten out
the
incorrect entries for all your duplicates.
d.. In order to see the Windows files, you may need to unhide them:
e.. Make sure you are able to see all hidden files and extensions
(View
tab
in Folder Options).
a.. Check "Display the contents of system folders".
b.. Check "Show hidden files and folders".
c.. Uncheck "Hide protected operating system files" and click "OK"
to
the
dialog box.


Method B from MVP Torgeir Bakken (more elegant)

Open a command window (Start/Run --> cmd.exe) and run the following
commands:


net stop winmgmt
cd /d %windir%\system32\wbem
ren repository repository.old
(or delete it using the command "rd /s repository" instead of
the
ren command)
net start winmgmt

It may take a minute or so to complete while WMI rebuilds the
database.


--

Regards, Dave

Mine does this same thing and says inconsistent. How do I fix it?

:

I wouldn't expect it, but keep those two checks handy if it should
reoccur... the WMI repository check and the system date/time check,
both
are easy to fix but initially were hard to identify. They've both
been
reported a few times in here as having caused problems with Defender
like
you experienced.

--

Regards, Dave


Undetected wrote:
Thank You for advice. What is interesting, after several system
reboots
problems with Windows Defender disappeared and everything works fine
now.
I
hope that these problems won't repeat in the future again.

:

I intended to include the location of that portal, which can be
found
here:

http://www.microsoft.com/security/portal/
--

Regards, Dave


Undetected wrote:
Thank you for your replay, here is what i get after that command:

C:\Windows\system32>winmgmt /verifyrepository
WMI repository is consistent

C:\Windows\system32>




:

Since you are running Vista not XP, navigate to the shortcut for
the
Command Prompt from the Start menu and right click the shortcut
and
select
"run as Administrator." Then, enter the following command:

winmgmt /verifyrepository

Let us know the result displayed.

--

Regards, Dave


Undetected wrote:
Hello,

I have a Windows Defender problem on Windows Vista Ultimate x64.
It
shows
in
Security Center that Windows Defender is off, but when I click on
the
ballon
to fix it (or simply go straight to the Security Center) and
click
"Turn
on"
button the definition update box pops up which sais "Searchin for
definitions..." after some time the box with the error sound
shows
up
with
the message "There are no new definitions available to download
for
Windows
Defender" and Windows Defender stays off. I use only
Vista-Integrated
security tools.

Please, help me slove this problem, as it's very annoying to see
those
warnings.

Thanks