MORE INFORMATION
Warning Serious problems might occur if you modify the registry incorrectly by using Registry Editor or by using another method. These problems might require that you reinstall your operating system. Microsoft cannot guarantee that these problems can be solved. Modify the registry at your own risk.
Format
The follow table lists the basic format:
| Date | Time | PID | TID | Component | Text |
| 2005-06-01 | 18:30:03 | 992 | 810 | Misc | =
Logging initialized |
| 2005-06-01 | 18:30:03 | 992 | 810 | Misc | =
Process: |
| 2005-06-01 | 18:30:03 | 992 | 810 | Misc | =
Module: |
Components
The following components can write to the Windowsupdate.log
file:
- AGENT- Windows Update agent
- AU- Automatic Updates is performing this task
- AUCLNT- Interaction by AU with the logged on user
- CDM-Device Manager
- CMPRESS-Compression agent
- COMAPI-Windows Update API
- DRIVER-Device driver information
- DTASTOR-Handles database transactions
- DWNLDMGR- Creates and monitors download jobs
- EEHNDLER-Expression handler used to evaluate update applicability
- HANDLER-Manages the update installers
- MISC- General service information
- OFFLSNC-Detect available updates when not connected to the network
- PARSER- Parses expression information
- PT- Synchronizes updates information to the local datastore
- REPORT-Collects reporting information
- SERVICE- Startup/Shutdown of the Automatic Updates service
- SETUP- Installs new versions of the Windows Update client when
available
- SHUTDWN- Install at shutdown feature
- WUREDIR-The Windows Update redirector files
- WUWEB- The Windows Update ActiveX control
How to identify the caller
Identify the correct caller for the issue that you are
experiencing. For example, if you receive an error when you are accessing the
Windows Update Web site, locate the "Windowsupdate"
callerID.
Example 1
The log file distinguishes among the following three
callers:
2005-06-01 18:30:33 992 58c Agent *************
2005-06-01 18:30:33 992 58c Agent ** START ** Agent: Finding updates [CallerId = WindowsUpdate]
2005-06-01 18:30:33 992 58c Agent *********
Example 2
2005-06-22 13:02:11 1000 594 Agent *************
2005-06-22 13:02:11 1000 594 Agent ** START ** Agent: Finding updates [CallerId = MicrosoftUpdate]
2005-06-22 13:02:11 1000 594 Agent *********
Example 3
2005-06-02 11:37:18 992 4e8 Agent *************
2005-06-02 11:37:18 992 4e8 Agent ** START ** Agent: Finding updates [CallerId = AutomaticUpdates]
2005-06-02 11:37:18 992 4e8 Agent *********
General configuration settings
The Windowsupdate.log log file records the general service settings when the Automatic Updates service starts. The first section records the following information:
- The client
version
- The directory that is being used
- The access type
- The default proxy
- The current network
state
Note The proxy is listed in the Windowsupdate.log log file only if the proxy is configured
by using the Proxycfg.exe utility.
2005-06-01 18:30:03 992 810 Service *************
2005-06-01 18:30:03 992 810 Service ** START ** Service: Service startup
2005-06-01 18:30:03 992 810 Service *********
2005-06-01 18:30:03 992 810 Agent * WU client version 5.8.0.2468
2005-06-01 18:30:03 992 810 Agent * SusClientId = '071ffd36-f490-4d63-87a7-f7b11866b9fb'
2005-06-01 18:30:03 992 810 Agent * Base directory: C:\WINDOWS.0\SoftwareDistribution
2005-06-01 18:30:03 992 810 Agent * Access type: Named proxy
2005-06-01 18:30:03 992 810 Agent * Default proxy: test:80
2005-06-01 18:30:03 992 810 Agent * Network state: Connected
2005-06-01 18:30:03 992 7a0 Agent *********** Agent: Initializing Windows Update Agent ***********
The next section displays the Windows Server Update Services (WSUS) server that is available to
the client. In this example, the settings are NULL because a WSUS server is
not being used. If Software Update Services (SUS) is configured, the settings are displayed in this
location:
2005-06-01 18:30:03 992 7a0 Agent *********** Agent: Initializing global settings cache ***********
2005-06-01 18:30:03 992 7a0 Agent * WSUS server: <NULL>
2005-06-01 18:30:03 992 7a0 Agent * WSUS status server: <NULL>
2005-06-01 18:30:03 992 7a0 Agent * Target group: (Unassigned Computers)
2005-06-01 18:30:03 992 7a0 Agent * Windows Update access disabled: No
2005-06-01 18:30:04 992 7a0 DnldMgr Download manager restoring 0 downloads
2005-06-01 18:30:09 3948 918 Misc =========== Logging initialized (build: 5.8.0.2469, tz: -0700) ===========
2005-06-01 18:30:09 3948 918 Misc = Process: C:\Program Files\Internet Explorer\iexplore.exe
2005-06-01 18:30:09 3948 918 Misc = Module: C:\WINDOWS.0\system32\wuweb.dll
Locating Failures in the log file
If you received a specific error message on the Windows
Update Web site, follow these steps:
- Open the Windowsupdate.log log file in Notepad.
- On the Edit menu, click Find, and then search for the
specific error message.
Note The Web site displays the final error message. This final error
message may have been caused by a failure that is described earlier in the Windowsupdate.log log file. Additionally, if
you do not know which error occurred on the Windows update Web site or
you want to find more information about a failure by Automatic Updates,
search for the following key words:
Note Not all warnings are critical errors. Start with the fatal errors and then work to the top of the Windowsupdate.log log file to make sure
that you have identified the correct error message.
Example of a common failure
First search for the key word "FATAL":
2005-06-02 04:32:01 992 158 Setup FATAL: IsUpdateRequired failed with error 0x80072eef
The error that you locate is 0x80072EEF. Scroll
up in the Windowsupdate.log log file to find the following closest word:
2005-06-02 04:32:01 992 158 Misc WARNING: Send failed with hr = 80072eef.
2005-06-02 04:32:01 992 158 Misc WARNING: SendRequest failed with hr = 80072eef. Proxy List used: <Test:80 > Bypass List used : <(null)> Auth Schemes used : <NTLM;Negotiate (NTLM or Kerberos);>
2005-06-02 04:32:01 992 158 Misc WARNING: WinHttp: SendRequestUsingProxy failed for <http://update.microsoft.com/v6/windowsupdate/redir/wuredir.cab>. error 0x80072eef
In this example, the proxy server "Test" is not
valid. The "Test" server being invalid is the cause of the error.
Basics of a Windowsupdate.log file
Service startup
2005-06-01 18:30:03 992 810 Service *************
2005-06-01 18:30:03 992 810 Service ** START ** Service: Service startup
2005-06-01 18:30:03 992 810 Service *********
The Windows Update agent displays available parameters
2005-06-01 18:30:03 992 810 Agent * WU client version 5.8.0.2468
2005-06-01 18:30:03 992 810 Agent * SusClientId = '071ffd36-f490-4d63-87a7-f7b11866b9fb'
2005-06-01 18:30:03 992 810 Agent * Base directory: C:\WINDOWS.0\SoftwareDistribution
2005-06-01 18:30:03 992 810 Agent * Access type: Named proxy
2005-06-01 18:30:03 992 810 Agent * Default proxy: test:80
2005-06-01 18:30:03 992 810 Agent * Network state: Connected
2005-06-01 18:30:03 992 7a0 Agent *********** Agent: Initializing Windows Update Agent ***********
2005-06-01 18:30:03 992 7a0 Agent *********** Agent: Initializing global settings cache ***********
2005-06-01 18:30:03 992 7a0 Agent * WSUS server: <NULL>
2005-06-01 18:30:03 992 7a0 Agent * WSUS status server: <NULL>
2005-06-01 18:30:03 992 7a0 Agent * Target group: (Unassigned Computers)
A user accesses the Windows Update Web site by using Microsoft Internet Explorer and the ActiveX control is loaded
2005-06-01 18:30:09 3948 918 Misc =========== Logging initialized (build: 5.8.0.2469, tz: -0700) ===========
2005-06-01 18:30:09 3948 918 Misc = Process: C:\Program Files\Internet Explorer\iexplore.exe
2005-06-01 18:30:09 3948 918 Misc = Module: C:\WINDOWS.0\system32\wuweb.dll
The Setup component checks the installed version of the Windows Update client to see if the Windows Update client must be updated
2005-06-01 18:30:09 3948 918 Setup *********** Setup: Checking whether self-update is required ***********
2005-06-01 18:30:09 3948 918 Setup * Inf file: C:\WINDOWS.0\SoftwareDistribution\WebSetup\wusetup.inf
2005-06-01 18:30:09 3948 918 Setup Update required for C:\WINDOWS.0\system32\cdm.dll: target version = 5.8.0.2468, required version = 5.8.0.2468
2005-06-01 18:30:09 3948 918 Setup * IsUpdateRequired = No
The client clicks the "Express" or "Custom" button to start a search
2005-06-01 18:30:32 3948 918 COMAPI -------------
2005-06-01 18:30:32 3948 918 COMAPI -- START -- COMAPI: Search [ClientId = WindowsUpdate]
2005-06-01 18:30:32 3948 918 COMAPI ---------
2005-06-01 18:30:32 3948 918 COMAPI - Online = Yes; Ignore download priority = No
2005-06-01 18:30:32 3948 918 COMAPI - Criteria = "IsInstalled=0 and IsHidden=1"
2005-06-01 18:30:32 3948 918 COMAPI - ServiceID = {9482F4B4-E343-43B6-B170-9A65BC822C77}
COMAPI submits the search to the agent. Therefore, the second
part is:
2005-06-01 18:30:33 3948 918 COMAPI <<-- SUBMITTED -- COMAPI: Search [ClientId = WindowsUpdate]
2005-06-01 18:30:33 992 58c Agent *************
2005-06-01 18:30:33 992 58c Agent ** START ** Agent: Finding updates [CallerId = WindowsUpdate]
2005-06-01 18:30:33 992 58c Agent *********
Protocol talker synchronizes the list of updates with the local database on the client computer
2005-06-02 12:09:28 992 4e8 PT +++++++++++ PT: Synchronizing server updates +++++++++++
2005-06-02 12:09:28 992 4e8 PT + ServiceId = {9482F4B4-E343-43B6-B170-9A65BC822C77}, Server URL = https://update.microsoft.com/v6/ClientWebService/client.asmx
2005-06-02 12:09:35 992 4e8 PT +++++++++++ PT: Synchronizing extended update info +++++++++++
2005-06-02 12:09:35 992 4e8 PT + ServiceId = {9482F4B4-E343-43B6-B170-9A65BC822C77}, Server URL = https://update.microsoft.com/v6/ClientWebService/client.asmx
2005-06-02 12:09:36 992 4e8 Agent * Found 0 updates and 10 categories in search
The Windows Update agent searches for available updates
2005-06-02 12:09:36 992 4e8 Agent *************
2005-06-02 12:09:36 992 4e8 Agent ** START ** Agent: Finding updates [CallerId = WindowsUpdate]
2005-06-02 12:09:36 992 4e8 Agent *********
2005-06-02 12:09:36 992 4e8 Agent * Added update {AC94DB3B-E1A8-4E92-9FD0-E86F355E6A44}.100 to search result
2005-06-02 12:09:37 992 4e8 Agent * Found 6 updates and 10 categories in searchThe user is offered one update and then chooses to install the one update
2005-06-02 12:10:41 1660 d0c COMAPI -------------
2005-06-02 12:10:41 1660 d0c COMAPI -- START -- COMAPI: Install [ClientId = WindowsUpdate]
2005-06-02 12:10:41 1660 d0c COMAPI ---------
2005-06-02 12:10:41 1660 d0c COMAPI - Allow source prompts: Yes; Forced: No; Force quiet: No
2005-06-02 12:10:41 1660 d0c COMAPI - Updates in request: 1
2005-06-02 12:10:41 1660 d0c COMAPI - ServiceID = {9482F4B4-E343-43B6-B170-9A65BC822C77}
2005-06-02 12:10:41 1660 d0c COMAPI - Updates to install = 1
2005-06-02 12:10:41 1660 d0c COMAPI <<-- SUBMITTED -- COMAPI: Install [ClientId = WindowsUpdate]
The Windows Update agent starts the installation process
2005-06-02 12:10:41 992 58c Agent *************
2005-06-02 12:10:41 992 58c Agent ** START ** Agent: Installing updates [CallerId = WindowsUpdate]
2005-06-02 12:10:41 992 58c Agent *********
2005-06-02 12:10:41 992 58c Agent * Updates to install = 1
2005-06-02 12:10:41 992 58c Agent * Title = <NULL>
2005-06-02 12:10:41 992 58c Agent * UpdateId = {19813D2E-0144-43CA-AEBB-71263DFD81FD}.100
2005-06-02 12:10:41 992 58c Agent * Bundles 1 updates:
2005-06-02 12:10:41 992 58c Agent * {08D9F87F-7EA2-4523-9F02-0931E291908E}.100
The Windows Update agent calls the appropriate handler to install the package by impersonating the user who is logged on
2005-06-02 12:10:46 992 58c Handler Attempting to create remote handler process as Machine\User in session 0
2005-06-02 12:10:46 992 58c DnldMgr Preparing update for install, updateId = {08D9F87F-7EA2-4523-9F02-0931E291908E}.100.
2005-06-02 12:10:47 3348 70c Handler :::::::::::::
2005-06-02 12:10:47 3348 70c Handler :: START :: Handler: Command Line Install
2005-06-02 12:10:47 3348 70c Handler :::::::::
2005-06-02 12:10:47 3348 70c Handler : Updates to install = 1
2005-06-02 12:11:01 3348 70c Handler : Command line install completed. Return code = 0x00000000, Result = Succeeded, Reboot required = false
Note The installation is successful and the restart is not
required.
How to enable extended logging
Microsoft Product Support Services may ask you to turn on verbose logging. To turn on verbose logging, add the following registry key with two
values:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Trace
Value
name: Flags
Value type: REG_DWORD
Value data: 00000007
Value
name: Level
Value type: REG_DWORD
Value data: 00000004
This
registry key turns on an extended tracing to the
%systemroot%\Windowsupdate.log file. Additionally, this
registry key turns on an extended tracing to any attached debuggers.