Error 0x80242002b

[Guest]

I am getting this error message after the Antispyware removal and
installation of Windows Defender beta 2; I've run the windows update, the
"Msiexec /x
{A5CC2A09-E9D3-49EC-923D-03874BBD4C2C} solution from ms and the Microsoft
installer cleaner, this did not fix the error.
I am now running the windows update to get the latest definitions to its at
least up to date. Is anyone else getting this message; I didnt see it posted

 

[Guest]

Yep. Same problem after initial install. Haven't found a fix yet. I guess a
uninstall/reinstall is the next step.

 

[Guest]

I finished the Windows Update and rebooted and still get this 0x80242002b
error message when attempting an " Check for Updates" from the help about
button; turning the Windows firewall off did not help; so I put my Ethereal
Sniffer to work and found the issue.
The request wasnt going to Microsoft via the web but to our Micrososft SUS
server for the update; I think it should try the SUS or WUS first and then
attempt a WEB update if it cannot locate a Signature update on a SUS or WUS
server because Signature updates are most likely not going to affect the OS;
where SUS and WUS servers help us to check important Microsoft Patches before
deployment.

Thats my two cents!

 

[Guest]

Hi,

i tried also the Knowledgebase help obn deleting al the settings in advanced
area of the proxy server settings in IE. but it stil reports the same error
code,
If it is to look first at a SUS or WUS how can i do that if i didn't have
one ?

KR Markud

 

[Guest]

I too am getting this error and I have tried the MS registry fix to no avail.
Mine is accompanied with some message about inserting disk with serial
number %1 for software %2 or something like that...

Utter crap! They can't even get the most IMPORTANT function of the software
to work right...exposing variable names and shit....WAY TO GO MS!!!! Just
what I expected from them.

It only took a year and a half to completely RUIN Giant AntiSpyware...

 

[Guest]

Hi,

after updating trugh windowsupdate.com with express version. everything
worked.
There is a thread written by user Engel. based on this i fixed my problem.

 

[Bill Sanderson MVP]

Signature updates can have far-reaching effects. For example, I can point
to several real-world examples where signature updates to one anti-malware
product disabled malware-protection from a different vendors product.

For whatever reasoning, the current design of the product is that updates
within Windows Defender go via AutoUpdate only. This allows corporate
networks to maintain control for the reasons you mention, among others.

--

 

[Guest]

Why put a button in that allows you to check for updates when it doesn't
work> makes no sense. A more appropriate thing to do would have been to
link the button to the Windows update site and indicate it needs to be done
there. Not spit out a generic error message and no solution.

The previous version had proxy settings, you could put in to get through a
firewall, this version does not, another step backwards as well.

Just my two cents.

 

[Bill Sanderson MVP]

The button initiates an autoupdate check. It works anywhere autoupdate
works.

The app uses the proxy settings set for IE. As I understand it, those will
not handle a firewall requiring authentication, but should work otherwise.
The workaround for firewalls requiring authentication is to allow
unauthenticated access only to the WindowsUpdate servers.

Microsoft Antispyware used a unique solution--some folks here seem to have
missed all the update related problems we had during the beta1 phase--there
were plenty of them.

The update mechanisms in beta2 are well tested and secure, and also won't
step on the toes of corporate network administrators trying to enforce
company policy.
--

 

[Guest]

I understand the need for centralized administration needs, and as such, I
would suggest at least having a home version and a "pro" version much like
the OS and lots of the other products. Pro version with all the additional
download and server admin security features, and the home version that does
allow for a proxy, and a live update button thats there now for the small to
midrange places who dont have the infrastructure in place.

All I was stating before was that the previos version could handle proxy
authentication, and would popup the login window when needed. This version
does not. It looks like a step backwards when a feature that was there and
working was removed. As there is no setting in the app for proxies any more.
My company has windows update blocked, as we do our own windows update
internally via WSUS. So without the firewall authentication I have to find
another means of getting an update, or simply not use your product. We have
no current standard for antispyware software, so I use whatever seems to work
the best that I have tested. Beta 1 worked ok. It caught a few things that
I didnt. In conjunction with a couple of other products, I can keep my
machine 99.99% spyware free. But then I am a careful internet user as well
and avoid all the crap out there.

Is there a manual "update file" that can be downloaded outside of windows
update?

Thanks.

 

[Bill Sanderson MVP]

What we are looking at is the "home user" version. for a managed
environment like yours, Microsoft's solution, which will be closely related
to Windows Defender in some ways, I believe is called Microsoft Client
Protection:

http://www.microsoft.com/windowsserversystem/solutions/security/clientprotection/default.mspx

FWIW, WSUS is the way Windows Defender definitions are intended to be
distributed--the administrator is able to enable the definitions to be
distributed right now--since January, as I recall. So if you can convince
the WSUS admin that distributing the definitions wouldn't hurt corporate
security.....

The manual method: Find a machine which can update via Windows Update
(home, whatever). After the update, start, run:

notepad %windir%\windowsupdate.log

go to the bottom of the (usually very large) file, and search backwards on
".exe" Ignore the usual short hits, and look for a very long URL--here's
the last one I have:

http://www.download.windowsupdate.c..._5d423c0277b7bab707f7c87273d8fb805b163eb2.exe
to
E:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\6d47e395115f5ae617b15ebcc4e86123\5d423c0277b7bab707f7c87273d8fb805b163eb2
(full file).


I'm putting the whole line out there so you can see the kind of thing to
look for--the initial portion before the " to " is what you need.

I'm unclear what will work in your environment, but moving that file in via
removable media will, if your systems are not locked down to the extent that
isn't possible.

--

 

[Guest]

Thanks for the info. Will use it that way for now.

 

[Guest]

My biggest complaints with this software:

1. Almost all other anti-malware software allows you to recieve a prompt for
proxy authentication or store you username and password for that
authentication. This is a no brainer, especially in a corp environment!

2. The Update Button should attempt to get updates from the WUS or SUS First
and then it attempt a direct internet update. I can still get my signature
updates by running Microsoft Windows Update which by passes Corporate SUS and
WUS, for our environment here. And who cares if you get malware signature
updates? they are not going to kill a system like a patch or security update
or Service Pack. If corporate entities are going to lock systems down they
are going to lock application installation and not allow users to install
Windows defender in the first place. As an administrator I would prefer users
to use a Microsoft solution to prevent infections so I dont mind if they get
early or extra signature updates directly from Microsoft. And it helps users
on the road who may need to get updates from various hotel connections.

None of these were issues in my previous version of Microsoft Anti Spyware

 

[Bill Sanderson MVP]

Do you think that the corporate network administrators would make those same
design choices?
--

 

[Guest]

Bill,

I absolutely do, I spoke with a number of our SA's and they agree on the two
points I listed. It would be neat to do a community pole or voting button to
see if others agree with my analysis of the software. I really feel that
authorized signature updates for Malware/Spyware have a very low chance of
negative impact to a system unless their removal process doesn’t allow for
restore of changes. Many anti-spy ware manufacturers allow for restoration of
changes. At our site we have a number of users on the road who need to get
virus definitions frequently, this also applies for Microsoft Critical
Updates; so we allow that even though we use the SUS/WUS for those who don’t
take the time to pull or automatically update their software.


Mike

 

[Bill Sanderson MVP]

Thanks--this is good feedback. I don't know what the chances are for change
in this area, but this kind of feedback may help.

I will point out that there have been a couple of recent incidents, one with
Microsoft Antispyware beta1 which disabled Symantec Corporate antivirus due
to a false positive, and another with McAfee, as I recall, which disabled
some other antivirus vendors product.

A false positive can have an immediate and damaging effect in a controlled
environment. I don't believe that false positives are going to magically go
away once the product stops being a beta--McAfee's product was not beta.
So---I think that if I were a system admin in a carefully controlled
environment, I'd want to test even antimalware signatures--both antivirus
and antispyware, against known clean systems with the standard corporate
image--before releasing them to the rest of the network.

There's a reall balancing act involved here. It is also the case that if
the environment needs to be locked down, it should (and I believe can), in
fact, be locked down with regards to access to Windows Update as well as
AutoUpdate. So--I certainly don't know all the ins and outs of the thinking
behind the present design, but I can recall seeing a message earlier that
stated that it was just that--the present design--so there may be some room
for change.

--

 

[Steve Dodson [MSFT]]

Ahh yes.. beta one

--
-steve

Steve Dodson [MSFT]
Windows Defender Beta Lead
MCSE, CISSP
http://blogs.technet.com/stevedod
--

This posting is provided "AS IS" with no warranties, and confers no rights.
Use of included script samples are subject to the terms specified at
http://www.microsoft.com/info/cpyright.htm

Note: For the benefit of the community-at-large, all responses to this
message are best directed to the newsgroup/thread from which they
originated.

 

[Steve Dodson [MSFT]]

And to reiterate... the update issue is with the Automatic Update client.
The AU Client is not currently designed to pass credentials to proxy
servers. We will not bypass any settings which corporate admins set on a
client, so if a definition update is not approved by a WSUS admin, we will
not offer it to their clients.

--
-steve

Steve Dodson [MSFT]
Windows Defender Beta Lead
MCSE, CISSP
http://blogs.technet.com/stevedod
--

This posting is provided "AS IS" with no warranties, and confers no rights.
Use of included script samples are subject to the terms specified at
http://www.microsoft.com/info/cpyright.htm

Note: For the benefit of the community-at-large, all responses to this
message are best directed to the newsgroup/thread from which they
originated.

 

[Guest]

Steve,

Storing or passing your Microsoft login credential does not bypass corporate
admins; the only antispyware programs that store credentials seem to be the
ones who dont know how to pass your Microsoft login credentials. If a person
is not allowed to use or go out a proxy is those who pass the correct
credentials. All I was asking was the ability to pass you logged in Microsoft
credentials automatically to the proxy or store my known credentials if the
program can not do this automatically.
And by the way the definitions can still be added to my system even though
it has a SUS server; I do this through Microsoft Windows Update.
If admins choose to lock things down they will lockout the ability to do
both; for those of us who like the SUS/WUS to assist us in getting updates
and have the ability to download more often it would be nice to have the
application check both paths; again I am sure that sys admins will lock both
paths down if they are that concerned that definitions are going to hose a
system! In fact those systems that are really locked down will not let users
install Windows Defender software or any other software period! I guess what
I am trying to say is make the software flexible for all party's.






--
MikeN

And to reiterate... the update issue is with the Automatic Update client.
The AU Client is not currently designed to pass credentials to proxy
servers. We will not bypass any settings which corporate admins set on a
client, so if a definition update is not approved by a WSUS admin, we will
not offer it to their clients.

--
-steve

Steve Dodson [MSFT]
Windows Defender Beta Lead
MCSE, CISSP
http://blogs.technet.com/stevedod
--

This posting is provided "AS IS" with no warranties, and confers no rights.
Use of included script samples are subject to the terms specified at
http://www.microsoft.com/info/cpyright.htm

Note: For the benefit of the community-at-large, all responses to this
message are best directed to the newsgroup/thread from which they
originated.

 

[Guest]

Steve,
Here is my version numbers:
Windows Defender Version: 1.1.1347.0
Engine Version: 1.1.1440.0
Definition Version: 1.14.1459.12

The program lists me as beta2; am I actually running beta 1?






--
MikeN

Ahh yes.. beta one

--
-steve

Steve Dodson [MSFT]
Windows Defender Beta Lead
MCSE, CISSP
http://blogs.technet.com/stevedod
--

This posting is provided "AS IS" with no warranties, and confers no rights.
Use of included script samples are subject to the terms specified at
http://www.microsoft.com/info/cpyright.htm

Note: For the benefit of the community-at-large, all responses to this
message are best directed to the newsgroup/thread from which they
originated.

The button initiates an autoupdate check. It works anywhere autoupdate
works.

The app uses the proxy settings set for IE. As I understand it, those
will not handle a firewall requiring authentication, but should work
otherwise. The workaround for firewalls requiring authentication is to
allow unauthenticated access only to the WindowsUpdate servers.

Microsoft Antispyware used a unique solution--some folks here seem to have
missed all the update related problems we had during the beta1
phase--there were plenty of them.

The update mechanisms in beta2 are well tested and secure, and also won't
step on the toes of corporate network administrators trying to enforce
company policy.