Wednesday, October 7, 2009

Microsoft Security Essentials - Network and Connectivity Issues

The only time I have used an anti-virus software for myself was in 1987 (yes, more than 20 years ago) when I checked out a version from an Israeli company. I disassembled it, examined the machine instructions, and promptly uninstalled it as I could not relish the idea that every int 21 call must go through a third party. Since then I have not installed AV software on any of my computers.

If you have problems updating the MSE anti-virus files due to a proxy server, you may want to skip the long story and jump to the last paragraph below.

My daughter started using Windows 95 at age 5 and went through the peak of virus mania circa post-2000. My wife uses the computer daily to check mail and browse the Internet but she belongs to the group of the most elementary and novice type of user you can find. So within my family you can find the full range of computer users. All our computers are running Microsoft Windows and none of them has AV software installed.

It's 10 years later and none of our computers have been infected, not even once. All our computers are connected to the Internet all the time, and web browsing and emails are the major activities.

In the last few years of my working life I struggled with evading corporate requirements to have anti-virus software. Now that I have my own small business I finally have the satisfaction of banning AV software within my company.

Lately I had to work with a customer who "needs" AV software. Not wanting the bloated stuff, I dragged my feet until MSE was released. I immediately installed it for the customer on Sep 30. But updates couldn't work. The error dialog box says:

---------------------------
Microsoft Security Essentials
---------------------------
Virus & spyware definitions update failed

Microsoft Security Essentials wasn't able to check for virus & spyware definition updates.

Make sure your computer is connected to the Internet and try again.

Click 'Help' for more information about this problem.

Error code: 0x8024402c

Error description: Microsoft Security Essentials couldn't install the definition updates because the proxy server or target server names can't be resolved.
---------------------------
OK Help
---------------------------

This customer's security people have an easy time. Management forgets to include in the KPIs of the security people the amount of business done or the level of business efficiency. So everything is prohibited. And the security people are never wrong. If something gets infected, it's because someone has asked for a waiver and indemnified and released the security people from being responsible.

So this PC is in a maximum security area, where even access to a DNS server is denied. All it can connect to is a HTTP proxy server. And names are resolved by the proxy server. So if you want to go to http://ibm.com, you tell the proxy server that and it will resolve ibm.com for you.

So why doesn't MSE updates work? Internet browsing and Windows Updates work fine on this computer. After lots of spent hours, the problem came down to one of Windows Updates not using the same credentials as the logged-in user.

January 2010 update:

To cut a long story short, MSE is using different proxy settings from IE. This is according to How the Windows Update client determines which proxy server to use.  So, even if the logged in user is using a certain manually configured proxy, Windows Update is not and is trying to connect directly.  So the trick is to use proxycfg.exe.  I simply typed the following on the command line:

proxycfg -u

and, presto, all udpates went through!  The -u option copies the proxy settings from the currently logged in user.

proxcfg has gone missing in Windows Vista and Windows 7.  You should use netsh then.  The equivalent for the above is:

netsh winhttp import proxy ie


Hope it works for you too.

40 comments:

ManuG said...

Hey m8, thax a lot for ur info, the cmd line in vista worked perfectly and MSE is updating itself now...I was really goin mad and cursing microsoft for comming out with another useless programe, bt it seems this time it was not to be blamed after all..Miracles do happen

Lakshman said...

Hey m8....awesome dude. worked like a charm in windows xp. MSE is updating itself as i type. Thanks a ton. A relatively simple solution to a problem so vastly discussed online with apparently no solution

João said...

nice, i picked up the proxycfg.exe from a xp machine and it works, tanks!

And they say that GNU/Linux is complicated, i installed a xp in a virtual machine to make this work...

Deepak said...

Hey m8, thanks a lot dude.
MSE is updating now. Thanks 4 sharing knowledge


Iron

vaira said...

Brilliant Dude.. it worked jst like tat.. thanks..

sush said...

hey mate.... tried doin that bt it gives an error message that

error writing proxy setting. (5)access is denied.
current winHTTP proxy settings:
direct access (no proxy server)

dude any idea wat to do...
pls help

S/360 said...

Sush, looks like you are using Vista and has insufficient rights.

Either log in as administrator (not just an account with administrator rights), or elevate your command shell, eg right click the Command Prompt menu item and select Run as administrator.

Hope the above helps.

Anonymous said...

it works great!
Thank You
Nicola

Jay Haase said...

Thank you for the for such a useful topic. It solved my update problems.

Kenneth Scott said...

worked great! thanks for the tip!

Anonymous said...

No luck here mate....

Khan Orak

Paul said...

For Windows Vista or Windows 7 users, you need to have administrator rights for this to work.

You can do this by clicking on the start button, then type in cmd. This will show the command prompt icon as one of its results. Right click on it then click on "Run as administrator". Select Yes to run the command prompt. You can then proceed with solution.

Paul said...

For those on Windows Vista or Windows 7, you need to open the command prompt with administrator rights for this to work.

To get administrator rights, click on the start button then type in "cmd". This will show you the command prompt icon as one of its results. Right click on it then select "Run as administrator". Just click on Yes when it requests for approval.

Patrick Muiruri said...

Excellent solution. Worked with a reboot.

===Muiruri, Nairobi Kenya.=====

Anonymous said...

I dont understand how this works. Im new to all this so a step by step guide would be nice. Thanks

cyanos said...

I have been looking for something to fix this for ages. I never thought it would be this simple. THANK YOU!

Anonymous said...

It worked like a charm(even for google earth!)
thanks a lot

Anonymous said...

command worked now MSE is updating automatically...thanks a lot for the solution.

tousif said...

command worked fine.MSE is now updating automatically...
thanks a lot for the solution....

Anonymous said...

It works.thnx a lot SMART solution

Anonymous said...

Hello everyone,
I just installed MSE as it seems that my system is infected with commgr.exe, winalert.exe type files. I am using Vista home basic 32 bit OS. I have Mcafee AV software which is unable to catch these infections. I tried the tricks mentioned above to update MSE but they failed. I am using my Institutes's proxy server to access internet. Can anybody suggest me a solution. Please help...........

S/360 said...

If you are unable to download MSE updates automatically, you can still update them manually. Go to http://go.microsoft.com/fwlink/?LinkID=87342.

But an anti-virus may not be totally effective if your system was already infected before you installed the AV.

Anonymous said...

Thanks for the quick response. But I came to know one more thing that during windows update MSE updates are also available as optional updates. One may try this also.

I had Mcafee already installed yet my system got infected and even after that Mcafee was not able to detect them.

After update MSE Identified the above mentioned files and removed them.

Will you please let me know that how I may assess the effectiveness of AV?

Anonymous said...

Duuuuuuude, U R THE MANNNNNNNNNN. Its working like never B4.
Thx

Omar said...

This worked great! But no longer using a proxy, so how do I reverse the changes so it updates?

Anonymous said...

still error.all my other browser n download manager work pefect when I import proxy setting from IE.but theres same error on MSE,no internet connection

nb: I am using xp pro sp3

any other suggestion

Anonymous said...

Not work. Even after reboot. Win7 64bit.

Anonymous said...

Thank you so much. After six months of manually installing updates, this is a godsend.

Anonymous said...

Hi, I am connecting through a proxy server that uses a username and password for authentication.
I've set the proxy using the command prompt method but MSE is still giving an error.

How do I put in my proxy username and password???

McGvyer said...

Thanks a lot, man. Afterreading across the net, it seemed it was impossible to do this, but it works perfect. Thanks

mag said...

Not working for me but it was worth a try. Not sure what's going on. Had the same problem on another PC but that's now working of its own accord!

Anonymous said...

also got :
error writing proxy setting. (5)access is denied.
current winHTTP proxy settings:
direct access (no proxy server)

so I went looking for WinHTTP in the register and gave myself full control permissions and ran the command again, but still need to knpw how to get into the setting for Microsoft security essentials, when it sgreyed out!

Anonymous said...

Thank you. It took http proxy parameters from IE but what about authenticated proxy(like ldap auth)? I am unable to update MSE yet.

S/360 said...

Looks like MSE doesn't have an option to use authenticated proxies. Use the manual download method to update your MSE. See: http://support.microsoft.com/kb/971606

Anonymous said...

You are great, "Run as administrator." solved the month's problem ..

many thanks

Weekend Yachtsman said...

Worked a treat, thanks.

R@jesh said...

Wonderful man,
worked for windows 7 ..thank a lot

R@jesh said...

Wonderful man
worked for windows 7

Thank a lot

Anonymous said...

I have followed all that is suggested to remove MSE and I keep getting

error writing proxy setting. (5)access is denied.
current winHTTP proxy settings:
direct access (no proxy server)

It wont allow me to delete MSE and it wont update for me. I want to delete so I can install again...Please help

Nikki Locke said...

I just had this problem, and in my case it was caused by a stale wpad.dat file on a web server.
Apparently Security Essentials ignores the proxy settings in Internet Explorer, and those set by proxycfg, and tries to automatically configure itself from a local webserver anyway.
See my blog at http://trumphurst.blogspot.co.uk/2013/03/0x8024402c-proxy-server-or-target.html for the full gory details.