Содержание
- Microsoft antimalware has encountered an error trying to update signatures
- Answered by:
- Question
- Answers
- All replies
- Microsoft antimalware has encountered an error trying to update signatures
- Asked by:
- Question
- Microsoft antimalware has encountered an error trying to update signatures
- Answered by:
- Question
- Answers
- All replies
- Microsoft antimalware has encountered an error trying to update signatures
- Answered by:
- Question
- Answers
- All replies
Microsoft antimalware has encountered an error trying to update signatures
This forum has migrated to Microsoft Q&A. Visit Microsoft Q&A to post new questions.
Answered by:
Question
About 75% of our servers running 2012R2 or 2008R2 have been failing to update the engine and definition updates. The last successful update was applied on 4/25/16. We are now getting this error 0x80508001 logged each time, even when doing a manual update by running the most recent mpam-fe package. Any ideas out there? I have not been able to locate much information on this error. The funny thing is that all the Windows 7 client machines are still updating fine.
Microsoft Antimalware has encountered an error trying to update signatures.
New Signature Version: 1.219.682.0
Previous Signature Version: 1.217.2362.0
Update Source: User
Update Stage: Install
Source Path:
Signature Type: AntiSpyware
Update Type: Full
User: BOSAPPARELholmesj
Current Engine Version: 1.1.12706.0
Previous Engine Version: 1.1.12603.0
Error code: 0x80508001
Error description: A problem is preventing the program from starting. Install any available updates, and then try to start the program again. For information on installing updates, see Help and Support.
Microsoft Antimalware has encountered an error trying to update signatures.
New Signature Version: 1.219.682.0
Previous Signature Version: 1.217.2362.0
Update Source: User
Update Stage: Install
Source Path:
Signature Type: AntiVirus
Update Type: Full
User: BOSAPPARELholmesj
Current Engine Version: 1.1.12706.0
Previous Engine Version: 1.1.12603.0
Error code: 0x80508001
Error description: A problem is preventing the program from starting. Install any available updates, and then try to start the program again. For information on installing updates, see Help and Support.
Microsoft Antimalware has encountered an error trying to update the engine.
New Engine Version: 1.1.12706.0
Previous Engine Version: 1.1.12603.0
Engine Type: Antimalware
User: BOSAPPARELholmesj
Error Code: 0x80508001
Error description: A problem is preventing the program from starting. Install any available updates, and then try to start the program again. For information on installing updates, see Help and Support.
Answers
- Proposed as answer by Xin Guo Microsoft contingent staff Friday, May 20, 2016 9:13 AM
- Marked as answer by Xin Guo Microsoft contingent staff Wednesday, June 1, 2016 2:02 AM
Do you have the latest version of the SCEP client installed? Currently, version 4.9.219.0:
Have you reviewed the log file WindowsUpdate.log?
Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.
Appears to be latest version of SCEP:
Antimalware Client Version: 4.9.219.0
Engine Version: 1.1.12603.0
Antivirus definition: 1.217.2362.0
Antispyware definition: 1.217.2362.0
Policy Name: Antimalware Policy
Policy Applied: 2/4/2016 at 8:08 PM
Here is what looks to be the relevant information from WindowsUpdate.log. Although I thought that by running the mpam-fe package I was bypassing windows update?
2016-05-03 19:31:09:196 936 e10 DnldMgr Preparing update for install, updateId = <72843d3b-ba18-4126-8274-d1a8c3ac03d8>.200.
2016-05-03 19:31:30:086 936 e10 DnldMgr ExtractUpdateFiles: 0x00000000
2016-05-03 19:31:30:087 5988 11a8 Handler .
2016-05-03 19:31:30:087 5988 11a8 Handler :: START :: Handler: Command Line Install
2016-05-03 19:31:30:087 5988 11a8 Handler .
2016-05-03 19:31:30:087 5988 11a8 Handler : Updates to install = 1
2016-05-03 19:31:31:809 5988 11a8 Handler : WARNING: Command line install completed. Return code = 0x80508001, Result = Failed, Reboot required = false
2016-05-03 19:31:31:809 5988 11a8 Handler : WARNING: Exit code = 0x8024200B
2016-05-03 19:31:31:809 5988 11a8 Handler .
2016-05-03 19:31:31:809 5988 11a8 Handler :: END :: Handler: Command Line Install
2016-05-03 19:31:31:809 5988 11a8 Handler .
2016-05-03 19:31:31:810 936 e10 Agent LogHistory called. idUpdate=<9432e958-bcb3-4f38-84b4-669f6d7043ef>.200, resultMapped=80070643, resultUnMapped=80508001
2016-05-03 19:31:31:898 936 e10 Agent *********
2016-05-03 19:31:31:898 936 e10 Agent ** END ** Agent: Installing updates [CallerId = System Center Endpoint Protection (DDEFDD14-250E-4DC8-A0B3-9D667EC5D8EB)]
2016-05-03 19:31:31:898 936 e10 Agent *************
2016-05-03 19:31:31:898 936 e10 IdleTmr WU operation (CInstallCall::Init ID 3, operation # 321) stopped; does not use network; is not at background priority
2016-05-03 19:31:31:898 2024 1074 COMAPI >>— RESUMED — COMAPI: Install [ClientId = System Center Endpoint Protection (DDEFDD14-250E-4DC8-A0B3-9D667EC5D8EB)]
2016-05-03 19:31:31:898 936 e10 IdleTmr Decremented idle timer priority operation counter to 0
2016-05-03 19:31:31:898 2024 1074 COMAPI — Install call complete (succeeded = 0, succeeded with errors = 0, failed = 1, unaccounted = 0)
2016-05-03 19:31:31:898 2024 1074 COMAPI — Reboot required = No
2016-05-03 19:31:31:898 2024 1074 COMAPI — WARNING: Exit code = 0x00000000; Call error code = 0x80240022
2016-05-03 19:31:31:898 2024 1074 COMAPI ———
2016-05-03 19:31:31:898 2024 1074 COMAPI — END — COMAPI: Install [ClientId = System Center Endpoint Protection (DDEFDD14-250E-4DC8-A0B3-9D667EC5D8EB)]
2016-05-03 19:31:31:898 2024 1074 COMAPI ————-
Источник
Microsoft antimalware has encountered an error trying to update signatures
This forum has migrated to Microsoft Q&A. Visit Microsoft Q&A to post new questions.
Asked by:
Question
We are trying to allow our client machines to communicate/update windows defender from MMPC. For some reason, it will not connect to MMPC:
It seems to be ignoring the local proxy settings so I think that is the reason it will not connect to MMPC? I used a network monitor and found that neither the localservice nor the networkservice or the localsystem account seem to use the proxy server that I defined in IE.
Is there a way for force Defender MMPC update to use the proxy of a logged in user? TIA
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 117.2.0.0
Update Source: Microsoft Malware Protection Center
Signature Type: Network Inspection System
Update Type: Full
User: NT AUTHORITYNETWORK SERVICE
Current Engine Version:
Previous Engine Version: 2.1.13804.0
Error code: 0x80072ee2
Error description: The operation timed out
Источник
Microsoft antimalware has encountered an error trying to update signatures
This forum has migrated to Microsoft Q&A. Visit Microsoft Q&A to post new questions.
Answered by:
Question
Win7 64 bit. New, clean installation. No 3rd party security software (firewall or virus scanner).
I’ve been try find a way to get my system to update with firewall on for weeks. I have trusted sites set and have run the cross-your-fingers-and-hope general fixit. I subsequently discovered firewall on, run update either from the update applet or Security Essentials, the update process would run so far then do nothing until I switch off firewall. As soon as firewall is turned off, updates begin to download.
Event log carries entries similar the the following (NB www.download.windowsupdate.com is set as a trusted site):
Name resolution for the name www.download.windowsupdate.com timed out after none of the configured DNS servers responded.
Name resolution for the name dns.msftncsi.com timed out after none of the configured DNS servers responded.
Microsoft Antimalware has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.123.297.0
Update Source: Microsoft Update Server
Update Stage: Download
Source Path: http://www.microsoft.com
Signature Type: AntiVirus
Update Type: Full
User: NT AUTHORITYSYSTEM
Current Engine Version:
Previous Engine Version: 1.1.8202.0
Error code: 0x80240022
Error description: The program can’t check for definition updates.
Answers
I have installed many Windows 7 operating systems and never met any error caused by update. However, I have aplied chipset driver first after vanilla plain install, then I installed video, lan and audio drivers. When I have device manager clean and no unknown device remained in the list, I started update.
Any troubleshooting of updates is based on the content of WindowsUpdate.log and ReportingEvents.log files. Read files from the bottom up. reveal your findings here.
Error code 0x80240022 is covered in knowledge base article http://support.microsoft.com/kb/918355/en-us or you automatic update fixit tool see KB971058.
According to your description, this issue should be related with the firewall configurations.
You may refer to the following link to check if it helps:
Also, I notice you have posted this issue before . In order to avoid confusion and keep track of issue, I recommend to keep working with the previous thread as link below: http://social.technet.microsoft.com/Forums/en-US/w7itprogeneral/thread/c832cf48-cbc0-4b49-9b88-d3c23e806e94
According to your description, this issue should be related with the firewall configurations.
You may refer to the following link to check if it helps:
Also, I notice you have posted this issue before . In order to avoid confusion and keep track of issue, I recommend to keep working with the previous thread as link below: http://social.technet.microsoft.com/Forums/en-US/w7itprogeneral/thread/c832cf48-cbc0-4b49-9b88-d3c23e806e94
Hi Tracy. You are correct. However, there was no response to my updated question on that thread. Also, I now only have a single issue left to resolve — bit its a tought one. The fact that update runs after firewall is switched off is a farily convincing argument that the issue is firewall related. It MUST be a settings problem but I can find no help on configuring firewall Win 7 64 bit.
I have none of the Firewalls listed in the link you supplied. I use Win 7 firewall and am not accessing internet via proxy.
Источник
Microsoft antimalware has encountered an error trying to update signatures
This forum has migrated to Microsoft Q&A. Visit Microsoft Q&A to post new questions.
Answered by:
Question
Win7 64 bit. New, clean installation. No 3rd party security software (firewall or virus scanner).
I’ve been try find a way to get my system to update with firewall on for weeks. I have trusted sites set and have run the cross-your-fingers-and-hope general fixit. I subsequently discovered firewall on, run update either from the update applet or Security Essentials, the update process would run so far then do nothing until I switch off firewall. As soon as firewall is turned off, updates begin to download.
Event log carries entries similar the the following (NB www.download.windowsupdate.com is set as a trusted site):
Name resolution for the name www.download.windowsupdate.com timed out after none of the configured DNS servers responded.
Name resolution for the name dns.msftncsi.com timed out after none of the configured DNS servers responded.
Microsoft Antimalware has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.123.297.0
Update Source: Microsoft Update Server
Update Stage: Download
Source Path: http://www.microsoft.com
Signature Type: AntiVirus
Update Type: Full
User: NT AUTHORITYSYSTEM
Current Engine Version:
Previous Engine Version: 1.1.8202.0
Error code: 0x80240022
Error description: The program can’t check for definition updates.
Answers
I have installed many Windows 7 operating systems and never met any error caused by update. However, I have aplied chipset driver first after vanilla plain install, then I installed video, lan and audio drivers. When I have device manager clean and no unknown device remained in the list, I started update.
Any troubleshooting of updates is based on the content of WindowsUpdate.log and ReportingEvents.log files. Read files from the bottom up. reveal your findings here.
Error code 0x80240022 is covered in knowledge base article http://support.microsoft.com/kb/918355/en-us or you automatic update fixit tool see KB971058.
According to your description, this issue should be related with the firewall configurations.
You may refer to the following link to check if it helps:
Also, I notice you have posted this issue before . In order to avoid confusion and keep track of issue, I recommend to keep working with the previous thread as link below: http://social.technet.microsoft.com/Forums/en-US/w7itprogeneral/thread/c832cf48-cbc0-4b49-9b88-d3c23e806e94
According to your description, this issue should be related with the firewall configurations.
You may refer to the following link to check if it helps:
Also, I notice you have posted this issue before . In order to avoid confusion and keep track of issue, I recommend to keep working with the previous thread as link below: http://social.technet.microsoft.com/Forums/en-US/w7itprogeneral/thread/c832cf48-cbc0-4b49-9b88-d3c23e806e94
Hi Tracy. You are correct. However, there was no response to my updated question on that thread. Also, I now only have a single issue left to resolve — bit its a tought one. The fact that update runs after firewall is switched off is a farily convincing argument that the issue is firewall related. It MUST be a settings problem but I can find no help on configuring firewall Win 7 64 bit.
I have none of the Firewalls listed in the link you supplied. I use Win 7 firewall and am not accessing internet via proxy.
Источник
So I tought posting a blog for everyone that’s frustrated like me and looking for a solution for something that might be considered logical. WHY ON EARTH IS FOREFRONT NOT UPDATING!!!!
My freshly installed Windows Server 2012 installation with Forefront Endpoint Protection (FEP) installed just wouldn’t update. Googling the error message gave me a lot of ‘you’re infected’ posts. And in the end (again) it’s just a stupid button you have to click. So first the error (screenshot and text (so ppl can actually find it ;-))) (Scroll down for Server Core instructions)
Microsoft Forefront Endpoint Protection
Virus and spyware definitions update failed
Forefront Endpoint Protection could not check for virus and spyware definition updates due to an Internet or network connectivity issue.
Error code: 0x80070490
Error description: Forefront Endpoint Protection couldn’t install the definition updates. Please try again later.
In the eventlog you will see the following nothing saying message:
Microsoft Antimalware has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.143.1680.0
Update Source: Microsoft Update Server
Update Stage: Search
Source Path: http://www.microsoft.com
Signature Type: AntiVirus
Update Type: Full
User: NT AUTHORITYSYSTEM
Current Engine Version:
Previous Engine Version: 1.1.9103.0
Error code: 0x80248014
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
The Windows Update Log will say the following:
>>– RESUMED — COMAPI: Search [ClientId = Microsoft Forefront Endpoint Protection (1F383481-F70E-4E7A-8B69-C4B4A23928E3)]
– Updates found = 0
– WARNING: Exit code = 0x00000000, Result code = 0x80248014
———
— END — COMAPI: Search [ClientId = Microsoft Forefront Endpoint Protection (1F383481-F70E-4E7A-8B69-C4B4A23928E3)]
————-
WARNING: Operation failed due to earlier error, hr=80248014
FATAL: Unable to complete asynchronous search. (hr=80248014)
And you’re thinking…… what……..?!? 😯
Well it’s just Microsoft disabling updates for all other Microsoft products except Windows by default. What you need to to solve it: Open up your windows update screen. You will see directely what your causes your error. Updates are enabled for Windows only.
Click find out more In the browser that opens check I agree and click Install
Now Windows Update will download updates for ‘other Microsoft Products’ as well. And there you have it. FEP will update like a charm
How to fix this on Windows 2008/2008R2/2012/2012R2 Server Core
Update: I’m playing around with Server Core a little at the moment. Ran into the same problem. Easy to fix, hard to find on the internet.
First run a little powershell command:
$ServiceManager = New-Object -ComObject "Microsoft.Update.ServiceManager"; $ServiceManager.ClientApplicationID = "My App"; $ServiceManager.AddService2("7971f918-a847-4430-9279-4a52d1efe18d",7,"")
Next update your FEP signatures
PS C:Program FilesMicrosoft Security ClientAntimalware> .MpCmdRun.exe signatureupdate
Signature update started . . .
Signature update finished.
It should run nicely after configuring WU through powershell
Hello,
I’ve been deploying EndPoint 2012 Client now for a good few weeks, the servers clients are updating fine but just checking the desktops and there are a number of them which are not updating and saying there almost 6 days out date!
Checking one of the desktops event viewer I can see the following:-
Microsoft Antimalware has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.159.1249.0
Update Source: Microsoft Update Server
Update Stage: Search
Source Path: http://www.microsoft.com
Signature Type: AntiVirus
Update Type: Full
User: NT AUTHORITYSYSTEM
Current Engine Version:
Previous Engine Version: 1.1.9901.0
Error code: 0x80072efd
Error description: A connection with the server could not be established
Microsoft Antimalware has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.159.1249.0
Update Source: File Share
Update Stage: Search
Source Path: \server.domain.internalsources$scepdefinitionsx86
Signature Type: AntiVirus
Update Type: Full
User: DOMAINUsername
Current Engine Version:
Previous Engine Version: 1.1.9901.0
Error code: 0x80070002
Error description: The system cannot find the file specified.
Microsoft Antimalware has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.159.1249.0
Update Source: File Share
Update Stage: Search
Source Path: \server.domain.internalsources$scepdefinitionsx86
Signature Type: AntiSpyware
Update Type: Full
User: DOMAINUsername
Current Engine Version:
Previous Engine Version: 1.1.9901.0
Error code: 0x80070002
Error description: The system cannot find the file specified.
I can browse to that UNC location fine.
We do have a proxy server, the exceptions are in there.
WindowsUpdate.log from client:-
2013-10-13 02:04:17:629 3712 e08 COMAPI ———
2013-10-13 02:04:17:630 1044 eb0 Agent *************
2013-10-13 02:04:17:630 1044 eb0 Agent ** START ** Agent: Finding updates [CallerId = System Center 2012 Endpoint Protection (DDEFDD14-250E-4DC8-A0B3-9D667EC5D8EB)]
2013-10-13 02:04:17:630 3712 e08 COMAPI <<— SUBMITTED — COMAPI: Search [ClientId = System Center 2012 Endpoint Protection (DDEFDD14-250E-4DC8-A0B3-9D667EC5D8EB)]
2013-10-13 02:04:17:630 1044 eb0 Agent *********
2013-10-13 02:04:17:630 1044 eb0 Agent * Online = Yes; Ignore download priority = No
2013-10-13 02:04:17:630 1044 eb0 Agent * Criteria = «(IsInstalled = 0 and IsHidden = 0 and CategoryIDs contains ‘a38c835c-2950-4e87-86cc-6911a52c34a3’ and CategoryIDs contains ‘e0789628-ce08-4437-be74-2495b842f43b’)»
2013-10-13 02:04:17:630 1044 eb0 Agent * ServiceID = {3DA21691-E39D-4DA6-8A4B-B43877BCB1B7} Managed
2013-10-13 02:04:17:630 1044 eb0 Agent * Search Scope = {Machine}
2013-10-13 02:04:17:711 1044 eb0 PT +++++++++++ PT: Starting category scan +++++++++++
2013-10-13 02:04:17:711 1044 eb0 PT + ServiceId = {3DA21691-E39D-4DA6-8A4B-B43877BCB1B7}, Server URL = HTTP://server.domain.internal:8530/ClientWebService/client.asmx
2013-10-13 02:04:17:762 1044 eb0 PT +++++++++++ PT: Synchronizing server updates +++++++++++
2013-10-13 02:04:17:762 1044 eb0 PT + ServiceId = {3DA21691-E39D-4DA6-8A4B-B43877BCB1B7}, Server URL = HTTP://server.domain.internal.INTERNAL:8530/ClientWebService/client.asmx
2013-10-13 02:04:17:918 1044 eb0 Agent * Found 0 updates and 4 categories in search; evaluated appl. rules of 57 out of 69 deployed entities
2013-10-13 02:04:17:919 1044 eb0 Agent *********
2013-10-13 02:04:17:919 1044 eb0 Agent ** END ** Agent: Finding updates [CallerId = System Center 2012 Endpoint Protection (DDEFDD14-250E-4DC8-A0B3-9D667EC5D8EB)]
2013-10-13 02:04:17:919 1044 eb0 Agent *************
2013-10-13 02:04:17:920 3712 fc0 COMAPI >>— RESUMED — COMAPI: Search [ClientId = System Center 2012 Endpoint Protection (DDEFDD14-250E-4DC8-A0B3-9D667EC5D8EB)]
2013-10-13 02:04:17:920 3712 fc0 COMAPI — Updates found = 0
2013-10-13 02:04:17:921 3712 fc0 COMAPI ———
2013-10-13 02:04:17:921 3712 fc0 COMAPI — END — COMAPI: Search [ClientId = System Center 2012 Endpoint Protection (DDEFDD14-250E-4DC8-A0B3-9D667EC5D8EB)]
2013-10-13 02:04:17:921 3712 fc0 COMAPI ————-
2013-10-13 02:04:22:500 1044 eb0 Report REPORT EVENT: {1D18B9C9-C9E0-4327-BFBD-76B68E6EA387} 2013-10-13 02:04:17:500+0100 1 148 101 {00000000-0000-0000-0000-000000000000} 0 80072efd System Center 2012 Endpoint Pro Failure Software Synchronization Windows Update Client failed to detect with error 0x80072efd.
2013-10-13 02:04:22:500 1044 eb0 Report REPORT EVENT: {B8E5393B-3EDD-47C8-ABF0-CE974675AC7C} 2013-10-13 02:04:17:919+0100 1 147 101 {00000000-0000-0000-0000-000000000000} 0 0 System Center 2012 Endpoint Pro Success Software Synchronization Windows Update Client successfully detected 0 updates.
2013-10-13 02:04:22:508 1044 eb0 Report CWERReporter::HandleEvents — WER report upload completed with status 0x8
2013-10-13 02:04:22:508 1044 eb0 Report WER Report sent: 7.6.7600.256 0x80072efd 00000000-0000-0000-0000-000000000000 Scan 101 Unmanaged
2013-10-13 02:04:22:508 1044 eb0 Report CWERReporter finishing event handling. (00000000)
Anything else to check?