Antivirus update failing

pf590 · December 13, 2011, 10:36pm

I’ve tried posting about this on a different thread, but I’m getting nowhere and this is getting incredibly frustrating. My virus database update has been failing since 31st August and Comodo told me it’s probably the ISP. My ISP tell me it’s not and can I check that Comodo have the IP addresses whitelisted/unblocked. I have sent my IP address through to a couple of Comodo techs, but nobody has got back to me to confirm. Here is a brief summary, can anybody help me please???

I am in Australia.
My ISP is Three
My wife’s ISP is Vodafone who have bought Three, but they still operate on different networks.
The virus database update fails and in the Log Viewer the code is always 0x80072efd. If I run it manually, it fails and gives a message “Failed to update the virus signature database. Please check your internet connection and try again later”
I am on a postpaid account, but I am able to login using the Three prepaid facility. In this mode I then run a manual update and it tells me the virus database is up to date, so I assumed that this was updating OK and was a workaround for my problem. But only recently I have noticed if I look in the Log Viewer that this gives the Code 0x00000001 and the old database is the same as the new database … it never actually seems to update to a newer version.
So I borrowed my wife’s Vodafone modem, logged in and ran the update, it immediately downloaded some files, updated and the database version changed.

From my Three postapid login (my usual login), a tracert produced a “Request timed out” on 27 hops then on the 28th hop I get the result 444ms 499ms 459ms download.comodo.com [91.199.212.171]
On December 6th when I tried, the successful hop was number 17 - 462ms 420ms 419ms download.comodo.com [91.199.212.171]
I can ping download.comodo.com
From an earlier post regarding this issue I have tried a couple of download tests, results as follows: -

http://download.comodo.com/10MB - Problem loading page, server taking too long to respond
http://178.255.83.1/test/10MB - Ditto

Help!!

Citizen_K · December 15, 2011, 11:41pm

Did you try contacting Alexandru Hurjui:

pf590 · December 17, 2011, 6:44am

That post was in the “different thread” that I mentioned and after reading it I sent Alexandru a PM on 6th December with all the details as requested, but I never heard anything back. That was one of the two techs I had been in touch with. Neither has been back to me, but for all I know Alexandru might be on vacation at the moment.

Citizen_K · December 17, 2011, 4:05pm

I sent Alexandru a pm. Hopefully he will reply.

pf590 · December 18, 2011, 1:54am

Thank you very much Eric

Regards

Paul

system · December 27, 2011, 4:12pm

Hi Paul,

Please send me via PM or here the full traceroute for downloads.comodo.com and download.comodo.com

Same thing for the ping.

We need to see where the problem exists so we can work it out.

Cheers.

PS. Sorry for the late replies, I have been in vacation

pf590 · December 28, 2011, 9:56am

Hi Alexandru

Many thanks for getting back to me. I hope that you can make some sense of my tracert results, because whenever I see some sample results for tracert, they always contain so much more information than mine do …

Here are my tracert and ping results for download.comodo.com. and downloads.comodo.com

C:\Documents and Settings\owner>tracert download.comodo.com

Tracing route to download.comodo.com [91.199.212.171]
over a maximum of 30 hops:

1 * * * Request timed out.
2 * * * Request timed out.
3 * * * Request timed out.
4 * * * Request timed out.
5 * * * Request timed out.
6 * * * Request timed out.
7 * * * Request timed out.
8 * * * Request timed out.
9 * * * Request timed out.
10 * * * Request timed out.
11 * * * Request timed out.
12 * * * Request timed out.
13 * * * Request timed out.
14 * * * Request timed out.
15 * * * Request timed out.
16 * * * Request timed out.
17 506 ms 529 ms 509 ms download.comodo.com [91.199.212.171]

Trace complete.

C:\Documents and Settings\owner>tracert downloads.comodo.com

Tracing route to downloads.comodo.com [178.255.82.1]
over a maximum of 30 hops:

1 * * * Request timed out.
2 * * * Request timed out.
3 * * * Request timed out.
4 * * * Request timed out.
5 * * * Request timed out.
6 * * * Request timed out.
7 * * * Request timed out.
8 * * * Request timed out.
9 * * * Request timed out.
10 * * * Request timed out.
11 * * * Request timed out.
12 * * * Request timed out.
13 * * * Request timed out.
14 * * * Request timed out.
15 * * * Request timed out.
16 * * * Request timed out.
17 * * * Request timed out.
18 * * * Request timed out.
19 * * * Request timed out.
20 * * * Request timed out.
21 * * * Request timed out.
22 * * * Request timed out.
23 * * * Request timed out.
24 * * * Request timed out.
25 * * * Request timed out.
26 * * * Request timed out.
27 * * * Request timed out.
28 * * * Request timed out.
29 * * * Request timed out.
30 * * * Request timed out.

Trace complete.

C:\Documents and Settings\owner>ping download.comodo.com

Pinging download.comodo.com [91.199.212.171] with 32 bytes of data:

Reply from 91.199.212.171: bytes=32 time=1057ms TTL=48
Reply from 91.199.212.171: bytes=32 time=389ms TTL=48
Reply from 91.199.212.171: bytes=32 time=379ms TTL=48
Reply from 91.199.212.171: bytes=32 time=379ms TTL=48

Ping statistics for 91.199.212.171:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 379ms, Maximum = 1057ms, Average = 551ms

C:\Documents and Settings\owner>ping downloads.comodo.com

Pinging downloads.comodo.com [178.255.82.1] with 32 bytes of data:

Request timed out.
Request timed out.
Request timed out.
Request timed out.

Ping statistics for 178.255.82.1:
Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),

Hopefully you can make some sense of this but please let me know of any other processes I can run to help.

Cheers

Paul

system · December 29, 2011, 2:22pm

Hey Paul,

Thanks for the output of ping and tracert. While the tracert for download.comodo.com does look weird it is normal. The important part is the fact you reached the destination and withing 17 hops. ( 30 being the max acceptable )

On the other hand, the downloads.comodo.com is not good. You can’t reach our main download servers.

Can you confirm the IP you have sent to me via PM is still valid ? I’ll do some more digging and see what I come up with.

Cheers.

pf590 · December 31, 2011, 7:36am

Hi Alexandru, many thanks for your help and I have sent a PM through with my IP address.

I now have another related issue. Yesterday a friend asked me for help as he was having a problem with his PC. It was nothing major and I fixed that pretty easily. I then decided to quickly check what security he had and as he was only running NOD32 virus checker and Windows firewall, so I uninstalled the NOD32 virus checker and installed Comodo Internet Security. Everything loaded OK, but when I tried to update the virus signature database I got the message “Failed to update the virus signature database. Please check your internet connection and try again later”.

I had to leave it and so I came back today and tried again but still get the error and this is exactly the same error I get with my PC.

My friend’s internet connection is with a different provider (Telstra) and when I ping downloads.comodo.com or download.comodo.com it pings fine. I can also tracert both addresses (please see result for downloads.comodo.com below). It ran fine so I don’t know why it wont update?

I also checked the log and it gives the Av Update code as 0x80072efd, Old database 1, New database 1

Any idea whats going wrong?

Cheers

Paul

++++++++++++++++++++++++++++++++++++++++++

C:\Documents and Settings\Owner.KERRY>tracert downloads.comodo.com

Tracing route to downloads.comodo.com [178.255.82.1]
over a maximum of 30 hops:

1 90 ms 99 ms 99 ms BigPond.BigPond [10.0.0.138]
2 12 ms 11 ms 11 ms 172.18.112.207
3 11 ms 11 ms 11 ms 172.18.70.78
4 11 ms * * 172.18.241.166
5 * * * Request timed out.
6 13 ms 24 ms 15 ms Bundle-Ether11.cha45.Brisbane.telstra.net [203.45.53.233]
7 15 ms 15 ms 16 ms Bundle-Ether2.cha-core4.Brisbane.telstra.net [203.50.44.13]
8 33 ms 36 ms 35 ms Bundle-Ether11.ken-core4.Sydney.telstra.net [203.50.11.72]
9 40 ms 35 ms 35 ms Bundle-Ether1.pad-gw2.Sydney.telstra.net [203.50.6.29]
10 27 ms 26 ms 25 ms TenGigabitEthernet11-0.sydp-core02.Sydney.reach.com [203.50.13.86]
11 165 ms 166 ms 166 ms i-0-3-0-0.paix-core01.bx.reach.com [202.84.140.9]
12 162 ms 163 ms 163 ms i-2-2.paix01.bi.reach.com [202.84.251.58]
13 216 ms 216 ms 217 ms te4-5.mpd01.sjc04.atlas.cogentco.com [154.54.11.157]
14 217 ms 218 ms 217 ms te0-0-0-6.mpd22.sfo01.atlas.cogentco.com [154.54.28.81]
15 230 ms 221 ms 220 ms te4-1.ccr01.smf01.atlas.cogentco.com [154.54.80.70]
16 236 ms 235 ms 235 ms te2-2.ccr01.sea01.atlas.cogentco.com [154.54.47.194]
17 235 ms 235 ms 234 ms te7-1.ccr01.sea02.atlas.cogentco.com [154.54.82.38]
18 231 ms 231 ms 232 ms 38.104.126.170
19 235 ms 235 ms 234 ms downloads.comodo.com [178.255.82.1]

Trace complete.

Citizen_K · December 31, 2011, 6:19pm

Please make sure that there are no left overs of previously uninstalled security programs around. Not all uninstallers do a proper job. And left over applications, drivers or services can cause all sort of “interesting effects”.

Following are two of my tutorials to make sure there are no more left overs.

Use existing removal tools (suited for most users)

Try using removal tools for those programs. Here is a list of removal tools for common av programs: ESET Knowledgebase .

Otherwise do a Google search with terms “removal tool” and * name of product or vendor*.

For a more technical hands on approach (for advanced users only):

We are gonna take a look to see if there are some old drivers of your previously uninstalled security programs are still around. First run "set devmgr_show_nonpresent_devices=1’ without the quotes from the command prompt.

Then go to Device Manager → View → show hidden devices → now look under Non Plug and Play drivers → when you see a driver that belongs to your previous security programs click right → uninstall —> reboot your computer. You need to Google the driver’s names to see to what programs they belong to. You don’t want to uninstall Microsoft/Windows related drivers of course; some Microsoft drivers may show up as non active please don’t uninstall them. It is best to make a system restore point before this of course.

When the problem persists make sure there are no auto starts from your previous security programs. Download Autoruns and run it.

This program finds about all auto starts in Windows. This tool can therefore seriously damage Windows when not handled properly. After starting push Escape and go to Options and choose to hide Windows and Microsoft entries, to include empty locations and then push F5 to refresh.

Now check all entries to see if there are references to your previous security program. When you find them untick them. After unticking reboot your computer and see what happens.

pf590 · January 6, 2012, 4:34am

Thanks Eric. I have checked all the drivers and there is nothing residual for NOD/Eset. I have also checked all the auto starts and no residual entries are present. I looked in the Program Files folder and managed to find an ESET folder there so this was then deleted.

Still won’t update the virus database. Any ideas?

Cheers

Paul

Citizen_K · January 7, 2012, 12:47am

I sent Alexandru Hurjui a pm asking to follow up on what is happening.

This problem is with the route from your connection to the Comodo servers.This problem is not with CIS and out of the realm of things that and end user like me can troubleshoot.

pf590 · January 8, 2012, 3:01am

Thanks for your help Eric. I am a little stumped, especially as I am able to access downloads.comodo.com from my friends PC, it’s just the update that fails. I have downloaded and installed the full database manually, so he does have protection, just not sure why his updater does not work. Perhaps if I uninstall and try a re-installation?

With my ISP, I cannot even ping downloads.comodo.com, so that’s a whole different story!

system · January 27, 2012, 3:23pm

Sorry gents,

I’ve been busy with other issues. I’ll make time next week and look into it. I’ll contact your ISP and see what we can work out with them.

Cheers.

Citizen_K · January 27, 2012, 6:07pm

Keep us posted.

pf590 · February 2, 2012, 11:44pm

Thanks Alexandru and Eric. A speedy resolution will help as my virus database is so out of date now, it’s a bit of a worry.

With my friends PC, I have uninstalled and re-installed Comodo, but the problem still exists. The updater just fails when it trys to run and suggests checking the internet connection which of course is fine. Do you know of any other instances where this happens that I can check? i.e. conflicting software?

Cheers

Paul

Citizen_K · February 3, 2012, 1:50am

AVG is not always cooperative these days. You can always try to disable other security programs that are running in the background.

Please make sure that there are no left overs of previously uninstalled security programs around. Not all uninstallers do a proper job. And left over applications, drivers or services can cause all sort of “interesting effects”.

Try using removal tools for those programs to remove them. Here is a list of removal tools for common av programs: ESET Knowledgebase .

pf590 · March 15, 2012, 4:14am

Any news yet Alexandru? I have not heard a thing and my problem has not gone away. I still cannot access downloads.comodo.com from the IP address range using the 3 mobile internet.

It is even a struggle for me to get on the Comodo forum as the pages load so slowly and when I try to log in, it often fails with the msg “The connection to forums.comodo.com was interrupted while the page was loading.”

Currently I am logged in using the alternative Vodafone SIM and I can access the forums OK and pages load fine, no timeouts. Any news would be greatly appreciated.

Thanks

Paul

mhujm · April 15, 2012, 8:28pm

UPDATE<<<

WORKING FINE AFTER A REBOOT
Sorry for any inconvenience

I’ll leave the trace info below, just in case it’s of any value to you folks at Comodo

— orig post below ----

“Virus Database Update” hangs at 0%
I also elected to use Comodo’s DNS

xxxxxxxxxxxxx>tracert download.comodo.com

Tracing route to download.comodo.com [91.199.212.171]
over a maximum of 30 hops:

1 <1 ms <1 ms <1 ms 192.168.123.254
2 6 ms 7 ms 7 ms 10.240.160.229
3 8 ms 8 ms 7 ms 67.59.229.197
4 10 ms 9 ms 9 ms ool-4353f68d.dyn.optonline.net [67.83.246.141]
5 12 ms 11 ms 12 ms 64.15.2.101
6 10 ms 11 ms 9 ms 64.15.0.226
7 * * * Request timed out.
8 14 ms 11 ms 12 ms te0-6-0-0.ccr21.jfk02.atlas.cogentco.com [154.54.47.17]
9 12 ms 10 ms 12 ms te0-1-0-3.ccr22.jfk05.atlas.cogentco.com [154.54.6.46]
10 55 ms 198 ms 203 ms te4-2.mag01.jfk05.atlas.cogentco.com [154.54.45.222]
11 13 ms 14 ms 11 ms vl3506.na41.b001105-8.jfk05.atlas.cogentco.com [38.20.48.110]
12 15 ms 9 ms 12 ms 38.104.75.18
13 52 ms 16 ms 20 ms ae0-196.t8edccsg.telx.8th.edge.ccanet.co.uk [178.255.81.196]
14 92 ms 92 ms 92 ms gr-0-0-0-2018.rmdcccjs1.reyn.mcr.colo.ccanet.co.uk [178.255.81.208]
15 87 ms 87 ms 83 ms ae0-252.rmdcccrt1.reyn.mcr.colo.ccanet.co.uk [178.255.81.249]
16 87 ms 84 ms 84 ms download.comodo.com [91.199.212.171]

Trace complete.

Fastflys · April 18, 2012, 8:51am

Virus Database updater was working ok until this morning [18th April] now I’m getting the message:

“Failed to update the virus signature database. Please check your internet connection and try again later”.

There is nothing wrong with my internet connection. Is there a fault with the CIS virus database updater service today?

I am based in the UK.