Can't update virus database CIS 3.57173.5.439 [Merged Threads] - [RESOLVED]


my CIS automatically upgraded from RC2 to latest version on October 25th, but sadly I still have same problem as I had with all Beta and RC versions - Virus Definition Update does not work (I have submitted this bug before).

My current virus database version is 358, when I try to update it via link in Antivirus tab, update dialog opens, goes to 5% almost immediately and then error message appears: Failed to update the virus definitions database.

I am using CIS 3.5.53896.424 x32 on Windows XP SP3 ENG 32bit.

* 32bit AMD AthlonXP
* Windows XP SP3 Eng 32 bit
* Comodo BOClean (latest)
* Open CIS, Antivirus tab, click Update Virus Database (or click on Virus Definitions date on Summary screen)
* I tried to disable firewall to be sure CIS is not blocking itself, no change; I checked HOSTS file, no records; I tried to re-install CIS (not the latest version though); did not help.
* Safe Mode / Clean PC Mode, I did not change any settings and since my old CPF settings did not import after first Beta install, there should be no non-standard options enabled/disabled (besides application settings that CIS learnt while I am using it).
* -
* I am using Administrator account

This issue is being investigated. Please provide the following information, as posted by the lead developer (Egemen) in charge of CIS below - 3xist.

Hi Guys,

We are investigating the issue. To help us, can you please tell us the following details?

1 - Exact operating system version: e.g. Windows Vista Home SP1 32 Bit
2 - Do you use this computer with other users? Do you have other user accounts that are created?
3 - Have you ever changed internet explorer proxy settings?
4 - Can you please tell us the exact list of security software you have installed? E.g. XXX AntiSpyware 4.3.1

Thanks for the cooperation,

[attachment deleted by admin]

Hello, sorry about the trouble;
This should fix your problem → Uninstall CIS → Download latest version of CIS → then update your signatures.

There seems to be a problem with updating isgnatures if you upgrade from RC2

Hi roba

Are you behind a proxy as I have a similar problem? See below:-

CIS updates fine but not virus database updates.



thanks for replies and sorry for late reply.

Kyle, I tried to re-install CIS today. My virus database is now 456, CIS says that last update was performed about the time I installed CIS. However when I attempt to update virus database, I get same message again (it goes to 5% and then error pop ups).

After I uninstalled, I checked if there are any files left from CIS, and they were all gone, so the install should be 100% clean. Not sure what is wrong…

Graham1, no I am not behind proxy, my ADSL router has public IP address, so it is probably different problem.

EDIT: I checked my registry entries and they seem to be correct. I would also like to point out, that I had same problem with all versions of CIS, pre RC2 and post RC2, so it did NOT happen after I upgraded from RC2.

Can you check to see if you can access this url’s in your IE browser ?
both should be downloadable.

Can you also try to download this:

Start it, go to file, start capture, select your network adapter, now it’s capturing.
Go to CIS and press the “Update Database”. If it’s finished press Stop, go to File and select, Save Packets data to file.
Give it a name, zip it and post the file here ?

Hi Ronny

This files access in IE and is downloadable. The proxy is set to allow all traffic . But the AV does not update.

Can you try to capture the network traffic then with the SmartSniff tool from nirsoft (or if you know wireshark that’s okay also).

I’ve installed 3.5.54375.427 Virus DB ver 477 on two machines that previously had KAV on them and neither can recieve updates - I checked the registry and the path appears to be correct. What now?

Hello Ronny,

both URLs are working in MSIE - browser offers me to download those files.

I also ran the SmartSniff tool, but I am afraid it logged absolutely nothing when I tried to update Virus Database. The tool itself is working though - I tried it with browser and it logged multiple connections. It seem the virus database update process fails before it touches the network.

Anyway, the log file is included.

[attachment deleted by admin]

Hi Roba,

Can you tell me a little bit more about your network setup then ?
Adapter type, is it onboard or a usb device etc ?

Sorry, now i see your coming from RC2, they changed update path in the registry.
Can you open a regedit and check the following, see the screen shot for all the 0, 1, 2, 3 and 4 if you imported a configuration “AS” a new name.

[attachment deleted by admin]

I checked those registry entries and all are set to av/updates. I have only 0-3 ones (no 4) though.

My network setup is: on-board 10/100 LAN with Realtek RTL8139/810x Family chipset connected via network cable to SMC Barricade ADSL2+ (SMC7904WBRB2) router. My ISP provides public (dynamic) IP address to each customer. There is no proxy between me and the Internet.

As for TCP/IP settings, there is only one non-standard thing I guess - I am not using router’s DHCP, in fact it is disabled and all computers in my home network have set LAN IP address manually. DNS is also set manually and does not point to router’s DNS, but directly to my ISP’s DNS servers.

Other computers in my home network are unfortunately running various Linux distros, so I can’t test CIS there, but I could try to update my Virus Database via mobile phone Internet connection and with LAN disconnected if you think its worth of trying…

No don’t go through all that trouble, if it’s not even hitting the network then there must be some “internal” failure.
You could try to select an other profile, reboot, check for updates.
If that also does not give any network traffic on the SmartSniff i’d call it a day.

I will do that, but I am not sure what profile you are referring to… do you mean Windows users?

Sorry, i was refering to CIS GUI, Misc, Manage my configurations, Select, there are 4 profiles in there.

Oh I see… so I tried to switch Internet Security profile to Antivirus Security profile, rebooted, started SmartSniff, start logging, update AV signatures… and it logged nothing. Update proces goes to 5% and fails, there is no connection logged in SmartSniff.

As I mentioned in my original post I have checked the registry values and they are correct.

Are you using a proxy? That is giving problems right now.

Hi I’ve tried updating with 3g connection aswell. Also fails at 5% (South Africa Vodacom 3g).

Run SmartSniff, start logging, update AV signatures… and it logged nothing. Update proces goes to 5% and fails, there is no connection logged in SmartSniff.

I’ve just made several experiments with SmartSniff and it seems it does not show connection attempts if they could not be established.

I suggest using another way to verify if CIS tries to connect the update server: Use Sysinternalls process explorer or other process monitor utility that shows TCP/IP connections for the process, open connections list for cmdagent process and try to update AV database - You’ll notice connection is created and disappeared in a second if connection failed.

If it so - check (via any sniffer) what port does your computer use for TCP and HTTP connection