CIS 3.13.120417.573 - Antivirus DB doesn't update...EVER


I’m having this issue for, at least, 3 versions of CIS.

Everytime I try to update the AV it stops at 5% and then I get the attached message. The internet connection is working just fine.

I’m able to check for new versions without stress. I’ve followed the several “fix tips” regarding this issue without success (as you may have guess from this report). I’ve installed CIS so many times in this machine that it already hurts. I’ve used registry cleaners, cleaned the registry myself and the problem remains.

I’ve never seen an issue like this with any other software company. It’s amazing that the same people that made this fantastic piece of software are unable to fix this lame issue.

At least implement a manual update if you’re unable (or don’t want) to fix this issue. Give us, users of CIS, a way to update the AV Db.


Thank you,


[attachment deleted by admin]

Hi gnfpt,

This doesn’t seem like a clean install to me, it shows a AV database version 29xx in the About box suggesting something strange is going on… are you willing to do some packet capturing with wireshark to see where it fails ?

Nope, the update to this version was done through the Update feature. Nevertheless, I stated that I already did several clean installs and not that this one in particular is a clean install.

Every time a new versions gets out people recommend doing a clean install and, at least until now, it never worked. I did a clean install with the previous version and here I am again asking for help. I even used Revo and Comodo Registry Clean utility with no success.

If something has to be cleaned then Comodo should be the one to clean it. They should clean the mess they created some versions ago, that is, if they ever figure this out.

Regarding Wireshark: Sure, no problem. Tell me what you need me to capture and I’ll do it.


Please check my post here

Make sure you close all other windows that have connections to the internet to prevent pollution of the capture and then run an “av update” let’s see what it shows…

Thus far the following reasons have prevented users from updating.

  • System was infected prior to install of CIS
  • System needed a proxy server to connect to the internet
  • System had other security software active that prevented updates (NOD etc)
  • System had “strange” IE browser toolbars loaded with multi proxy support
  • Slow connections seem to cause dropouts that CIS can’t handle for to long
  • Download servers where denying downloads for some unknown reason

I’ve done some testing with wireshark and got no HTTP traffic while trying to update the virus db. I did get some TCP traffic but irrelevant, I believe.

I found this very intriguing and removed my VPN software and all drivers I thought could be messing this up.

Now, even though I obviously have Internet connection, I’m getting the attached error.

I believe that Developers at Comodo need to review the update feature. As it is, it’s messy and has issues.

Why doesn’t the update feature (both virus db and CIS) work normally like my browsers? Both Chrome and IE work just fine.

I’m frustrated…


PS: And I did a clean install after getting this error… still no luck.

[attachment deleted by admin]

The “Check for updates” module uses IE settings to check for updates, do you have any settings for proxy active on the IE tab? and if so do you use automatic detection? if so that doesn’t work with CIS.

The “Update virus database” uses the settings from Misc, Settings, Connections tab, is anything present there?

I have the same issue and have not been able to resolve for about 3 months now. Its frustration


This may be relevant the users’ problems.

I had an XP SP3 system that would not update the AV.

The workaround was to go to the Logon Tab of the COMODO Internet Security Helper Service (within Administration>Services) and change it to This Account with Userid and Password. Reboot and the AV updates without problem.

However the downside is that every time a new CIS update appears it changes it back to Local System Account and I needed to go through the same process. Also the Diagnosis Tool would flag an error and change it back if you asked it to repair your system.

Firstly could these users check to see if this is indeed a workaround for them

I believe I have the solution and it is to do with the Internet Settings within the Registry.

This is not a CIS problem but the fact that the Internet Settings have become ‘out of kilter’ at some stage in the past.


Change the Service back to it’s original state either manually or by using the Diagnosis tool within CIS. Reboot.

I found that my GlobalUserOffline setting was set to 1 in
Computer\HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings
I changed the setting to 0 (zero) and rebooted.

Updates worked.

Could a Moderator send a PM to Egemen regarding this for his comments.


I have been fooling around with this setting, very good catch :-TU it does indeed kill CIS AV Updates.

Only thing visual is that you will see the updater stay on 0% for at least 4 seconds then go to 5%, and then report that it failed, so that could be a good indicator that this issue is present.

One could easily query the registry by issueing this command i a command box:

C:\>reg query "HKEY_USERS\.default\\Software\\Microsoft\Windows\currentversion\internet settings" |find /i "globaluser"

    GlobalUserOffline   REG_DWORD       0x1

If the above output is 0x1 then you are having this problem.

This is true. But I know this issue has dogged quite a lot of people in the past. And it is only today that I found the answer.

With XP systems you’ve got to bear in mind the moving from IE6 to IE7 to IE8 and possibly installing/removing proxy software etc.

Did you notice that changing the value under HKEY_CURRENT_USER had no effect?


No but i haven’t got that value present because i was only testing it on .Default that that causes enough trouble as it is :wink:

I’ll create a FAQ from this issue and also will notify Egemen to let them know this behavior is killing CIS AV updates because of “obsolete” key’s/left overs and or malware could also be using/causing this…

OK, thanks Ronny

Hi guys, first of all please check can you ping
if so - try to download some base via direct link (e.g. http:\\av\updates313\versioninfo.ini)

Hi Dmitry,

I have reproduced this on a test system with Windows XP, this has to do with the fact that the system thinks IE is in “Offline Mode” and therefor the updates fail. It looks like an “old” registry key for IE5 that’s causing this issue.

Try the above mentioned setting in the registry boot and see how AV fails to update.

Hello All,

For the record:
Changing the “COMODO Internet Security Helper Service” Log On user fixes my problem.

In my system “GlobalUserOffline” was set to 0 but I had several proxy entries set. Clearing them did NOT fix my issue…

I have a workaround but my issue it’s not fixed.



Glad the workaround works.

Have you looked at all occurrences of GlobalUserOffline and ProxyEnable?

If you are not using proxies then I believe they should all be set to 0 (Zero)

They occur under most subkeys of HKEY-USER
Computer\HKEY_USERS[b]subkey[/b]\Software\Microsoft\Windows\CurrentVersion\Internet Settings
Computer\HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings
Computer\HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings

May be worth another check.



I’ve search for all keys containing either GlobalUserOffline or proxy. In a few profiles I did have ProxyEnabled set to 1 but switched them all to 0. I even erased all proxy urls. Still no luck.

It seems that in my case there’s something else. I’ll try to figure it out… or let COMODO do their work!
It’s their update procedure. Even though my PC is all messed up this is the only software that’s being affected.


All of my HKEYs are set to zero. Still, no luck updating. I have Vista 64 on a quad core. What else can be done to update the AV database? :cry:


You can go your system Services list and change the Log On User under which the “COMODO Internet Security Helper Service” runs to your current user. This fixes this issue temporarily until you either install a new a version of Comodo or run the Diagnostics.

I think that Comodo should have a manual mode to configure the proxy. Then one could decide to either have Comodo reading IE settings or enter manual ones. Since Comodo is not suited (IMHO) for lame people people, I believe every CIS user knows how to setup this settings.

Just my €2 cents… :slight_smile:


Manual mode doesn’t work either…

too bad…