I’m having this issue for, at least, 3 versions of CIS.
Everytime I try to update the AV it stops at 5% and then I get the attached message. The internet connection is working just fine.
I’m able to check for new versions without stress. I’ve followed the several “fix tips” regarding this issue without success (as you may have guess from this report). I’ve installed CIS so many times in this machine that it already hurts. I’ve used registry cleaners, cleaned the registry myself and the problem remains.
I’ve never seen an issue like this with any other software company. It’s amazing that the same people that made this fantastic piece of software are unable to fix this lame issue.
At least implement a manual update if you’re unable (or don’t want) to fix this issue. Give us, users of CIS, a way to update the AV Db.
I WON’T EVEN CONSIDER GOING FOR THE PAID VERSION WHILE THIS ISSUE ISN’T FIXED.
This doesn’t seem like a clean install to me, it shows a AV database version 29xx in the About box suggesting something strange is going on… are you willing to do some packet capturing with wireshark to see where it fails ?
Nope, the update to this version was done through the Update feature. Nevertheless, I stated that I already did several clean installs and not that this one in particular is a clean install.
Every time a new versions gets out people recommend doing a clean install and, at least until now, it never worked. I did a clean install with the previous version and here I am again asking for help. I even used Revo and Comodo Registry Clean utility with no success.
If something has to be cleaned then Comodo should be the one to clean it. They should clean the mess they created some versions ago, that is, if they ever figure this out.
Regarding Wireshark: Sure, no problem. Tell me what you need me to capture and I’ll do it.
Make sure you close all other windows that have connections to the internet to prevent pollution of the capture and then run an “av update” let’s see what it shows…
Thus far the following reasons have prevented users from updating.
System was infected prior to install of CIS
System needed a proxy server to connect to the internet
System had other security software active that prevented updates (NOD etc)
System had “strange” IE browser toolbars loaded with multi proxy support
Slow connections seem to cause dropouts that CIS can’t handle for to long
Download servers where denying downloads for some unknown reason
I’ve done some testing with wireshark and got no HTTP traffic while trying to update the virus db. I did get some TCP traffic but irrelevant, I believe.
I found this very intriguing and removed my VPN software and all drivers I thought could be messing this up.
Now, even though I obviously have Internet connection, I’m getting the attached error.
I believe that Developers at Comodo need to review the update feature. As it is, it’s messy and has issues.
Why doesn’t the update feature (both virus db and CIS) work normally like my browsers? Both Chrome and IE work just fine.
I’m frustrated…
~/gnfpt
PS: And I did a clean install after getting this error… still no luck.
The “Check for updates” module uses IE settings to check for updates, do you have any settings for proxy active on the IE tab? and if so do you use automatic detection? if so that doesn’t work with CIS.
The “Update virus database” uses the settings from Misc, Settings, Connections tab, is anything present there?
I had an XP SP3 system that would not update the AV.
The workaround was to go to the Logon Tab of the COMODO Internet Security Helper Service (within Administration>Services) and change it to This Account with Userid and Password. Reboot and the AV updates without problem.
However the downside is that every time a new CIS update appears it changes it back to Local System Account and I needed to go through the same process. Also the Diagnosis Tool would flag an error and change it back if you asked it to repair your system.
Firstly could these users check to see if this is indeed a workaround for them
I believe I have the solution and it is to do with the Internet Settings within the Registry.
This is not a CIS problem but the fact that the Internet Settings have become ‘out of kilter’ at some stage in the past.
PLEASE DO NOT MAKE THIS CHANGE WITHOUT BACKING UP YOUR REGISTRY AND SETTING A RESTORE POINT and only if you found the workaround to work.
Change the Service back to it’s original state either manually or by using the Diagnosis tool within CIS. Reboot.
I found that my GlobalUserOffline setting was set to 1 in
Computer\HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings
I changed the setting to 0 (zero) and rebooted.
Updates worked.
Could a Moderator send a PM to Egemen regarding this for his comments.
I have been fooling around with this setting, very good catch :-TU it does indeed kill CIS AV Updates.
Only thing visual is that you will see the updater stay on 0% for at least 4 seconds then go to 5%, and then report that it failed, so that could be a good indicator that this issue is present.
One could easily query the registry by issueing this command i a command box:
No but i haven’t got that value present because i was only testing it on .Default that that causes enough trouble as it is
I’ll create a FAQ from this issue and also will notify Egemen to let them know this behavior is killing CIS AV updates because of “obsolete” key’s/left overs and or malware could also be using/causing this…
Hi guys, first of all please check can you ping download.comodo.com
if so - try to download some base via direct link (e.g. http:\download.comodo.com\av\updates313\versioninfo.ini)
I have reproduced this on a test system with Windows XP, this has to do with the fact that the system thinks IE is in “Offline Mode” and therefor the updates fail. It looks like an “old” registry key for IE5 that’s causing this issue.
Try the above mentioned setting in the registry boot and see how AV fails to update.
Have you looked at all occurrences of GlobalUserOffline and ProxyEnable?
If you are not using proxies then I believe they should all be set to 0 (Zero)
They occur under most subkeys of HKEY-USER
Computer\HKEY_USERS[b]subkey[/b]\Software\Microsoft\Windows\CurrentVersion\Internet Settings
also
Computer\HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings
and
Computer\HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings
I’ve search for all keys containing either GlobalUserOffline or proxy. In a few profiles I did have ProxyEnabled set to 1 but switched them all to 0. I even erased all proxy urls. Still no luck.
It seems that in my case there’s something else. I’ll try to figure it out… or let COMODO do their work!
It’s their update procedure. Even though my PC is all messed up this is the only software that’s being affected.
You can go your system Services list and change the Log On User under which the “COMODO Internet Security Helper Service” runs to your current user. This fixes this issue temporarily until you either install a new a version of Comodo or run the Diagnostics.
I think that Comodo should have a manual mode to configure the proxy. Then one could decide to either have Comodo reading IE settings or enter manual ones. Since Comodo is not suited (IMHO) for lame people people, I believe every CIS user knows how to setup this settings.
