Win10 Home with C.I.S. v8.2.0.4703 dbase23222 not updating

Hey Folks - told my friend… stay away from 10… they never listen

His initial problem was… - EDGE was hi-jacked… cause it ALWAYS REMEMBERs the LAST PAGE it was on… (God Microsoft… your quirks and burps have got to be the mosssssssst annoying)…

…had to back door it in through an email link… right click on the REAL HOME PAGE to the extreme left… and remove all tabs to the right just to get the browser back… - then went into the 3 MORE DOTS … at the right… and scrollllll down to get rid of allll history…

done…

That said… he installed…C.I.S. v 8.2.0.4703… and everything was ok… until “Status Screen” went yellow… “virus definition/signature dbase out of date”… click “FIX IT”… he does… - it fails… 4 “X” 's

I take a look at it… Run it…un-updated - find and remove 4 infections - SHOPPERPro.A (2) disguised as \updater and \Phrase Professor …and Hippie1cvq (2) -disguised as \AutoUpdater and \ppsvc.exe - removed… rebooted…

Still could not update…
Did a reboot… just in case something was clinging in RAM … no update
Update his MalwareBytes Anti-Malware… AND Spybot Search and Destroy 2.3 - both update… both SCAN
MBAM = 1 infection - BrowserAir infection… - removed…
Spybot… (after updating and immunizing)… - finds 4 … Cookie, Cache, History…and 1 “changed registry” in Internet Explorer
(which they have on the task bar… but they use Edge) - “Fix Selected” - all removed…

Reboot… - still no updates…
Disabled… FIREWALL - in case that was running conflict… - no diff… no updates
Disabled… VirusScope - in case that was running interference - nope… no diff… no updates
Disabled… Sandbox - just in case… and nope… no difference… no updates…

Read about a dozen other “similar” forums/solutions… both HERE ( @ Comodo)… and elsewhere

one or 2 suggested …just going into the group policy editor… (gpedit) to . .blah blah blah…

um… gpedit DOES NOT WORK in win10 Home

…so those options… are out…

(face it… Microsoft truly isssssss evil >:-D )

ANY OTHER SUGGESTIONS - would be GREATLY APPRECIATED

If you want any help it would help us A LOT if you used basic punctuation and sentence structure thanks.

I am sorry for the dramatic pauses via the use of extra spaces/letters and extra “…” 's to place emphasis in this uni-dimensional medium.

Was that better? Or should I have separated those listed options with a “;” semi-colon -rather then comma’s? OH ■■■■… I started that last sentence with an “Or” and remember that that is a BIG ‘no-no’ - OH GOSH - there… 2 repetitive sets of words… “That-That” and “No-No”… I give up! (OOOOooops… I just used a “smiley” )

Good Evening Ladies and Gentlemen;

I told my friend to stay away from Microsoft Windows 10, but he didn’t listen.

His initial problem was with Microsoft EDGE browser. It was hi-jacked. I could not restore his browser to it’s default home page cause EDGE ALWAYS REMEMBERS the LAST PAGE you were looking at. (Dear Microsoft-your quirks and burps have got to be the most annoying!)

I had to back-door in -through an email link, then right click on the REAL HOME PAGE to the extreme left in order to remove all tabs to the right, in order to get the browser back to its original homepage. I then went into the 3 MORE DOTS “…” at the top right and then scroll down to see the delete all history options.

My friend had installed C.I.S. v 8.2.0.4703 and everything was ok for a few days, until “Status Screen” went yellow “virus definition/signature dbase out of date”. He tried the “FIX IT” but it failed all 4 updates.

I took a look at it. Ran Comodo Anti-virus without the updates. It found and removed 4 infections - SHOPPERPro.A (2) disguised as \updater and \Phrase Professor, as well as Hippie1cvq (2) -disguised as \AutoUpdater and \ppsvc.exe -removed and then rebooted.

Still could not update…

I was able to update his MalwareBytes Anti-Malware AND Spybot Search and Destroy 2.3, -no problems

MBAM found 1 infection called “BrowserAir” -and I removed it.

Spybot (after updating and immunizing), found 4 including a Cookie, a Cache entry, a History entry and 1 “changed registry” in Internet Explorer. I clicked on “Fix Selected” and all were removed.

I Rebooted -but still no updates.
One at a time I disabled… FIREWALL found no difference, still no updates.
Ditto for VirusScope, Sandbox and it still would not update

I then did some poking around in some of the other comments/sections. Therefore after watching 40-60 services.-about,.Read about a dozen other “similar” forums/solutions… both HERE ( [at] Comodo)… and elsewhere. One of the suggested training seminars. was to go into the group policy editor…and (gpedit) what was needed to get the job done.

However, gpedit DOES NOT WORK in win10 Home -so those options are impossible to perform. (Face it Microsoft truly is evil >:-D )

ANY OTHER SUGGESTIONS - would be GREATLY APPRECIATED!

Try deleting the content of c:\ProgramData\Comodo\Cis\wpTemp and try again.

Before I found your comment… while waiting for ANY / ALL OTHER SUGGESTIONS - outside of my grammatical -incorrectness - I did do a full uninstall… reboot… fresh download… - re-install… It installed hiccup free. However - as soon as I tried “update”… boom… failed to connect… and yes… I just double checked… the WINDOWS FIREWALL - oddly it was on (which I thought, normally gets shut off by the more dominant comodo firewall when it installs) - but with it off… now… I tried update… and instead of it immediately saying … “scan aborted” - your could actually see… a 1.2 second attempt of trying to contact update servers… before it flipped… “scan aborted”.

Not sure if that helps - I will try your suggestion next Eric, thanx

Looked could not find wpTemp file… a couple cavwp (cavwp and cavwpps) … files… but not… wpTemp

You need to change view in Tools/Folder options to see hidden files screenshot of ProgramData/Comodo/Cis/wpTemp.

[attachment deleted by admin]

A lil bit different in Win10 (trust Microsoft to mess up… how to unhide hidden files folders and extensions) … but… with it done… similarly through view…change view options… view… and removing checkmarks from hide folders … etc… and APPLY TO ALL FILES

Even though… the process has been dynamic in the past… I exited out…and came back in… and to no avail… no wpTemp folder

Tried running in Compatibilty Mode - WINDOWS 7 - no difference - still not updating… going to try in safe mode… see…if there is either a) a hi-jack that is blocking comodo’s server… b) something in the host file… blocking access to the comodo server…etc…

Booted into SAFE MODE - and… COMODO is performing the updates - will update you all - later

…not sure if I can scan from safe mode… but any inputs… would be greatly appreciated…

(sure wish COMBOFIX was win10 compatible !! )

Once updated you can also scan from Windows in case it wouldn’t scan in Safe Mode.

UPDATED IN SAFE MODE…currently… 1 hour 23 minutes into a SAFE MODE FULL SCAN…

about 49% of the way through… and only found 1 infection

Malware@#8pszj6r4o77w … in c:\program files (x86)\Nirsoft\nirsoft produkey\produkey.exe

That would be a false positive. Please consider submitting it as false positive. It is at best a PUP.

okay… update and scan finished in safe mode… -before I got to your update - it says it “cleaned” it… but the nirsoft … was the only one it found… - that said… I rebooted back into Normal mode… launched comodo again… - tried update… failed but atleast it is not aborting the scan… and I have another full scan going…

so… the question is… where… besides… comodo firewall rules… / global rules… would I look to see if there is a “block” preventing comodo from getting out… (as I said… MBAM and Spybot…and FireFox…and Edge all update just fine)…

I would think… since I did an uninstall… and re-install… from a fresh download… any “residual” registry entries… would/should have been removed…

(no… I didn’t use the comodo removal tool) …

any more thoughts… inputs?.. (obvious… what ever is NOT LOADING IN SAFE MODE… is blocking it in normal mode)

Mark

Another driver probably getting in the way when running Windows 10 normally. Do you have other security programs installed that run in the background alongside CIS? Or other programs that interfere with networking?

Spybot S&D v2.5 is the only other program with a TSR (Terminate and stay resident portion on the system tray)… MBAM 2.1.8 is a manual load… update… scan.

Full Scan in NORMAL MODE found nothing new

I have seen when Spybot 2.x was installed alongside CIS it seriously degraded performance of a potent i7 laptop. If the problem with the av update persists please uninstall Spybot temporarily to see if it has an influence.

Uninstalled Spybot 2.5… during uninstall… I was prompted to go into… spybot… and unblock anything that might have inadvertently been blocked by Spybot… so of course…i did do that… just in case… “Comodo” was one of them.

oddly… on reboot… - a pop-up box came up… said… “Spybot Post Win10 wants to make modifications to your system click yes to allow or no to cancel”… - clicked cancel… as I did NOT request re-install…

So then I launched Comodo… said… do an updated… failed… failed…failed failed…

I have one more thought…but it may be a lesson in futility… uninstall and re-install Comodo… with a reboot in between those processes… just in case… Comodo is holding onto a former spybot…registry setting… or something? …totally grasping at straws… now…

…secondary theory… IF Comodo was set to Block Comodo… by accident… ( by user … not me… during its first install… or shortly there after… say…by just answering…screen pop-ups not knowing what they were being prompted for…/ to do… - maybe they just wanted the pop ups to go away … ( I truly don’t know why people panic that way…) ) - and that was what was preventing them from attaching to the update-server… - AFTER an uninstall… reboot… re-install from scratch with a fresh download… is it still possible that a) the host file… … b) a registry setting… or c) some rogue “rule” file from Comodo didn’t get erased… deleted during the uninstall / reboot process?.. thereby… “CARRYING-OVER” previous… settings… / rules into a fresh install?

Any other thoughts… inputs… greatly appreaciated…

I took a peak at the other post… about AV updates not downloading…

Tried the 5 steps (disabling the updates, editing the registry… removing the tasks… then re-enabling update)

… to no avail… - all 4 updates… blocked…

I added the quote to the procedure jimmimcsandy is referring to. Eric