View Full Version : Should I Worry?!
blipblop
January 24th, 2006, 06:05 AM
There's an odd behavior coming from Nod32 for the last few days...
From the "The virus signature database has been successfully updated to version 1.1372 (20060119)" of 20/01/05 I got straight to "The virus signature database has been successfully updated to version 1.1375 (20060123)" of 23/01/05 with several connection failures in the meantime.
I guess I should have checked the Event Log and used another server for downloading, but that's not exactly my issue. The problem is that for 2 days now whenever I connect to the Internet through my dialup, Nod32 downloads definitions that, according to the Event Log, has already done in the last time. Signatures version 1.1375 have been downloaded 4 times and each time I click on "Update Now" I get the pop-up windows that says:
"New Virus Database Version...
Installed Version: 1.1376 (20060123)
Update Version: (it's blank)
Update Size: 417240 bytes"
...and I get to download the already installed definitions again. For the past 10 minutes only I downloaded them 3 times.
Why is that?! I should also mention that I've got a few, typical I guess, "Function: gethostbyname, parameters: , return value: 11001".
Has anyone encountered such a problem before or knows what's going on, cause surely this isn't that normal.
Thanks in advance!
Blackspear
January 24th, 2006, 06:17 AM
Hi Blipblop, welcome to Wilders.
When you go from 1 update to the latest, and skip a few update numbers in between, then the latest update brings you fully up to date.
gethostbyname generally indicates a failure to reach the update servers, many reasons for this, such as a wireless connection still establishing its connection, a firewall, choosing particular update servers instead of "Choose automatically"... etc etc...
Please check that you have your Username and Password entered into the correct location, as per post number 9 here. (http://www.wilderssecurity.com/showthread.php?t=59959&highlight=11001)
So long as you are seeing regular updates, as in daily, there really isn't anything to worry about...
Cheers ;D
blipblop
January 24th, 2006, 06:35 AM
Thanks Blackspear (for the welcome as well)...
It's odd though, considering that Nod32 keeps redownload, or better say reminds me of downloading, stuff that there's already there. Like it's not keeping definitions' history anymore or something.
I don't think that's and Username/Password issue, since I do download the updates (if I believe the Event Log at least)...would I be wrong in believing that if that was the case, I wouldn't be able to get any new definitions in the first place?
As long as I do have Nod32 updated and not just thinking that I do, there's not really any problem. I just hope that in a month ahead I won't realize (in the worst possible way) that I was vulnerable to a few thousand virus that appeared in the meantime.
Blackspear
January 24th, 2006, 06:40 AM
Can you please post a copy of your logs found in Nod32 Control Centre> Logs> Event Logs
Here's mine, and you will see the same 11001 error.
Cheers ;D
Time Module Event User
24/01/2006 20:19:28 PM Update Error connecting to server 82.165.250.33.
24/01/2006 18:19:22 PM Kernel Statistical information has been sent to Eset.
24/01/2006 18:19:20 PM Kernel The virus signature database has been successfully updated to version 1.1376 (20060123).
24/01/2006 18:19:08 PM Update Error connecting to server 82.165.237.14.
24/01/2006 17:18:29 PM Update Function: gethostbyname, parameters: , return value: 11001
24/01/2006 17:18:29 PM Update Update attempt failed (Server connection failure.)
24/01/2006 17:18:27 PM Update Error connecting to server beta25.eset.com.
24/01/2006 17:18:23 PM Update Error connecting to server u3.eset.com.
24/01/2006 17:18:20 PM Update Error connecting to server 82.165.250.33.
24/01/2006 17:18:18 PM Update Error connecting to server 82.165.237.14.
24/01/2006 17:18:17 PM Update Error connecting to server u4.eset.com.
24/01/2006 17:18:13 PM Update Error connecting to server u2.eset.com.
24/01/2006 17:18:11 PM Update Error connecting to server u7.eset.com.
24/01/2006 7:43:23 AM Kernel Statistical information has been sent to Eset.
24/01/2006 7:43:22 AM Kernel The virus signature database has been successfully updated to version 1.1375 (20060123).
23/01/2006 21:30:55 PM Kernel The virus signature database has been successfully updated to version 1.1374 (20060123).
23/01/2006 18:31:08 PM Update Error connecting to server 82.165.237.14.
23/01/2006 18:31:06 PM Update Error connecting to server 82.165.250.33.
blipblop
January 24th, 2006, 06:57 AM
Sure! :)
24/1/2006 13:00:16 Kernel The virus signature database has been successfully updated to version 1.1376 (20060123).
24/1/2006 12:37:27 Kernel The virus signature database has been successfully updated to version 1.1376 (20060123).
24/1/2006 12:35:24 Kernel The virus signature database has been successfully updated to version 1.1376 (20060123).
24/1/2006 12:18:58 Kernel The virus signature database has been successfully updated to version 1.1376 (20060123).
24/1/2006 12:15:06 Update Function: gethostbyname, parameters: , return value: 11001
24/1/2006 12:15:06 Update Update attempt failed (Server connection failure.)
24/1/2006 1:04:29 Kernel The virus signature database has been successfully updated to version 1.1375 (20060123).
24/1/2006 1:01:51 Update Function: gethostbyname, parameters: , return value: 11001
24/1/2006 1:01:51 Update Update attempt failed (Server connection failure.)
23/1/2006 22:45:47 Kernel The virus signature database has been successfully updated to version 1.1375 (20060123).
23/1/2006 22:41:29 Update Function: gethostbyname, parameters: , return value: 11001
23/1/2006 22:41:29 Update Update attempt failed (Server connection failure.)
23/1/2006 18:35:10 Kernel The virus signature database has been successfully updated to version 1.1375 (20060123).
23/1/2006 17:37:43 Kernel The virus signature database has been successfully updated to version 1.1375 (20060123).
23/1/2006 17:32:30 Update Function: gethostbyname, parameters: , return value: 11001
23/1/2006 17:32:30 Update Update attempt failed (Server connection failure.)
23/1/2006 0:48:09 Update Function: gethostbyname, parameters: , return value: 11001
23/1/2006 0:48:09 Update Update attempt failed (Server connection failure.)
22/1/2006 23:48:09 Update Function: gethostbyname, parameters: , return value: 11001
22/1/2006 23:48:09 Update Update attempt failed (Server connection failure.)
22/1/2006 21:48:10 Update Function: gethostbyname, parameters: , return value: 11001
22/1/2006 21:48:10 Update Update attempt failed (Server connection failure.)
22/1/2006 14:57:08 Update Function: gethostbyname, parameters: , return value: 11001
22/1/2006 14:57:08 Update Update attempt failed (Server connection failure.)
22/1/2006 2:18:19 Update Function: gethostbyname, parameters: , return value: 11001
22/1/2006 2:18:19 Update Update attempt failed (Server connection failure.)
21/1/2006 20:27:50 Update Function: gethostbyname, parameters: , return value: 11001
21/1/2006 20:27:50 Update Update attempt failed (Server connection failure.)
20/1/2006 23:50:46 Update Function: gethostbyname, parameters: , return value: 11001
20/1/2006 23:50:46 Update Update attempt failed (Server connection failure.)
20/1/2006 22:50:47 Update Function: gethostbyname, parameters: , return value: 11001
20/1/2006 22:50:47 Update Update attempt failed (Server connection failure.)
20/1/2006 16:49:49 Update Function: gethostbyname, parameters: , return value: 11001
20/1/2006 16:49:49 Update Update attempt failed (Server connection failure.)
20/1/2006 6:46:25 Update Function: gethostbyname, parameters: , return value: 11001
20/1/2006 6:46:25 Update Update attempt failed (Server connection failure.)
20/1/2006 2:47:04 Kernel The virus signature database has been successfully updated to version 1.1372 (20060119).
20/1/2006 2:45:21 Update Function: gethostbyname, parameters: , return value: 11001
Hope that's enough, in order to show the "problem" I'm talking about. What worries me is the chance that updates never really get into the Nod32's definitions and that's why it keeps asking me to update.
Blackspear
January 24th, 2006, 07:01 AM
{QUOTE-> 24/1/2006 13:00:16 Kernel The virus signature database has been successfully updated to version 1.1376 (20060123).
24/1/2006 12:37:27 Kernel The virus signature database has been successfully updated to version 1.1376 (20060123).
24/1/2006 12:35:24 Kernel The virus signature database has been successfully updated to version 1.1376 (20060123).
24/1/2006 12:18:58 Kernel The virus signature database has been successfully updated to version 1.1376 (20060123).
24/1/2006 1:04:29 Kernel The virus signature database has been successfully updated to version 1.1375 (20060123).
23/1/2006 22:45:47 Kernel The virus signature database has been successfully updated to version 1.1375 (20060123).
23/1/2006 18:35:10 Kernel The virus signature database has been successfully updated to version 1.1375 (20060123).
23/1/2006 17:37:43 Kernel The virus signature database has been successfully updated to version 1.1375 (20060123). <-QUOTE}Seeing these multiple updates of the exact same signature I would suggest the following:
Please download a FRESH copy of Nod32 from www.nod32.com
Uninstall your current version.
REBOOT your Computer.
Remove the Eset Folder from C Drive> Program Files.
Install the FRESH copy of Nod32 that you downloaded above using “Typical Settings”.
Let us know how you go…
Cheers ;D
Marcos
January 24th, 2006, 07:53 AM
Maybe some registry entry could not be updated, or a corruption occured on some files in the eset/updfiles folder... just a hunch.
vBulletin® Copyright ©2000-2009, Jelsoft Enterprises Ltd.
Copyright ©2002 - 2009, Wilders Security Forums