Page 2 of 2 FirstFirst 12
Results 11 to 13 of 13

Thread: ZAISS 8.0.298.000 'unable to contact update server' for AV/AS Vista Home Premium SP1.

  1. #11
    Join Date
    Nov 2004
    Location
    localhost
    Posts
    17,290

    Default Re: ZAISS 8.0.298.000 'unable to contact update server' for AV/AS Vista Home Premium SP1.

    Hi!are you running any network accellerator? Using Nvidia Network card (they install a mini-firewall that conflicts with ZA)?Check your hosts file:C:\Windows\System32\drivers\etc\hosts (only one line about localhost)Try to boot only with ZA and standard OS programs and services and update again:1.) Click Start -> 2.) Type MSConfig in the VISTA search box and click OK
    3.) Once in MSConfig, click the Startup Tab
    4.) Remove the checks from everything except ZLClient
    5.) Click the Services Tab
    6.) Place a check in "Hide All Microsoft Services"
    7.) Now remove checks from everything other than TrueVector Internet
    Monitor, and click OK.
    8.) Restart your computerNow try to update...NOTE: You can place your computer back into a normal startup process by
    going back into msconfig and choosing the Normal Startup option on the
    General tab.
    Cheers,Fax

    Click here for ZA Support
    Monday-Saturday 6am to 10pm Central time
    Closed Sundays and Holidays

  2. #12
    jlconrod Guest

    Default Re: ZAISS 8.0.298.000 'unable to contact update server' for AV/AS Vista Home Premium SP1.

    Hi Fax,
    Here is an update on the results of the procedure you suggested below.
    As before, I'll post my comments within your quoted procedure.
    <blockquote><hr>fax wrote:
    Hi!are you running any network accellerator?
    Not running a network accelerator.
    Using Nvidia Network card (they install a mini-firewall that conflicts with ZA)?
    Not an nVidia Network Card, but my motherboard has
    an integrated nForce Ethernet and SMBus controller.
    I did not install the nVidia IP Manager.

    My active connection is integrated motherboard WiFi.
    As previously explained, I connect WPA2 psk with a strong password.
    The router admin also has a secure password and remote management is off.
    Access is only https: with remote management turned off.
    The router is a Linksys WRT54G v8.

    Check your hosts file:C:\Windows\System32\drivers\etc\hosts (only one line about localhost)
    Only a single localhost in the hosts file.
    Try to boot only with ZA and standard OS programs and services and update again:
    1.) Click Start -&gt;2.) Type MSConfig in the VISTA search box and click OK
    3.) Once in MSConfig, click the Startup Tab
    4.) Remove the checks from everything except ZLClient
    5.) Click the Services Tab
    6.) Place a check in &quot;Hide All Microsoft Services&quot;
    7.) Now remove checks from everything other than TrueVector Internet
    Monitor, and click OK.
    8.) Restart your computer
    Now try to update...

    The MSConfig startup as specified above did allow me to update ZAISS 8.0.298.0.
    Yay!!!

    NOTE: You can place your computer back into a normal startup process by
    going back into msconfig and choosing the Normal Startup option on the
    General tab.

    Cheers,Fax
    <hr></blockquote>:8} Since the successful update, I restored MSConfig to normal startup.
    After a reboot, I did a spyware scan and full virus scan with not infections found.

    Following the successful scans, I again updated the antivirus and antispyware signature with no problem.
    I received an e-mail from ZoneAlarm to upgrade from ZAISS 8 to ZoneAlarm Extreme Security, and upgraded the 3 PC license.
    ZAES installed as an Upgrade successfully.
    After a reboot, I was also able to update ZAES antivirus and antispyware signatures with no problem.

    B-)
    This may be a new &quot;ticket&quot; since it concerns ZAES. I configured Browser Security (which I had tested in beta), again with no problem and IE7 works fine afterward.
    My concern or question is with an alert in the ZAES Firewall log.
    Alert rating is Medium, Program is svchost, Protocol is UDP, host IP is localnet from my PC, destination IP is 239.255.255.250.
    I know in the past there have been uPNP vulnerabilities with a number of routers, possibly including the WRT54G, with this purported IANA IP address 239.255.255.250.
    Is it possible that a rogue http request using uPNP to / from that destination IP relates to the 'unable to contact update server' error?

    I will check with Linksys Support.
    Earlier wired only Linksys router minimized the vulnerability with a firmware upgrade.
    That patch did not resolve potential exploits of wireless routers, so there may be a newer firmware.
    I will check.

    My question to you is are you aware of this uPNP issue, and if so, do you have any information or recommendations about this?
    I mention this in case it has a bearing on the 'unable to contact update server' problem I've now encountered twice and resolved both times with great difficulty.
    The first time was with 8.0.059.000 and surfaced after Vista SP1.
    That took six weeks to resolve, including a factory restore of my system (which did not solve the problem, unfortunately).
    The second occurrence is this one we have been working on for about three weeks.

    Thank you again for your patience and insightful suggestions.
    Please let me know whatever light you can shed on the uPNP question.
    If you prefer, I can post it to a new thread.

    TIA in gratitude,
    John




  3. #13
    Join Date
    Nov 2004
    Location
    localhost
    Posts
    17,290

    Default Re: ZAISS 8.0.298.000 'unable to contact update server' for AV/AS Vista Home Premium SP1.

    Hi!thank you for your detailed reporting. Not sure I have understood why now your updating works well. Very strange.The uPnP hacking is done using a vulnerable flash player. Enure you have the latest version of flash installed.Otherwise ad-hoc malicious code need to be run on the machine.To be 100% sure you are safe you could just disable uPnP on your the router. Otherwise I would also change router IP address to an unconventional one(e.g.192.168.12.317) the same will apply to the IP you get via the router (if router manage the DHCP). Automatic not very intelligent malware scriptswill then fail....Alert you mention looks OK, if you checked you are not infected by malware.. then you should be ok.Hope this helps.Cheers,Fax

    Click here for ZA Support
    Monday-Saturday 6am to 10pm Central time
    Closed Sundays and Holidays

Page 2 of 2 FirstFirst 12

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •