COMODO Vulnerability Analyzer - BETA - Version 1.1.5.52 Bug Reports

[Ronny]

Please post all bug reports here. Be sure to include:

-Your Operating System (And Whether if it's 32bit/64bit)
-Security Software Installed
-How you produced the problem
-How you TRIED to resolve the problem
-Post Memory Dumps on crash if you encounter any.
-Any other Additional Information
-BSODS
-Bugs
-False Positives

Ronny

[Ronny]

OS = Windows Vista SP1, Enterprise, x32.
Security Software = Windows Defender(inactive), CIS 3.9.x.509, ClamWin Free, Mbam, Secunia PSI.
Replicate = Put a folder on the exclude list.
Resolve = Remove exclusion.

Error recorded to the event log:
Faulting application cva.exe, version 1.1.5.51, time stamp 0x4a13f077, faulting module cvaeng.dll, version 1.1.5.51, time stamp 0x4a13f074, exception code 0xc000000d, fault offset 0x000404eb, process id 0x458, application start time 0x01c9da43ac7fbfe9.

[John Buchanan]

OS:  Windows Vista Ultimate x64 SP1
Security Software:  Windows defender, CIS 3.9.xxx.509

Added a user defined scan of the C: drive only.  Scanned using this drive.

1.  The listed applications to update does not include associated update links as did the previous version.

2.  Some of the listed applications are incorrectly listed as requiring updates.  i.e. MS SysInternals Process Explorer (I have installed the latest from the website, it shows the previous version instead),

Edit:

3.  Ran the scan the once.  Then I added two folders as exclusions to the drive scan.
Each time the scan was run, CVA stopped running (crashed).  Unchecking  the exclusions made no difference.  Removing the exclusions allowed the scan to complete.

I did note however, the scans were much faster than the previous beta.

[vignesh]

1.  The listed applications to update does not include associated update links as did the previous version.Ye

Hi,
   Did you update from the previous version i.e 1.1.4.30. Does the About box says Database version as 1.215 or 1.220. coz I got the update information link for the updates available list of app. with database version 1.215.

Regards,
Vicky.


[attachment deleted by admin]

[John Buchanan]

The database version is 1.215, and I did a clean install (run as Admin).
No, I did not do an online update.  I uninstalled the previous version first.

[vignesh]

The database version is 1.215, and I did a clean install (run as Admin).
No, I did not do an online update.  I uninstalled the previous version first.

 I guess, a snapshot of the CVA scan result would help the developers to analyze this... or  mention the product(with version information) that is getting missed to show the update information.

Thanks,
Vicky.

[John Buchanan]

Cancel the links issue, as I pulled down the window much further and located them.

[vignesh]

Cancel the links issue, as I pulled down the window much further and located them.

Try enlarging the screen....

Regards,
Vicky

P.S:

[vignesh]

Error recorded to the event log:
Faulting application cva.exe, version 1.1.5.51, time stamp 0x4a13f077, faulting module cvaeng.dll, version 1.1.5.51, time stamp 0x4a13f074, exception code 0xc000000d, fault offset 0x000404eb, process id 0x458, application start time 0x01c9da43ac7fbfe9.

Hi,
  May be the CVA dump under it's installation folder could help the developers to analyze this issue...


Regards,
V

[Ronny]

Hello Vicky,

Can't find a dump file anywhere, where should that be and what's the name ?

Kind Regards,
Ronny

[vignesh]

Hi,
  We can find it under the CVA installation folder(By default it's "C:\Program Files\Comodo\Vulnerability Analyzer") and the name of the file would be MiniDump.dmp....

Regards,
V.

[Ronny]

Nope it's not there.... Also not in my \virtualstore...

Ran it again, doesn't matter if the excluded folder is related to a result just any random exclusion makes it crash.

Problem signature:
  Problem Event Name:   BEX
  Application Name:   cva.exe
  Application Version:   1.1.5.51
  Application Timestamp:   4a13f077
  Fault Module Name:   cvaeng.dll
  Fault Module Version:   1.1.5.51
  Fault Module Timestamp:   4a13f074
  Exception Offset:   000404eb
  Exception Code:   c000000d
  Exception Data:   00000000
  OS Version:   6.0.6001.2.1.0.256.4
  Locale ID:   1033
  Additional Information 1:   1325
  Additional Information 2:   f49d0d01d024451d05b2b4af74b0ba2d
  Additional Information 3:   f444
  Additional Information 4:   074c5c4652bd9d152e94f44c962f2c11

I can reproduce it and work around it:
If i exclude a normal folder CVA crashes everytime on the same point namely here:
A piece of procmon information.

QueryDirectory
SUCCESS
C:\Data\Source\(3) CrashedMarshall\ProgramData\Microsoft\Windows\WER\ReportArchive

If i exclude a normal folder AND C:\Data\Source\(3) CrashedMarshall then CVA Does not crash.

I have copied the complete folder to an other system and on that one it does not crash which leads me to believe that it's permission related (copied over USB stick loses NFTS permissions).

I'll see if i can copy with behold of permissons and see if it crashes then also.

[Ronny]

Bug reporting for version 1.1.5.52 continues from here

[Toxteth O'Grady]

It doesn't detect an old,  PORTABLE version of the Opera browser.

[Ronny]

I also lost detection of an old version of Hypersnap, reverting back to the previous version .51 does not bring this detection back either, did something change in the database that could cause this ?

Vista, SP1, Enterprise, x32.