Bug report for CAVS beta

Hi All,
Please report bugs here for CAVS beta Thanks all for your kind support.


After updating to and rebooting, ABOUT - VERSION INFORMATION still reports as

Ewen :slight_smile:

Memory scan shows scanned objects as Folders (scanned objects:492 = Folders: 492). Is that normal?

Memory scan time seems still slow somehow: 492/162 ~3,4 object/s. However, i can configure the on demand scan to avoid memory scanning, which is nice.

Earlier reported bug:
netsh diag gui
run test for email

It’ll only cause error if i check the display progress indicator.

Error message (Comodo AntiVirus Email Proxy Server caused an error…):
AppName: cavemsrv.exe AppVer: ModName: mfc71.dll
ModVer: 7.10.3077.0 Offset: 00029097

Hi Ewen,
After updating to, the program updates version will be changed to Pls check the program updates version field.
The setup build version( will be unchanged. This makes clear that you have installed setup version and got program updates


So “Build Version” is actually referring to “Base installation version”?

Yes. The “Build version” indicates setup build version which was used to install the softawere.
And “Program updates version” show the updates version of CAV program files.
These information are helpful to technical team to provide support to user.


Hi Arkangyal,
Thanks. The memory scan count is wrongly displayed as folder object. Its minor bug and will be fixed.


Hi Arkangyal,
Does it work with factory default email settings (ie. without changing email setting)?
By default “display progress indicator” check box is selected. Do you mean it gives error if you deselect the check box and again select the the checkbox?


Hi kishork,
I meant: if i either leave on it’s default state (which is checked) or i uncheck then re-check, it’ll cause this error. So if this switch is checked and i run the test, the server will cause an error. If i uncheck and i run the test, there’s no error message. It won’t cause any errors if i’m just clicking the checkbox. Do these answered your question?


Hi Arkangyal,
Yes. Thanks you very much.
Can you pls let me know what test you run? Which email clients you have installed and whats its version?


The netsh is a built-in windows application - everyone got it in the Windows -, it’s main purpose to fix/test network problems. Type in “netsh” to “Run…”, then type in “help” to get more infos about netsh commands (this netsh is like a sub-system).

I got outlook express 6.00.2900.2180 as e-mail client but i don’t know if this is e-mail client related.


Is it possible that CAVS forgets my quarantine (at on-access, to quarantine if disinfect fails) and memory scan (on-demand’s general) settings after an update? I guess i saw this on two computers - i only had access to these two computers, i haven’t checked others - but i’m unsure, anyone can confirm this behavior?

Hi kishor, I wasn’t sure if I was supposed to reply here or under the thread with my test results for the hal.dll issue. I posted the files and the results under the old thread, which is here: https://forums.comodo.com/index.php/topic,6794.msg54203.html#msg54203. Please let me know if there’s anything else I can do to help resolve this issue.

On-Access scanner issue. I downloaded three versions of the EICAR file - the file itself, the zipped version, and the double-zipped version. On-Demand detected it, and so did On-Access. However, OA scanner did not detect it until I opened the file and allowed it to run with HIPS. THEN it kicked in to alert me.

I know when we had the winlogon.exe deal, simply clicking on file (a left-click) was enough to set OA screaming, but on the EICAR, it does nothing until I open the actual file.

LSP issue. You know I mentioned in the “jump-the-gun” thread, pre-release of this version that the LSP failed to uninstall on two machines for After uninstall and reboot, it was still up & running, per AutoRuns (and there was an error message during uninstall). I used LSPFix, which said there were no problems, and showed the LSP active; which I then removed. This has happened in the past and I didn’t remove it; in that scenario the email scanner failed to install the next time.

All that said, I removed the LSP on both machines. On the laptop, I uninstalled the pre-release version and installed this version directly yesterday. On the desktop, I uninstalled the pre-release version, reinstalled, and let it update to when it went live yesterday. In both scenarios, there were no errors during install, no indications of any problems. In both scenarios, the LSP is not running. Both CavEmLSP.dll & CavInsLSP.dll are present in the CAVS folder. I have not manually run InstLsp.exe; should I do so?


I performed a fresh install, all went OK. Then I re-booted my pc.

Suggestion 1: hips started flashing away warning of programs immediately. Wouldn’t it be better to only activate hips after the scan for programs?

I scanned to make a user defined list… at the end of the process I said yes to submit the list. Next I performed a full virus scan. At the end CAV said that there were programs found that were not on the safelist. Did I want to submit them, I looked at the list & there were items that had appeared in the list from the first program scan… odd! So I said no to submit (as I guess you don’t want the same list twice).

I then started some programs, and had hips alerts for them… programs like firefox and thunderbird - which I thought would be on the safelist, or in my user list following the scan. So, I guess somewhere along the line the safelist process has not worked, or perhaps I did something wrong?? Donno!!

In the Hips settings, I’ve looked in the manage list section, and there are only the files I have said “ok” to manually. Where is the “comodo safelist”, can I view it?

Is there a way, other than re-installing, of performing the safelist scan again?


NB. Just run a-squared HiJackFree for the first time with no HIPS alert. Perhaps the alerts for Firefox and thunderbird are because I have a extensions / themes installed which change the program signature???

Roy, the Comodo safelist is encrypted and locked away from prying eyes, to avoid corruption. Your manage list you’ve already found.

You can run the UPSDbMaker again, easily enough, without a reinstall… Navigate to c:\program files\comodo\comodo antivirus, and open the item, UPSDbMaker.exe.

There is an “Advanced” button on there, where you can select any filepath(s) you want to scan, rather than scanning everything.


It takes a while while you guys recognise my Hungarian notepad.exe, hm?

Guys problem…

ONe of ma frndz had a virus problem and he formatted and installed again. then after installing Avast ant after running a scan he found a virus but was unable to remove it. So I asked him to try CAVS and guess what CAVS said “no problems” I’ll try to get more details about the virus/trojan

file name was dd1.msi…it was in another drive