Resources Available

luketib · August 27, 2007, 11:11am

Looking at resources claimed from CAVS:
*CavAUD.exe 21MByte
*cavse.exe 19MByte
*cavse.exe 19MByte
*CMain.exe 5,8MBye
*cavasm.exe 6,7Mbyte

Total: More than 70MByte used by antivirus engine.
I think that this is too much for my poor hardware.

Question 1):
Can you release a version with:
1 cavse.exe
1 cmain
1 cavasm

…and nothing else??

Question 2):
Could you release the source for the access scan driver??
I’d like to use it to bind with clamav scanner.

Question 3):
Could you release the antivirus with Hips disabled by default?

Bye

LeoniAquila · August 27, 2007, 11:26am

Hi,

Yes, 70 MB is quite a lot.

I don’t know which processes the next version will continue but it will use much less RAM, which I think is more important than the number of running processes.
For security I think it should be enabled by default, but it’s really easy to disable HIPS just once - then it’ll stay disabled. That’s easier than downloading and installing any program.

/LA

luketib · August 27, 2007, 11:34am

There is a situation where you are remotely installing antivirus, then your remote client will be locked by HIPS!!! This not professional…

anderow · August 27, 2007, 2:54pm

Hi luketib,

you could always disable automatic updates and reduce your memory usage by 21MB. You would have to check for updates manually.

As LeoniAquila said, the next version of CAVS will have much less memory usage as well as many other improvements, including better detection, scanning and improved HIPS. I suspect it will be more configurable at installation also but we will have to wait and see.

Central management is another option that may become a reality for Comodo security software at some point in future.

Watch out for the next CAVS release as it sounds like it is going to be a huge improvement on the current version.

:SMLR

panic · August 27, 2007, 2:55pm

Whit if Comodo came out with a Management Console application for networks that allowed silent remote installs, centralised management of the firewall, etc.)? Hmmmm?

Watch this space…

aladinonl · August 27, 2007, 3:30pm

I prefer a CAVS w no HIPS at all since using CFP3.

But Melih said next versions of CAVS and CFP will be compatible so … just wait (haizz)

Little_Mac · August 27, 2007, 4:00pm

If you’re willing to get your hands dirty, you might try this for a remote-install/hips blocking on reboot work-around…

Install CAVS on a local machine; set it to have HIPS disabled. Find the registry key that contains this setting for CAVS (not sure what that key is, but it’s in there somewhere…), and export a copy of it.

When you do a remote install, BEFORE rebooting, import that registry key into the registry on that computer. Then reboot.

CAVS won’t be writing to the registry until after reboot, so when it does, it will have an entry already there, to disable HIPS.

Things like that work fine for the firewall; it should work on CAVS, too.

Hope that helps,

LM

luketib · August 27, 2007, 4:47pm

Thanks for idea of registry!!Good for any future installs.

LeoniAquila · August 28, 2007, 4:32pm

Central management, interesting for companies I guess. Good idea!

Of course, that is the correct setting. I meant that CAVS’s HIPS should be enabled if no CPF 3 is installed, but rather the stable 2.4. And like you wrote, CAVS 3 and CPF 3 should be compatible according to Melih! We certainly have even better protection to look forward to!

/LA