A little HIPS surprise

A defragmentation program (from the list in the Off Topic board), SpeeDefrag (http://www.vcsoftwares.com/SpeeDefrag.html), can be set to load with Windows as the very only application. Explorer won’t load. Then it’ll defragment the disc you have chosen.

Now, HIPS (CAVS 2.0) actually alerted before the defragmentation was done and it should shut the system down. This was a positive surprise (even though there was no security threat). I suppose some things were loaded with Windows after all - perhaps not CMain.exe, but some process(es) with the user “System”?

Well done HIPS :slight_smile:


I’m glad you have had a positive experience. Two times I had to disable HIPS which I really didn’t want to thave to do. I am running CPF and CAVS. Both have worked extremely well except for a couple exceptions. HIPS locks up yahoo messenger when Ymsgr_tray.exe tries to run after logout and exit (down to systray icon only).

The first time it popped up asking for permssion, but both CAVS and Yahoo locked up, so had the window in the lower right corner that was on top of any other application. Trying to end task or end process was uneventful. The second time was after a large update of CAVS today. I had to restart the computer after the update was complete, exited yahoo this evening, and same thing. Although under the HIPS menu it showed it was turned off, it was turned on in main CAVS window. I had to turn it on then off under HIPS menu to get it turned off in both places.

Hopefully someone can help me with this… or I may need to find a bug report. Sending copy to Comodo as well.

I haven’t had your problems, so unfortunately I can’t help you. I think it’s fine if you send Comodo a ticket for this.

A couple of weeks ago I also did have a problem with HIPS. It alerted while I installed a program (sorry, don’t have a clue which program it was), which usually doesn’t matter - I just click Allow. But this time the interuption of the installation progress caused the program not to work at all. So it’s probably a good idea always to disable HIPS while installing programs.


Javve, to avoid this scenario you can manually add the application to the Exception list for HIPS.

In the CAVS GUI, go to Settings/HIPS(General) then find the line “What items to exclude from HIPS application control” and click the ‘Select’ button next to that. Then you will have to browse to the file you need (Ymsgr_tray.exe) to select it, click OK/Apply until it’s all set.

That should avoid the issue. Hope it helps,


Thanks for the reply. I was able to do this but it only allows you to select a folder to exclude. I have my explorer set to view address on my computer so I had to go to the folder, copy the location and paste it and add Ymsgr_tray.exe. Maybe this feature could be modified for a selection of add file or add folder?

I’m glad I did exclude just the tray program and turned HIPS back on. It blocked a worm on my computer. Ran both ad aware and CAVS, then I remembered about BoClean. Installed, restarted, and right away it caught it and squashed it :Beer


Hi guys,

I normally post on the BOClean forums but just looking to see when v3 of CAVS was likely to be out (noted beta probably at the end July) I keep noticing references to HIPS.

Not wanting to appear to be a total idiot I even Googled it, but no joy.

Any chance someone here can tell me what it is, what it does, etc. before I pull out the remaining strands of my hair (at 63 there’s not much left). (:SAD)

Thanks in advance,



Here’s the Wikipedia link: Intrusion detection system - Wikipedia

CastleCops’ wiki entry: http://wiki.castlecops.com/HIPS_FAQ

Our HIPS-related board: https://forums.comodo.com/hips_host_intrusion_prevention_systems-b70.0/

Hope that helps,


Many Thanks Little Mac,

Just read all those links and quite clued up on what it means now.
Seems the way forward for protection against Virus and Malware.
One of the articles mentions that HIPS will be included in CFP v.3.
That will be worth having I’m sure.


Oh it’s a trip, that’s for sure! To get an idea of what CFP v3 does with its HIPS, check out ProcessGuard by DiamondCS. It’s a defunct software (no support, updates, etc), but the website is still there, and you can check out its features, download the free (non-full) version, etc. Check out what the full version does/did. Imagine it on steroids, all beefed up. Then plop a Comodo name on it, and you won’t be too far off…


Will HIPS work together between CPF V3 and CAVS? Any talks of a combined program for the two or a combination of CPF, CAVS, and BoClean?


Hi Javve, as far as I know - the HIPS of CPF 3 will be used if you run CAVS at the same time. Now when CPF is in alpha, I don’t know if this really works automatically. But the intention is to let CPF do the HIPS job. As for BOClean, it should be integrated with CAVS in the next version. So when all this is out of alpha and beta, you’ll have two super powerful pieces of software to protect your system. :slight_smile:


(edit, wrote “ran” instead of “run”, don’t know why)

The LionEagle pretty much has it there, Javve… :wink:

I’m not sure at this point how it will be implemented, but if a user has just CAVS, then that HIPS will be active. If they have just CFP, that HIPS will be active. If they have CAVS & CFP, only the CFP HIPS will be active.

CBO will in some way be integrated with CAVS (I think in the next version; at least some aspects of it). CBO will also be a stand-alone product for those not running CAVS.

AFAIK, there are no plans to combine CFP & CAVS into one monster security application, although they are (I think) planning a “suite” wherein the user selects what they want included in that group of products, simply for centralized control. If they want centralized control (such as with a suite) they have it, with whichever Comodo products they want to include. If they want separate controls for some or all products, they have that option as well. The idea is that wherever possible, resources would be shared instead of running separately - for increased stability and decreased drain on the system.