cavasm.sys causes 1x1F and 1x8E Stor Errors (BSODs)

Zazula · August 22, 2008, 3:51pm

Introduction

On a PC running Windows XP Pro SP2 x86 5.1.2600 (fully patched and up-to-date) with IE 7.0.5730.13, there has been a number of BSODs that WinDbg links to the cavasm.sys driver. This PC hasn’t experienced during all this time any other Stop Error that was related to anything else but cavasm.sys.

Comodo AntiVirus - Product Information

Build Version : 2.0.17.58
DataBase Version : 2.0.0.624
AllowDB Version : 2.0.16.52
Program Updates Version : 2.0.17.58
CMain.exe : 2.0.12.42
CavApp.exe : 2.0.11.39
CavSn.exe : 2.0.11.41
CavAud.exe : 2.0.9.26
CavMud.exe : 2.0.9.26
Cavasm.exe : 2.0.1.8
CavEmSrv.exe : 2.0.11.40
CAVSubmit.exe : 2.0.11.49
cavengine.dll : 2.0.0.5

Other security software present

Comodo Firewall Professional 3.0.25.378
Ad-Aware 7.1.0.10
Spybot - Search & Destroy 1.6.0.30
Spywareblaster 4.1

Description

The last three times I experienced the problem, I kept notes on how/when it was produced and I also kept the resulting minidump files. The first time CAV was active and I was working as usual (I was actually browsing TechNet if that’s of any worth), and it happened out of the blue. The second time I had exited CAV (right-click on tray icon → Exit Comodo AntiVirus) and I was using the standard Windows Disk Defragmenter to defragment the partition where CAV resides (among others). The third time I had also exited CAV and I was running Sysinternals’ Procmon (Process Monitor) while performing a KB940157 installation. Neither of these two last times had I killed the cavasm.exe process which was reported by Procexp (Process Explorer) as being active (in spite of my “exiting” CAV).

Attached files

The three last minidumps plus my own cavasm.sys v.2.0.1.6 (not the one from the CAV folder, but from the CAVASpy folder instead - for methinks this one is active at the time of the Stop Errors).

How I TRIED to resolve the problem?

By thinking I’d better ask around the forums BEFORE I uninstall CAV. (:TNG) Truth is, I have started for quite some time now urging people (who entrust me the tech support of their PCs) to switch to Comodo for their AntiVirus, on top of their fabulous Comodo Firewall - and they’ve been listening. I’d really like to keep it that way and stay assured I’ve been suggesting to them a great product indeed. (:AGL)

Valediction (for the time being, at least)

Many thanks in advance for your help. Hello and nice to meet you, by the way (I’m Zazula and I stink at introductions). I think you’ve got an excellent community here - kudos!

[attachment deleted by admin]

EricCryptid · August 25, 2008, 6:57pm

I’ve had simular problems myself with CAVS though not found the solution as of yet. I thought it might relate to me being XP SP3 but there’s definately some sort of Driver issue with CAVS 2.

Perhaps one of the other Mods or users will have a work-around.

For now I’m simply using CBoClean / CMF and CPF3 with regular scans.

E