"Fix the Bugs" time for CAVS :-) (need your help... please read...)

for some reason, on my computer when i run internet explorer 7 and open lots of tabs, the computer seems to freeze, i opened task manager and it said that your real time scanner was lagging my computer. Dont remember the program but it was run by System, when i closed it, the computer continued to freeze, when i disabled the real time scanner and end the program, it froze, hopefully the next release will be fairly stable.
Keep up the good work, your firewall as yet to cause a problem!
I have to comment on your GUI, its extremely sleek and cool! All other free AV and Firewalls like AVG and Zone Alarm have old interfaces!
Also, could you please add an icon in the task bar so people know its working and can easily enable/disable real time, scan the computer without having to start application window in launch pad?
(B) (J) (L) (M) (R) (S) (V) (CLY) (CNY) (CWY)

My mystery of the BSOD IRQL_NOT_LESS_OR_EQUAL has never been solved so im hoping it will be fixed with this next version which soundsl like it going to be amazing as cpf 2.3! Keep up the work also will there be a beta before the final release around the 18th.

Also people should be happy that comodo is even giving away these products for free cause they are high quality products and you cant rate them now even because this is the first version of the av and its not even a final release but a beta.


I believe the beta for CAVS should be in a week or so. The stable release should be mid october depending how many bugs are found with the beta.


would you mind highlighting what gets fixed in blue or some other color that will make it easy to notice what’s improved at a glance?


EDIT: Thanks Melih! That was very nice of you! :wink:

Greetings Comodo team, all,

I think one thing you really need to solve is the update issue, that we need to restart the system, that is painfull for system that need to be 24hs online and be protected, Im using it anyway hopping you solve it soon, but I set the settings of autoupdate to 24hs and scan when I arrive to the system.

best wishes,


Hey Calabrisi,

CAVS should only require a reboot if a system level component is updated. The definitions and signature file updates do not require a system reboot.

Ewen :slight_smile:

Hi Ewen,

its true, now I got it, I had to restart only after install and then after 1st definition OR, activation, so, I had to make 2 instalations, cause the 1st sometime after (not cause of CAV) I had a crash, so I restored the system to the state before CAV, and reinstalled CAV, clearly had to restart like the 1st, today I tryed to scan after the autoupdate and got a nice surprise since I tought I had to restart and it goes nice and easy, so, it was to soon to me ask to fix a problem that dont exist, sorry for that and thanks for your help all, you have a good and fast support and a good comunity.

Another thing, as I see CAV is antiSpy too, right? Im using Defender from Microsoft, is there any problem using both, until we have CAV out of beta stage? I was using CA antivirus, I have 6 months yet, but decided to matain only Comodo CAV alone now for a system I need some level of security, want to know your (active people using it, as Ewen, support and Melih) toughts.

Some issue’s (maybe usefull to tech and support staff), one time, I had this problem, the scan started, and I opened the CAV settings, when I acssesed the settings, and “aply” that, it freeze almost all the system, so I need to use the manager to close CAV, Outlook Express and other programs I dont remember now, then, when I restart CAV (restart only cav, not system) it continues to freeze, until I restart the system

Ok, I think that’s it for now, congrats Comodo.



Hi again,

Thanks Mike read your msg next to mine (this one).

Another issue related to CAV when sending “free secure Comodo mail” in Outlook Express, I cant send it when CAV is monitoring email, when I turn it off, it goes, any idea? Is it solved and Im doing somthing wrong? Is it yet to be solved? Thanks again.


Hi Calabresi,

I use windows defender alongside CAVS and they both work just fine together. It is recommended to still use an active anti spyware alongside CAVS during its beta stages as it does not have all the spyware definitions as of yet.


In about 30 seconds after hitting the Scan Now button I receive an error message that states: Error: Engine Initialization Failed. When I click the OK button on this window another error message appears saying: CavSn.exe - Fatal Application Error ***Unhandled Exception! ExpFlags:0 ExpAddress: 0x00410E6C Please report!



What is up with getting the nasty stuff from a highjack this report? Here is my log with the 4 nasty stuff in it. Spybot will not pick it up which may be it is not really a nasty. cexx.org does not show a problem either.

Logfile of HijackThis v1.99.1
Scan saved at 10:27:57 AM, on 9/17/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\Program Files\Comodo\Firewall\cmdagent.exe
C:\Program Files\Comodo\common\CAVASpy\cavasm.exe
C:\Program Files\Executive Software\Diskeeper\DkService.exe
C:\Program Files\DigitalPersona\Bin\DpHost.exe
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
C:\Program Files\DigitalPersona\Bin\DPFUSMgr.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Digital Media Reader\shwiconem.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\DigitalPersona\Bin\DPAgnt.exe
C:\Program Files\Comodo\LaunchPad\CLPTray.exe
C:\Program Files\Comodo\Comodo AntiVirus\CMain.exe
C:\Program Files\Comodo\Firewall\CPF.exe
C:\Program Files\Hewlett-Packard\AiO\hp officejet v series\Bin\hpoant07.exe
C:\Program Files\Trend Micro\Tmas\Tmas.exe
C:\Program Files\Desktop Alert\desktopalert_1984197.exe
C:\Program Files\Trillian\trillian.exe
C:\Program Files\Comodo\Comodo AntiVirus\Cavaud.exe
C:\Program Files\Hewlett-Packard\AiO\Shared\bin\hpOSTS07.exe
C:\Program Files\Hewlett-Packard\AiO\Shared\bin\hpOFXM07.exe
C:\Program Files\Comodo\i-Vault\i-Vault.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Strokeit\strokeit.exe
C:\Program Files\ID-Blaster Plus\idblasterplus.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Just Me\Local Settings\Temp\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride =;www.direcwaysupport.com;192.168.0.*
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: DiABLO - {487CA274-DDC9-45CA-BF51-2017CE8D6D8A} - C:\Program Files\Comodo\i-Vault\i-Vault.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &FirstStop WebSearch - {E26FDEC1-053B-11D6-B969-CEEBA9E95046} - C:\PROGRA~1\BRUSHG~1\FSWEBS~1\ieband3.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: ZeroBar - {F0F8ECBE-D460-4B34-B007-56A92E8F84A7} - C:\Program Files\NetZero\Toolbar.dll
O4 - HKLM..\Run: [High Definition Audio Property Page Shortcut] HDAudPropShortcut.exe
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM..\Run: [RemoteControl] “C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe”
O4 - HKLM..\Run: [SunKistEM] C:\Program Files\Digital Media Reader\shwiconem.exe
O4 - HKLM..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM..\Run: [EPSON Stylus C62 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S0BIC1.EXE /P23 “EPSON Stylus C62 Series” /O5 “LPT1:” /M “Stylus C62”
O4 - HKLM..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM..\Run: [DPAgnt] C:\Program Files\DigitalPersona\Bin\DPAgnt.exe
O4 - HKLM..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM..\Run: [Comodo Launch Pad Tray] “C:\Program Files\Comodo\LaunchPad\CLPTray.exe”
O4 - HKLM..\Run: [cnfgCav] “C:\Program Files\Comodo\Comodo AntiVirus\CMain.exe” " /login"
O4 - HKLM..\Run: [Comodo Firewall] “C:\Program Files\Comodo\Firewall\CPF.exe” /background
O4 - HKLM..\Run: [PC Pitstop Optimize Scheduler] C:\Program Files\PCPitstop\Optimize\PCPOptimize.exe -boot
O4 - HKCU..\Run: [EPSON Stylus C62 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S0BIC1.EXE /A “C:\WINDOWS\system32\E_SD.tmp”
O4 - Startup: Desktop Alert.lnk = C:\Program Files\Desktop Alert\desktopalert_1984197.exe
O4 - Startup: Trend Micro Anti-Spyware.lnk = C:\Program Files\Trend Micro\Tmas\Tmas.exe
O4 - Startup: Trillian.lnk = C:\Program Files\Trillian\trillian.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HPAiODevice(hp officejet v series) - 1.lnk = C:\Program Files\Hewlett-Packard\AiO\hp officejet v series\Bin\hpoant07.exe
O4 - Global Startup: Trend Micro Anti-Spyware.lnk = C:\Program Files\Trend Micro\Tmas\Tmas.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra ‘Tools’ menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra ‘Tools’ menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\system32\shdocvw.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\cavemlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\cavemlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\cavemlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\cavemlsp.dll
O16 - DPF: PCPitstop-Tracks-Checker - http://www.pcpitstop.com/privacy/PCPTracks.cab
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=48835
O16 - DPF: {3299935F-2C5A-499A-9908-95CFFF6EF8C1} (Quicksilver Class) - https://vapwda.ops.placeware.com/etc/place/DESK/VADpws-a3s/
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://driveragent.com/files/driveragent.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Program Files\Comodo\Firewall\cmdagent.exe
O23 - Service: Comodo Anti-Virus and Anti-Spyware Service - Comodo Inc. - C:\Program Files\Comodo\common\CAVASpy\cavasm.exe
O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\Diskeeper\DkService.exe
O23 - Service: Windows XP FUS Manager (DPFUSMgr) - DigitalPersona, Inc. - C:\Program Files\DigitalPersona\Bin\DPFUSMgr.exe
O23 - Service: Biometric Authentication Service (DpHost) - DigitalPersona, Inc. - C:\Program Files\DigitalPersona\Bin\DpHost.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - Unknown owner - (no file)
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2004\WinStylerThemeSvc.exe

The 010’s show up as nasty. I also get the error that it can not update and needs to close. See attachment.

[attachment deleted by admin]

O10 - Unknown file in Winsock LSP: c:\windows\system32\cavemlsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\cavemlsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\cavemlsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\cavemlsp.dll

I believe it’s a false positive from HighJack.

Thanks kail. I sure hope they are. For whatever reason yesterday I was having a heck of of time connecting to the internet. I could not even log in normally. It would say my password was wrong. I have to go into safe mode to connect. See thread here. Forums - TestMy.net

Well looks like my problem is back. I can not log on normally. I try to login normally. It tells me my password is wrong and then says C:\WINDOWS\system32\lsass.exe with a status code of 1073741819 and says the system will be shut down that was initiated by the error message. I am unable to give you a screenshot since it only happen in the normal mode and I can not log in. Goggle searches mention the Sasser virus. However Comodo anti-virus will not pick it up in safe mode with networking ( so I can get online )and neither will Symantec. :-\The Symantec Sasser removal tool finds nothing. BitDefender online scanner finds nothing. >:( McAfee online scanner finds nothing either. A thread on testmy that I started shows it comes back to a Comodo issue. I hope someone will help with this. I am going to send this same message in a ticket.

Its definitely a false positive. CAVEMLSP entries are supposed to be there, that’s how CAVS does an inbound or outbound email scan.

See https://forums.comodo.com/index.php/topic,792.msg6862.html#msg6862 for info.

ewen :slight_smile:

Hi all,

WinXP SP2, 256MB ram, 1.24Gh Athlon

About my outgoing mail issue, its working after I restarted the system, the issue was I could not send mail without turn off out mail scan. And the settings buttons is working again without freeze CAV. I dont know why and how it started, and how it became ok again, sry. Maybe when I was restoring the system with new instalation process of the other programs, its the only thing I can figure.


Comodo’s AV recognizes the Solarwinds TFTP server as a virus. It is not.

Can you please submit this file with an explanation for removal as a false positive.

ewen :slight_smile:

Please make it as easy to install and uninstall as CPF is.

Like CPF we are getting rid off installshield and putting our own installer, which will make it much easier to handle.


Thanks Melih, Sounds great!! (B)