High CPU usage

[Guest]

[archer23]

I noticed there haven't been any posts on this subject for a while, but i appear to be having problems very similar in nature. For the past few nights I've left my pc running peer to peer overnight and woke up to find that it has rebooted its self and is waiting for me to enter my windows password. Even stranger still my modem was still showing signs of high activity even though i wasn't logged into windows.
Have there been any further developments into this issue? I will replace my pc's power supply soon as it is old anyway but i don't feel as if that is the problem.

Commodo F/W Version: 2.4.184.18
OS: Win xp sp2

[Soyabeaner]

Currently there are really only two options with CFP:
1) ** FAQs/Threads - Read Me First **:

Version 2.4 - cpf.exe and High CPU
http://forums.comodo.com/index.php/topic,6819.0.html
http://forums.comodo.com/index.php/topic,6933.0.html
http://forums.comodo.com/index.php/topic,6943.0.html

Version 2.4 - cmdagent.exe and High CPU
http://forums.comodo.com/index.php/topic,5499.0.html
http://forums.comodo.com/index.php/topic,5972.0.html
http://forums.comodo.com/index.php/topic,6160.0.html

2) Beta test CFP v3 or wait for the final

[oyzz]

You can try this one.  I've done lots of testing and monitoring with cmdagent.exe and found that monitor dll injections (MDI) has been the main cause.  If you turn it off for a few days, then turn it back on.  It might solve the issue like it did for me.

Forgive my ignorance but how could I turn off the MDI? I am totally a newbie to this. My cmdagent.exe takes 80-99% of CPU power frequently. That's really killing me.

[Soyabeaner]

security
advanced
application behavioral analysis
configure
monitor dll injections

BTW, oyzz, you have 0 posts even though you just created one

[Zito]

Running ProcMon and opening http://img186.imageshack.us/my.php?image=comodo0023tb.png in IE6 logged 438,940(!!!) file operations between cmdagent.exe and cpf.exe

Unless you absolutely can't do without it, disable NetBT. This will close ports 137, 138 and 139 (the first two can be seen in your screenshot) and substantially reduce inbound connection attempts. You can do that by right clicking your LAN connection in Network Properties --> Properties --> double click Internet Protocol (TCP/IP) --> Advanced (button) --> WINS (tab) --> checkmark the radio button called "Disable NetBIOS over TCP/IP". Apply/OK in the usual way.

[WomenAreMen]

Here are my 2 cents if you don't mind.

CPU shows spikes with following when I close utorrent.exe (BT client version 1.7.5.).
System
cpf.exe
BOX425.exe

comoro firewall pro version 2.4.18.184
I'm on WIN XP pro SP2

Comodo "tests":

• Changing Monitor DLL injections/ Monitor COM/OLE doesn't change anything.
• When I close comodo spikes are gone.
• Starting comodo firewall with utorrent closed brings spikes back again.
• Turning off all monitors besides network monitor changes nothing.
• Turning off network monitor gets rid of the CPU spikes with utorrent running or not (!)

For Network Monitor, I have a rule for utorrent:
ALLOW TCP or UDP IN or OUT FROM IP [Any] TO IP [Any] WHERE SOURCE PORT IS [Any]  AND DESTINATION PORT IS (port I set for utorrent). This rule works, as the port is opened when the rule is there, and without the rule, the port is indicated as closed.

First I thought the rules allowed leaks when the programs weren't actually making use of their specific rules, which caused some conflict and caused it to spike up the CPU or something.

Oddly enough, even after removing that utorrent rule, the CPU spikes remained whether utorrent was running or not.

So while I can say with high certainty that my CPU spikes are correlated with the network monitor, I'm not sure what's causing it exactly.

[Alexo]

Unless you absolutely can't do without it, disable NetBT. This will close ports 137, 138 and 139 (the first two can be seen in your screenshot) and substantially reduce inbound connection attempts. You can do that by right clicking your LAN connection in Network Properties --> Properties --> double click Internet Protocol (TCP/IP) --> Advanced (button) --> WINS (tab) --> checkmark the radio button called "Disable NetBIOS over TCP/IP". Apply/OK in the usual way.

Won't it disable file sharing on hte LAN?

[Little Mac]

So while I can say with high certainty that my CPU spikes are correlated with the network monitor, I'm not sure what's causing it exactly.

Try disabling "Do Protocol Analysis" and also "Block Fragmented IP Datagrams" (if enabled); do so one at a time, and reboot after the change.  One of those may help.

Won't it disable file sharing on hte LAN?

If you're sharing resources across a LAN, you may not be able to disable NetBIOS and some other Windows processes/services.

LM

[Tags:]