CIS introducing latency over multiple days of uptime [M2129]

  1. The full product and its version:
    CIS 10 Beta V10.0.0.5144

  2. Your Operating System (32 or 64 bit) and ServicePack revision. and if using a virtual machine, which one:
    Windows 10 x64, Anniversary Update

  3. List all the configuration changes you did. Are you using Default configuration? If no, whats the difference?:
    I am using standard setup with Sandbox, Firewall + Antivirus. No HIPS.

  4. Did you install over a previous version without uninstalling first, or import a previous configuration file?:

  5. Other Security, Sandboxing or Utility Software Installed:
    Nothing else, just CIS as far as security software is concerned.

  6. Step by step description to reproduce the issue. Or if you cannot reproduce it, what you actually did before it happened, step by step:

  7. Install LatencyMon to measure Windows operating system latency.

  8. Upon booting, this will show around 50 microseconds. Which is perfect.

  9. CIS is operating normally in the background.

  10. Use PC normally (Websurfing, Office work etc). Everything is working normally.

  11. After each workday, set PC to goto sleep. In the morning wake up PC and continue working. Then sleep again and repeat.

  12. What actually happened when you carried out these steps:

  13. Each morning, use LatencyMon to measure the latency. After each day, latency will increase by about 100-150 microseconds. Once it reaches 500 microseconds (takes about 3-4 days of uptime) audio jitters can be observed, usually related to the Windows network adapter. That means when playing music in media player and loading a webpage (in any browser, doesn’t matter) this will introduce massive jitter (music stopping/starting/stopping then starting again in short succession).

  14. What you expected to see or happen when you carried out these steps, and why (if not obvious):

  15. Upon uninstallation of CIS, this behavior disappears. I have an uptime of 9 days right now, with no jitters. The latency is still around 50 microseconds, just like after a fresh booting.

  16. I tried multiple rounds of install and uninstall, with the same result.

  17. Any other information:
    My suspicion is that your Firewall/network device driver is somehow becoming less and less responsive with longer uptime. I did not test disabling CIS Firewall/Sandbox/Antivirus individually. Maybe the culprit is one specific module.

Link for Windows LatencyMon (free): Resplendence Software - LatencyMon: suitability checker for real-time audio and other tasks


Could you kindly provide more detailed steps regarding third-party utility (latencymon) ? (eg screenshots, where you checked, monitoring time)

Thank you.


of course.

If you look at this screenshot from the Program’s website:

The relevant numbers to look at are the top two ones:

“current measured kernel timer latency” (it is measured approx every second)
“highest measured kernel timer latency” (it is the max of the above number, since measuring started)

You only have to run measuring for some 20-30 seconds. The numbers do not change much after that.

Whenever I referred to “latency in us” (microseconds),I meant the average number shown under “current measured kernel timer latency” after running it for 20-30 seconds. For example, when I wrote “latency was 500 us” it means that latency was fluctuating around say 250 - 750 us over the 20 second time frame. With 500 being the average.

Latency mon will also give you information at the top “Your system appears to be suitable…” – Once latency increases, it will turn to orange and red colors and describing that real time audio can no longer be handled without dropouts.

Hope that helps.

Please test this issue again with (upcoming) BETA2 of version 10.

OK will do, thank you.

Please check with Comodo Internet Security V10.0.0.6071 Beta thanks.

Installed 6071. Will report back after a few days of uptime.

After 20 hours latency is already abnormally high. Will check again in 24-48 hours of more uptime.

Thanks. Appreciate it if you could provide screenshots like that with progress / over days.

After 42 hours of uptime latency has increased a bit more

Thank you.

Reported issue. Thanks again for your efforts.

Thanks, I will try again when they release a version with a fixed attempt to verify. Thanks for reporting it! Its not easy to catch.

Please check with thanks.

Please check issue with CIS thanks.

I have tested the latest version, still happens. But I have found something interesting. I made a test WITHOUT the Firewall (so only the Antivirus component was installed for this test) and there is no DPC latency now, even after 4 days of uptime. It appears the latency is slowly (over multiple days) introduced with the Comodo Firewall.

I currently run the Windows stock Firewall and Comodo antivirus and have no problems.

The latency could be related to the inspect.sys driver. Could you for the sake of testing try the following.

Add the Comodo FIrewall so you will run the full suite again. Then disable the Comodo Internet Security Firewall driver in the Properties of your network adapter. That will disable all filtering done by Inspect, the packet filter driver, effectively disabling the working of the firewall. That’s why you leave Windows Firewall running.

If the DPC problem does not happen when running the computer multiple days we’ve established it is the Inspect driver is the root cause.

Hello, I have performed the above test. I have installed the Comodo firewall, then immediately upon boot disabled the Firewall driver in the IP4 networking settings. Then after about 35 hours of uptime I have tested latency and it was too high already, see screenshot.

When uninstalling the Comodo firewall my latency never spikes above 300/400 even after 5 days of uptime.

Thank you for testing. We now know it is not the Inspect driver causing but one of the other drivers.

Could you check disabling other CIS drivers one at a time like you did with the Inspect driver? You can disable them with Autoruns. Remember to reboot the computer after you disabled the start up. Those are the drivers:

Please keep in mind that disabling a driver will reduce the overall security of your system.