Cmdagent consumes 100% CPU for long periods even with D+ perm disabled [NBZ]


This should summarise the issue. May be best to write it after drafting the issue report. A good title makes sure the right mods and the right devs look at the report

CMDAGENT.EXE runs at high cpu for prolong periods for no apparent reason.

The bug/issue

  1. What you did: Normal day to day activities. maybe opeing a browser window. not gaming or any other resource intense activity.
  2. What actually happened or you actually saw: System slowed to an absolute crawl. Task manager opened eventually to reveal cmdagent.exe at 100% cpu.
  3. What you expected to happen or see: I didn’t know what to expect, except for an even distribution of cpu and ram usage i suppose ?
  4. How you tried to fix it & what happened: Tried to change the priority of CMDAGENT.EXE. Access was denied. Only option left was to terminate said executable.
  5. If its an application compatibility problem have you tried the application fixes?: ?
  6. Details (exact version) of any application involved with download link: Only comodo and perhaps IE
  7. Whether you can make the problem happen again, and if so exact steps to make it happen: The hard part. It seems intermittent
  8. Any other information (eg your guess regarding the cause, with reasons): My guess is that CMDAGENT.EXE is not respecting the host O/S processes and is taking all resources available, including critical O/S resources, why is unknown, there appears to be no logging of the exe’s activities.

Files appended. (Please zip unless screenshots). NONE

  1. Screenshots illustrating the bug:
  2. Screenshots of related CIS event logs and the Defense+ Active Processes List:
  3. A CIS config report or file.
  4. Crash or freeze dump file:

Your set-up

  1. CIS version, AV database version & configuration used: CIS, Virus Sig: 6678.
  2. a) Have you updated (without uninstall) from CIS 3 or 4, if so b) have you tried reinstalling?: NO.
  3. a) Have you imported a config from a previous version of CIS, if so b) have U tried a preset config?: NO
  4. Other major changes to the default config (eg ticked ‘block all unknown requests’, other egs here. ) NONE
  5. Defense+ and Sandbox OR Firewall security level: Defense = OFF, Antivirus = Stateful, Sandbox = OFF, Firewall = SAFEMODE
  6. OS version, service pack, no of bits, UAC setting, & account type: XP SP3, 32 bit, All latest Windows Updates, UAC not applicable in XP, Administrator account. 64bit AMD 3500+ 3gb DDR Ram.
  7. Other security and utility software installed: Native Nvidia Firewall (disabled), Windows Firewall, (disabled),
  8. Virtual machine used (Please do NOT use Virtual box): NONE

Comodo CMDAGENT.EXE is killing my machine. Where are the logs which tells us what CMDAGENT is doing?
CMDAGENT is actually malware if you go strictly by the definintions:
Industry standards define software that impairs user control over material changes that affect their system security as potentially unwanted technologies. or malware.

I cannot set the pritory of the said cmdagent in task manager, only stop it altogether leaving the machine without firewall. This leaves my machine either exposed or useless. !!! That’s not good security.

Also, Ifind it interesting comodo have not signed up to the ASC, almost all major vendors have, even Microsoft.
Why is this comodo? and what is CMDAGENT.exe really doing?

Thought / comments are welcome.

We would very much appreciate it if you would edit your first post to create an issue report in line with the bug forum guidelines and format here. You can copy and paste the format from this topic.

To understand the reasons why we ask you to follow these guidelines please see below.

Bugs/issues can be impossible or very time consuming to fix if developers don’t have enough information to reproduce them. Since CIS is free, development time is limited. So if you want your issue fixed, please use the format below to describe it.

To avoid clutter, issues not described in the format below your post will not be moved to the ‘moderator verified’ issues topic. This means that the developers may not look at it.

Best wishes and many thanks in anticipation


Hi, Thank you for replying. I recognise that Comodo is free, and I am grateful for that and especially for the time and effort that is put in by committed individuals outside of the comodo organisation.

However, The cmdagent.exe 100% issue is longstanding and not fixed. It is all over the internet, everywhere. even these forums, and it is still not fixed… so i’m not sure that i can provide anything extra.

I’m happy to re-post the bug. I’d be very happy to help toward resolving the bug. The developers can even remote into my machine or run some diagnostic software on it the if they wish!

But, I’m still curious what the cmdagent.exe is actually doing. Nobody seems to know, not even the forums! and there is no specific log for the application as far as i can tell. Only logs for a components activities, such as blocking an suspec ted virus or similar. Which is different altogether.

I’ll edit the post as requested, with more detailed information according to the guidleines.

Thank you for the bug report.

Moving to format verified.


Thanks. Not quite sure whether your answers below are to a) or b). Do you mean: NO; NO

2. a) Have you updated (without uninstall) from CIS 3 or 4, if so b) have you tried reinstalling?: NO. 3. a) Have you imported a config from a previous version of CIS, if so b) have U tried a preset config?: NO
Also have you tried ticking 'disable Defense+ permamently' and rebooting and if so does this resolve your issue?

This test allows us to localise the problem to D+

Best wishes


Hi Mouse. The answers are all NO to that particular section. 2A) = NO; 2B) = NO; and 3A) = NO; 3B) = NO ;
I did not see the permanently disable defense+ checkbox before, but I have now disabled it and will reboot, but i have to go to work now.
Is that checkbox related to CMDAGENT.EXE running at high CPU even when all components are disabled? Example: when I launch sat Visual Studio 2008, cmdagent still runs for a few moments (up to a minute or so at 95%-100%), yet all of the components are disbaled?

I’ll post when I get back from work to let you know the outcome of changing the state of the checkbox.

Thanks again.

Any feedback on this. Did unticking and rebooting resolve it?

Many thanks


Hi Mouse, sorry for the delay in replying. I did what you said, but it made no difference. Cmdagent.exe runs as it pleases, even with all the modules set to off!

What REALLY cheeses me off is that I am not allowed to change the priority! I can kill the process cmdagent.exe with no problem in task manager, but I don’t want to kill it, merely set it’s priority to something lower.

How come “Do_not_modify” has been set on the ‘Process priority’ and not on the ‘End Task’?
Surely it should be the other way round?

Please mention this to the developers.

When disabling D+ does not work that points the finger towards the firewall.

Can you completely disable the NVIDIA native firewall? As in disable it in the BIOS when possible and uninstall its driver from Device Manager. Does that make a difference?

Waiting for response so still [WBZ]

Hi. Thank you for the suggestion EricJH and Mouse1. Yes, the nvidia firewall…

I’ve not tried that yet, but it is disabled. I will give it a try, but I’m pretty sure the motherboard needs the drivers for the onboard Nic? I think they may be integrated? It’s an Asus A8N5X… But surely windows should have drivers for the Nic anyway… sorry thinking out loud… I’ll investigate the nvidia firewall further and reply today…

Also, can anybody tell me why cmdagent still uses cpu even when update is disabled and all the modules are set to disabled? Surely disabling them all, regardless of nvidia firewall, should actually stop the process using cpu altogether? Unless theres a checkbox I’ve missed??

Ok, I removed the Nvidia nForce4 Network Access Manager software as advised. (There are no bios settings in my old machine for the firewall) and then rebooted.

So far, all seems well. Internet Explorer 8 is significantly faster, Visual Studio 2008/10 both load more quickly and compile more quickly. Importantly, CmdAgent.exe cpu usage is right down, peaking at perhaps 80% momentarily, instead of the 100% issue for extended durations.

In fact, ever since I built the pc, I noticed the cpu was easily topped out by quite a number of applications, but never for a worrying amount of time like Cmdagent was taking. It doesn’t seem to do that anymore. Removing the Nvidia nForce4 firewall may have sped up my entire computing enviroment/experience :slight_smile:

But, please do not close this thread yet! It’s only been twenty minutes and I figure that a thorough test would take at least 24 hours. I also want to see if the cmdagent still takes resources when everything is disabled.

I will post back tmrw evening (6/12/10) and confirm that the issue was the nForce firewall.

Thank you Guys! :slight_smile:

have you tried to add in exclusions?

Thanks I will await your post. Glad it seems to have helped.


it is unclear to me from the robbie73’s post, how long is the “extended period” for which cmdagent.exe consumes most CPU power. So I decided to append my own findings, perhaps my problem with cmsagent.exe is the same.

Every 5 minutes (=300 seconds) cmdagent starts consuming from 50% to almost 100% of CPU. This lasts at least 25 seconds, then the CPU usage falls back to 0%.This is most noticable when browsing internet, but happens even when no user application is executed at all. The more intensively I use Firefox (i.e. the more tabs I have open, the more I scroll the pages, the more I click) or other application, the more CPU power cmdagent.exe then consumes and the longer the browser is almost irresponsive. When you stop all activities, after some time the situation narrows itself (it can last even for several minutes).

Using the SysInternals ProcessMonitor I found that during the time cmdagent.exe consumes almost all CPU power, it is checking all programs on HDD that are unknown to it, one by one. Maybe in order to contact the cloud scanner for newer results, maybe not. When another application (like Firefox) needs immediate response from cmdagent.exe, cmdagent.exe starts having problems, perhaps due to some synchronization issues. The result is that the time and CPU power cmdagent.exe needs to process the requests increases several times.

I understand that CIS needs to use some resources to check the unknown files. But it cannot do it so that the computer becomes irresponsive.


Forgot to report my configuration:

Windows XP SP3, CIS 5 (FW & D+, both in safe mode, & sandbox), lots of programs on my disk that are unrecognized by CIS.


Hi All. (Xarx/MArtin)
To Clarifying ‘Extended Periods of time’

‘Extended’ to me is likened to a ‘Beat’ in tv or live show production. Except opposite.
Where there is a pause of no fixed length in a live show for audience to digest and respond to a performance or joke or song etc… the response becomes dry if the last comic was rubbish, and so the director continues to the next item. Or stops the show if the script has ended. OR the audience may become raucous and loved the last act and are really making good tv … the ‘Beat’ is a different length in each case. The audience decides.

To me ‘Extended’ means ‘The job doesn’t need to take this long’, so it’s taking all my money (I’m paying by the millisecond) and the ‘job’ is milking me, doing no good for what I want or need done, merely what it wants done, for it’s own benefit. The job has become the audience and the act. Apply that to the program, hueristics, company or logging or whatever you chose.

To me, ‘Extended’ in terms of time, is an action taking a very long time (in cpu terms) for no apparent reason.

Further to my post yesterday, I regret to inform the kind helpers that whilst I have still witnessed a large drop in cpu cycles taken by cmdagent since removing Nvidia nforce 4 firewall, I still witness high cpu usages by cmdagent when using my browser Firefox and IE and also what seems to be random times. When EVERYTHING seems to be disabled. (Everything I can see that can be disabled)


I’m really happy this initial thread has been answered and resolved, and thank you for your persistence and help. That’s Mouse1, Dennis2 and EricJH. :slight_smile:

I will create a new thread regarding the ‘random cpu peaking when all is disabled’ issue.

Thank you again guys. :slight_smile:

Hello robbie73,

I confirm that what I’ve written above holds even when every other security software is disabled (in my case it means Avast!). So perhaps my issue belongs rather to the thread you were going to start than here. At the time of writing, this was not clear.

I don’t have the problems of CIS vs. Avast! collisions, perhaps because my answer to the following questions is YES, NO:

2. a) Have you updated (without uninstall) from CIS 3 or 4, if so b) have you tried reinstalling?


till last night , I have this problem with usage of my RAM by “cmdagent.exe”.
Total ram of my sys is 512 Mb that “cmdagent” process uses 121 Mb of it. (checked bye Process Explorer).
I uninstalled Comodo once and then reinstalled it, at first and exactly after the re-installation, it was working normally , and “cmdagent.exe” was using 60Mb(Huh???) of ram, but after the update of virus database , the problem occurred again.

how can I solve this problem?
please help me,
I like Comodo and I don’t want to be forced to uninstall it forever.

do you have other AV installed on your system?