Cmdagent.exe was running 99% CPU on a dual CPU system (therefore multithreaded or multitasked, as a single threaded task application can only use 50% of the available CPU (plus a few % on the other CPU for OS operations attributed to the task(s)). Rebooted several times and observed 99% cmdagent.exe. Finally left it running overnight. Logged back in to my running session in the morning and system activity looked normal. Found this chain and changed antivirus to disabled, deleted bases.cav (renamed .old), and a moment later the system crashed. (Crash may be related to another problem that has been ongoing since mid December which was traced to whether MagicJack was running.) Restarted in safe mode with networking, then normal mode. Ran Miscellaneous Check For Updates (no updates available) and then ran Update Virus Database. Rebooted as requested. Ran Update Virus Database again. Noticed that bases.cav was now the same size as the old one and ran Kdiff3 to find that they are binary equivalent, i.e. identical.
Rebooted and changed antivirus to stateful. Noticed that cmdagent.exe running at 50% for a short period of time. (Used 1:39 of CPU time).
Rebooted and observed cmdagent.exe running percents in the 30’s to 40’s with occasional excursions into the 50’s and one 60, and some 20’s when the CPU was busy with other startup tasks and no idle time left Total time during startup under two minutes, with occasional additional 1% CPU.
So what was cmdagent.exe doing at 99% for at least 2 hours and longer yesterday? I doubt problem was with bases.cav since it is identical to the version that was running before (created Jan 8th).
Vista Home Premium 32 bit, SP1, IE7, Acer Aspire M1100-B1300A dual 64 CPU (I have reasons for not installing SP2 or IE8 at this time, otherwise updates through last week.)
BTW: I have a task that runs task manager at login that is the 1st thing on the screen so that I can what is going on at login.
Next time you observe such outrageous behaviour open Task Manager → go to the Performance tab → open Resource Monitor (at the bottom). In Resource Monitor see if at the same time and varying with cmdagent there lot’s of HD traffic going by an application. In the past I have seen cmdagent following big HD traffic by an application.
Was able to run performance monitor and observe the following about cmdagent.
Cmdagent normally has 30 threads running (saw an occasional 31 threads)
Cmdagent opens a number of files.
Normally there is several minutes of Cmdagent activity at logon – usually 50 % or less probably due to the other tasks starting up at the same time.
Other times Cmdagent activity at logon is extensive for over an hour at 85 to 95% CPU (stopped observation after an hour) and prevents other normal startup items from running. Was unable to get performance monitor to run due to system lockout. This was observed Saturday 1/16/2010 when cmdagent used just over 3 hours of CPU Time (This also happened multiple times over the last several days.)
Decided to do a trial: used safe mode to turn off virus defense. Booted in normal mode. Started performance monitor and set priority to above average. Set virus defense to stateful. Observed a few minutes of Cmdagent activity at 50% CPU, then quiet. Started Malwarebyte’s Anti Malware scanner. System ground to a halt as Cmdagent started using as much CPU time as available (~95%) and opening many files. Let Malwarebyte’s run for about 10-15 minutes and observed that the same DLL file was still listed as the current file for over 5 minutes, then canceled the scan (Malwarebyte’s pause control would not respond.) Cmdagent continued running at 95% CPU and opening files for about another 10 to 15 minutes before returning to a more normal state.
I wonder what would happen with a Comodo antivirus scan. (May try that in the next few days, but wanted to get this information to you sooner.)
Any attempt to alter Cmdagent’s priority is rejected. (Possibly due to Defense+?)
Noticed that the scanner bases.cav file has been in the 93 to 95 KB range. The repair bases.cav file is only 4.5 KB.
A few days ago my wife’s PC started doing exactly the same - on boot up cmdagent would use 65-99% of processor for 15 mins to over 30 (at which time I switched it off, as the PC was totally unusable).
After booting in safe mode and trying various CIS options, I definitely pinned it down to cmdagent. With A/V, Defense+ & Firewall Disabled, the PC booted OK, but after about 5 minutes cmdagent again used 99% of the processor, crippling the PC.
I resolved the problem by uninstallng and reinstalling CIS yesterday - since then it’s been OK.
I think that this cmdagent %cpu problem and the CIS freeze problem are linked. They both appear in Bug Reports for Antivirus, Firewall, Defense+, & Gui/Misc/Other.
COULD SOMEBODY FROM COMODO PUT THEM ALL UNDER THE SAME THREAD.
After much diagnosis, I KNOW that the problem is caused by cmdagent (when it’s not running you don’t get the problem).
It appears interact badly with a random program that starts on the PC - then freezes the PC (the high cpu may not always be a problem, but the result is the same - a useless PC).
Of the 3 PC’s at home (all at CIS v591 & DB v3638) :=
one XP Home SP3 PC has not yet been affected,
I got another XP Home SP3 PC to work by delaying the startup of cfp.exe (I thought that reinstalling CIS
had cured the problem, but it turned out to be a temporary solution).
I got a XP Pro SP3 PC to work by manually starting cmdagent after boot up.
The problem appears to be a ticking timebomb, which needs to be taken deadly seriously by COMODO - If this turns into a debacle like the Antivirus Database saga, it could be the last straw for many customers.
WOULD SOMEBODY FROM COMODO PLEASE CONFIRM THAT THEY ARE TAKING THIS PROBLEM SERIOUSLY.
Since yesterday I have the same problem, but usage of my core i7 is only about 1-7%. The computer stopped responding ~ at 14:00 after automatic comodo’s update. I remember the bases problem and had run safe mode and deactivated comodo agent in administaration->services, since that I have working PC, but without defense. >:(
IT IS A PROBLEM OF BASES LAST UPDATE ! AND IT HAS NOT SOLVED YET!
After three days of having this issue I investigate what exactly from COMODO Internet Sec. causing my PC to lock up for 15-30 minutes (what’s interesting - during this HDD activity is below normal or normal and CPU usage too). Well that’s autoupdate of antivirus, every time I manually click on the date of my base date (main window of COMODO) the updating window appears and saying me “5% of updating” - this lasts 15-30 minutes, and my PC is hanging, after that it says “bases up to date”, and I can work. But the problem is not in manual launching of update, when PC starts or when shedule starts - comodo starting autoupdate and all my problems repeats. The only cure fo this issue for me it is disabling comodo antivirus, after this all usability restores and PC works.
I have survived two (or more) virus database updates today without significant system impact (I was actively using the system) compared to near 100% CPU for over an hour just after database updates that we have been experiencing recently.
Just did a search similar to the one that brought the system to its knees a few days ago and cmdagent did not even make it to 1 % CPU in “Reliability and Performance Monitor”, although there was plenty of cmdagent file opening for a search that should have involved only directories.
Comodo Virus scanning was set to stateful.
Maybe the problem has finally been fixed, at least for today. I see from internet searching (search.com) that this type of problem has occurred several times in the past - most recently October 2009 before this episode of December 2009-January 2010. (I was also surprised at how many different languages the search turned up).
Comodo should consider more update testing on the different flavors and variants of Windows to help insure that this does not happen again. (If the problem is going to happen, it doesn’t take long after applying an update to see it.)
I sure hope that the problem has been resolved as I have been falling behind in my job search due to the hours lost each day because of cmdagent’s near 100% CPU use for at least an hour at a time during my prime time. (Anybody need an embedded real-time software engineer?)
There are several reports about CPU choking (for no apparent reason).
I am not suffering from locks ups that seem to have no reason but on my system with older hardware it tends to choke Explorer when opening a folder with lots of files like system 32 or my folder with software downloads (installers and archives are quite a challenge for AV’s; not just for Comodo; I have seen it happen with AVG 8.x and 9.x).
I noticed that changing the AV from Stateful to on access makes things manageable. The CPU usage is high but doesn’t choke navigation in Explorer anymore.
It looks like stateful inspection may be playing a role. Who of you has set the AV to Stateful? Can you see what happens when you change the AV setting to On access?
Spoke too soon - rebooted system and cmdagent went to 95% CPU for over 25 minutes. (stateful)
Changed to On Access from Stateful
Ran a file name search and noticed that although cmdagent opened a lot of files, it did not appear in the CPU % ordered list (therefore less than 1 %), but explorer was listed around 50%, and it was also opening a lot of files. Search took a little longer than expected, but not much. (Why are explorer search and cmdagent opening files for a directory search that should only be working with directories?)
Over the last several days, logging in a user (admin or not) starts the cmdagent running near 100% for a half hour during the day and an hour last night scanning a lot of files - doesn’t matter if stateful or on access is selected.
This morning I disabled virus scanning in safe mode, started “normal” mode, logged on the admin and one user account, then set stateful mode. No problems with Comodo so far. I see that virus database was updated at 11:49 AM EST which has not caused a problem (yet) while running.