cmdagent.exe freezes PC

Do you have run cache builder when computer is idle set? That could be the background scanning that is causing issues, also viruscope causes slowdowns when dealing with large files so you can try disabling viruscope to see if that resolves your issue. One other thing, you mention heavy disk usage after a virus database update, what is happening is comodo must re-scan every file that gets accessed/modified/created during run-time against the new database. I suggest adding AV exclusions for every folder except your User directory as malware do not just randomly show up in the program files or windows directory.

Cache builder when idle and viruscope both disabled, Futuretech.

The heavy disc usage after updates probably had nothing to do with the update but everything with uTorrent running at the time. Updates when not torrenting cause no problems whatsoever.

I can try adding all directories except Users to exceptions, but since adding the uTorrent download directory made no difference at all I fear that it will be a lot of work without any pay-off. I think I’ll wait a bit, see how things develop.

John

Ok and I forgot to mention you can monitor cmdagent and cavwp with resource monitor under the disk tab and under disk activity sort by write (B/sec) when you filter cmdagent and cavwp. That way you can see what files are being written to that is cause such high disk activity.

That was good aqdvice, Fururetech, thanks.

Apparently ‘system’ - whatever that represents - keeps reading torrent downloads, even when the download has finished and the torrent is seeding but not being accessed by uTorren… And that in turn triggers cmdagent. Strangely, this is only the case with large files. Small ones cause no problems.

My current workaround is to move the downloaded file to a new directory as soon as it is complete. Hit and run tactics may not be good form in torrenting, but I have little choice.

All this still does not explain why cavwp should be taking a continuous 25% CPU time or why it suddenly decides to have three instances going at full blast.

John

System represents the kernel as all file I/O operations are handle by the windows kernel so you can ignore that, but what we need to figure out is what cmdagent and or cavwp is reading/writing to. Do filter on those two processes, go to CPU tab in resource monitor and click the check boxes next to cmdagent.exe and cavwp.exe under Processes section, then go to the Disk tab and make sure Disk Activity is expanded, then download or seed a large torrent and take note of files that are listed in Disk activity window.

Also what mode is the AV set to? On-access or stateful? It sounds like On-access is set which means every time a file is accessed for reading or writing the AV will re-scan the file, also during the download, the AV will re-scan as the file keeps changing and must scan the file after each update of the file. One other setting you should try to disable is file-source tracking under the auto-sandbox rules section, as this adds alternate data streams to the end of files that are saved to disk and must update the ADS stream on every modification.

When I download games through steam I haven’t noticed any problems with cmdagent or cavwp, but then again I don’t have the AV component installed. I’ll install the AV and try to replicate.

An interesting job for the long CHristmas weekend! I’ll get this sorted and report. Thanks for the tech advice!

John

First results:

  • AV is set to stateful
  • File source tracking is disabled
  • Downloading a folder with 7 files totalling 3.95 Gb, cmdagent is checking the files (although the download directory was added to exceptions
  • There are now two instances of cavwp, both accessing the page file.

John

I think cmdagent always index’s files regardless of exclusions and the exclusions only applies to cavwp which is the AV scanner process. When you say page file are you referring to the windows pagefile.sys? That is normal as the pagefile constantly is updated due it being the memory swap file, I guess you can add the page file to the exclusion which should cut down scanning activity. In order to add the pagefile, you need to enable hidden files and folders and protected operating system files under the view tab of folder options.