comodo firewall v3.0.13.268 x32 CMDAGENT.EXE 100% CPU Load

I have instaleted CF and after restart my notebook CMDAGENT.exe use 100% of my CPU (I have dualo core and CMDAGENT use both on 100%)
I am using WIN XP PRO SP2 - with all hotfix
2GB RAM, nVidia GeForce 7300 GO

My runnig SW is: NOD32 (I was try uninstall it, but without change), Skype, NOKIA PC Suite

Thank you for every answer, because I know CF v2 and I think that this is the best firewall
and I want to use CF v3.


I have the same issue, except I’m on WinXP Home (SP2 + all updates). I don’t have any other security software.

Funny thing is that it use to work perfectly until this one reboot. ???

i have downloaded the latest release of the comodo firewall in your site 1 hour ago…

the firewall completely freeze my computer … (i have done reset after minutes of cpu at 100% use )

i have returned to version 2.4 and the computer is working well… :stuck_out_tongue:

windows xp sp2
3.2 ghz
1.5 gb ram

best regards

p.s.i will wait a few more days… (:WIN)

sorry i dont have the crash files…

i will try to get them to the next time :stuck_out_tongue:

thanks for your quick answer

Please add your Actively-running security and utility applications(antivirus antispiware)
BTW do you use windowsblinds or UXtheme patch?

I too have 100% CPU load by Cmdagent.

The way I installed version was like this:

Uninstalled 2.4, rebooted, installed 3.0, rebooted.
My system is totally crippled by this and I can’t even use it.

Is there a solution for this, or do I have to uninstall and install 2.4 again?

Ps. I have the uxtheme patch installed.

1gb ram

Same here.
with d+ disabled it works fine. but when i enable it and reboot cmdagendt.exe uses 100% cpu-time.
this is very frustrating. if i had the time i would check with only some of the d+ options disabled. but because of its high cpu usage its not easy to get in the options menu and do so. and i dont have this time. so i leave this d+ thing disabled for the moment.

im runnung xp home sp2 + all updates.
pasting an hijackthis-log, maybe there is something else running that causes the problem:

Logfile of HijackThis v1.99.1
Scan saved at 11:20:01, on 22.11.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)

Running processes:
C:\Programme\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Programme\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Programme\VeriSoft\Universal Security Client\Bin\AsGHost.exe
C:\Programme\System Control Manager\edd.exe
C:\Programme\System Control Manager\MGSysCtrl.exe
C:\Programme\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Programme\Notebook Hardware Control\nhc.exe
C:\Programme\MSI\Live Update 3\LMonitor.exe
C:\Programme\Boss Key\bosskey.exe
C:\Programme\Mozilla Firefox\firefox.exe
C:\Programme\DynDNS Updater\DynDNS.exe
C:\Programme\Microsoft ActiveSync\wcescomm.exe
C:\Programme\ 2.3\program\soffice.exe
C:\Programme\ 2.3\program\soffice.BIN

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =
O2 - BHO: IE7Pro - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Programme\IE7Pro\IE7Pro.dll
O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Universal Security Client - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Programme\VeriSoft\Universal Security Client\Bin\ItIEAddIn.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [snp2std] C:\WINDOWS\vsnp2std.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [MGSysCtrl] C:\Programme\System Control Manager\MGSysCtrl.exe
O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe C:\PROGRA~1\VeriSoft\UNIVER~1\Bin\ASTSVCC.dll,RegisterModule
O4 - HKLM\..\Run: [avgnt] "C:\Programme\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [NotebookHardwareControl] "C:\Programme\Notebook Hardware Control\nhc.exe" -quiet
O4 - HKLM\..\Run: [Vistadrv] C:\Programme\Vista Drive Status\vsdrv.exe
O4 - HKLM\..\Run: [openvpn-gui] C:\Programme\OpenVPN\bin\openvpn-gui.exe
O4 - HKLM\..\Run: [FreePDF Assistant] C:\Programme\FreePDF_XP\fpassist.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [LiveMonitor] C:\Programme\MSI\Live Update 3\LMonitor.exe
O4 - HKLM\..\Run: [Boss Key] C:\Programme\Boss Key\bosskey.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programme\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Programme\Comodo\Firewall\cfp.exe" -s
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TaskSwitchXP] C:\Programme\TaskSwitchXP\TaskSwitchXP.exe
O4 - HKCU\..\Run: [DynDNS Updater] "C:\Programme\DynDNS Updater\DynDNS.exe"
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Programme\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [Picasa Media Detector] C:\Programme\Picasa2\PicasaMediaDetector.exe
O4 - Startup: Adobe Gamma.lnk = C:\Programme\Gemeinsame Dateien\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: 2.3.lnk = C:\Programme\ 2.3\program\quickstart.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Programme\Gemeinsame Dateien\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: ALF-BanCo 2.0 Reminder.lnk = C:\Programme\ALFBanCo2\AlfReminder2.exe
O4 - Global Startup: ShareMonitor.lnk = C:\Programme\sharemonitor\ShareMonitor.exe
O4 - Global Startup: Sizer.lnk = C:\Programme\Sizer\sizer.exe
O11 - Options group: [INTERNATIONAL] International*
O17 - HKLM\System\CCS\Services\Tcpip\..\{78191194-ED60-48F8-8EAB-D09D143F665B}: NameServer =,
O20 - AppInit_DLLs: APSHook.dll   C:\WINDOWS\system32\guard32.dll
O20 - Winlogon Notify: OneCard - C:\Programme\VeriSoft\Universal Security Client\Bin\ASWLNPkg.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe
O23 - Service: AntiVir PersonalEdition Classic Planer (AntiVirScheduler) - Avira GmbH - C:\Programme\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Programme\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: COMODO Firewall Pro Helper Service (cmdAgent) - COMODO - C:\Programme\Comodo\Firewall\cmdagent.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: SCM Driver Daemon (NishService) - Unknown owner - C:\Programme\System Control Manager\edd.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O2Micro Flash Memory (O2Flash) - Unknown owner - C:\WINDOWS\system32\o2flash.exe
O23 - Service: OpenVPN Service (OpenVPNService) - Unknown owner - C:\Programme\OpenVPN\bin\openvpnserv.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)

I also have this problem.
I disabled d+, but the problem was still there. I waited a few minutes. Do I have to restart after I’ve disabled d+ ?

This is a major letdown… I really wanted to keep v3 :frowning:

yes, the problem persists if you dont restart.
after a restart cpu-usage with disabled d+ is back to normal.
i dont have any idea what causes that kind of problem.
maybe you could check if you are running any of the programs in my listing.
perhaps we could find the answer in one of those processes.
i have a fingerprint sensor and unsing it for logging in and other security-features. could this be the key?
anyone else here with same problems? would be nice to find out possible accordances in running processes to isolate the problem.

i have done exactly the same thing :stuck_out_tongue:

i have nod32 v3.0.563
spyware doctor (disabled)
babylon v7.0.13
pc auto shutdown
acronis true image 11 home
vista inspirat 2 pack

best regards

oh, thanks gibran for merging topics.
i deleted my resulting doublepost.

so i just have to add that i have installed the vista inpirat 2 pack, too.
no other security software is running besides Avira AntiVir Personaledition Classic v7.
the other running processes are listed in my post above.

some news on this by now?

shinobiteno reported this to me. As suggested by the policy you can always use the report function for something like this too :).

about this specific issue I have no other info. 100% cpu usage is difficult to track I guess. We should focus our attention on the applications installed by affected members.

Do you have any entries into D+ Log?
Disabling Defense+ can be used as a troubleshooting procedure. Now you should disable only some parts of D+ to see if it is possible to narrow this issue.
Look at Defense+\advanced\d+ settings\Monitor settings

ah ok, i see. sorry for that. im quite new on this forum and havent found the button to do so.

yes its really difficult to find out what the exact problem is.
weekends i have more sparetime and could check the d+ options one by one.
maybe its easier to track if we can narrow the problem down by deactivating monitor-settings one by one.
but for now - as you said - focusing attention to the installed / runninng applications / processes would be the best option

no there are no entries in the log right now.
i try to figure this out, when i’ve done my work and im at home.
but in worst case this would be friday evening or saturday at the earliest.


I reported this problem at RC1. I think the issue might be with vista inspirat 2 pack or some kind of theme pack. I have this theme pack installed on 2 computers running XP pro sp2 and XP home sp2 and they both experience the same problem. Gibran suggested shutting down Boclean and AntiVir but to no avail. cmdagent.exe smokes the system at 100%. I tried disabling Defense + and the firewall but still sits at 100%. Its a shame because this really looks like a nice security package. I’m going to uninstall the theme and try again. I’ll report back when I’m done.


[ at ] alfred
have you done a restart after disabling d+?
tried to disable or shutdown some other processes, too with no result.
would be nice to hear from you if the problem is solved by deinstalling the themepack.
but i cant imagine how a theme could affect a firewall / hips in this way…

It must be the Bricopack, because (as I previously posted) it worked fine up until a point and it just so happens that it ran at 100% after I installed the Vista 2 Bricopack from CrystalXP on a clean version of WinXP Home SP2. I also use windowblinds if that matters…

And I posted this in the last beta report, but got flogged because of SP3 beta (:TNG) Which does make sense, I guess.

SiSGbR Thanks for the tip. I’ve restarted with d+ disabled and I can finally use my computer as normal again!

However, I do not use a fingerprint sensor nor use Vista inspiriat or any other pack like that.
The only skinning thing I use is a hacked uxtheme.dll.

I dont have anything like you on my hijack-this log.
for example, I use nod32 (not avast), I use Opera (not Firefox), don’t have blue-tooth installed, etc etc.
The only stuff that are the same are the default windows processes.

well then it seems to be the uxtheme.dll
had time to do some testing at home.
i have installed v3.0.13.269 on two other systems without any theme-packs.
its running fine. no problems so far.
one system is nearly identical to the one i have the problems with - but without vista inspirat and some tools.

I know what setting that is causing 100% CPU usage!

Uncheck “protected registry keys” and D+ wont use 100% CPU anymore! (atleast not on my system)

The way I found this: Unchecked everything, and checked them, one by one. The one causing the 100% CPU load is Protected registry keys!

Can anyone else confirm this?

Shinobiteno notified me that this topic is active, but I have not seen solutions.

XP HOME ,SP2. using Comodo CFP 2 for about 2 years now. Switched from Norton AV to Avast also.
Have been very pleased with CFP’s seeming effect.

HP Pavilion notebook ZE 4230, 1.8Ghz, 512 RAM

Received a message via update in Comodo on Nov. 22, 2007 to update CFP 2 to CFP3 and went ahead, downloaded and allowed computer to upgrade. Installed V3 and reboot.

Then my CPU got clogged and 100% was consumed, apparently due to a Defense feature, or some such thing.

I have software called Process Explorer and it showed Comodo Agent doing all the CPU hogging.

Could not use any other software as 100% was being consumed, 96 to 98% of that to Comodo agent!

After one hour got too frustrated and went to System Restore and restored to a point prior to CFP3.

Now back to v 2 and wondering what went wrong? How long must the Comodo Agent do its thing?

Please advise install settings if it is recommended to install the new version.


Ought I stay away from v 3 until bugs get taken out?

Afraid to install CFP3 for now. And my system has crashed once also, not inspiring me to install CFP 3 too soon. Took up too much time today especially.

Thanks in advance ,