High CPU usage Comodo v5 when used in conjuction with Avast v5 [283]

Well, you don’t have to get it. It’s a personal choice. I like the firewall, but independent AV tests show that Avast scores very high on various aspects. It’s a very reliable virus scanner which is free.

Maybe after this… you do get it.

DaBigFreak: Avast is 64bit, as I am running it right now.

I’m having a bad time with this CPU usage. cfp.exe is taking at least 50%. This changed when updating from v4 to the auto installed v5.

I have followed all the log file recs, no change. This is hearsay from an old bug in v2/3

I have fresh installed V5 CIS and fresh install of Avast.

V5 CPU usage dropped to normal levels when I de-installed Avast.

All of this wasn’t present with V4 CIS. Where do I get a V4 to install?

Avast is a vastly impressive product. It also was the only product to catch an evil web based virus.

Log this, something bad is happening.

ta.

October 1, clean install V5, uninstalled V4 CIS.

See attached bug report for details.

Please advise if CIS/Windows Defender real-time settings could conflict.

Thanks.

mchain

Update on V5 install, have set firewall logging enabled, defense + logging still disabled. Task Manager shows 5,364K memory, whereas before I was seeing over 100,000k with defense + enabled, logging for both firewall and defense + enabled. With this new setting, I am not seeing 99-100% CPU usage as before. This is with defense + enabled except for the logging function.

Looks like the bug is here in the logging function.

TOPIC TITLE
High CPU Usage When Running V5 CIS

The bug/issue

1. What you did: Clean Install of CIS Firewall V5
2. What actually happened or you actually saw: Initial install went well, usage resulted in increased CPU cycles with accrued time, to the point where the computer became unusable. Rebooting seemed to help for five minutes or so.
3. What you expected to happen or see: Use of CIS V4 was good and unobtrusive, expected same performance from V5.
4. How you tried to fix it & what happened: Investigated source data for cfp.exe, determined valid, restored backup file to start over again to see if pattern repeated. (It did). Turned off Defense +, turned it back on, set CIS settings back to default settings, (best as I could remember) with no impact on CPU cycles; remained unacceptably high. Tried to download CIS V4, no such link exists.
5. Details (exact version) of any software involved with download link: CIS 2011 Premium Security; Firewall only.
6. Any other information (eg your guess regarding the cause, with reasons): I noticed the log would be erased after only one day of use; in version 4, the log would not be erased for a month or more. I have not yet turned off the logging function as suggested in CIS Firewall forum as I am posting this on an Ubuntu computer, version 10.04.1. Have CIS V5 installed now, (clean install) with Defense + disabled, per default settings. Computer runs well now, shows no high CPU usage. Please note that Defense + is disabled in the current setup. If anything, with Defense + disabled, the computer is faster than when running CIS V4. V4 had all Defense + settings enabled, however. This would indicate to me that cfp.exe is spending an inordinate amount of time doing or performing logging functions. I changed the default settings for logging from 20 MB to 100 MB, and that was still not enough. Why that is, I do not know.

Files appended

1. Screenshots illustrating the bug: Not Applicable
2. Screenshots of related event logs or the active processes list: Not Applicable
3. A CIS config report or file: Not Applicable
4. Crash or freeze dump file: Not Applicable

Your set-up

1. CIS version, AV database version & configuration used: CIS 2011 Premium Security; Firewall only.
2. Whether you imported a configuration, if so from what version: Not Applicable
3. Defense+ and Sandbox OR Firewall security level: Was Safe, Enabled, and Safe; now Disabled, Disabled, and Safe. (Defense +, Sandbox, Firewall)
4. OS version, service pack, no of bits, UAC setting, & account type: Windows XP Home Edition, SP3, 32-bit 2.8 GHz P4 single core processor, 1.5 GB RAM, EIDE 30 GB HDD. All Microsoft patches applied. UAC settings do not apply, running as Administrator.
5. Other security and utility software running: Am running CIS V5, Windows Defender (real-time enabled), Avast Home Edition antivirus version 5.644, SUPERAntiSpyware, Malwarebytes, (both free versions), Sandboxie version 3.46, Spywareblaster version 4.4, on a Microsoft XP3 computer. Avast 5 has all real-time shields running and in place.
6. Virtual machine used (Please do NOT use Virtual box): Not Applicable

[attachment deleted by admin]

Thanks very much for making the report in standard format.

We have other reports of issues with Avast, and a relationship to looging. I will merge this with that report.

You may find that excluding the CIS and Avast logging directories or files from real time AV scanning by CIS and Avast will resolve the problem. CIS logging directory is in %allusersprofile%\application data\Firewall Pro.

If not there is a fix involving making an Avast file an installer/updater in D+ rules in this trace.

Best wishes

Mouse

mouse 1,

Thanks for your quick reply, at first I could not find the post in bug reports, did a search and found it here. I have a new (not related) problem under “Upnp device shows in ‘My Network Places’” with a security? issue posted there.

Let me know if I need to post another bug report.

mchain.

mouse1

I do not see an obvious way to make an Avast file an installer/updater in D+. Which file do I use, and where are the D+ options?

mchain

Sorry guys, this doesn’t work for me.

I have excluded all of comodo directories from avast and I still get cfp going off burning cpu.

It seems to be related to inteaction of avast, firefox and cfp.

V5 seems to be unstable.

Please try excluding avast directoris from Comodo too. Also please try making the main avast service an installer/updater in Defense plus ~ Computer Security Policy ~ D+ rules.

Best wishes

Mouse

None of these botches actually work.

Please, a guenuine fix, V4 had no such problems.

Unloaded Comodo and switched on Windows firewall till a fix is released.

The silenced fan is golden!

Comodo does everything possible to work with other security apps, but because of the way these work, this can sometimes require workarounds because security software can use very deep system functionality which is not easily shared. So do try the work-arounds, as the perfect resolution may not be possible.

Incidentally I have installed Avast on my Xp machine and it does not consume excessive CPU, so this is not a global problem - it may be OS or settings specific.

Best wishes

Mouse

Well, I’ve been suffering from the same issue since the upgrade, using latest comodo(firewall+defense+ only), avast 5 and getting intermittent CPU spikes when browsing the web or downloading. I tried fiddling with defense+ settings and disabled all logging and still its no use, whenever some data is transferred from the internet the spikes take place. Apparently it goes completely away if I Disable defense+ and the image execution control.

PS: One weird things is that when I was using comodo 4.x the log file(set to 10mb) was saved to the disk every two or three months but with comodo 5.x I had about 600 files saved in a week, somethings tell me defense+ is working in a pretty weird manner with avast 5 and continuously encountering some event(hence the massive log files), this is the reason it could not show the logs, my personal opinion is that defense+ has issues with the logging system, and with logging disabled it was still encountering the events and was causing cpu spikes, and memory consumption jumped between 3-20mb every sec when I had defense+ enabled, with it disabled the memory consumption of cfp.exe stays at 7mb constant.

Anyway just to be clear I fixed it by disabling defense+ and image execution, this is something I am not at all comfortable with, please fix this asap.

PS: I don’t know if this is a bug but if i change any permissions in the defense+ or firewall application policy it takes 20-30 sec to save the value and comodo hangs when this saving takes place, it is not present if I have a small list in the application policy window but if I have a large list it slows to a crawl while saving.

OS- Win7 Ultimate
E8400, 4GB RAM, HD5850, Asus P5Q mobo.
Background processes: Ati Catalyst control center, avast 5(free), comodo 5, realtek HD control panel.
(forgot to include this in previous report, needs an edit button)

After some testing I’ve concluded that running avast 5 alongside comodo firewall(with defense+) causes cpu spikes during web browsing only when either defense+or image execution control is activated, otherwise no spikes, logging has no effects with this, just the defense+.

PS: You do not need to select the “disable defense+ permanently” feature to cure this issue, just dropping the slider down to disabled fixes this, I disable defense+ during browsing and deactivate it after I’m disconnected from the internet, ironic.

Just one comment.

I’ve installed ava5 and comodo5 on both my pc and laptop. The pc with xp sp3 gives no cpu spike, but the laptop with win7 U does.

So, in my opinion, there should be something wrong with win7 OS, however, this should be fixed, since more and more people use win7 OS, and even more in the future.

It’s not just on Win 7, I have the problem on XP SP3.

running 64 bit windows 7, comodo firewall 5.0 is using over half my cpu during normal web browsing. Im also running nod 32 eset in conjunction with comodo firewall. Previous versions didnt have such issue. Please fix this issue for this is pulling down the comodo reputation. I have uninstalled from my pc because it uses too much power especially on my laptop on batteries

The bug/issue

1. What you did: Nothing. Noticed that CPU usage is consistently high (as in maxes a core) while perfectly idle. See attachment.

2. What actually happened or you actually saw: N/A

3. What you expected to happen or see: Minimal CPU usage while idle

4. How you tried to fix it & what happened:
   Disabled Defence+. No change. Disabled Firewall. CPU usage drops back to normal. Re-enable Firewall. CPU usage does not shoot back up.

5. If its an application compatibility problem have you tried the application fixes?: N/A

6. Details (exact version) of any application involved with download link: N/A

7. Whether you can make the problem happen again, and if so exact steps to make it happen:
   Its been like this for a while, presumably it will return after a restart but I haven’t tested that.

8. Any other information (eg your guess regarding the cause, with reasons):
   Guess: Bug in new version. The network adapters are idle so I doubt its doing any real work, just churning through some BS loop.

Files appended. (Please zip unless screenshots).

1. Screenshots illustrating the bug: Attached

2. Screenshots of related CIS event logs and the Defense+ Active Processes List: Attached

3. A CIS config report or file. Nothing of interest in the logs. Its blocking something on TCP 139 from a Vista box on the LAN every ~6 seconds. But I don’t think thats the cause because its still blocking those and now the CPU usage is behaving (After I toggled the FW on & off).

4. Crash or freeze dump file: N/A

Your set-up

1. CIS version, AV database version & configuration used:
   Comodo 5.0.163652.1142, which is the latest & greatest according to the updater (On a side note why can’t I copy & paste that insanely long version code from the About box)

2. a) Have you updated (without uninstall) from CIS 3 or 4, if so b) have you tried reinstalling?:
   Its an update from v3. No I’ve no done any reinstalls.

3. a) Have you imported a config from a previous version of CIS, if so b) have U tried a preset config?:
   Not 100% sure but I think I reset it to a clean config.

4. Other major changes to the default config (eg ticked ‘block all unknown requests’, other egs here. )
   Can’t remember. Possibly…was a long time ago.

5. Defense+ and Sandbox OR Firewall security level:
   Both @ Safe mode.

6. OS version, service pack, no of bits, UAC setting, & account type:
   Win7 x64, up to date. UAC is disabled/super low. Account type: The default type. I guess that makes it an admin account but with admin rights covered by UAC.

7. Other security and utility software installed:
   Avast Free, SpyBot resident.

8. Virtual machine used (Please do NOT use Virtual box):
   Virtual box & the associated network drivers are installed, but above description is not in a VM but rather a true install.

On a side note: Why doesn’t the app have a dump config button or something to make it easier to file bugs. Half the info in this 20 questions Q&A can be automatically gathered.

[attachment deleted by admin]