Performance issue when remembering answer from Def+ alerts (V3.0.18 - .25 X32)

If your Defense+ ruleset is big and your computer is relatively slow, then you might be in for a lengthly wait (about 18 seconds on my relatively slow machine with my ruleset) after you check the ‘remember my answer’ checkbox in a Defense+ alert. When the ‘remember my answer’ checkbox in a Defense+ alert is checked, Comodo Firewall appears to be running the same code as when the ‘apply’ button is pressed in Computer Security Policy. This is a performance issue, not a bug, but it is a big enough issue for me that I will not be able to use the newer versions. V3.0.14.276 doesn’t have this behavior.

I suppose the same issue could hold true for the Firewall alerts, but since my Firewall ruleset is small, I didn’t test this.

This issue has been mentioned by others, but I mentioned it here because I didn’t see this as a properly tagged issue. It appears this issue goes back to v3.0.18 and perhaps earlier, from others’ posts.

Version: V3.0.21.329
CPU: 32 bit
OS: Win XP SP2
Other security programs running: NOD32
Defense+ Security Level: Paranoid
Firewall Security Level: Custom Policy Mode

It might have something to do with NOD32. I use NOD32-v2.7 on one of my comps and have that problem too with both Firewall and Defense when I answer.
If I disable AMON in NOD it isn’t any problems.

See also my post here about Purge and NOD:;msg142818#msg142818

But as you say, no bug but performance issue.

I disabled NOD32’s AMON, but it had no effect on this issue. Thanks for the suggestion though :).

Your’e welcome :slight_smile:

I have personally verified that this behavior also happens in v3.0.18.309. I saw in another post that v3.0.17.304 may also be affected, but I didn’t bother to test it because of the ‘Import functionality does not work correctly’ bug it has.

Can anyone verify that CFP v3 scales properly with large rulesets?

On one machine I set rules individually instead of assigning them to groups such as “Trusted” so that I can see EXACTLY what each app is trying to do, and CFP appears to be slowing down the box.
Firefox in particular is hanging for a few seconds on saving downloads, especially to the Device\LanManRedirector interface.

I am concerned that CFP might slow down with long-term usage… (:SAD)

i did CFP downgrade to 3.0.14 two days ago and with imported from 3.0.21 configurations now CFP is as fast as must be. Seems there was a mistake when devs changed way (3.0.17) how CFP stores rules.

I think what happened is that in a later version the same code gets called from an alert rule save, on purpose, as is used when saving the ruleset in Computer Security Policy.

Any news on this?

Issue still exists in v3.0.22.349.

I can confirm also that still exists in 22.349. Very annoying btw.

You can get older versions of Comodo Firewall at Be sure to export your existing ruleset first if you uninstall.

Issue still exists in v3.0.25.378.

Updates are made to stay secure. You might as well disable Comodo Firewall iif you are going to roll back. Downgrading didn’t work for me anyways.

I’ve had this issue since version 2.0 when I started using it. When I install Comodo, it goes fast, but then as the list of policies builds up, it takes longer to remember my actions. This gets extremely frustrating as there is no way to fix it.

I thought maybe it’s something to do with 64-bit XP, but I guess not since this guy has the same issue on 32-bit XP.

I don’t think it has anything to do with how good your computer is because I have dual core @ 2.2, Nvidia 9800GTX, 500TB SATAII HDD, 4GB DDR2, etc, while I know other people with not as good hardware but they don’t get this issue.

I have version
Windows XP x64 SP2

I run Firewall and Defense+ on safe mode

That’s interesting. There is no perceivable delay whatsoever when creating permanent rules from an alert with v3.0.14 on my system, and I do have a ruleset that is not small.

I’m having a D+ rulebase with 275 app rules in it.
Only to apply the rules takes 20 seconds !! and 50% cpu (and i don’t have a 5 year old cpu !!).
So if i “remember” anything to the D+ rules than it also takes 20sec’s and 50% cpu to “learn and remember” so i’d call that slow.

Vista SP1 x32 (UAC) - 3.0.25

edit put up a screengrab from cpu/time load for installing an app.
this is on a dual core with peak of 52% cpu load total.

[attachment deleted by admin]

The thing I don’t understand is: why does it work super fast in training mode (automatic learning of rules), BUT there’s a 20 sec hang as the friend above said when doing it manually?

No hang for me works great actually and I have a P4 overclocked to 3.06 GHZ with 2 gigs of ram.

This issue is related with the way the D+ rules are saved.
They are all in the Registry and if i put the procmon on cfp.exe while applying the D+ rules
It first does a RegDeleteKey over all key’s below HKLM\System\Software\Comodo\Firewall Pro\Configurations\0\HIPS

It takes from 19:43:44.31 - to - 19:43:45.84.

After that it uses RegCreateKey and RegCreateValue to rebuild the policy.

It takes from 19:43:45.84 - to - 19:43:59.83.

Most of my rules are “Custom Policy” only a few are “Trusted”.
An export of my HIPS Policy key is 2,20MB large.

On my system I have always got a slow down in application launch with CFP. It was never the case whe I used SSM ands EQS. I wish that the developers look into performace issue seriously.

I want a smart n quick CFP, not a plump n lazy one.