I have a two-user PC running Windows 7 x86 Ultimate.
When the PC boots, user1 auto logs on and one of the things it loads is Network. CFP.exe does NOT load for this user.
When user2 logs on, Networx also loads. The program is designed to work with multi-users but the problem is unless I disable the Comodo service cmdagent.exe, when Networx loads for user2 it gives an error “Error in multiuser sync initialisation: System Error. Code 5. Access is denied”. CFP.exe loads with user2, but I tried disabling that first and only disabling cmdagent.exe prevents the error message.
I’ve tried setting Defense+ to disabled, along with Execution Control Level and Sandbox and now have tried the “Deactivate Defense+ permanently” option and rebooted. I’ve also tried adding “Networx.exe” to the shellcode injections Exclusions list (although I don’t think that’s necessary now I’ve disabled all those components is it?).
Neither actually. I’m using the concurrent RDP patch, so user 2 logs on via RDP whilst user 1 stays logged on locally.
If I run cfp.exe under user1 as well as user2, no new alerts appear (which I wouldn’t expect, as I’ve already got rules for everything that runs under user1) and the error still happens when networx.exe loads under user2.
Defense+ is permanently disabled, but under Computer Security Policy - Defense+ rules there’s an entry for Networx.exe set to Trusted Application.
Did you provide this info also to the Networx developer? because I’m not totally sure that this is a setup that is supported by either Networx or CIS.
As it’s non M$ default behavior we’re seeing here because of the ‘patch’, it probably also violates your M$ license.
Yes, the Networx developer is aware of my setup and says it is designed to work when more than one user is logged in (see the information in my second post). As far as Networx is concerned, I don’t think my setup is any different to fast-user switching, as that leaves user1’s programs running when user2 logs in (as far as I know anyway).
CIS works fine as well as long as I prevent cfp.exe loading for user1 (it still works if I don’t do this, but I don’t want alerts appearing on my TV and maybe there’s the potential for issues with both users running it).
I don’t know about the M$ licence but there’s only one person using the PC, so it shouldn’t be an issue, any more than running some programs as “System” and some as “User”.
If you disable cmdagent.exe CIS will go in ‘attacked’ mode and protect several things, that might cause ‘strange’ results…
Please leave cmdagent.exe active and set things like disable D+ permanent and disable Sandbox+Image execution also that must render D+ to be ‘disabled’.