This is not a task manager lock, only CIS protects its own processes from access.
Hello.
I use the portable Hibit Uninstaller to remove the residues to remove the residues (I need to configure)
Hi,
@ EricCryptid
I followed your suggestions and when I checked the registry I did not find any of the 2 reg keys.
I ran the DISM command and found 4 left over Comodo drivers and delete them.
Following a reboot I tried the comodo cleanup tool and fails to run in either windows full mode or safe mode and I tried all the compatibility mode settings for previous OS’s, the
tool is completely useless now, I hope comodo will create a new one.
Back to my original issue after manually uninstalling and removing left overs I reinstalled CIS 2025 only to find windows task manager still being blocked by HIPS and after unblocking it then launch t ask manager again only for it to be immediately blocked again
Okay. Thanks for trying.
Regarding Task Manager. If your Logs show the below, it’s CIS protecting itself and silently blocking Task manager only in the access of Comodo’s own files.
Does your task manager work as in you can open it and end a process?
Hi,
My HIPS rule after unblocking
My logs
I can open/close task manager no issues with ending processess there but HIPS keeps blocking it.
I did right click scan with comodo and nothing found the file version I have is C:\Windows\System32\Taskmgr.exe = 10.0.22621.3672 if anyone else has Win 11 23H2
Don’t look at this blocked apps list 
I already wrote about this in another topic:
If you can run it normally, then it is not blocked.
It appears in the list because CIS protects its own processes and therefore this event is visible in the log.
Hi,
I read the above so I did a bit of testing.
HIPS also triggers a block for sysinternals Procmon64 and Procexp64.
HIPS did not trigger when I ran resmon or killswitch when they all access processes in RAM.
This has never happened to me with any previous windows version or CIS after trusting it once then it did not come back but I don’t know what is or has changed in CIS 2025 to do this on Win11 or effectively my trust is being ignored.
Thanks
You see this event as blocked, but that does not mean it is blocked.
The situation is the same as I have already written. CIS protects its processes and that is why it is visible in the log.
Thanks for explaining I know I can still run it except now it appears in the block list even though you say CIS is protecting itself therefore it should not appear in the block list, you can see the process is appearing in the wrong box.
So what has changed to have this effect ?.
Previous versions did not do this do you know what has changed in CIS perhaps an increased level of self protection it did not have in previous versions if this were true then I would expect to see a new box to perhaps show current list active processes then you could see this list interactively for what ever someone launches, this would be easier instead of the current, anyone could get easily confused over what is really blocked vs a red herring.
1 Like
It can be confusing and I’d like to see some indication even in the logs whether it’s because of an application rule or just blocking while CF/CIS is loading. For example, I get firewall blocks for some apps that update on restart even though Firewall is in Safe mode and the application is trusted. For example with my backup software below but the application runs fine without blocks.
Modifying the rules is easy if you really don’t want to bear such blocking records. However, I suggest not doing this if those blockings don’t influence the task manager functions.
…
Zero Trust describes an architectural design paradigm developed from the “Assume Breach” approach, which is based at its core on the principle of least privilege for all entities in the entire infrastructure.
Zero Trust combines known security measures and best practices in a holistic approach.
A hollistic, effective implementation of Zero Trust principles is…a long-term project and requires high and permanent financial and personnel resources.As of today, this is still a major challenge, partly due to lack of standardization.
I tried your suggestion and so far it is working, I will monitor and decide what’s best.
I also found further documentation around this which is a good read.
Active HIPS Rules, Network Access, Internet Protection | Internet Security (comodo.com)
HIPS Settings, Comodo Internet Security | Internet Protection |COMODO
Still begs the question why does this version do this when the previous one did not.
Thanks
1 Like
A little bug:
Light(Dark) theme missing “HIPS” in trayicon menu.
1 Like
I went to check, the Dark theme really isn’t complete, I think it’s a bug.
Exactly! Yet we delivered Zero Trust to consumers for free and easy to use!
2 Likes
This may be due to the Light theme doesn’t have an advanced view in which the HIPS module shows.
Doesn’t a user have to do something himself to become a victim of hackers? Sure, sometimes it is certainly difficult to recognize how one can become a victim. What can you do yourself - that is well known. Here is an example of how cleverly hackers operate:
Detection is certainly of little help here.
Or here:
Add or remove access to your YouTube channel with channel permissions
Hello, the AnyDesk Connects only after a timeout retry.
Decopi writes there
#48
in real life, Comodo is … and in this negative context, an irresponsible gang of fanatics is always pushing garbage to users, exploiting false mantras such as: “I never got infected (thus, nobody is going to be infected)”… blah, blah, blah.
I say the same thing! I am not an isolated case. I’ve been using comodo almost since it came out and I’ve never had just one computer with the same settings. I had and have computers and laptops:
Windows 95, 98, XP, Millenium, version 7, 10, and now 11 and never been infected.
I’ve had games on it, professional activities, banking, tax returns and no virus, Trojan, rootkit or anything else.
It’s nonsense, such a statement.
3 Likes