I have 2 hardware profiles on my XP Pro machine. One is default and the other is limited with internet disabled for audio production. When using the limited profile, I’d like to have CIS completely disabled. How do I achieve this? Disabling cfp.exe and cmdagent.exe gives an Access Denied error.
If you mean to kill these through task manager you may navigate in GUI of CIS to Defense+\advanced\computer security policy → select “Comodo internet security” group → edit-> (self)defense settings → process termination → edit-> add → navigate-> type in %windir%\system32\taskmgr.exe in text field → apply everywhere.
now should be able to kill cfp.exe and cmdagent.exe thru task manager
That’s not really what I’m looking for. While my PC is booted in my limited hardware profile (many services disabled) I need for CIS to be completely shut down. In this mode I have internet and network access disabled so my PC can be completely devoted for music recording and production, as are most DAW’s.
Simply disabling D+ still leaves cfp.exe and cmdagent.exe running in the task manager using resources I’d like to free up during recording and performance.
But if I wanted to, is it possible? My need for this is because I use my laptop for everyday computing need (internet, email, office, etc) which I run CIS like it’s designed for.
But I also use my laptop to record audio (voice overs, dj mixes) and use it to perform live sometimes. When I’m using it for production I boot in a separate hardware profile that limits all windows services that are not required for the laptop to run XP. This includes internet and network access which is not needed during this time. I have everything disabled minus CIS, which is what I’m trying to achieve right now. Disabling the program is something it should be capable of. If even for testing purposes.
you have done everything right, it’s i who missed one more thing - add %windir%\system32\taskmgr.exe to the exception list of unit “interprocess memory accesses” (same thing which you have already done for unit “process terminations”):
when task manager (or whatever program you use to handle processes, e.g. process explorer) is in exception lists of units “interprocess memory accesses” and “process terminations” - you should be able to kill cfp.exe and cmdagent.exe .
to take control over task manager hostile executable should access it in memory and that attempt will trigger D+ warning , e.g. “xyz.exe could not be recognized and tries to access taskmngr in memory”. so it seems there is no “danger” like you said.