I am using CIS v3.10.102363.531
I have 2 hardware profiles on my XP Pro machine. One is default and the other is limited with internet disabled for audio production. When using the limited profile, I’d like to have CIS completely disabled. How do I achieve this? Disabling cfp.exe and cmdagent.exe gives an Access Denied error.
If you mean to kill these through task manager you may navigate in GUI of CIS to Defense+\advanced\computer security policy → select “Comodo internet security” group → edit-> (self)defense settings → process termination → edit-> add → navigate-> type in %windir%\system32\taskmgr.exe in text field → apply everywhere.
now should be able to kill cfp.exe and cmdagent.exe thru task manager
Yes I meant kill through the task manager. However, I followed your steps and still get “Access Denied”. Also, My options are a little different than you stated. Here are some screenshots:
I clicked on “Edit” in this pic:
Then I clicked on “Protection Settings”. I did not have “self defense” as an option.
Then I clicked on “Modify”:
And added the following exeption:
I’m not sure if this was the correct way but after Applying everywhere, I still cannot kill them. ???
Killing cmdagent and cfp, insteed of turning off D+ will make D+ block everything… it wont disable D+, so its better to turn D+ off insteed of killing cmdagent and cfp.
Right click on the icon in the system tray > Defense + Security level > Disable.
I would still recommend you keep the firewall on if you dont have a router, or DSL modem that has a hardware firewall.
That’s not really what I’m looking for. While my PC is booted in my limited hardware profile (many services disabled) I need for CIS to be completely shut down. In this mode I have internet and network access disabled so my PC can be completely devoted for music recording and production, as are most DAW’s.
Simply disabling D+ still leaves cfp.exe and cmdagent.exe running in the task manager using resources I’d like to free up during recording and performance.
CIS light on resources. I see little need to disable it.
But if I wanted to, is it possible? My need for this is because I use my laptop for everyday computing need (internet, email, office, etc) which I run CIS like it’s designed for.
But I also use my laptop to record audio (voice overs, dj mixes) and use it to perform live sometimes. When I’m using it for production I boot in a separate hardware profile that limits all windows services that are not required for the laptop to run XP. This includes internet and network access which is not needed during this time. I have everything disabled minus CIS, which is what I’m trying to achieve right now. Disabling the program is something it should be capable of. If even for testing purposes.
btodd,
you have done everything right, it’s i who missed one more thing - add %windir%\system32\taskmgr.exe to the exception list of unit “interprocess memory accesses” (same thing which you have already done for unit “process terminations”):
when task manager (or whatever program you use to handle processes, e.g. process explorer) is in exception lists of units “interprocess memory accesses” and “process terminations” - you should be able to kill cfp.exe and cmdagent.exe .
Thanks a lot. That worked perfectly! 
no problem
Hi,
just a warning. When an application takes over taskmng it will be able to disable CIS without a problem. So please be carefull with what you wish ! You’re actually putting yourself in danger.
eXPerience
eXPerience ,
to take control over task manager hostile executable should access it in memory and that attempt will trigger D+ warning , e.g. “xyz.exe could not be recognized and tries to access taskmngr in memory”. so it seems there is no “danger” like you said.
Why use Task Manager?
Open Active Process List in CIS, right click cmdagent.exe, Terminate.
Right click CIS tray icon, Exit. That will terminate cfp.exe.
I actually sujest everything else but Taskmng. I mean, it’s to commonly used by malware.
@ SS26 = is memory protection enabled by default ?
eXPerience
Why not Task Manager? taskmgr.exe is entirely protected by D+ from being replaced/used by malware.
[at] SS26 = is memory protection enabled by default ?"interprocess memory accesses" unit is enabled by default even for worst Defense+ configuration (i mean "Antivirus Security").