I CAN kill cmdagent.exe

Comodo Internet Security - CIS Beta Corner - CIS
#1

I don’t know if this is a security lack but I was looking the way to free memory when CIS is closed -cmdagent is still running- and I found that in some circumstances I can kill cmdagent.exe, freeing up more than 100 Mb of virtual memory and CPU process -see my post in https://forums.comodo.com/beta-corner-cis/comodo-internet-security-501596341091-rc-bug-reports-t60635.0.html;msg427223#msg427223-

Does anybody else able to kill this process? If I can do it, an unwanted application could do the same and thus disabling CIS!!!

#2

I did this just trying it but i had to look at all processes maybe it is because of Admin privilges. Crazy i was just able to go into task manager and close cmdagent.exe.

#3

I just tried, using the steps you outlined (stop CFP.EXE and then try to stop the CMDAGENT.EXE process) and received an “Access is denied” error.

Can you please outline EXACTLY the step you took.

#4

I’m not sure about to explain the way to kill cmdagent.exe :stuck_out_tongue:
I need it to free some memory after closing CIS because cmdagent is still running and eating resources.
When I want to play games that I’m sure are secure and I don’t need Internet access, why should I share more than 100 MB of virtual memory and CPU usage with CIS?
Will Comodo’s guys provide a secure way to close completely CIS -cmdagent & cfp-? CAPTCHA could be a good way to do it without compromising security.

Anyway, killing cmdagent is a two easy steps:

  1. Disable Defense+ either from the GUI or right click over CIS icon.
  2. Kill cmdagent from task manager.

That’s it. After this you can close CIS normally to end cfp.exe.
I don’t know if malware software could disable Defense+. If this is impossible you don’t have to worry about.

Starting up CIS again is a little bit more complex -well, you always have tho option to restart the computer :slight_smile: - and requires access to services manager in order to start cmdagent manually.

#5

I can confirm cmdagent can be closed down on Win 7 x86 as described.

When a program needs lots of memory Windows will make sure other programs will release theirs. I have seen it happen one time while monitoring memory used by Opera browser when starting a program that needed lots of memory. And Opera’s memory footprint seriously dropped. Memory management is handled by Windows.

Given this I see no need to disable cmdagent and give up all protection it gives just for something that will be taken care of for you. You could consider disabling the av resident shield when playing a game. But do not close down cmdagent.

#6

stopping D+ is like stopping protect client in other AV solutions. Once you do that all is fair game. I don’t thinks it’s possible for malware to change or stop D+, only the user can do that.

#7

CIS is the nanny of programs not the nanny of user decisions. It allows users to do irresponsible things like stopping cmdagent. It will prevent programs from doing so.

#8

Starting up cmdagent.exe isn’t that difficult and you don’t need to reboot:

https://forums.comodo.com/beta-corner-cis/how-to-fix-the-update-issue-t60715.0.html;msg427363#msg427363

#9

hey guys,
just read this tread and went straight to ctrl-alt-del highlighted cmdagent and pressed “end process” and hey presto it has been killed. I think this is quite a serious bug which needs fixing quickly.
shadha

#10

This is exactly what i did! shada is right this needs to be fixed!

#11

i can’t kill it, what settings do you have set?

#12

This not a Bug as already stated if you disable Defense+ you are totally disabling your protection for your computer.

With Defense+ running you should receive this warning, if you do not please reinstall CIS as there must be a problem with your installation.

Dennis

[attachment deleted by admin]

#13

Let’s see i had
Av: on access
Firewall: safe mode
defense +: safemode
sandbox: enabled
I uninstalled for a completely different reason.
But i do know D+ was enabled because windows was giving no warning.

#14

well pardon my stupidity, i had D+ turned off and was able to kill cmdagent, i have now turned D+ on and cmdagent can’t be killed. my concern is, is it such a good idea to have only D+ protecting access to cmdagent. what happens if someone forgets to turn on D+ (like i did). it makes cmdgaent vulnerable.
shadha

#15

And…what if some people don’t use D+ at all? Some of my friends don’t like it. If any of the CIS features is enabled, cmdagent.exe shouldn’t be able to be killed.

#16

It has been mention that there should be a warning via the icon if you turn anything off.

From the moment you disable Defense+ your protection is gone, there really should not be any reason to disable Defense+ if you run it in Safe Mode.

Anyone who disables Defense+ because they do not like it, should use another process to protect cmdagent.

Dennis

#17

Note that, waiting for cis to warn for defense+ disabling (it definitely should), being warned of this disabling has been discussed here:
https://forums.comodo.com/defense-sandbox-help-cis/a-method-for-alerting-a-user-when-defense-is-disabled-t60484.0.html

#18

Yes, I knew that. As I said, there is NO need to restart the computer.
You can start the service through the services manager too.

#19

Agree!It’s very serious issue, IMO.
I think,if nobody can’t stop cmdagent will be the best.Only uninstalling of CIS should do this.

#20

You have to use Defense+ that is why it is always installed even with the Firewall.

You disable it at your own risk, if you do not have another process to protect cmdagent.exe.

Dennis