Is COMODO registry node locked?

I used to be able to import a CIS configuration simply by importing a reg file with the content of HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs* till CIS 12.0
Now, with the recent upgrade to CIS 12.2, this technique doesn’t work anymore. The permissions of that key hasn’t changed particularly as far as I can see (I import the reg file as admin and an audit tells that admin has full control), yet I get an access denied error, even when acting with SYSTEM/TrustedInstaller privileges.

Is CIS now implementing a real time protection of its own registry keys?
If so, is there any workaround to import and enable a configuration without using CIS GUI?

Background: I use to import CIS config, after a system image restore, via a bat file which does a number of other things. Loading a CIS config is as easy as importing a registry file and setting the value of the desired config to enable, and then rebooting. Totally unattended, zero clicks, huge timesaver. Now it doesn’t work anymore and it seems that I’m forced to use the GUI, which is slower and prone to errors…

Would a boot into Windows Safe mode do the trick?

I should try once I get home…

Hope you’re not stuck in the snow. :slight_smile:
Would love to know if it works.

Snow time is over here in Italy ;D

That said, in Safe Mode I can access that key and add subkeys. Just tried.
It isn’t a long term viable solution tho, of course…

Thanks for trying and sharing the result.
Maybe it is not a long term solution but just a good workaround.

I bet in Windows Normal Mode Comodo’s self defense (their protected own directories/files and own registry keys) can be switched off but I’m afraid they won’t share with us how this can be done…