Poll: Secure the Protection for cmdagent.exe

cmdagent.exe can be killed through the Task Manager if any CIS sub-feature is enabled except D+:


I would like to see cmdagent.exe protected by all of the CIS sub features (CFP, CAV, D+, SB). That way if any of them are enabled cmdagent.exe is protected. This leaves you with the option to kill it only by disabling all of the sub features. And, when a sub feature is re-enabled, CIS should automatically start cmdagent.exe if it wasn’t running. I don’t think it would be that hard to implement. This way, if anyone chooses not to use a sub feature, they will still be protected.


It should be much better protected! :P0l

I agree cmdagent must be better protected


Answer me this: how is the AV, sandbox, or Firewall supposed to protect CmdAgent when someone or something tries to disable it? That is the exact job of D+.

The other “Modules” pick up the protection.

That doesn’t answer my question. Ty anyhow.

A driver. You can secure files and also registry keys.

So you are basically running D+, right? Then why disable it if you are still running it or require it running to have this protection?

Maybe they need a module to protect all four and free up the one in D+? A lot of my friends don’t use D+ or the Sandbox. All I’m saying is that it needs more protection. I saw something similar on a friend’s computer. Some virus was able to disable Norton Antivirus and he got infected.

Well, I’m not advocating in my case. I have Defense+ running.
I’m talking about the case of user disable HIPS (Defense+). Then the firewall/antivirus could secure themselves.

May be the self defense feature can be separated from D+. Just like what Kaspersky does with the option to enable/disable it when needed.



I can´t kill cmdagent.exe or cfp.exe…
I tried killing the process with “SystemExplorer” (as admin) and “SpyDLLRemover”
And I can´t stop the service cmdagent.exe with the Windows Tool “services.msc”
I think its really good protected…?!
Or am I wrong???

Disable D+ and you can kill cmdagent.exe through the Task Manager.

ok, now I see it…
I agree cmdagent must be better protected!
cmdagent shouldn´t only be protected by Defense+


its hard for me to decide since there are times i want to restart or stop cmdagent but doesnt want to restart the computer, while also the posibility of a malware stoping aany security tool is a big no no

:THNK so far ill go +0.5 to both options or undecided

If you want to restart cmdagent.exe without rebooting:

  1. Open Command Prompt
  2. Type: net start cmdagent
  3. Hit Enter