Do you have Bluecoat K9 Web Protection?
Edit: Ok,I read your belarc report. Please try to uninstall Bluecoat from safemode and report any changes.
Please post another gmer repost after that as well.
I note that MalwareBytes’ Anti-Malware is also a Beta product. This isn’t necessarily a problem, but could be, depending on its stability, and how it works. Unfortunately, since their site doesn’t say anything about it publicly, we don’t know how it works…
LM
Uninstalled.
Uninstalled.
Also, Spyware Terminator uninstalled.
Preparing GMER log…
[attachment deleted by admin]
And after each of these, have you tried to see if the v3 problem persists? Note: You may need to uninstall/reinstall in SafeMode (as per previous discussion) with each step in the event there was an install conflict. But first, try without the reinstall.
LM
Sorry, the conflict (or problem) is there yet…
No inbound/outbound connections are shown in CPF GUI, so it’s not working…
Although, CPF is related as being active by Windows Security Center.
[attachment deleted by admin]
Please post a pic of your device manager enabling hidden devices.
also search for cmdhlp.sys on your hd.
After uninstalling CFP from safemode look for comodo .inf files (you should unhide hidden folder first)
If you look at your running processes, is cmdagent.exe one of them?
Comodo Firewall Pro Helper Service should be started (Automatic) and running normally.
You should have the following drivers installed and running normally:
Comodo Firewall Pro Helper Driver - cmdHlp.sys
Comodo Firewall Pro Firewall Driver - inspect.sys
Comodo Firewall Pro Sandbox Driver - cmdguard.sys
LM
Comodo is listed on drivers non-plug&play.
also search for cmdhlp.sys on your hd.
C:\WINDOWS\System32\drivers\cmdhlp.sys
C:\Program Files\Comodo\Firewall\Repair\cmdhlp.sys
Should I uninstall (again)?
It’s there, running from System account.
ok and running.
The first one I can see on the Devices. Both 1st and 3rd are listed by Autoruns drivers.
But not the 2nd… The files exists in:
C:\WINDOWS\System32\drivers\inspect.sys
C:\Program Files\Comodo\Firewall\inspect.sys
C:\Program Files\Comodo\Firewall\Repair\inspect.sys
Thanks for all efforts!
[attachment deleted by admin]
So, you have the
Helper Driver - cmdHlp.sys
Firewall Driver - inspect.sys
but you don’t have the
Sandbox Driver - cmdguard.sys (which should also be in C:\WINDOWS\System32\drivers.…)
Show Hidden Devices did not reveal all three on my system. I have to use something like ServiWin or Whats Running.
If you don’t have all necessary services and drivers installed & working properly, I’m thinking something is occurring during the installation which is messing everything up.
LM
According to your first gmer report Bluecoat was hooking IP kernel functions, after you removed those software the only one hooking such functions is avast. If you uninstalled CFP and reinstalled after the second gmer report (confirm this) then there is still something interfering.
Also please confirm that the comodo non PNP drivers in device manager are running.
Please look at AVG antirootkit and avg antispyware logs to see if they are blocking something.
Look at teatimer log too.
That seems to be the problem… I never have an installation problem with version 2.4 or older betas on XP. Only in Vista with the latest beta.
I’ve tried an old beta 3.0.7.208. Didn’t work either.
What I can’t understand is what is blocking the installation at Safe Mode (:AGY)
Right now, I’ve tried to bring back the system protection to the old state (K9, SpywareTerminator, MalwareBytes’) and try to keep the Windows Vista firewall.
I’ll test more tomorrow.
It’s a pity that we can’t have an installation log.
Thanks for your help. See you soon.
It is not something interfering in safemode but after.
Spybot SD teatimer for example can work also after a program was installed if I remember correctly.
Anyway there is also AVG antirootkit, we cannot predict all software interactions going on your computer.
V3 can be installed on a vista machine right out of the box so we have to guess and find what makes the difference on your machine.
But that is a long list of softwares 
Anyway just for reference please summarize all steps you took after you uninstalled Bluecoat, MalwareBytes’ Anti-Malware and Spyware Terminator.
look at your windows\inf directory for all inf files containig reference to comodo.
look on your hd for all folders named comodo.
look in the registry for HKCU\Software\Local AppWizard-Generated Applications\ and HKLM\SYSTEM\Software\Comodo
You can generate a system log by running the installation through a monitoring software. Not sure what’s compat w/Vista, but things like zsoft, totaluninstall are a good place to look. That will create your before-and-after.
LM
Most probably…
I’ve disabled it before installing and prevent it to run after booting.
It’s not removing any entry.
It does not run… I mean, there is a driver but it shouldn’t mess anything while loading.
Uninstall them.
Boot in Safe Mode.
Install Comodo.
Boot as usual.
Inside of the files?
They’re all on the default paths.
First one has very few info…
Service is running but I can browse even in ‘Block all’ mode
[attachment deleted by admin]
Here it is…
[attachment deleted by admin]
\cmdagent.exe running.
D:\Util\Internet\Comodo\cmdagent.exe (Comodo Firewall Pro Helper Service) is running and automatic starting (can’t be changed).
C:\Windows\system32\DRIVERS\cmdhlp.sys (COMODO Firewall Pro Helper Driver) running.
C:\Windows\system32\DRIVERS\cmdguard.sys (Comodo Firewall Pro Sandbox Driver) running.
Registry keys seems ok at:
HKCU\Software\Local AppWizard-Generated Applications\ and HKLM\SYSTEM\Software\Comodo
at least, they’re there.
Although ZSoft Log relates
FILE ADDED! …\inspect.sys
FILE ADDED! …\Repair\inspect.sys
and the file is on Comodo folder, ServiWin relates that it’s NOT running. It’s not listed by Autoruns in the drivers list. I can’t find ANY registry key related to this inspect.sys file. There isn’t any mention of it into the ZSoft Log either.
Although, it’s not on ZSoft Log, this file IS here: C:\Program Files\Comodo\inspect.sys and here C:\WINDOWS\System32\drivers\inspect.sys
But: C:\Program Files\Comodo\ is NOT where Comodo is installed. Isn’t it missed the variable %PROGRAMFOLDER% or something like that?
As it is the Comodo Firewall Pro Firewall Driver, it seems we narrowed the problem to this driver.
But what can I do?
- File is there.
- It’s installed.
- But it does not automatically starts…
Another thing - could not be related - but if I try to run cfpconfg.exe from the Comodo folder, both with and without admin rights, NOTHING happens.
The inspect.sys file on C:\Program Files\Comodo\ folder has the following properties.
The access rights to that folder seems ok (System and Administrator: full access).
[attachment deleted by admin]
The inspect.sys file on C:\WINDOWS\System32\drivers\ folder is DIFFERENT and has the following properties.
[attachment deleted by admin]
Yep
I was listing all the places to look after uninstallation to see if there were any remnants.
Yep according to your previous screensot of device manager that driver is not installed
C:\Program Files\Comodo\inspect.sys is a leftover of the previous beta probably due to system restore.
the dialog you referenced for C:\WINDOWS\System32\drivers\inspect.sys refers to the current beta version but it is named inspect (2).sys probably due to system restore.
You need to uninstall again from safemode , sorry.
Then you need to remove all instances of comodo files in C:\WINDOWS\System32\drivers\ expecially any inspect.sys
remove all other comodo folder from your hd as well.
Please check for comodo inf file after uninstall (enable explorer to show hidden files and folders).
After that it worths trying to install V3 in its suggested path (to exclude if it is an installer issue)
Since this may be going to be troublesome for you after you reinstall again don’t reboot as it is needed to check all files are in place.
If there still no mention of “inspect” (search only this part of the name) in the registry don’t bother to restart.
if inspect it is mentioned in the registry as precaution use device manager to disable(without removing) all AVG drivers.
Then if this check is Ok all that is lef it is to cross fingers and reboot
This should be ok, same here.
I’ve uninstalled all AVG products (antispyware and antirootkit).
Boot in Safe Mode.
Check if there is any AVG driver running (with ServiWin), none.
Uninstalled Comodo in Safe Mode.
Boot in again.
Removed all Comodo files and registry keys. Including inf files.
Install Comodo on the default path.
The inspect.sys drive was on the system32\drivers folder. The other files, one by one, either.
Boot normally.
Same situation as before
I must give up… time is passing by and there a lot of work waiting.
I’ll wait next non-beta version and try again. Sorry to disappoint you giving up… but it’s a pity that we cannot find which is blocking the driver to load. Next time, wish me more look.