Commodo taking over Win XP?!

Hi. I’ve been using commodo firewall for a month or so. I was pretty happy, I should say. Then, one “sunny” day, commodo firewall asked permission to run an update. “Sure, why not?”-I thought. Then, I was prompted to restart the system and then it all began … I simply had no control of my system any more. I could not do anything, even launch the system tools or get to win xp command line or run the explorer. I restarted the system a few time, same result. Fortunately, I could get to task manager and from there get to control panel and uninstall commodo firewall. The very same moment all went back to normal.

I was pretty sure that it was commodo firewall to blame (update, restart, and then ■■■■!, remember?). Anyway, I wonder what was that? Any thoughts?

Edit: I browsed around a bit and found that people had similar issue, but I could not find any clear-cut explanation to that.

I am very sorry to see you had such a bad experience. I have seen a couple cases where the update went totally bad like in your case. From what version did you update?

Good news is that doing a clean install will do the trick for you. To be on the safe side of things follow this tutorial (forget about removing the legacy keys as they are too much work):

Uninstall CIS and reboot. Then run [url=]Comodo System Cleaner[/url] to get rid off registry keys.

Then delete the Comodo folders under Program Files, Program Files\Common Files, C:\Documents and Settings\All Users\Application Data\ .
For Vista/Win7
Users%username%\appdata\local, Users%username%\appdata\roaming\ and \Users%username%\appdata\local\virtual store

To be even more thorough open Device Manager and set it to show hidden devices under menu option View. Then see if there are Comodo driver(s) left in non Plug and Play drivers. If so select the driver → click right → uninstall and reboot.

Now delete the following:
C:\boot.ini.comodofirewall (this file may not exist).
WARNING: Do not mistakenly remove the original “boot.ini”.

a. HKEY_CURRENT_USER\Software\ComodoGroup\CFP and HKEY_CURRENT_USER\Software\ComodoGroup\Comodo Internet Security
*(If you have other Comodo products installed, delete only the values
for CFP)
c. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services
d. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services
e. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\cmdHlp
f. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Inspect
g. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services
h. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services
i. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\cmdHlp
j. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Inspect
k. KEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services
l. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services
m. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\cmdHlp
n. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Inspect
o. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\cmdAgent
p. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\cmdGuard
q. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\cmdHlp
r. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services
s. HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro
t. HKEY_USERS\S-1-5-21-1202660629-746137067-2145843811-1003\Software\ComodoGroup\CFP
kk. HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\CFP_Setup_3.0.14.276_XP_Vista_x32
ll. HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\CFP_Setup_3.0.14.276_XP_Vista_x64
mm. HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\CFPLog
nn. HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\CPFFileSubmission
oo. HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro

*Note: It may not be possible to remove these “LEGACY” keys. If you cannot delete them, leave them in the registry. However, I have subsequently found that you MAY be able to remove these keys in Safe Mode by using a third-party registry tool. To permanently remove them may also require modifying the Permissions for each key. See:;msg119226#msg119226

Now you should be good to go.

Keep us posted.

EricJH, thank you for a prompt reply.
Commodo version I installed was very recent (ca. 2 months old). So, that should have been a small update.

I feel like giving commodo another chance indeed. So, your instructions are welcome. In principle, I just want a better protection than win firewall can offer, like controlling the net activity in both directions and the ability to shut all the traffic with one click or let it flow again. I am not that interested in using advanced (read, unreliably complex) features. Robustness and low profile of the application is as important to me.

If anybody can give me a few tips (or indicate a link or two) for configuring commodo firewall along the lines I mentioned, I’d greatly appreciate that.

Cheers! :slight_smile: SG

Hi SG, a good way of controlling what you allow to flow out is to set the Firewall to “Custom” and have the Alert settings at high.
If you look under Firewall/Advanced/Network Security Policy->you will see “Application Rules”->This is where the policies for what an application can do are stored.
Once you are happy that you have your commonly used applications in there, by moving up to Custom mode you should receive a pop-up for any application which is trying to connect out that doesn`t have a rule assigned to it in Application rules.
You can then answer Allow or Block, but do not have “Remember my Answer” ticked otherwise a rule will be created.


p.s. If you are not part of a sharing network(Home LAN) it may be wise to run the “Stealth Ports Wizard” and choose the option “Block all incoming connections-Stealth my ports to everyone”

I see, Matty_R. Thanks for the info. Sounds like a plan.

Just a question:
There is a self-learning mod (or something like that). Is it of any real effect? I mean, if it is not an eesecial feature, I’d leave it out. I do not want any “I, Robot” moments from Commodo, you know. ;D

That`s your prerogative, if you trust all the apps on your pc you can run/update them once so rules will be created or answer alerts as an when needed(the method i prefer)


p.s. The Training Mode is good for Gaming, go to Firewall Behavior settings and click “What do these settings do” for info on the different modes.