Enable Comodo Firewall on Windows 10 (without breaking Windows Defender)

For anyone that is interested, I have come up with a quick and easy method for installing Comodo Firewall on Windows 10 (RTM) while still allowing Windows Defender to be enabled and function correctly. I have tested these steps several times on fresh installs of Windows 10 to be sure everything is working correctly.

If you are running a fresh copy of Windows 10 on which you have not yet attempted to install Comodo Firewall (or you uninstalled Comodo Firewall prior to upgrading an older version of Windows to Windows 10), follow these instructions:

  1. If you are running the “Pro”, “Enterprise”, or “Education” edition of Windows 10, or any other edition which DOES support Group Policy management, perform "A."If you are running the “Home” edition of Windows 10, or any other edition which DOES NOT support Group Policy management, perform “B.”

    A. Click the Windows Start button or hit the Windows button on your keyboard and type “gpedit.msc” and hit the Enter key. Navigate to “Computer Configuration->Administrative Templates->Windows Components->Windows Defender” and double click on the entry titled “Turn off Windows Defender”. Change it from “Not Configured” to “Disabled”. Exit the Local Group Policy Editor.

    B. Click the Windows Start button or hit the Windows button on your keyboard and type “regedit” and hit the Enter key. Navigate to “HKEY_LOCAL_MACHINE->SOFTWARE->Policies->Microsoft->Windows Defender” and be sure that the “Windows Defender” is selected. In the right pane, if a DWORD value already exists named “DisableAntiSpyware”, change its value to “0”. If you do not see a DWORD key named “DisableAntiSpyware”, right click inside the right pane, click “New->DWORD (32-bit) Value”, name the entry “DisableAntiSpyware” and set its value to “0”. Exit the Registry Editor.

  2. Install Comodo Firewall as you normally would using the installer file “cfw_installer_6105_53.exe” (I would recommend not installing all the extras such as GeekBuddy and Chrome stuff but that is up to you… you can change this by clicking “Customize Installation” in the installer). After the installation is complete, restart Windows and you should be good to go. Windows Defender will continue operating normally and won’t be permanently disabled by the Comodo Firewall installation.

If you are running a copy of Windows 10 on which you have already installed Comodo Firewall, you have probably noticed that Windows Defender became disabled, despite the fact that you were not installing Comodo Anti-Virus. If you have tried re-enabling Windows Defender by restarting its services, clicking the Windows notification about no anti-virus being installed, or clicking the “start now” button in your security center, but Windows Defender still refuses to start working again, follow these instructions:

  1. First, be sure that you do not have Comodo Anti-Virus installed by clicking your Window Start button or clicking your Windows key on your keyboard and typing “Programs and Features” and clicking on the entry that comes up. Locate either the “Comodo Firewall” entry or the “Comodo Internet Security” entry, highlight it, and click the “Change” button. In the window that pops up, click “Next” and then click the “Change” button. Be sure that the “Comodo Antivirus” entry is NOT checked. If it is, uncheck it, click “Next”, allow it to be uninstalled, and restart your computer. If it is not checked, exit the “Comodo Firewall Setup” and “Programs and Features” windows.

  2. Follow the first set of instructions I posted above for fresh installations of Windows 10.

  3. If after following those instructions and rebooting, Windows Defender still isn’t enabled, continue following the instructions below.

  4. Download “RegOwnerShipEx” from the following link and extract it somewhere easy to find such as “C:\RegOwnerShipEx”: RegOwnershipEx : Handy Freeware For Taking Ownership Of Registry Keys

  5. Run either the x64 or x86 Windows 8 version of RegOwnerShipEx, depending on which version of Windows 10 you are running, and after the application opens, click the “Browse” button. Navigate to “HKEY_LOCAL_MACHINE->SOFTWARE->Microsoft->Windows Defender” and be sure that “Windows Defender” is highlighted. Click “Select”. Now click “Take Ownership” and then click “Open in Registry Editor”. In the right pane, locate “DisableAntiSpyware” and “DisableAntiVirus”, and change both of these entries’ values to “0”.

  6. With the registry editor still open, navigate to “HKEY_LOCAL_MACHINE->SYSTEM->CurrentControlSet->Services->WinDefend” and be sure that “WinDefend” is highlighted. In the right pane, locate then entry named “Start”, and if its value is set to anything other than “2”, change its value to “2”.

  7. Reboot Windows and Windows Defender should now be starting and working properly.

A short explanation of the root problem (as I understand it):

When Comodo Firewall is installed, for some reason, it sets the 2 registry values “DisableAntiSpyware” and “DisableAntiVirus” to a value of “1”. These entries are located in “HKEY_LOCAL_MACHINE->SOFTWARE->Microsoft->Windows Defender”. This prevents Windows Defender from starting or being re-enabled. By setting the group policy I discussed in the first set of instructions, before installing Comodo Firewall, this prevents Comodo Firewall from setting these registry entries. If however you do not set this group policy prior to installing, you must go through some extra steps I discussed in the second set of instructions in order to repair the damage done (as well as set the group policy because Comodo Firewall will attempt to set those registry entries upon every boot).

It worked perfectly, good to have a functional system back :wink: thanks lahma !

Thank you for the detailed description! I installed CIS (Firewall only) on Win10 and ran into the Defender problem. Was able to solve it using your guide!

No problem! Glad I could help. I was extremely frustrated myself… I spent nearly an entire day trying to figure out how to get it working for both fresh Win 10 installs and after Comodo has already been installed and disabled Windows Defender. I figured after wasting so much time, I might as well share what I found with others since I was sure others were experiencing the same problems as I was.

One more thing to note for others viewing this thread for the first time: if you get a Windows notification upon running the Comodo Firewall installer that says something to the effect of “Comodo 8.0 is not compatible with this version of Windows”, you can apparently rename the installer exe to anything else, and this notification will be bypassed. If that doesn’t work, you can use Winrar to open the exe installer and extract the MSI installer from “cis\download\installs\xml_binaries\cis” which will install fine. Be aware however, this installs CIS (which is the both Comodo’s Firewall and Antivirus products combined), even though you extracted it out of the firewall setup exe. So if you want to use Windows Defender, you must remove the antivirus component by following #1 in the second set of instructions I posted in my first post.

Didn’t work for me. Windows Defender won’t re-enable and the service refuses to start.

I’m on Windows 10 Pro build 10240. Which was the build released to the public on the 29th.

Is it something I did wrong or does it only work with the RTM version?

I had Firewall installed when I did the upgrade, it had the red X and tried to fix it, I tried to reinstall, but I get an error. So I uninstalled and I still get the error.
Windows 10 is not compatible with:
The error is:
This app can’t run on this PC
COMODO 8.0 doesn’t work on this
version of Windows. Lean more

Rename it to cfw.exe and run it again.

Yeah I just renamed it to FW.exe and it installed without issue. No red X or anything.

Happy, happy, happy.

Thank you!