How do I get Comodo COMPLETELY off my system?

I used to like Comodo. I used it for a couple of months. Nice software… it seems… until you try and get rid of it.

I had the newest version of CIS 3.5, and after a couple of weeks of trying to figure out how to get the the virus defs to update (a problem clearly shared by many other users) I decided it was time to move on and maybe check out Comodo again when they had these bugs ironed out.

The trouble is that uninstalling Comodo leaves all sorts of Comodo tentacles all over the system.

My Windows (Vista) security center still claims that there is a Comodo firewall running.
It also claims that Comodo antivirus is running, and that the virus database is out of date.
It also claims that Comodo defense+ is guarding against Malware.

This is all AFTER uninstall, and even running Comodos registry cleaner.

I can’t install another Antivirus (AVG) program, because it claims Comodo is acting as an antivirus system.

So… this is very poor form.

I would like to know, how does one COMPLETELY AND ABSOLUTELY GET EVERYTHING related to Comodo off their computer? And why would a security software company be so sloppy as to leave their garbage around?

Any help much appreciated.

Obviously he did try it.

LA

As LeoniAquila noted, and as I said in my initial post, I have run the Comodo Registry cleaner. But running Regedit afterward, (aside from entries that have to do with the registry cleaner itself) the following items are still in the registry: (FYI scroll down to see data in the security center)

HLM\SYSTEM\ControlSet001\Enum\Root\LEGACY_CMDGUARD\0000
    Class = LegacyDriver
    ClassGUID = {8ECC055D-047F-11D1-A537-0000F8753ED1}
    ConfigFlags = 0
    DeviceDesc = COMODO Firewall Pro Sandbox Driver
    Legacy = 1
    Service = cmdGuard

HLM\SYSTEM\ControlSet001\Enum\Root\LEGACY_CMDHLP\0000
    Capabilities = 0
    Class = LegacyDriver
    ClassGUID = {8ECC055D-047F-11D1-A537-0000F8753ED1}
    ConfigFlags = 0
    DeviceDesc = COMODO Firewall Pro Helper Driver
    Legacy = 1
    Service = cmdHlp

HLM\SYSTEM\ControlSet001\Services\Inspect
    DisplayName = Comodo Firewall Network Driver
    ErrorControl = 1
    Group = PNP_TDI
    ImagePath = system32\DRIVERS\inspect.sys
    Start = 3
    Tag = 10
    Type = 1

HLM\SYSTEM\ControlSet003\Enum\Root\LEGACY_CMDGUARD\0000
    Class = LegacyDriver
    ClassGUID = {8ECC055D-047F-11D1-A537-0000F8753ED1}
    ConfigFlags = 0
    DeviceDesc = COMODO Firewall Pro Sandbox Driver
    Legacy = 1
    Service = cmdGuard

HLM\SYSTEM\ControlSet003\Enum\Root\LEGACY_CMDHLP\0000
    Capabilities = 0
    Class = LegacyDriver
    ClassGUID = {8ECC055D-047F-11D1-A537-0000F8753ED1}
    ConfigFlags = 0
    DeviceDesc = COMODO Firewall Pro Helper Driver
    Legacy = 1
    Service = cmdHlp

HLM\SYSTEM\ControlSet003\Services\Inspect
    DisplayName = Comodo Firewall Network Driver
    ErrorControl = 1
    Group = PNP_TDI
    ImagePath = system32\DRIVERS\inspect.sys
    Start = 3
    Tag = 10
    Type = 1

HLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_CMDGUARD\0000
Class = LegacyDriver
ClassGUID = {8ECC055D-047F-11D1-A537-0000F8753ED1}
ConfigFlags = 0
DeviceDesc = COMODO Firewall Pro Sandbox Driver
Legacy = 1
Service = cmdGuard

HLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_CMDHLP\0000
    Capabilities = 0
    Class = LegacyDriver
    ClassGUID = {8ECC055D-047F-11D1-A537-0000F8753ED1}
    ConfigFlags = 0
    DeviceDesc = COMODO Firewall Pro Helper Driver
    Legacy = 1
    Service = cmdHlp

HLM\SYSTEM\CurrentControlSet\Services\Inspect
    DisplayName = Comodo Firewall Network Driver
    ErrorControl = 1
    Group = PNP_TDI
    ImagePath = system32\DRIVERS\inspect.sys
    Start = 3
    Tag = 10
    Type = 1

But I strongly doubt this is what is showing up in the Windows Security Center. In Windows Security Center, under “Firewalls” it states “Multiple firewalls report that they are turned on”. When I click the link marked “Show me the firewall programs on this computer”, Comodo is the first firewall listed, and is listed with the status “On”.

In addition, still in the Security Center, under “Malware Protection”, it states “Comodo Antivirus reports that it might be out of date.” It also states “Windows Defender and Comodo Defense + both report that they are turned on”.

But, as stated in my initial post, Comodo is uninstalled, and should be NOWHERE on this computer.

I have no personal experience from Vista at all, but I asked Egemen about problems removing CFP/CIS. He found this workaround at the forum:


The problem may be resolved by re-starting the WMI repository:

1 - rt-click Command Prompt and select ‘Run as Administrator’. Type the following command:
winmgmt /verifyrepository
If you get a message “WMI repository is consistent”, run the following command:
2 - net stop winmgmt [Click Enter]
3 - cd /d %windir%\system32\wbem [Click Enter]
4 - ren repository repository.old [Click Enter]
5 - net start winmgmt [Click Enter]
If you get a message “WMI repository is not consistent”, run the following command:
6 - winmgmt /salvagerepository
This will perform a consistency check on the WMI repository and resolve the issue.
7 - Restart your machine.
8 - If you again get the following message instead: winmgmt /salvagerepository is failed.
Ignore this message, and again run:
winmgmt /salvagerepository
Reboot.


By the way, did you remove those entries you posted above?

LA

Bingo. Thank you. Your script worked, and Comodo is no longer listed in the security center.

For others trying the same thing, in step 5 I did not get the “inconsistent” message, so I never had to “salvage” my repository.

As for the remaining “legacy” entries from Comodo in my registry, I did not remove them because I do not exactly understand them, and I am always highly conservative about mucking with the registry. Can you explain them further? Are they just removable by hand with no risk?

Many thanks again.

I’m glad it worked for you! But I’m afraid I don’t know who deserves credits for the solution. Again, I got it from Egemen, but he found it at the forum.

As for legacy keys, I usually don’t recommend editing the registry, but personally I’ve always removed them without problems. Here’s a topic where I bring up those leftovers.

LA