Note: Apparently I cannot post in the FAQ section, so this can either stay here or be moved.
A little about me: I know I do not have a lot of posts, but I have been a long time reader of this forum, even long before I joined. I have always run Comodo Anti-Malware (BOClean), and just started to use CFP3. I love both programs and I hope to share my knowledge of how I was able to make these programs work flawlessly. This will focus on CFP3 since this is the Firewall thread and v3 is the only Vista compatible version of CFP out right now.
Also, I do not know if this was posted already, so forgive me if it was.
I have read that lots of users experience weird things when it comes to vista, like having the program report different versions of the software depending on if it is run as full Administrator or not. This may be caused by the new UAC feature called “Virtual Store”. In Vista, even if the person is an “Administrator”, their account will run as though it is a regular user and any changes to files in the “Program Files” directory will be made to the “Virtual Store” instead. So, the firewall will try to make changes to it’s files in “Program Files”, but they get recorded to a different directory under the user’s folder, thus another user on the same system will not experience the changes made. CFP (and also Comodo Anti-Malware) needs to be allowed to make changes in “Program Files” directory directly.
One fix for this is to right-click on the executable in C:\Program Files\Comodo\Firewall and changing the property to “Run as Administrator”. However, this is where the first problem lies … Windows Vista will deny the program to autostart and there is no way to edit the rules (that I have found) to make an exception for this program.
So, what do you do? First, you need to go through the settings of CFP and uncheck the box for automatic startup. You may be screaming at me that you want this program to start when you log in, but don’t worry, we are going to use the “Task Scheduler”. And you do not even to need to right-click on your .exe’s and say “Run as Administrator”.
Note: The Task Scheduler is also available on Windows XP and may eliminate some of the issues I have read about that, like it not running on non-admin accounts.
To reach the “Task Scheduler”, go to: Start → All Programs → Accessories → System Tools → Task Scheduler.
You will get a screen similar to the first screenshot.
On the left hand side of “Task Scheduler”, click the triangle by “Task Scheduler Library” and then click on “Task Scheduler Library” to select it. On the right hand side, click on “New Folder” and then enter “Comodo Software” in the pop-up and then press OK. Then click on the new “Comodo Software” folder. You should have something that looks like the second screenshot, but I will have an extra directory there since I have a lot of tasks created there.
Note: If you are like me, then you will also have Comodo Anti-Malware (BOClean) installed as well. I found that this needs to be done for that program as well, which is why I am making the Comodo folder.
Note2: I found that tasks tend to disappear unless they are created under the “Task Scheduler Library” folder, so we might as well keep it organized.
Next, the hard part. Making sure that “Comodo Software” folder is selected, so that the task is created there, click on “Create Task…” on the right hand side menu.
The “General” tab settings:
Name: Comodo Firewall
Description: This will start Comodo Firewall with full Admin rights. (or whatever you want)
If you have one user on your system that is an admin, then the only thing you need to change in the “Security options” part is adding a check in the box for “Run with highest privileges”.
If you have more than one user and all the accounts are admins, then you need to click the “Change User or Group…” button. A new pop-up will appear. In the “Select this object type” field, make sure it says: User, Group, or Built-in security prinicpal. Then click the “Advanced…” button. Then “Find Now”. Then, scroll down until you see “Administrators” (note the “s” on the end). Highlight “Administrators”, click OK, and then click OK again. This will make it so when any Administrator logs on, then they will start CFP. Now, you need to do like the above If statement says and play a check in the “Run with highest privileges” box.
If you have multiple users on your system and some are regular users (not admins), then things get a little more complicated. I have read reports saying that CFP does not like to be run as a non-admin. I forget where I saw that thread now, but this should work. If not, let me know. I don’t have any non-admin accounts to test this on. I read reports on the Internet saying this is how you start a program that refuses to start under non-admin conditions. First, the trouble… You may have noticed the option “Run whether user is logged on or not” and think that it will start a program under a certain user even if another user logs on. That is the correct logic, however, there is a bug since Windows XP, that is really stupid: You can set it to run as an account with admin privileges and it will ask you for the password of that account, but if you log on as any other user, there will be an error reported in the task manager log that the program failed to start because the password was invalid. Stupid huh? Microsoft really needs to fix that. However, there is a work around for this that I have read about. Follow all the steps of the above if statement about have multiple accounts that are admins. However, instead of choosing “Administrators”, scroll down until you see “SYSTEM” and choose that instead. This will run CFP as a the SYSTEM user. No invalid password error now. And don’t forget to put a check in the checkbox for “Run with highest privileges”.
After this step, you should have something like screenshot 3.
The “Triggers” tab:
Click the “New…” button. For “Begin the task” choose “At log on”. Then “Any user”. Then click OK. That should do it. See screenshot 4.
The “Actions” tab:
Click the “New…” button. It should be on “Start a program” by default. Click “Browse…” and find the location where you installed the firewall and choose “cfp.exe” and then ok. In the “Add arguments (optional):” box add: -h
Now you can click OK. See screenshot 5.
The “Conditions” tab:
The only thing you need to change here is un-checking “Stop if the computer switches to battery power”, unless you want your firewall to stop when you are on battery. Screenshot 6.
The “Settings” tab:
The only thing you need to change here is un-checking “Stop the task if it runs longer than…”. This way it will run forever, unless you restart. Screenshot 7.
Now, click OK and you have your new task. You can restart to test it.
All screenshots were made with the “Snipping Tool” and edited for size. If any part of this tutorial is unclear or could be made better, let me know and I will modify it. Thanks and I hope this explains Vista better and helps you work around it. Also note that the instructions for Comodo Anti-Malware (BOClean) will be the same as above, except that you do not add the “-h” additional argument.
[attachment deleted by admin]