I was careless enough to install comodo firewall via remote desktop on a colocation server. I now only have access to the system through a Recovery installation (so basically, I cannot simply choose “uninstall”).
How can I remove comodo firewall if the data (+ registry) are on a different drive?
Please help ASAP!
Thanks a lot!!!
Sounds to me like you’re gonna have to visit the server personally or pay the colo rates to have them either remove cpf or config. for remote desktop.
I know it’s not the answer you wanna hear but, now I don’t claim to be a comodo expert here, those are the only options I can see for you
If you have access to the recovery console, then you could try to disable CPFs service & drivers (using listsvc & enable). If you set them to disable, this just might stop the registry based run command of CPF. I’m not sure if this will work… CPF might think its been attacked or something & shut-down all comms… I dunno.
Tanks a lot for the help already!
The problem is now that I get a BSOD on startup (0x00…07b) - I can only access the system from a seperate windows installation, and can thus only manually edit the registry…
Does anybody have a list of registry keys and files which CPF alters/adds/etc. ?
Thanks a lot!
What driver does the BSOD mention?
Does anybody have a list of registry keys and files which CPF alters/adds/etc. ?
The start-up run is in the usual…
\HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
…and CPF, itself, is in…
\HKLM\SYSTEM\Software\Comodo\Personal Firewall
But, if CPF is running & the option set, then CPF can & will protect its own registry settings. I doubt this applies to the startup entry… which I guess, along with the other stuff I told you about, is probably your best opportunity to stop CPF running.
Question: Aren’t you running CPF yourself?
Thanks once again for the help, but CPF also installs some services (which I have now disabled).
The problem is that the BSOD still appears. When booting into safemode, I get a 0x6f BSOD, instead of the 0x7b I got before.
Is CPF altering system files? How does it hook on to the system?
Thanks!
Which driver is the BSOD reporting? It’s probably something that ends in “.sys”.
CPF does not alter anything. I merely add its own service & driver (the driver does the packet interception).
PS I did mention the CPFs service in my first post.
The BSOD unluckily is not reporting a specific driver. I am hoping to get access to the dump to analyze it, but it appears difficult. Could it be the CPF driver which causes the BSOD?
I don’t know, that’s why I was asking. If the BSOD is being caused by CPF, then I’m sure it would have said. Is there anything in the Windows Event logs?
But, if you have a crash dump, you can give it to Comodo Support. They can probably analyze it quicker than either of us. You’d need to register on their system, create a ticket, tell them what the problem is & sending them the zipped crash dump.