OK guys, read all the spiel, believed it and installed CFP3. On the second day, it flashed a red warning re activities by an unknown program that were hueristically determined to be in the domain of SERIOUS MALWARE. I dutifully ticked the recommended option of denying the request (with the remember my response box pre-checked) and dutifully sent the name of the offending file to Como for analysis. My own checks showed the file to be some sort of “global hook” used by windows
The problem is now rather more significant. XP WILL NOT START - or stops abruptly after password entry/logon is completed with a message telling me that USERINI.EXE could not properly execute.
So…can’t complete any remedial work WITHIN XP (eg uninstall, reg edit, etc) and I’m now looking for workarounds. The computer is full of work files that amount to MUCHAS HARD GRIND MAN HOURS. Anyone else had the problem or is there some dos startup utility to help/totally uninstall Como/restore or reload startup files? Problem is, Como seems to embed itself at the most basic level and is hard to budge…good when it’s on your side I’m sure!!’
Help would be appreciated. (:AGY)
Hi stewed,welcome to the forum.
Can you boot in “Safe Mode”?(press f2 while booting)
If you can go into Defence+/Advanced/Computer security policy,find C:\WINDOWS\system32\userinit.exe and highlight it.Now choose Edit/Access Rights and on “Modify” next to “Run an executable” or one of the others see if you have anything under “Blocked Applications” like explorer.exe.
If you have remove it and “Apply” to close all windows.
Alternatively try “Last known good configuration”
Matty
Greetings Matty and Josh
Thanks for the responses. Cannot boot into safe mode unfortunately - that was my first move with fingers firmly crossed, but no good. Can’t get into Windows at all. Hopefully someone knows a way in.
How do I access the minidump Josh?
Regards
Stewed
You have to be able to get into safe mode. All pc’s can. Hit F8 from the start of boot up. Sometimes I hit it 20 times.
Like I told you - Windows will not start up in safe mode. I can get into safe mode alright, but XP only loads up to user password and then I get the same message (USERINI.EXE could not properly execute).
It looks as though Como gets into the bowels of the OS and is pretty ■■■■■■ dangerous if it gets its heuristics wrong.
I have installed another H/D with separate OS and can now access files on the original system partition. Any suggestions as to how I might repair/delete/replace files in the original partition and OS? Is it possible to somehow repair the registry in the original OS (ie the one that wont open now) without actually starting it?
When in safe mode you can chose “last known configuration”. Did you try that? Also its Comodo not Como. You should be able to uninstall Comodo in safe mode. When you boot up in safe mode there are several different options. Did you try them all? Did you try debugging?
Tried everything
Quite frankly it looks as though none of you Como “heroes”, “gurus” or “gods” has a clue about how to repair the damage that this piece of ■■■■ software is capable of achieving.
More like ComoDODO and the sooner it becomes extinct the better. Other contributors on this forum have referred to it as Malware and this seems an understatement. In this instance it has done more damage than most of the malware or viruses out there. Reading other posts, it looks as though getting rid of it completely is also another nightmare.
This entire fiasco has cost me money and more importantly, TIME.
I would now recommend that you shove this Comododo where the sun don’t shine.
Dont blame Comodo for something you did. When you got a D+ alert did you take the time to read it? No obvisously not. You probably locked yourself out of Windows by blocking something instead of allowing it. If your pc is clean and you didn’t just installing something then you should have aloud it. I have been using Comodo for along time on both my pc’s with no troubles. Comodo is the best and most powerful firewall out there. Just cause you dont know how to use it is no reason to make such a statement. We are trying to help you. There is a way. Did you try everything I said. What about debugging mode?
As noted in my original post, Comododo erroneously detected malware. Yes, I read the info associated with the warning and it sounded SERIOUS. When instructing the program to block a particular SERIOUS MALWARE activity it is reasonable to expect that your OS will restart at the end of it all. Why also would “remember this action/decision” be checked as default when Comododo is capable of such fundamental destructive errors - along with all the other myriad issues that are outlined in a multitude of posts? Has anybody there thought about the average user?
So… let’s get things straight - it is Comododo that ■■■■■■■ my system, NOT I.
I have concluded that a reformat is now necessary.
I reiterate my previous sentiments.
If you have the WinXP install CD, then you can use the “Repair” facility to get back into a working condition. If you didn’t get an installation CD, then the PC manufacturer often has a recovery facility as an alternate boot OS in another disk partition. What kind of repair or recovery depends on the manufacturer.
That you can’t get into safe mode could well be an indication that CFP did it’s job properly, and stopped some fairly serious malware. There is malware, fairly serious stuff, that will disable safe mode, registry editing, and just about anything and everything else so as to protect itself. CFP may have blocked that effort in progress, so you’ve got a halfway infected machine. Not enough is known right now to say for certain, but that is a possibility.
You do not have to reformat. You can also try booting off your Windows CD. BTW its Comodo I might add.
Hi stewed,
Personally I think your harsh comments are uncalled for. But I believe I understand your problem here:
- No matter what mode you tried, you couldn’t get pass the logon stage
- You have successfully install another system HDD into your PC and now has successfully booted up from that new disk
- You wish to know how you can repair the registry of the original hard disk after booting up from the new system disk.
step to load the original system registry for editing:
warning: If you are not familiar with REGEDIT, go find someone who is to help you!
warning: make a back up of the old harddisk’s registry first!
a. after you have boot up from new system disk, click {start} and then {run…} to launch “regedit” (be careful! you should really understand what you are doing with registry editor!)
b. Click on {HK_LOCAL_MACHINE} to select this key, then click [File Menu]–> [load hive…]
c. when a dialog box open, find you ■■■■■■■-hdd (E:, for example), → windows -->system32 → config, set option to display all files (registry files has not extension) then select system or software
d. when prompted for a name for the hive, just name it anything, like “my ■■■■■■■ drive”
e. [Warning! whatever you do is saved without asking!] do your search and destroy/remove.
f. Unload the hive
g. Cross you fingers and reboot using the old system disk.
h. good luck
you should also read this: https://forums.comodo.com/empty-t22873.0.html