Bios update against spectre and comodo

bdragon · January 19, 2018, 1:55pm

I received a bios update against spectre/meltdown.

Nothing in the Windows Metro interface worked anymore. Could not call virtual keyboard, could not see notifications, could not call the control panel and could not open the start menu.

Everything started working again as soon as i uninstalled Comodo.

Tried clean reinstalling via the internet download program to see if it was a setting that had to be switched. Nothing worked again.

Any Fix?

umesh · January 19, 2018, 2:33pm

Hi bdragon,
May you please share OS, Hardware and BIOS details?

Thanks
-umesh

bdragon · January 19, 2018, 4:00pm

Microsoft Windows Version 10.0.16299.192 [January 3 update]

Hardware Alienware 17 R3 custom motherboard with soldered on chip and pretty much everything but the wi-fi “no user serviceable parts” in the strictest sense. It’s intel based if it’s of any use and uses the standard drivers for i7-6700HQ, thunderbolt based, with integrated intel and NVidia video cards. The exact component name for the whole bunch is W15RD. Similarly i doubt the details on the BIOS will be of much use but it’s an american megatrends version 1.4.4 updated this morning. If you need more i can take pictures (haven’t learned yet how to take screenshots of the bios ??? )

Cannot downgrade, because once upgraded, since it was deemed a “critical upgrade”, it locked itself. I’m sure it can be downgraded, but it’s a bit beyond the scope of my current concerns. I want more protection, not less.

What is the minimum configuration of comodo i can install and still retain the use of the metro interface in windows? Sure, i can start programs by their name by finding where they are installed, but i’d really like to be able to work and not spend days to check what works and what does not.

umesh · January 19, 2018, 4:18pm

Hi bdragon,
May you please PM me msinfo32.exe generated system information?

Also, please see if you can try Comodo Cloud Antivirus and share feedback.

Thanks
-umesh

bdragon post:3:

Microsoft Windows Version 10.0.16299.192 [January 3 update]

Hardware Alienware 17 R3 custom motherboard with soldered on chip and pretty much everything but the wi-fi “no user serviceable parts” in the strictest sense. It’s intel based if it’s of any use and uses the standard drivers for i7-6700HQ, thunderbolt based, with integrated intel and NVidia video cards. The exact component name for the whole bunch is W15RD. Similarly i doubt the details on the BIOS will be of much use but it’s an american megatrends version 1.4.4 updated this morning. If you need more i can take pictures (haven’t learned yet how to take screenshots of the bios ??? )

Cannot downgrade, because once upgraded, since it was deemed a “critical upgrade”, it locked itself. I’m sure it can be downgraded, but it’s a bit beyond the scope of my current concerns. I want more protection, not less.

What is the minimum configuration of comodo i can install and still retain the use of the metro interface in windows? Sure, i can start programs by their name by finding where they are installed, but i’d really like to be able to work and not spend days to check what works and what does not.

bdragon · January 26, 2018, 12:43pm

Any news?

umesh · January 26, 2018, 2:32pm

Hi,
Did you try CCAV on same system?
Please confirm you are using latest CIS and try following:

after installation, rename guard32/64.dll as can be found in Windows folders sysWOW64 and system32 and re-boot.
If 1st doesn’t help, please rename cmdguard.sys from C:\Windows\System32\drivers folder and re-boot.

Please share your feedback.

Thanks
-umesh

bdragon · January 26, 2018, 5:34pm

minor thing: guard64 was under system 32 and guard32 was under syswow64

also… what did i just prevent from working?

umesh · January 26, 2018, 5:50pm

Sorry, may you please rephrase?

bdragon · January 26, 2018, 6:13pm

right.

I have seen a problem.
guard64 seems to be placed under system32
guard32 seems to be placed under syswow64
logic would dictate the reverse.

Also, you made me rename those files. which now allows me to use menus and everything else, nicely.

However. by renaming files, i have basically prevented CIS from using them, thus i have removed some form of protection from CIS. What protection would that be?

umesh · January 26, 2018, 7:50pm

Hi bdragon,

You might want to read about WoW64 here, guard32.dll is for 32-bit apps running on 64-bit OS and thus rightly placed inside syswow64, not a mistake

We just wanted to check if that solves the problem, protection reduces so you may install CCAV in the mean time. We will see if we can come up with a modified version of guard DLLs next week to isolate the problem and team can work with you via personal messages.

Thanks
-umesh