A. THE BUG/ISSUE - Guard64.dll hash/corruption error.
Can you reproduce the problem & if so how reliably?:
I can only monitor the error, It is generated by Windows throughout the day.
If you can, exact steps to reproduce. If not, exactly what you did & what happened:
n/a - the only thing that happened was the alert from windows to scan the drive
One or two sentences explaining what actually happened:
Windows 10 security and maintenance notifications are giving me a flag to scan the disk for errors. This does not occur at any particular interval, and only started immediately after comodo was installed. (its possible that it only started after enhanced heuristics was enabled.)
One or two sentences explaining what you expected to happen:
well i did want errors… lol
If a software compatibility problem have you tried the advice to make programs work with CIS?:
no compatibility issues
Any software except CIS/OS involved? If so - name, & exact version:
jus the OS (windows 10 Pro, 1607 os build 14393.447
Any other information, eg your guess at the cause, how you tried to fix it etc:
upon inspection of the logs the only thing I could find, that seemed to be related to the disk, was an “audit failure” informational event that stated the following:
"Code integrity determined that the image hash of a file is not valid. The file could be corrupt due to unauthorized modification or the invalid hash could indicate a potential disk device error.
File Name: \Device\HarddiskVolume4\Windows\System32\guard64.dll
might also note… the date on my guard.dll file is from 9/15/16… which is about the time frame i tried to install comodo the first time and got the errors that would not allow it to install. i waited until you guys fixed it to try the installation again.
B. YOUR SETUP
Exact CIS version & configuration:
version 8.4.0.5165 - Proactive security level, with a few settings changes (i can email config file)
Modules enabled & level. D+/HIPS, Autosandbox/BBlocker, Firewall, & AV:
everything except autosandbox is enabled. I disabled autosand box due to a startup program being sandboxed.
Have you made any other changes to the default config? (egs here.):
Using proactive config with hueristics scanning set to medium.
d+ enabled with hueristic command line annalysis
firewall is doing protocol analysis
Have you updated (without uninstall) from CIS 5, 6 or 7?:
no. brand new install on 2 month old PC
if so, have you tried a a a clean reinstall - if not please do?:
n/a
Have you imported a config from a previous version of CIS:
n/a
if so, have you tried a standard config - if not please do:
n/a
OS version, SP, 32/64 bit, UAC setting, account type, V.Machine used:
windows 10 64 bit, UAC Never notify, admin account. (i prefer to use D+ as my UAC, if that makes sense)
Other security/s’box software a) currently installed b) installed since OS, including initial trial security software included with system:
a=malwarebytes, intel has some sort of security service running as well. b=i did try to install comodo when pc was new, but it failed to install due to the signed driver error. other than that, no other security software installed.
C. ATTACH REQUIRED FILES (delete this section (section C) after attaching required files)
Always attach the diagnostics file (instructions on how to do this provided here) and the KillSwitch Process List (instructions on how to do that provided here) and put the resulting file in a zip file. Both should then be attached to your post.
Note that additional information may be requested by the processing Moderator.