Author Topic: Windows security auditing - hashes not valid cmdagent.exe AND guard64.dll  (Read 310 times)

Offline eBatch

  • Newbie
  • *
  • Posts: 17
Win10Home (v. recent clean install)
Defender AV
Comodo Free FW 12.0.0.6818

I'm aware that there have been many posts on this topic before over the years (esp. with regard to guard64.dll), but not (as far as I am aware) concerning cmdagent.exe as well.

MS Windows security auditing is constantly reporting (as seen in Event Viewer) "Code integrity determined that the image hash of a file is not valid...." for both the afore-mentioned modules.

cmdagent.exe appears to get reported on once per boot

guard64.dll is reported on all the time at irregular intervals.

If this is a known issue ( as per https://forums.comodo.com/news-announcements-feedback-cis/comodo-internet-security-2019-v12006818-ndash-released-t124172.0.html;msg887680#msg887680 reply #43 ("Those errors can be ignored as it is just Windows complaining it doesn't have the security catalog information for guard64.dll"), why is nothing being done about it?

It seems incongruous, to say the least, for security software to not be addressing something that is a security concern (even if it is a false positive or other erroneously reported issue).

 

Free Endpoint Protection
Seo4Smf 2.0 © SmfMod.Com Smf Destek