@EricJH - Thanks for the info. The certificate seems OK.
It does feel like a bug that Comodo should work on though. Not really great for security software showing up as with “Audit Failures” in Window’s security log.
I’m seeing this too. Did anyone ever find a solution?
It’s still there and there is no solution other than to live with it. :-\
Hi all, total Newb here.
I’ve been using CIS for years, and it’s great.
My computer skills are no bueno.
I use Google Chrome as my browser, and bought a Nexus 5 phone recently running Android Lollipop.
The synching between the phone and computer worked great for about a month, but for tthe last week, or so, not at all.
Every time I try to open Google Keep on my computer, for example, it directs me to the “Settings” page, where the “Sign in” box is highlighted in red, and says “Account sign-in details are out of date. Sign in again”
When I do so, it just sits there and refreshes with that round thing circling and circling.
I went to a help forum. They had me run some scans, and told me the scan log showed I’m getting tons of guard64dll errors from Comodo, and I should uninstall, and reinstall it.
I’m apprehensive about this because I don’t believe I know enough about it to properly set it back up.
a) do I need to uninstall/reinstall Comodo
b) If so, how do I get it set up properly?
Thanks
(excerpt from scan log below)
Date: 2015-03-16 09:40:45.792
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-03-16 09:34:56.406
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-03-16 09:24:03.421
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-03-16 09:14:34.378
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.
The problem with the Code Integrity from Windows logs happens to everybody. CIS and our computers function normally nor is it known to be related to synching issues. There is no need to unistall and reinstall CIS.
The problem with logging in on Google Keep is likely to be related to your browser. Please try cleaning cache and cookies and try to log in again.
I have this same issue on win 8.1 running comodo fw 8.2.0.4703
Comodo still has not fixed this. It’s not a risk but it looks sloppy.
29.01.2016… issue is still not fixed.
3 years… why do we report issues when nobody at comodo cares? 
I just upgraded to Win10 from Win 8.1 Pro X64.
I am seeing the same error!
I just reported this to support. Will report if I get a response.
Hi,
from some time I see the following error in Windows Event logs.
The code integrity check has determined that the page shortcut values for the image file are invalid. File could be improperly signed without page shortcuts or corrupted due to unauthorized changes. Invalid shortcut values may indicate a possible disk device error.Filename: \Device\HarddiskVolume2\Windows\System32\guard64.dll
I use CIS 10.0.1.6294 and Windows 8.1 x64. Is this a known issue or my installation of CIS got corruted?
Is there any way to run diagnostics on CIS installation like you could do it in older versions?
Hard disk is 100% fine.
Yup! 
You should just be able to open CIS main user interface, and click the “?” icon on the lower right hand corner, Support → Diagnostics.
Thanks :), I couldn’t find it myself.
Diagnostics says it didn’t find any problems.
I’ve scanned guard64.dll file on VirusTotal as well. Basically it says it’s clean. There is one hit on some unknown to me scanner named Palo Alto Networks, probably false positive.
It’s caused by their framework. Nothing to be concerned about. They could probably minimize the number of events with a workaround but it’s not specific to CIS as product. It will be fixed in the future.
1 Like
Thanks for clarifying this issue.
It’s good to hear my system have not been compromised. 
I am running Windows 10 Home 64bit version 1703 build 15063.726 upgraded from windows 7 and CIS version 10.0.2.6420.
Since the 13th November I have had two errors show on a daily basis in the event log. The first one is:-
Cmdagent: Event ID 1: Task Category - JobAvUpdate: Fail download telemetry config (hr=0x80070002).
The second has appeared in the event log from the 11th October and is:-
Windows Security: Event ID 5038: Task Category - System Integrity: Code integrity determined that the image hash of a file is not valid. The file could be corrupt etc etc.
File name: \Device\HardiskVolume2\windows\System32\Guard64.dll.
Reading various other posts in this Forum, I was under the impression that these were being fixed by now.
Incidentally, whilst browsing the web looking for help with the telemetry problem which also had “Event Message Not Found” element in the event information, I happened upon the Microsoft information:-
Looking at the second registry location for source name, which in my case was cmdagent, I found three CIS entries which were under the “EventLog” label. They were COMODO Internet Security, Comodo Internet Security CEF and Comodo Internet Security Trace. Cmdagent appeared in the first and last one. However CIS had ALL its options pointing to cmdevlog.dll, whereas CIS Trace had all the options pointing to cisevlog.dll. However, cmdevlog.dll doesn’t exist on my system, so I changed all the entries under CIS to point to cisevlog.dll and the “Event Message Not Found” error disappeared on reboot!
Whether that was a bug or a failed build/corruption I don’t know but I thought I would mention it just in case it appears on other systems and hadn’t yet been identified.
Any help in resolving these issues greatly appreciated.
1 Like
Hello,
I’m a little worried about some errors logged on the event viewer related to the integrity of Comodo’s guard64.dll:
Code integrity determined that the image hash of a file is not valid. The file could be corrupt due to unauthorized modification or the invalid hash could indicate a potential disk device error.
File Name: \Device\HarddiskVolume6\Windows\System32\guard64.dll
In case it is of any relevance, I occasionaly have another file registering the same error, but much less often than guard64.dll:
Code integrity determined that the image hash of a file is not valid. The file could be corrupt due to unauthorized modification or the invalid hash could indicate a potential disk device error.
File Name: \Device\HarddiskVolume6\Program Files\Windows Defender\MsMpEng.exe
How can I confirm if there is something fishy about the files?
For what is worth, these are the file’s hashes:
guard64.dll - MD5: E81CD5CFBE1DCEBA2A233F717CFA1671
guard64.dll - SHA-1: E031C50B5990B1D51424EAB68E4F8EF5ADF4CA4E
MsMpEng.exe - MD5: 2AD55CC8F96194854CF0CC89D4A41175
MsMpEng.exe - SHA-1: A9EF933B571B852F69CFF06CA9DA45FEBCF23A7C
Any comments would be appreciated.
Thank you!
The event with guard64 is known but it has no impact on security. It’s nothing to worry about.
I don’t know about the error with Defender but it may be a false alarm like with guard64.dll. Since it is a Windows system file you can run system file checker to let Windows check the integrity of all of its files
Hi,
Windows Event Log reports the error.
Event Log → Log Windows → Security
Audit failure: The integrity of the code determined that the image hash of a file is not valid. The file may be corrupted due to an unauthorized modification, or the invalid hash may indicate a
potential disk device error.
File Name: \Device\HarddiskVolume1\Windows\System32[b]guard64.dll[/b]
Obs: I’ve already done a full scan on the hard disk and it does not contain any errors.
My CIS Product Version: 11.0.0.6606
att
Picandalo
Hi Picandalo,
Thanks for reporting. Please check your Private Message(PM) and provide the requested logs.
Kind Regards,
PremJK