bluescreen Posted February 8, 2018 Report Share Posted February 8, 2018 (edited) Getting intermittent warnings in the Windows 7 security log. I run Windows 7 SP1 64bit on a Sony Vaio laptop. Code Integrity has determined that the page hashes of an image file are not valid. The file could be improperly signed without page hashes or corrupt due to unauthorized modification. The invalid hashes could indicate a potential disk device error.File Name: Device\HarddiskVolume3\Program Files\Emsisoft Internet Security\a2hooks64.dll I used to have Emsisoft Internet Security, but it changed itself to Emsisoft AntiMalware. Can anyone help me understand what is going on here? Thanks in advance. Bluescreen Edited February 8, 2018 by bluescreen including additional information about my system Link to comment Share on other sites More sharing options...
bluescreen Posted February 8, 2018 Author Report Share Posted February 8, 2018 Sony Vaio Laptop Windows 7 Professional, Service Pack 1, 64-bit Emsisoft Anti-Malware, Version Version 2018.1.0.8407 Link to comment Share on other sites More sharing options...
Azure Phoenix Posted February 9, 2018 Report Share Posted February 9, 2018 Emsisoft Internet Security was discontinued. Which is why yours changed to Emsisoft Antimalware. For more info you can read this: https://blog.emsisoft.com/2017/09/19/emsisoft-windows-firewall-protection/ Link to comment Share on other sites More sharing options...
bluescreen Posted February 9, 2018 Author Report Share Posted February 9, 2018 Thanks, Azure Phoenix. I was wondering if anyone had any thoughts on the invalid hash warnings? It is concerning when you receive messages that your antimalware program may have been corrupted or undergone unauthorized modification. Link to comment Share on other sites More sharing options...
stapp Posted February 9, 2018 Report Share Posted February 9, 2018 See here..nothing to worry about. https://support.emsisoft.com/topic/27799-audit-failure-a2hooksdll/?tab=comments#comment-173431 1 Link to comment Share on other sites More sharing options...
bluescreen Posted February 9, 2018 Author Report Share Posted February 9, 2018 Thank you very much! That eases my mind. Link to comment Share on other sites More sharing options...
GT500 Posted February 9, 2018 Report Share Posted February 9, 2018 6 hours ago, bluescreen said: Code Integrity has determined that the page hashes of an image file are not valid. The file could be improperly signed without page hashes or corrupt due to unauthorized modification. The invalid hashes could indicate a potential disk device error.File Name: Device\HarddiskVolume3\Program Files\Emsisoft Internet Security\a2hooks64.dll I see that stapp has already linked to the answer, but in case anyone else stumbles upon this the short explanation is that Windows has stricter code signing requirements for certain system files, so when Emsisoft Anti-Malware tries to inject its DLL file into a running system process with these stricter code signing requirements (and thus open a hook to them) there will be an error in the Event Logs due to the digital signature on our DLL file not meeting the same requirements as the process that is being hooked. 1 Link to comment Share on other sites More sharing options...
Recommended Posts