Code Integrity

Lefty3120
edited November 2011 in Antivirus

Hi,


I'm having many code integrity events in event viewer. The message says "Code Integrity determined that the page hashes of an image file are not valid. The file could be improperly signed without page hashes or corrupt due to unauthorized modification. The invalid hashes could indicate a potential disk device error.


File Name: \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2012\Active Virus Control\Avc3_00093_004\avcuf64.dll"


Any ideas about how to resolve this?

Comments

  • Hi and welcome to our forums.


    What operating system do you have installed on your machine?


    Thank you.

  • Windows 7 x64

  • No fixes yet??

  • I'm getting the exact same Security Event log entry on Win7 x64. I have the latest 2012 Total Security build: 15.0.36.1530

  • rootkit
    rootkit ✭✭✭

    Hello :)


    A product update was released. Your build should be 15.0.37.1560(please right click on Bitdefender icon from system tray-near the clock-and choose "About". You should see in the left side the build number).


    In order for the product update to be installed, you need to reboot your machine(you should see in the Events -> "Reboot required" under the Update module).


    Changelog:


    http://forum.bitdefender.com/index.php?showtopic=28172


    Let me know if the situation is solved. Have a nice day.

  • Hello :)


    A product update was released. Your build should be 15.0.37.1560(please right click on Bitdefender icon from system tray-near the clock-and choose "About". You should see in the left side the build number).


    In order for the product update to be installed, you need to reboot your machine(you should see in the Events -> "Reboot required" under the Update module).


    Changelog:


    http://forum.bitdefender.com/index.php?showtopic=28172


    Let me know if the situation is solved. Have a nice day.


    Being at build 15.0.37.1560 didn't fix it. I got the same security event log 5 minutes ago.

  • I am having the same issue (again).


    Re-booted last night (March 1) due to BitDefender update. Build is 15.0.37.1560.


    Just checked the Windows Security logs - issue is still there - see copy of entry below.


    A bit of additional information:


    Had had the problem previously. Appeared to be fixed for a while.


    - I cleared the security log Dec 19.


    - The issue did not show up in the security log until 12/29/2011 4:02:08 AM (EST) It appears that this was just after a re-boot (probably an update of some kind).


    I keep system up-to-date with all available fixes applied. BitDefender is auto update - and required re-boot_s are quickly done.


    WIN 7 64 Bit Pro SP1 + Updates


    Cheers


    :)


    Log Name: Security


    Source: Microsoft-Windows-Security-Auditing


    Date: 3/2/2012 7:27:18 PM


    Event ID: 6281


    Task Category: System Integrity


    Level: Information


    Keywords: Audit Failure


    User: N/A


    Computer: crack


    Description:


    Code Integrity determined that the page hashes of an image file are not valid. The file could be improperly signed without page hashes or corrupt due to unauthorized modification. The invalid hashes could indicate a potential disk device error.


    File Name: \Device\HarddiskVolume9\Program Files\BitDefender\Bitdefender 2012\Active Virus Control\Avc3_00116_015\avcuf64.dll


    Event Xml:


    <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">


    <System>


    <Provider Name="Microsoft-Windows-Security-Auditing" Guid="{54849625-5478-4994-A5BA-3E3B0328C30D}" />


    <EventID>6281</EventID>


    <Version>0</Version>


    <Level>0</Level>


    <Task>12290</Task>


    <Opcode>0</Opcode>


    <Keywords>0x8010000000000000</Keywords>


    <TimeCreated SystemTime="2012-03-03T00:27:18.834095100Z" />


    <EventRecordID>24752</EventRecordID>


    <Correlation />


    <Execution ProcessID="4" ThreadID="44" />


    <Channel>Security</Channel>


    <Computer>crack</Computer>


    <Security />


    </System>


    <EventData>


    <Data Name="param1">\Device\HarddiskVolume9\Program Files\BitDefender\Bitdefender 2012\Active Virus Control\Avc3_00116_015\avcuf64.dll</Data>


    </EventData>


    </Event>

  • rootkit
    rootkit ✭✭✭

    Hi :)


    Could you please send me some logs from that machine?


    Please follow the steps explained in the article below and send me via PM the generated log file:


    http://forum.bitdefender.com/index.php?showtopic=29927


    Thank you.

  • Hello Christian,


    As you requested I ran the tool and uploaded the results. I sent you a PM with the details.


    There was one of the 6281 events created in the Security Event log for the BD while the tool was running. Not sure if I triggered it by running some virus scans or not, but at least I managed to get it to occur while the tool was running.


    Cheers


    R

  • rootkit
    rootkit ✭✭✭

    Hello :)

    Thank you for your feedback.

    Our testing team will analyze the logs and they will be forwarded to our developers.

    Take care.

  • Hello


    I have exactly the same problem but in french, because I am french... :rolleyes:


    I am using Bit Defender Internet Security 2012 - 64 bits - release 15.0.38.1605


    "L’intégrité du code a déterminé que les hachages de pages d’un fichier image ne sont pas valides. Le fichier peut être incorrectement signé sans hachages de pages ou endommagé en raison d’une modification non autorisée. Les hachages non valides peuvent indiquer une erreur d’unité de disque potentielle.


    Nom de fichier : \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2012\Active Virus Control\Avc3_00145_002\avcuf64.dll"


    Thanks for your help.


    Philippe

  • Hello


    Is there any update on this ?


    The problem is also happening with 2013 BETA ....


    Log Name: Security


    Source: Microsoft-Windows-Security-Auditing


    Date: 5/12/2012 9:43:53 PM


    Event ID: 6281


    Task Category: System Integrity


    Level: Information


    Keywords: Audit Failure


    User: N/A


    Computer: crack


    Description:


    Code Integrity determined that the page hashes of an image file are not valid. The file could be improperly signed without page hashes or corrupt due to unauthorized modification. The invalid hashes could indicate a potential disk device error.


    \Device\HarddiskVolume7\Program Files\BitDefender\Bitdefender 2013 BETA\active virus control\avc3_000_001\avcuf64.dll



    Started as soon as 2013 BETA was installed. The time of the above message - 9:43:53 PM. Previous message in the audit log was at 8:57:36 PM - last entry for BD 2012.


    Cheers


    Ross

  • rootkit
    rootkit ✭✭✭

    Hello Ross,


    In order to further investigate the issue, follow the steps below:


    -Run the Support Tool from “Help and support”


    -Check the option “By checking this box, I agree to allow Bitdefender Support Tool gather Bitdefender related information from my system” --- “Next”


    -Provide a valid e-mail address/Name/Country/Issue description.


    -Send us the output archive from your Desktop.


    You can upload the archive to our FTP server:


    http://beta2013upload.bitdefender.com/cgi-.../up/loadfile.pl


    username: beta2013user


    password: BETA2013user


    After uploading the file/s please post a comment with the name of the file/s you uploaded.


    Take care.

  • Hello Christian,


    Sorry for the delay in getting back to you - Work sometimes gets in the way <img class=" />


    The requested output from the Support tool has been uploaded:


    Uploading file: BDSP_CRACK_2012_06_14_19_08.zip


    File uploaded!


    Hope this helps BD get a handle on this issue.


    Let me know if you need anything more.


    Cheers


    Ross


    Hello Ross,


    In order to further investigate the issue, follow the steps below:


    -Run the Support Tool from “Help and support”


    -Check the option “By checking this box, I agree to allow Bitdefender Support Tool gather Bitdefender related information from my system” --- “Next”


    -Provide a valid e-mail address/Name/Country/Issue description.


    -Send us the output archive from your Desktop.


    You can upload the archive to our FTP server:


    http://beta2013upload.bitdefender.com/cgi-.../up/loadfile.pl


    username: beta2013user


    password: BETA2013user


    After uploading the file/s please post a comment with the name of the file/s you uploaded.


    Take care.

  • rootkit
    rootkit ✭✭✭

    Hi Ross :)


    The logs have been forwarded to our developers.


    Thank you very much!

  • I'm having the same problem using a new Total Security 2013 purchase on Win7 x64. I don't see a solution below for ...


    Code Integrity determined that the page hashes of an image file are not valid. The file could be improperly signed without page hashes or corrupt due to unauthorized modification. The invalid hashes could indicate a potential disk device error.


    File Name: \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00174_002\avcuf64.dll

  • Hey, I just realized I'm having the same problem using the new Bitdefender Internet Security 2013 purchase on Win7 x64. Is there a fix for this? I don't see any response back after it went to developers.

  • Having a problem using Total Security 2013 with Win7 x64. I don't see a solution below for ...


    Code Integrity determined that the page hashes of an image file are not valid. The file could be improperly signed without page hashes or corrupt due to unauthorized modification. The invalid hashes could indicate a potential disk device error.


    File Name: \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00174_002\avcuf64.dll

  • I have had this code integrity problem since installing Bitdefender Antivirus Plus 2012. I am running Windows 7 64-bit. From the forum responses I have read, the Bitdefender staff have no clue what the problem is. It is just annoying. My computer seems to halt for 2 or 3 seconds, beeps, and then proceeds. Also, looking at Google search results seems to indicate that this problem is universal to Windows 7 64-bit as other application files, such as Semantec antivirus (different file) generates the same error messages.


    Thanks Microsoft!


    I get the same error log as shown below:


    Code Integrity determined that the page hashes of an image file are not valid. The file could be improperly signed without page hashes or corrupt due to unauthorized modification. The invalid hashes could indicate a potential disk device error.


    File Name: \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender 2012\Active Virus Control\Avc3_00229_011\avcuf64.dll


    While running Outlook reading email, it happened 7 times, random times, sometimes as soon as 10 seconds apart, then will be OK for sometime. GO FIGURE!


    Cheers.

  • This area of our forums concerns Bitdefender 2012 products. We kindly recommend you to upgrade for free to the new and improved Bitdefender in order to solve this issue.


    Please follow the steps from this KB article:


    http://www.bitdefender.com/support/how-to-...ender--711.html


    Should you require further assistance after the upgrade please post in this area:


    http://forum.bitdefender.com/index.php?showforum=360


    Thank you for your understanding, I am now closing this topic.

This discussion has been closed.