Vista RC2 Security Log: avast code integrity

Log Name: Security
Source: Microsoft-Windows-Security-Auditing
Date: 10/08/06 15:20:19
Event ID: 5038
Task Category: System Integrity
Level: Information
Keywords: Audit Failure
User: N/A
Computer: dd-X60s
Description:
Code integrity determined that the image hash of a file is not valid. The file could be corrupt due to unauthorized modification or the invalid hash could indicate a potential disk device error.

File Name: \Device\HarddiskVolume2\Windows\System32\drivers\aswmon2.sys
Event Xml:



5038
0
0
12290
0
0x8010000000000000

909


Security
dd-X60s



\Device\HarddiskVolume2\Windows\System32\drivers\aswmon2.sys

Which is your Vista version?
How did you install avast inthis particular Vista, from scratch or updating from an earlier version?

RC2 is build 5744. Did a clean install; formatted drive and started from scratch. installed avast as the very first 3rd party program.

(fwiw: this problem was also present in earlier builds of Vista)

If this was present in other builds of vista, then I suspect you don’t have the latest version of avast (4.7.892) as some work was done to ensure avast was compatible with RC1, which it was. Unless MS have moved the goal posts again between RC1 and RC2.

I’m using version 4.7.892 since day one.

That is weird as those on the previous beta of avast were able to resolve the vista incompatibility issue with RC1 and that was incorporated into the 892 update. I guess we will have to await one of the Alwil team to get on the case.

drahnier, I suppose this is 32-bit build of Vista, right? And also, the driver DOES load, even though the entry is logged, right?

right with all your assumptions!

and in the meantime I have installed RC2 Vista on another machine. guess what: avast has the same problem!

Well, “problem”… I think it is simply because the avast 32-bit drivers are not (currently) digitally signed.

We will (somehow) fix it.

Thanks!
Vlk

I have the same errors:

  • System

    • Provider

    [ Name] Microsoft-Windows-Security-Auditing
    [ Guid] {54849625-5478-4994-a5ba-3e3b0328c30d}

    EventID 5038

    Version 0

    Level 0

    Task 12290

    Opcode 0

    Keywords 0x8010000000000000

    • TimeCreated

    [ SystemTime] 2006-10-09T07:59:49.270Z

    EventRecordID 661

    Correlation

    • Execution

    [ ProcessID] 4
    [ ThreadID] 48

    Channel Security

    Computer James-PC
    Security

  • EventData

    param1 \Device\HarddiskVolume2\Windows\System32\drivers[b]aswmon2.sys [/b]

Was this ever resolved? I have the same isuues but i dont see any post updates since 10/9.