Jump to content
Kaspersky Support Forum

SIHClient.exe trying to load Kaspersky 21.22\x64\com_antivirus.dll while autostart is turned off

000

By 000
in Kaspersky Free

 Share

Recommended Posts

000

000

Posted
Posted

I'm getting a lot of errors like this (in Event Viewer): 

Log Name:      Microsoft-Windows-CodeIntegrity/Operational
Source:        Microsoft-Windows-CodeIntegrity
Event ID:      3033
Task Category: (1)
Level:         Error
User:          SYSTEM
Description:   Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky 21.22\x64\com_antivirus.dll that did not meet the Windows signing level requirements.

While the dll signature might have indeed expired as I haven't updated my app in 1-2 weeks, Kaspersky (including AVP21.22 and klvssbridge64_21.22 services) is set to manual start, so why and exactly what is trying to load com_antivirus.dll through SIHClient.exe?

harlan4096

harlan4096

Posted
Posted

Welcome to Kaspersky Community.

 

Quote

What is SIHClient.exe?

The SIHClient.exe is an executable file for the Server-Initiated Healing client running in the background in Task Manager on Windows PCs. This executable does the following:

  • Detects and fixes system components needed for automatic Windows updates.
  • Manages Microsoft software installed on your computer.
  • Starts the background Windows updates installation process
  • Connects to Microsoft servers and checks if healing actions are needed on your PC
  • Like 1
AlexeyK

AlexeyK

Posted
Posted
18 часов назад, 000 сказал:

dll signature might have indeed expired as I haven't updated my app in 1-2 weeks

I think these threads will also be useful: one and two.

  • Like 1
AlexeyK

AlexeyK

Posted
Posted
21 час назад, 000 сказал:

Kaspersky (including AVP21.22 and klvssbridge64_21.22 services) is set to manual start, so why and exactly what is trying to load com_antivirus.dll through SIHClient.exe?

Maybe because of the registry settings that was changed by the antivirus. Maybe because of the AV drivers, which continue to work even when the AV is turned off (surprised? check it out 🙂). I have the same with disabled AV autorun - there are many events from svchost, securityhealthservice and so on.

Screenshot_4.thumb.png.1cabd32bf8af55653509c3bb5c386aac.png

  • Like 1

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
 Share
Go to topic listing


×
×
  • Create New...