This issue is not about MadCodeHook, but I really need help.
I cannot successfully load driver with LoadInjectionDriver on Win7 64.
I copied "renameme32.sys" and "renameme64.sys" and signed by following command with my GlobalSign Certificate(SHA256 only).
signtool sign /v /ac "GlobalSign Root CA R3.crt" /a /n "common name" /tr http://rfc3161timestamp.globalsign.com/advanced /td sha256 MyDriver32.sys
signtool sign /v /ac "GlobalSign Root CA R3.crt" /a /n "common name" /tr http://rfc3161timestamp.globalsign.com/advanced /td sha256 MyDriver64.sys
# common name was changed to mine
To verify the files with "signtool verify /kp" and "/pa" showed no error.
What should I check to sign correctly ?
PrintMomnitor works fine on same machine. But once I signed with my certificate, it didn't work.
Personally, I'm dual signing, first with SHA1, afterwards with SHA256. You can see how I'm doing that in the "configDrivers.bat" shipping with the latest PrintMonitor demo.
I also vaguely remember that I had trouble getting SHA256 to work at all. IIRC, I had contacted GlobalSign customer support about that a couple years back and they sent me some root certificate I had to install to make it work. But it's so long ago that I don't remember the details. You could try asking GlobalSign customer support about it.
It's usually the NtLoadDriver API which fails, when you call LoadInjectionDriver. Or CreateService or maybe StartService when you call InstallInjectionDriver.
Yes, Windows 7 SP1 update KB2949927 hotfix is what would be required to support SHA-256 however I'm not 100% certain that Microsoft ever corrected the issue because after releasing it they realized it was botched (creating serious issues) and then recommended users NOT to install it or use the rollback OS feature. What a mess!Doesn't Windows 7 need a hotfix to support SHA256 signatures