LoadDriver 2148204812
Posted: Tue Oct 01, 2019 3:48 pm
Last madcodehook I've got running on my clients are from dec 2017
Recently I've decided to update to the 2.8.8.0, went throught all the hoops, configuring the driver, resigning everything, getting the microsoft hardware signature from their partner dashboard
Tested on my machines and everything was fine, driver installation, dll injection, IPC communication, 100%, so I started updating my clients, I separated 1000 machines to deploy before putting it up to everyone, updating drivers and hooks is kinda critical so for sure a slow deploy on this one
Everything was fine for a couple weeks, then clients started reporting my software stopped working, I checked the affected machines and uppon testing, no dll injection due the driver not being loaded
The LoadDriver function returns false, getlast error returns 2148204812, sometimes it also returns -2146762484 on other machines, the message from syserrormessage is the certificate was explicitly revoked
Naturally, I went to Globalsign about the revoked thing, they assured me the certificate was not revoked, the Microsoft Dashboard also accepts my certificate, also 95% of the Windows 10 machines load the driver just fine
Globalsign advised me to reset my token and reissue and reinstall my certificates, their intermediate certificates, and their root certificates, I did all of those things, everything fresh, same result
I'm currently rollbacking the version since the past signed driver can be loaded fine
I'm wondering if it could be something on their environment, some security software blocking loading the driver, then again why would they let the previous one be loaded, and why set such error in return, when I deny a call to an API I usually return access denied
So here I am posting to see if anyone else is having the same issue and if someone can shed a light on what else I could do about this
Recently I've decided to update to the 2.8.8.0, went throught all the hoops, configuring the driver, resigning everything, getting the microsoft hardware signature from their partner dashboard
Tested on my machines and everything was fine, driver installation, dll injection, IPC communication, 100%, so I started updating my clients, I separated 1000 machines to deploy before putting it up to everyone, updating drivers and hooks is kinda critical so for sure a slow deploy on this one
Everything was fine for a couple weeks, then clients started reporting my software stopped working, I checked the affected machines and uppon testing, no dll injection due the driver not being loaded
The LoadDriver function returns false, getlast error returns 2148204812, sometimes it also returns -2146762484 on other machines, the message from syserrormessage is the certificate was explicitly revoked
Naturally, I went to Globalsign about the revoked thing, they assured me the certificate was not revoked, the Microsoft Dashboard also accepts my certificate, also 95% of the Windows 10 machines load the driver just fine
Globalsign advised me to reset my token and reissue and reinstall my certificates, their intermediate certificates, and their root certificates, I did all of those things, everything fresh, same result
I'm currently rollbacking the version since the past signed driver can be loaded fine
I'm wondering if it could be something on their environment, some security software blocking loading the driver, then again why would they let the previous one be loaded, and why set such error in return, when I deny a call to an API I usually return access denied
So here I am posting to see if anyone else is having the same issue and if someone can shed a light on what else I could do about this