Won't start on WIndow 7

Started by BoerenkoolMetWorst, January 10, 2022, 04:52:44 PM

Previous topic - Next topic

BoerenkoolMetWorst

I'm trying out ReHIPS for the first time(New version 2.5) in my Windows 7 VM. After installation it will not start and I get an error message about HIPSGui32.exe(see attachment.)
Windows updates for SHA256 signatures were already installed and if I go to file properties in windows explorer and check the digital signatures, it can succesfully see them and verify them.
This VM has ESU updates installed and SHA256 signatures is a requirement for ESU so I'm sure that it is working correctly. Also no other security software installed.

fixer

Hello, BoerenkoolMetWorst. Welcome to our forum.
Looks like it's the same issue as here https://forum.rehips.com/index.php?topic=13675.0
In short words:
Most likely that's because we had to move to sha256 digital signature. In old times when Win7 was released sha1 was used and it was OK. But a while ago everyone agreed that something more secure is needed and moved to sha256. And now weaker digital signatures aren't issued, so you can't get it even if you want to. Sha256 is quite new for stock Win7 and it doesn't recognize it. But should accept it after update. I don't remember exact KB though, looks like for Windows 7 you need to install SP1 and then KB3033929 or KB4474419 or KB4054518.

I know, this hassle with driver signature enforcement and changing hash algos may be painful when it comes to supporting old OS-s. But unfortunately there is nothing we can do from our side. Apart from this signatures ReHIPS completely supports Windows 7. But we had to rebuild driver to workaround some Windows bugs, so had to follow new signature requirements.

For old OS-es you can try ReHIPS 2.4.

BoerenkoolMetWorst

Thanks for your reply! For now I'll just enable test signing to try it out in my VM. I also read that you can get a free license for use in VM, is that still true?

The strange thing is that all SHA256 updates are installed and Windows recognizes the SHA256 signatures, so I don't know why it is complaining about ReHIPS.

fixer

#3
License keys for VMs are in this post https://forum.rehips.com/index.php?topic=2.msg16219#msg16219

There is a tonload of different digital signature checks and hence hashes, like user-mode, kernel-mode, OS load, etc. They're all different, sometimes hardcoded, sometimes user-influenceable. So not sure they made Windows 7 completely sha256-aware for all signature checks since it's quite old and old products are usually not thoroughly supported.

BoerenkoolMetWorst

Okay, thanks for the explanation!
And thanks for the VM license!