Expecting Windows event log, I found error (event ID 3002) from CodeIntegrity: Code Integrity is unable to verify the image integrity of the file Device HarddiskVolume1 Progra m Files (x86) Shield Antivirus scpi.exe because the set of per-page image hashes could not be found on the system. I am using Windows 7 Ultimate with Service Pack 1 (x64). SCPI.EXE is sign with valid certificate with both SHA1 and SHA256 digest, all is validated fine with signtool and it works fine on Win8 & Win10.
Can you give me some hint about what's going on? Is this some special Win7 issue? I see that many others had the same trouble, but with system drivers and dlls, however, this is completely user-made application and has nothing to do with the system, so any system cleanup/repair is out of the question. We have found the reason for this behavior. The reason is the same as described in this post: SHA2 cert works perfectly on applications on windows 7 and 8 and also with drivers in windows 8, but a signed 'with SHA2 cert' driver does not work in windows 7, because of the signature is being rejected.
Tools for Solving Windows Problems •About Windows tools useful to solve problems caused by hardware, applications, and failed. Diagnostics, System File Checker, Driver Verifier, startup settings, tools to verify driver signatures, Device Manager, and diagnostic utilities that come bundled with a hardware. Tool Win Vista Win XP. Mar 13, 2018 - How to disable the Driver Verifier Manager in vista I enabled Manager driver in vista & Verifier.exe installation Verifier, learning by trying.
Unfortunately, the Symantec/VeriSign request form proposed to use SHA2 because being better. We used sha256 certificate for signing, and the machine was not updated. After all updates were installed, and applied, everything was working. Microsoft fixed this with this KB: So the problem was that Windows was not updated. Hi lordstanius, The validation compares the page hashes stored in the system security catalog files to the page hashes of the user-mode files themselves.
If the page hashes in the system security catalog files do not match the page hashes from the system file, the system file is not loaded by the operating system. Please refer to the link below about event ID 3002. Third party anti-virus, anti-malware use an API call to register with the Windows Management Instrumentation (WMI) service. Action center receives notifications from WMI. Please make sure all the messages are turned on in Action Center settings. If the Action Center cannot detect your anti-virus program, you may need to do something that makes the anti-virus program register with WMI.
Windows Security Center does not detect the antivirus application that is installed on a Windows Vista-based computer. Hope it will be helpful to you Please remember to mark the replies as answers if they help.
If you have feedback for TechNet Subscriber Support, contact. Thank you for your answer. Still it doesn't help solve the issue. We are aware that (for some reason) page hashes stored in the system catalog doesn't match page hash in our application. But still, we cannot figure out the reason why, what's wrong with the code. It's not the problem that Windows Security Center doesn't register the application, but the application itself fails to load.
It didn't have a chance to run in order to perform registration. I thought it might be an issue with signing, so I have studied deeply the following article: I have checked every single line from this article and couldn't find the problem with the signing.
I have also checked this one: And I have run signtool to verify if it satisfies kernel driver policy, and it goes without trouble. We have found the reason for this behavior. The reason is the same as described in this post: SHA2 cert works perfectly on applications on windows 7 and 8 and also with drivers in windows 8, but a signed 'with SHA2 cert' driver does not work in windows 7, because of the signature is being rejected. Unfortunately, the Symantec/VeriSign request form proposed to use SHA2 because being better. We used sha256 certificate for signing, and the machine was not updated. After all updates were installed, and applied, everything was working. Microsoft fixed this with this KB: So the problem was that Windows was not updated.
Hi lordstanius, I would like to apologize for the late reply. As you provided, Windows 8, Windows 8.1, Windows Server 2012 do not require this update because SHA-2 signing and verification functionality is already included in these operating systems. It is added support for SHA-2 signing and verification functionality for Windows 7 and Windows Server 2008 R2. Glad to hear that you have found a solution and thank you for sharing it here, it will be helpful to other community members who have same questions.
Hope it will be helpful to you Please remember to mark the replies as answers if they help. If you have feedback for TechNet Subscriber Support, contact.