Closed monerodude111 closed 6 years ago
Using the latest Tallow stable build from the homepage; Any advice how to fix this?
The chances I see taking place using a portable version shows:
Registry Key hkey_local_machine\system\ControlSet001\services Subkey WinDivert1.4 has been added Wednesday 3/28/2018 7:55:54 PM Change Auto-Accepted Wednesday 3/28/2018 7:55:59 PM Low-level Drivers and Services Registry Key hkey_local_machine\system\ControlSet001\services Subkey WinDivert1.4 has been deleted
The only fix I am aware of is to disable driver signature enforcement entirely by restarting windows; hitting f8 on boot and choosing the option to boot without driver enforcement, seems a bit extreme. Is it possible the latest Tallow pre-compiled package has been compromised?
For security I am using only malwarebytes anti-exploit and windows defender.
I am connected to VPN on OpenVPN at the moment as well.
Tor Hashes verified; virus total is clean.
First check that the following Windows 7 patch has been applied: https://docs.microsoft.com/en-us/security-updates/SecurityAdvisories/2015/3033929
If it still does not work, then replace the WinDivert32.sys
/WinDivert64.sys
files with the alternative versions extracted from here: https://github.com/basil00/Divert/releases/download/v1.4.0-rc/WinDivert-1.4.0-rc-A-MINGW.zip
I have had a couple of reports that replacing the drivers will sometimes work.
it works by changing the files you said
Thanks for the feedback. I'll make a new release with the "A" version of the drivers in due course.
New version with the alternative drivers is now available here: https://github.com/basil00/TorWall/releases
Confirmed its working!
"Failed to open WinDivert filter: Windows cannot verify the digital signature for this file. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source."