Ok, here is the strangest thing you will read. You definitely won't believe me but if you try it for yourself you will see it is true.
For some reason, and for NO reason we are getting an "Unknown Publisher" Windows warning message with one of our programs that we have had in distribution for years.
The exe is code signed just like our other exe's and the problem does not present in our other exe's....only on one program.
Here is where it gets weird:
When the program is downloaded from any website (like our website, dropbox, google drive, etc) and then double-clicked for installing, the Windows warning message appears with "Unknown Publisher" message. However, if I take the SAME file and copy it onto a USB thumb drive, then copy it back onto the computer so that the exe is no longer from the web, but instead from a USB drive, then the warning message doesn't appear and my company name appears instead of "Unknown Publisher".
Also, if I drag and drop from ftp directly to the downloads folder, no issue. If I download the SAME file from our website, issue!
There is no A/V software running. I have tried with spaces and underscores in the file name. Nothing makes a difference. I am out of things to try! :-(
Has anyone experienced this before? Is there some solution?
Here is a link to the program: https://www.digigames.com/Software/Trivia%20Board%20Pro%204.exe
Your help will be greatly appreciated!!
Ok, the solution was that we are using SHA-1 certificates, which apparently as of Jan 1, 2016 Windows no longer honors. The solution was to replace our certificate with an SHA-2 / SHA-256 certificate.
GOOD GRIEF!!!!!
Related
I always use Inno Setup for packaging and publishing. Users download the application using a link for example: https://oursite.com/codesigned/mysetup.exe
Till now, it always worked. But recently I have to renew my code signing certificate because its expired. After renew I have SmartScreen problem, every users download the application and gets this Smartscreen which was not before.
I have used signtool.exe verify /pa innosetup-made-myexe.exe and it shows successful, also I have done the verification with Windows Application Certification Kit, that shows it is PASSED, but with WARNNINGS, all those WARNNINGS mostly generated by Inno Setup.
Here you can find the output, where its showing WARNINGS on Inno Setup exes:
https://docs.google.com/document/d/11frW_GxI0xSVcrAXh4_rqcKBQSaermAlpYKj4xzQi4o/pub
How can I fix this problem?
(still not sure if its Standard Code Signing vs EV code signing issue? I already used Standard Code Signing for few years, it always worked. I can upgrade to EV Code signing, but how can I make sure its not Inno Setup compiler problem? As you can see already the WARNNINGS are shown in the URL above to Inno Setup)
To verify if it's Inno Setup or code signing issue (see https://stackoverflow.com/a/29067585/285594), I have done following:
From Microsoft, I have downloaded the file call winqual.exe, which does not need Inno Setup.
I code signed the winqual.exe and uploaded to my same server
I downloaded the same file with Internet Explorer and it works without showing me the SmartScreen.
Does it make any sense now if Inno Setup is the main cause of this problem?
Nowadays, you have to use EV code signing certificates.
See Transferring Microsoft SmartScreen reputation to renewed certificate.
Below is the original answer, which addresses some specifics of the question.
If you believe the problem is due to an unsigned uninstaller, make sure you set the SignTool directive of your Inno Setup project accordingly. And make sure SignedUninstaller directive has its default value yes.
Quoting SignTool directive documentation:
Specifies the name and parameters of the Sign Tool to be used to digitally sign Setup (and Uninstall if SignedUninstaller is set to yes). When Setup has a valid digital signature, users will not see an "unidentified program" warning when launching it.
If you want to set NXCOMPAT and DYNAMICBASE flags to the uninstaller, you can create a sign.bat batch file that both calls signtool.exe and editbin.exe:
#echo off
editbin.exe /NXCOMPAT /DYNAMICBASE %1
signtool.exe sign ... %1
The calls need to be in this order, otherwise the editbin.exe breaks the signature.
Then use the sign.bat instead of signtool.exe in the SignTool directive.
Though I do not really think this is necessary, nor helps anything.
I think this is normal behavior.
When your software collect enough "likes" = downloads or installs the SmrtScreen will automatically turn off this message.
It is really annoying feature because with every software release you need to wait appropriate time while the software become "popular" and it is recognized as safe (no certificates or antivirus methods can solve it).
You do NOT need this "Windows Application Certification Kit".
What #slappy says is correct:
After renewal of your certificate, you need enough downloads and "good reviews" before this message goes away.
What you need to do is to download your application using Microsoft Edge (not Chrome or Firefox!!!).
It will most likely say "This download may be dangerous and has been blocked".
Then you can choose "Keep anyways". And then you can choose "Report as Secure".
And THEN even Smart Screen says that it doesn't trust your app (even though it's digitally signed, LOL!!!!), then you have to choose "More..." and "Install anyways".
Install it on your computer! I think that is important.
I have used 5 different computers and reported my apps as secure multiple times and installed it.
I have also asked 2 friends (because of their different IP address) to do the same.
I hate this so much!!!!!!!!!!
After 1 day, the error message was gone.
I'm trying to install moodle4mac on Catalina via a .dmg file. The .dmg file mounts okay. However, when I try to drag the MAMP folder to the Applications folder, I get the message "The operation can’t be completed because you don’t have permission to access some of the items."
When install dialog is showing 4 folders;
.DocumentRevisions-V100
.TemporaryItems
.Trashes
.fseventsd
The first three have no go signs on the folders suggesting that these are the problematic ones. I have checked the read/write permissions of the Applications folder, which looks fine. I have also run sudo spctl --master-disable which gives me the opportunity to download apps from anywhere, but this does not make any difference.
Any pointers greatly welcome!
Okay. It turns out the culprit was Sophos Home Antivirus. There was no indication in any of the error messages that Sophos was blocking this, hence I did not put two and two together. However, a warning message about the mounted volume popped up this morning, and I was able to trace this back to Sophos. It would be great if Sophos / MacOS could provide more detailed messages regarding such errors in future.
I'm working on a disconnected network, so some options are a bit limited. Also, we have SAs who handle stuff like system updates (so, for instance, it is possible that there was a system update in there that I know nothing about).
However, I had 1.33.1, then 1.34.0, then 1.38 versions of VSCode working on my (Windows 10) machine. One day, for no apparent reason (I hadn't just installed something, for instance), 1.38 stopped working. It wouldn't even start up. Running 'Code --verbose' from the command line produced no output (the mouse cursor turned briefly to a spinner, but nothing even showed up in Task Manager, let alone something like a splash screen).
I did get an error message in the Application log, which included the lines (more or less; remember, no cut-n-paste possible):
Faulting Application Code.exe, version: 1.38.0
Faulting module ntdll.dll, version 10.0.16299.936
Exception code: 0xc0000374
Faulting Application path: c:\Program Files\Microsoft VS Code\Code.exe
Faulting module path: c:\Windows\System32\ntdll.dll
Re-installing VS Code (with or without system restart after uninstall) did nothing.
Removing all extensions (we have a bunch) did nothing
Installing 1.39.2 did nothing
The only good thing is that I can still run 1.34.0, if I reinstall that (did not try 1.33.1, and I don't have any in-between versions from 1.34 to 1.38 to try). So at least I'm not completely shut out.
I also tried deleting basically all of workspaceStorage, to no effect. Nor did renaming my storage.json.
The biggest weirdness, to me, is that the path to ntdll.dll is in System32, rather than in SysWOW64 (is there some way to force usage of the latter?). Second, why did 1.38.0 work just fine for a while, and then stop.
So, I'm curious if anyone else has seen this problem, and/or if anyone has any idea what else could be done to get more insight into what's causing this.
(edit: I plan to file bug for VSCode, but been waiting on confirmation email to finish creating my github acct for some time now. sigh)
I've had exactly the same problem twice. I'd been running the application since June 2019 and then in March of this year, Yep! Exact same problem as you encountered. A simple reinstall fixed that, but I've had the same problem again today and after some investigation, Windows 10 was telling me that I didn't have the right permissions to access the item (this is using the Owner's account!). Attempting to reinstall failed, with errors stating that the file / directory all ready existed and couldn't be overwritten or renamed. Attempting to un-install the application was only partially successful with the executable code.exe still remaining afterwards. The only way I managed fix it this time was to reinstall to a directory with a different name. Surprisingly though, all the existing workspaces, projects and extensions even were intact and the application opened where I had left off as though nothing had happened. This is a little worrying I have to say! But that's how I fixed it this time.
I am using Microsoft Robotics Studio for a school project and I am getting a strange error when I try to run the Visual Simulation Environment. It was working fine until yesterday and then suddenly it gave me a runtime error saying "Illegal command line arguments... do not use VPLHost directly, use dsshost instead to run a manifest" But I am only clicking on Run in VPL/DSS Manifest editor.
I am running MRDS as administrator and I even tried re-installing MRDS but it is still showing the same MS VPL Runtime error. I tried to search online, but cannot find any suitable solution.
I already tried running the existing samples, I.e. Urban Environment, Multiple Simulated Robots etc. but it still gives me the same error. The strange thing is that it was working perfectly one minute, and then started giving me this error message the next minute, when I had not changed anything in between. In fact, I had wanted to change something in my manifest, so I closed the running VPL application, closed VPL and opened DSS manifest editor, and ran my manifest and that is when I got this error.
What is going wrong? Is some MRDS script using vplhost32.exe instead of dsshost? If so, then where and how do I change it?
I tried running the urban envrionment manifest from the command prompt and Using DSSHost32 directly. This time, it didn't give me a runtime error but an intiialization error. I tried changing port numbers but it still doesn't work. I have deleted many files from my computer to free space (JIC) and it still doesn't work. The window just doesn't open even when I hover over it in Windows 7.
The error message looks like this: Only one usage of each socket address (protocol/network address/port) is normally permitted."
This was even after I checked netstat for free ports and tried but I get this error message. Its either this one or the "Don't use VPLHost directly" if I run it through VPL or DSS Manifest Editor.
Could it be that some external services are interfering with DSSHost/VPLHost? Are there any such services which I could try killing? ANY help/suggestion would help right now as my project is due Thursday and this is a really unfortunate time for it to be acting up like this.
Does the problem reproduce after logging off & logging back on? It's likely that you had a process hanging around that you weren't aware of. Logging off should shut down any processes you personally started.
I don't know the solution of your problem, but it would be better that you post your question on the link below:
http://p2p.wrox.com/book-professional-microsoft-robotics-studio-isbn-978-0-470-14107-6-410/
[official forum for the book : Professional Microsoft Robotics Studio], i hope you will shortly get reply there,
The other option is to post your question on the msdn forum,
http://social.msdn.microsoft.com/Forums/en-US/category/robotics
hope this would help....
I'm kinda puzzled how does a unix path looks like. I have followed an example to write a simple fileuploader using GWT. But the guide was written with Windows in mind. Say if I have C drive. In windows I would told the program to save the files to C:\save_here\
But in unix, I'm using ubuntu, there are no C drives or other drives with a single letter representation. So I wonder what do I write instead? I'm getting error 500 all the time now. And I can't figure out how the path should be.
The guide I've been following is found here
EDIT
It was not some problem duo to the path. Still need help though with fixing this problem. I basically followed the steps in the url I posted on this question.
unix paths start at a common root , denoted / and separates directories with a /
e.g. /home/starcom might be your home directory. So create a new directory, mkdir /home/starcom/uploaded and use that as the path. Or for testing you could perhaps just use /tmp
You can get more info here
When you get a 500 return code, that means the server encountered an error. This means that you should see an error message from the server somewhere. If you're running from Eclipse, you'll see the error on the Console tab. If you're running Tomcat, look for those logs.
You want to find the error message, since it'll probably explain what went wrong.