So when I send an Exe of a program I made to my friends, Windows says it could be a virus and you have to click run anyway. I don't want people thinking my games are viruses though. Why don't professional games with exes give that warning? How can I fix mine?
Im also trying to send fun programs to friends. I have heard that the best solution is to send these files as a txt. file and have the receiver turn it back to an exe.
Related
I have been trying to figure out the reason behind smartscreen and I have read from microsoft's documentation (https://support.microsoft.com/en-us/topic/what-is-smartscreen-and-how-can-it-help-protect-me-1c9a874a-6826-be5e-45b1-67fa445a74c8) that smartscreen will appear when a downloaded file is from an untrusted web (that is not in the trusted list of microsoft) or when a downloaded file contains malicious software that has been reported to microsoft. I found out that if I download an .exe that was send through skype app, the smartscreen doesnt prompt but it does prompt when I download the .exe from skype web. However, when I download it from both Whatsapp app and web, the smartscreen was sure to prompt. So, I'm actually wondering what is the reason behind this?
It basically flags all .exe files after checking the source (e.g. if source is Adobe, it lets it go). If the app has been sent through the Skype app, the system assumes the file would have been checked on the system that sent it and thus flags it safe.
I often produce mathematical software in Delphi 2009, and publish it on my web site. However, the last year or so, Google Chrome has started to consider a small (but increasing!) number of my EXEs 'harmful', and Google Chrome refuses do download them.
For example, today I wrote a program that visualises the Lorenz attractor. You can find it at https://specials.rejbrand.se/chaos/lorenz/; it's lorenz.exe.
When I use Google Chrome to download this EXE, the following prompt appears:
(Yeah, I actually did try it three times...)
This is Swedish, and the text says "%s is harmful and has been blocked by Chrome". The button says "Remove permanently", and the drop-down menu doesn't offer any other actions (like "I know the file is safe, please let me have it").
Obviously, this is kind of a problem. As far as I know, the EXEs are perfectly safe. At least the code I have written is not harmful in any way, but I suspect there is a theoretical possibility that the Delphi compiler has started to add harmful code behind my back.
Questions
Is there something harmful about my EXEs?
Is there some way to make Google Chrome not block my EXEs?
I could reproduce this behavior with Chrome with your original EXE.
Is there some way to make Google Chrome not block my EXEs?
I can confirm that after I digitally signed it (with my company's signing code certificate) Google Chrome downloads this file without any issues. This is the most efficient (maybe the only) way to avoid this kind of problems.
Another quick solution is to pack the EXE with RAR. Chrome downloaded it with no problem.
Surely this is a False positive "detection" with Google Chrome. My Antivirus (NOD32) did not
found any problem, and other browsers did not have any issues with your EXE.
NOTE also that Your domain might have issues (flagged) as #Sertac Mentioned. If I download your original EXE from my website the error message is %s is not comonly downloaded and could be dangerous. Same goes for any other EXE I uploaded to MY site. (You still have an option to "Keep" the file)
See also here: Google Chrome Browser Will Block Dangerous Downloads
Specially this:
As welcome as the new features are, Chrome is in the unusual position
of playing catch up to Internet Explorer 9, which features an arguably
superior method of blocking potentially malicious downloads.
Microsoft's SmartScreen Application Reputation rates downloads in
three ways: whether they're digitally signed, the reputation of the
author, and--arguably most importantly--how many times the file has
been downloaded by others.
"Is there something harmful about my EXEs?"
No.
Here's a link to the results of Jotti's malware scan (which results with: 22 out of 22 scanners "found nothing"):
http://virusscan.jotti.org/en/scanresult/df25dbecfccc5d10862f52236d664d48d0c72058
The link to virustotal scan (detection ratio = 0/53):
https://www.virustotal.com/en/file/51d9d637a17f5876c371e5eec164e1dc48a35c56900a3235a9c656d10687814a/analysis/1408587813/
"Is there some way to make Google Chrome not block my EXEs?"
One option is to make it block nothing, evidently it's crap anyway. The option is in the "privacy" section in "advanced settings", here are the instructions:
https://support.google.com/chrome/answer/4412392?p=ib_download_blocked&rd=1
Otherwise, you can check what google thinks about safety of your site:
http://www.google.com/safebrowsing/diagnostic?site=rejbrand.se
The report seems to be somewhat indeterminate. Here's a quote (for rejbrand.se):
Has this site hosted malware?
Yes, this site has hosted malicious
software over the past 90 days. It infected 0 domain(s), including .
Presumably you can also request a site review in the security issues of google webmaster tools. But apparently it's not always fruitful. That last link also suggests there's a way to send samples to google hoping that they would analyze better (AFAICT it's not part of webmaster tools), but this might not turn out to be practical depending on the number of executables/versions you produce.
This is a fairly common problem, actually. Because Delphi makes software development easy and has no external runtime dependencies, it tends to get used for writing malware, unfortunately. And so some virus scanner heuristics that are supposed to detect malware instead end up detecting parts of the Delphi RTL.
The best thing to do is to do a bit of research and find out how Chrome is making this determination, and then send the people behind the virus scanner giving the false positives a copy of your EXE(s) with an explanation that this is a false positive and needs to be fixed.
I have equally been frustrated by this warning, and without going into a rant about how ridiculous the whole thing is, I will share the solution that worked for me.
I have found that double zipping got rid of the warning right away- zip your files, then zip the resulting zip file, the warning will disappear upon downloading.
The user will have to unzip 2 files to get to your files, but that is a much lesser inconvenience than the dangerous warning.
I want to show a flash file (.swf) in my executable program on Windows.
Every single modern browser are able to do it by using the official flash plugin DLL by Adobe. But there's no documentation anywhere of HOW you do it!
For years I've searched high and low on the Internet for an answer to HOW DO YOU USE THE OFFICIAL FLASH PLAYER PLUGIN IN YOUR PROGRAMS?
Programming language doesn't matter, I can adapt. I just want instructions on how to do it. Links to hidden resources on the web or your own expertise. Say I make a program that uses OpenGL, I want to send the binary of a swf file to the flash plugin, get data back and then render it using OpenGL. But how? How do browsers do it? How how how???
Try this... if you are using .NET... use the ActiveX dll and create an activeX object, then load the swf file within that container.
Cheers.
Here's the deal. I've animated + coded a variety of 'screensavers' in Actionscript3/Flash. They make extensive use of the timeline, AS3 code, the TweenLite library, and embedded fonts. That's the limit of my programming knowledge. I've tried, to no avail, to convert my .SWFs into screensaver files using a variety of software, such as InstantStorm. Somehow it never works, the code never executes properly, it's a disaster.
So, I'm wondering if it's possible to make a screensaver that simply contains an embedded browser, and have it point to my .SWF file, hosted on my web-server. Basically, imagine a full-screen website acting as a screensaver.
If this is possible, what is the EASIEST and FASTEST way for me to whip up a solution for both PCs and Macs? Language, etc. I'm hoping something that has a library I can simply draw from to embed the browser view :)
My startup is developing a product to do exactly this, it's called Screensaver Ninja and you can find it at https://Screensaver.Ninja.
You can set many different web pages with different timers. The configuration tool allows you log in and navigate to the page you want to display:
It uses WebKit, on Mac OS X it uses Safari's and on Windows it uses Chrome's and in both cases it has a separate session from any other browser installed on the computer.
Here's a small Windows-only solution:
https://github.com/cwc/web-page-screensaver/releases
You could modify this open-source one for the Mac so that it's hard-coded to your URL:
http://www.liquidx.net/blog/2010/11/13/webviewscreensaver-for-mac/
Modify hasConfigureSheet() to return NO and change the URL in kScreenSaverDefaultURL. And change the name!
I'm developing a cross-platform NPAPI+XPCOM extension for Firefox and Google Chrome (Windows, Linux and Mac). I was wondering if anyone could enlighten me on the best practices of handling component crashes.
As I understand it, currently Mozilla's Crash Reporter submits mini-dumps and crash reports created to Mozilla Dev. I experimented with blocking SIGSEV to Firefox and creating my own core in the plugin code. Although that works just fine, I'm sure I'm not supposed to do that.
And Google Chrome doesn't even seem to create any core dumps! Any suggestions?
The firefox crash report database is publicly searchable, so you don't have to do your own handling. If you ask nicely (i.e. prove you're the plugin author) I'm sure they'll even give you the minidumps from your plugin's crashes.
This is awfully late, but yeah, don't do that. You will wind up catching a lot of things that aren't just your plugin, and you will screw up our crash stats. You should be able to find your plugin crashes in our crash report site. If you need better reporting, you can file a bug on us and we should be able to help you.