I zip up an exe and send it to my customer as I have done for years. Last week, Norton would not let my customer unzip it. The "Run anyway" did not work. Norton deleted the exe. So I gave the exe a txt extension. Same thing. Did not even let us rename it to exe. It deleted is. We both have the latest version of Norton. Any suggestions? Wes Wilson, President ERW Custom Programming, Inc. Crescent Lake Plaza 5459 Elizabeth Lake Rd. Waterford, MI 48327 (248) 683-4182
LinkedIn Profile www.erw.com weswilson@erw.com
--- StripMime Report -- processed MIME parts --- multipart/alternative text/plain (text body -- kept) text/html ---
How did you send it? Because of the vagaries of various email clients, etc I now use a shared folder in Dropbox to transfer exe files to a client.
John Weller 01380 723235 07976 393631
I zip up an exe and send it to my customer as I have done for years. Last week, Norton would not let my customer unzip it. The "Run anyway" did not work. Norton deleted the exe. So I gave the exe a txt extension. Same thing. Did not even let us rename it to exe. It deleted is. We both have the latest version of Norton.
So, software that is supposed to be helping you is preventing you from doing your job?
Delete it.
You could also try ZIPping the EXE.
On Mon, Jan 18, 2016 at 4:26 PM, John Weller john@johnweller.co.uk wrote:
How did you send it? Because of the vagaries of various email clients, etc I now use a shared folder in Dropbox to transfer exe files to a client.
John Weller 01380 723235 07976 393631
I zip up an exe and send it to my customer as I have done for years. Last week, Norton would not let my customer unzip it. The "Run anyway" did not work. Norton deleted the exe. So I gave the exe a txt extension. Same thing. Did not even let us rename it to exe. It deleted is. We both have the latest version of Norton.
[excessive quoting removed by server]
Best to advise your clients to get rid of the Norton crap and get something like Avast. You can easily disable all their sandbox and other useless crap, unlike Norton and McAfee
On 1/18/2016 13:31 PM, Ted Roche wrote:
So, software that is supposed to be helping you is preventing you from doing your job?
Delete it.
You could also try ZIPping the EXE.
On Mon, Jan 18, 2016 at 4:26 PM, John Weller john@johnweller.co.uk wrote:
How did you send it? Because of the vagaries of various email clients, etc I now use a shared folder in Dropbox to transfer exe files to a client.
John Weller 01380 723235 07976 393631
I zip up an exe and send it to my customer as I have done for years. Last week, Norton would not let my customer unzip it. The "Run anyway" did not work. Norton deleted the exe. So I gave the exe a txt extension. Same thing. Did not even let us rename it to exe. It deleted is. We both have the latest version of Norton.
[excessive quoting removed by server]
+1
-----Original Message----- From: ProfoxTech [mailto:profoxtech-bounces@leafe.com] On Behalf Of Ken McGinnis Sent: Tuesday, 19 January 2016 11:05 AM To: profoxtech@leafe.com Subject: Re: Norton will not let me send EXE - Need help fast
Best to advise your clients to get rid of the Norton crap and get something like Avast. You can easily disable all their sandbox and other useless crap, unlike Norton and McAfee
On 1/18/2016 13:31 PM, Ted Roche wrote:
So, software that is supposed to be helping you is preventing you from doing your job?
Delete it.
You could also try ZIPping the EXE.
On Mon, Jan 18, 2016 at 4:26 PM, John Weller john@johnweller.co.uk
wrote:
How did you send it? Because of the vagaries of various email clients,
etc I now use a shared folder in Dropbox to transfer exe files to a client.
John Weller 01380 723235 07976 393631
I zip up an exe and send it to my customer as I have done for years. Last week, Norton would not let my customer unzip it. The "Run anyway" did not work. Norton deleted the exe. So I gave the exe a txt extension. Same thing. Did not even let us rename it to exe. It deleted is. We both have the latest version of Norton.
[excessive quoting removed by server]
Some anti-virus clients, like Norton, look at the file to see what it really is and deletes those that it feels like might be able to do damage. I'd put it in dropbox, box or a website and download it from there. Unless you can remote into their box and transfer it that way.
----------------------------- Michael Oke, II okeind@gmail.com 661-349-6221 -----------------------------
On Mon, Jan 18, 2016 at 4:07 PM, Darren foxdev@ozemail.com.au wrote:
+1
-----Original Message----- From: ProfoxTech [mailto:profoxtech-bounces@leafe.com] On Behalf Of Ken McGinnis Sent: Tuesday, 19 January 2016 11:05 AM To: profoxtech@leafe.com Subject: Re: Norton will not let me send EXE - Need help fast
Best to advise your clients to get rid of the Norton crap and get something like Avast. You can easily disable all their sandbox and other useless crap, unlike Norton and McAfee
On 1/18/2016 13:31 PM, Ted Roche wrote:
So, software that is supposed to be helping you is preventing you from doing your job?
Delete it.
You could also try ZIPping the EXE.
On Mon, Jan 18, 2016 at 4:26 PM, John Weller john@johnweller.co.uk
wrote:
How did you send it? Because of the vagaries of various email clients,
etc I now use a shared folder in Dropbox to transfer exe files to a client.
John Weller 01380 723235 07976 393631
I zip up an exe and send it to my customer as I have done for years. Last week, Norton would not let my customer unzip it. The "Run anyway" did not work. Norton deleted the exe. So I gave the exe a txt extension. Same thing. Did not even let us rename it to exe. It deleted is. We both have the latest version of Norton.
[excessive quoting removed by server]
Agreed. I see no reason to pay for A/V software. Haven't for years. Makes no sense to me when AVG and Avast have been great and free for many years. I find older folks seem to think that they have to pay for it. I keep telling my Dad to just pay me the money instead and I'll install the free one for him. lol
On 2016-01-18 19:05, Ken McGinnis wrote:
Best to advise your clients to get rid of the Norton crap and get something like Avast. You can easily disable all their sandbox and other useless crap, unlike Norton and McAfee
On 1/18/2016 13:31 PM, Ted Roche wrote:
So, software that is supposed to be helping you is preventing you from doing your job?
Delete it.
You could also try ZIPping the EXE.
On Mon, Jan 18, 2016 at 4:26 PM, John Weller john@johnweller.co.uk wrote:
How did you send it? Because of the vagaries of various email clients, etc I now use a shared folder in Dropbox to transfer exe files to a client.
John Weller 01380 723235 07976 393631
I zip up an exe and send it to my customer as I have done for years. Last week, Norton would not let my customer unzip it. The "Run anyway" did not work. Norton deleted the exe. So I gave the exe a txt extension. Same thing. Did not even let us rename it to exe. It deleted is. We both have the latest version of Norton.
[excessive quoting removed by server]
On Tue, Jan 19, 2016 at 10:35 AM, < mbsoftwaresolutions@mbsoftwaresolutions.com> wrote:
Agreed. I see no reason to pay for A/V software. Haven't for years. Makes no sense to me when AVG and Avast have been great and free for many years. I find older folks seem to think that they have to pay for it. I keep telling my Dad to just pay me the money instead and I'll install the free one for him. lol
-------------------
Depends on what and where you go on the web. The pay for versions do have BETTER control or message you as to where you are going over the free versions.
I have been using Kaspersky for 6+ years and pay tiny fee for a 3 user pack after rebate. When my wife reads the site the shortened link points to is unsafe she just doesn't get there. That tiny fee I paid covers my time to put her laptop together again.
YMMV.
Change the extension to YourApp.exe.txt Then have the recipient take off the .txt
On Mon, Jan 18, 2016 at 3:26 PM, John Weller john@johnweller.co.uk wrote:
How did you send it? Because of the vagaries of various email clients, etc I now use a shared folder in Dropbox to transfer exe files to a client.
John Weller 01380 723235 07976 393631
I zip up an exe and send it to my customer as I have done for years. Last week, Norton would not let my customer unzip it. The "Run anyway"
did
not work. Norton deleted the exe. So I gave the exe a txt extension. Same thing. Did not even let us
rename it
to exe. It deleted is. We both have the latest version of Norton.
[excessive quoting removed by server]
Put it on a website for them to download.
On Mon, Jan 18, 2016 at 3:53 PM, John Weller john@johnweller.co.uk wrote:
I think he said he'd tried that.
John Weller 01380 723235 07976 393631
Change the extension to YourApp.exe.txt Then have the recipient take off the .txt
[excessive quoting removed by server]
mbsoftwaresolutions@mbsoftwaresolutions.com wrote on 2016-01-19:
On 2016-01-18 17:08, Stephen Russell wrote: Put it on a website for them to download.
That's what I do for MBSS clients. Works all the time. And I think it's more professional that way.
We digitally sign our executables. It helps with A/V validations.
Last week we had a few customers call in letting us know the signed executables (installers and VFP exes) were throwing a Microsoft message letting them know the executables digital signature did not match the exe.
We asked them to contact a local tech to verify they did not have a virus on the computer. To me, it sounded like a virus had modified the files. To my knowledge, they have not called back.
We support our software, and sometimes getting it running on the computer, we don't support the OS and virus cleanup.
Tracy Pearson PowerChurch Software
mbsoftwaresolutions@mbsoftwaresolutions.com wrote on 2016-01-19:
On 2016-01-19 12:16, Tracy Pearson wrote: We digitally sign our executables. It helps with A/V validations.
Is that using the VeriSign cert that costs something like $3000 (or used to anyway)? I wasn't willing to fork out thousands for that.
[excessive quoting removed by server]
On 19 January 2016 at 22:09, Tracy Pearson tracy@powerchurch.com wrote:
mbsoftwaresolutions@mbsoftwaresolutions.com wrote on 2016-01-19:
On 2016-01-19 12:16, Tracy Pearson wrote: We digitally sign our executables. It helps with A/V validations.
Is that using the VeriSign cert that costs something like $3000 (or used to anyway)? I wasn't willing to fork out thousands for that.
[excessive quoting removed by server]
Paul Hill wrote on 2016-01-20:
On 19 January 2016 at 22:09, Tracy Pearson tracy@powerchurch.com wrote: mbsoftwaresolutions@mbsoftwaresolutions.com wrote on 2016-01-19:
On 2016-01-19 12:16, Tracy Pearson wrote: We digitally sign our executables. It helps with A/V validations.
Is that using the VeriSign cert that costs something like $3000 (or
used
to anyway)? I wasn't willing to fork out thousands for that.
[excessive quoting removed by server]
Tracy Pearson wrote on 2016-01-20:
Paul Hill wrote on 2016-01-20:
On 19 January 2016 at 22:09, Tracy Pearson tracy@powerchurch.com
wrote:
mbsoftwaresolutions@mbsoftwaresolutions.com wrote on 2016-01-19:
On 2016-01-19 12:16, Tracy Pearson wrote: We digitally sign our executables. It helps with A/V validations.
Is that using the VeriSign cert that costs something like $3000 (or used to anyway)? I wasn't willing to fork out thousands for that.
Tracy,
It appears my response was snipped by the server, just as it did with Paul.
Tracy Pearson PowerChurch Software
On 20 January 2016 at 14:44, Tracy Pearson tracy@powerchurch.com wrote:
It appears my response was snipped by the server, just as it did with Paul.
That's basically what I wrote too :-)
Maybe Ed turned up the sensitivity?
On Jan 20, 2016, at 8:44 AM, Tracy Pearson tracy@powerchurch.com wrote:
It appears my response was snipped by the server, just as it did with Paul.
Did you trim out the quoted footer text? If the server sees that, it assumes that everything after that is garbage.
-- Ed Leafe
--- StripMime Report -- processed MIME parts --- multipart/signed text/plain (text body -- kept) application/pgp-signature ---
On 2016-01-21 10:49, Edward Leafe wrote:
Did you trim out the quoted footer text? If the server sees that, it assumes that everything after that is garbage.
Unrelated (well, kinda related): reviewing the footer's text:
<snipped> This statement is added to the messages for those lawyers who are too stupid to see the obvious.</snipped>
...still makes me chuckle. What were that guy's three initials? LOL
Edward Leafe wrote on 2016-01-21:
On Jan 20, 2016, at 8:44 AM, Tracy Pearson tracy@powerchurch.com wrote:
It appears my response was snipped by the server, just as it did with
Paul.
Did you trim out the quoted footer text? If the server sees that, it
assumes that everything after that is garbage.
-- Ed Leafe
Ed,
Yes, what I didn't trim was the added text in the brackets [] that is where it was cut off. Lesson learned.
Tracy Pearson PowerChurch Software
I had left this [ excessive quoting removed by server ] text.
On 2016-01-21 11:07, Tracy Pearson wrote:
Yes, what I didn't trim was the added text in the brackets [] that is where it was cut off. Lesson learned.
Tracy Pearson PowerChurch Software
I had left this [ excessive quoting removed by server ] text.
Well I still want to know what you said! What was your answer to my question regarding did you pay big bucks for the VeriSign certificate to digitally sign your executables?
mbsoftwaresolutions@mbsoftwaresolutions.com wrote on 2016-01-21:
On 2016-01-21 11:07, Tracy Pearson wrote: Yes, what I didn't trim was the added text in the brackets [] that is where it was cut off. Lesson learned.
Well I still want to know what you said! What was your answer to my question regarding did you pay big bucks for the VeriSign certificate to digitally sign your executables?
Mike,
We forked out less than that with a COMODO code signing certificate. Starts at 166.95/year. There might be less expensive providers out there too. https://www.comodo.com/e-commerce/code-signing/code-signing-certificate.php
Tracy Pearson PowerChurch Software
On 2016-01-21 12:04, Tracy Pearson wrote:
Mike,
We forked out less than that with a COMODO code signing certificate. Starts at 166.95/year. There might be less expensive providers out there too. https://www.comodo.com/e-commerce/code-signing/code-signing-certificate.php
Well that sounds very reasonable. Remember VeriSign and others wanting to charge $3000, or am I not remembering that correctly?
mbsoftwaresolutions@mbsoftwaresolutions.com wrote on 2016-01-21:
On 2016-01-21 12:04, Tracy Pearson wrote: Mike,
We forked out less than that with a COMODO code signing certificate. Starts at 166.95/year. There might be less expensive providers out there too.
https://www.comodo.com/e-commerce/code-signing/code-signing-certificate.php
Well that sounds very reasonable. Remember VeriSign and others wanting to charge $3000, or am I not remembering that correctly?
Mike,
You're remembering right. Symantec still charges $500/yr for the same thing Comodo offers.
Tracy Pearson PowerChurch Software
On 2016-01-21 14:49, Tracy Pearson wrote:
mbsoftwaresolutions@mbsoftwaresolutions.com wrote on 2016-01-21:
On 2016-01-21 12:04, Tracy Pearson wrote: Mike,
We forked out less than that with a COMODO code signing certificate. Starts at 166.95/year. There might be less expensive providers out there too.
https://www.comodo.com/e-commerce/code-signing/code-signing-certificate.php
Well that sounds very reasonable. Remember VeriSign and others wanting to charge $3000, or am I not remembering that correctly?
Mike,
You're remembering right. Symantec still charges $500/yr for the same thing Comodo offers.
Glad I didn't cave into that extortion. :-)
On 2016-01-21 14:49, Tracy Pearson wrote:
mbsoftwaresolutions@mbsoftwaresolutions.com wrote on 2016-01-21:
On 2016-01-21 12:04, Tracy Pearson wrote: Mike,
We forked out less than that with a COMODO code signing certificate. Starts at 166.95/year. There might be less expensive providers out there too.
https://www.comodo.com/e-commerce/code-signing/code-signing-certificate.php
Does it matter which hash algorithm you choose? I guess not, right? Going to buy it tonight as my Inno Setup exes are now being flagged by my own A/V (Avast Free edition) as having some DPre virus bs message.
I think what you're asking is going to depend on the tool you use to sign the exe. I sign the VFP exe then put it into an INNO installer, and sign that installer.
On January 22, 2016 8:25:37 PM EST, mbsoftwaresolutions@mbsoftwaresolutions.com wrote:
On 2016-01-21 14:49, Tracy Pearson wrote:
mbsoftwaresolutions@mbsoftwaresolutions.com wrote on 2016-01-21:
On 2016-01-21 12:04, Tracy Pearson wrote: Mike,
We forked out less than that with a COMODO code signing
certificate.
Starts at 166.95/year. There might be less expensive providers out there too.
https://www.comodo.com/e-commerce/code-signing/code-signing-certificate.php
Does it matter which hash algorithm you choose? I guess not, right? Going to buy it tonight as my Inno Setup exes are now being flagged by my own A/V (Avast Free edition) as having some DPre virus bs message.
On 2016-01-22 20:43, Tracy Pearson wrote:
I think what you're asking is going to depend on the tool you use to sign the exe. I sign the VFP exe then put it into an INNO installer, and sign that installer.
Ah, so you sign BOTH? I thought I just needed to sign the Inno setup executable.
thx!
mbsoftwaresolutions@mbsoftwaresolutions.com wrote on 2016-01-23:
On 2016-01-22 20:43, Tracy Pearson wrote: I think what you're asking is going to depend on the tool you use to sign the exe. I sign the VFP exe then put it into an INNO installer, and sign that installer.
Ah, so you sign BOTH? I thought I just needed to sign the Inno setup executable.
thx!
Mike,
This might be a little late for you. I just got forwarded an email from the boss asking about SHA-1 and SHA-256. Seems we actually got our certificate through a reseller of Comodo. K Software http://codesigning.ksoftware.net/ Their certificate, being the same, is significantly less expensive. Meaning as low as $73/year. And they have a guarantee: If you find a lower published price for a comparable code signing certificate we will beat it if you email us.
Wish I had known where it was originally purchased before I pointed you to Comodo directly.
On another note, it looks like SHA-1 certificates will not be accepted much longer. The last paragraph of this site hints at it. https://www.symantec.com/page.jsp?id=sha2-transition
Tracy Pearson PowerChurch Software
On 2016-01-25 10:38, Tracy Pearson wrote:
Mike,
This might be a little late for you. I just got forwarded an email from the boss asking about SHA-1 and SHA-256. Seems we actually got our certificate through a reseller of Comodo. K Software http://codesigning.ksoftware.net/ Their certificate, being the same, is significantly less expensive. Meaning as low as $73/year. And they have a guarantee: If you find a lower published price for a comparable code signing certificate we will beat it if you email us.
Wish I had known where it was originally purchased before I pointed you to Comodo directly.
On another note, it looks like SHA-1 certificates will not be accepted much longer. The last paragraph of this site hints at it. https://www.symantec.com/page.jsp?id=sha2-transition
Hi Tracy,
I bought the other yesterday but contacted them today to cancel the transaction. I will purchase this one instead.
Do you foresee any problems using the SHA-256 only? I'd rather just get the latest and one key if I can help it.
Thanks, --Mike
mbsoftwaresolutions@mbsoftwaresolutions.com wrote on 2016-01-25:
Hi Tracy,
I bought the other yesterday but contacted them today to cancel the transaction. I will purchase this one instead.
Do you foresee any problems using the SHA-256 only? I'd rather just get the latest and one key if I can help it.
Thanks, --Mike
Mike,
I don't foresee a problem with the 256. It's more trouble than it is worth, and takes longer to crack. Currently
From what I picked up from some of the reading I did today. Microsoft made
this announcement back in 2014. I suspect we will have several years to go.
Tracy Pearson PowerChurch Software
On 2016-01-25 17:18, Tracy Pearson wrote:
Mike,
I don't foresee a problem with the 256. It's more trouble than it is worth, and takes longer to crack. Currently
From what I picked up from some of the reading I did today. Microsoft made this announcement back in 2014. I suspect we will have several years to go.
Comodo should really stop selling the SHA-1 and SHA-2 if they're problematic in today's computing world.
mbsoftwaresolutions@mbsoftwaresolutions.com wrote on 2016-01-25:
On 2016-01-25 17:18, Tracy Pearson wrote: Mike,
I don't foresee a problem with the 256. It's more trouble than it is worth, and takes longer to crack. Currently
From what I picked up from some of the reading I did today. Microsoft made this announcement back in 2014. I suspect we will have several years to go.
Comodo should really stop selling the SHA-1 and SHA-2 if they're problematic in today's computing world.
Mike,
The SHA-2 is the current standard. Windows XP and Vista probably won't be able to use the SHA-2 to verify the certificate. I started a new thread that has a link which shows how to dual sign with both SHA-1 and SHA-2 (which is also known as SHA-256). This will help with verifying on multiple OS's and still only ship 1 EXE.
Tracy Pearson PowerChurch Software
On 25 January 2016 at 22:48, Tracy Pearson tracy@powerchurch.com wrote:
mbsoftwaresolutions@mbsoftwaresolutions.com wrote on 2016-01-25:
Comodo should really stop selling the SHA-1 and SHA-2 if they're problematic in today's computing world.
Mike,
The SHA-2 is the current standard. Windows XP and Vista probably won't be able to use the SHA-2 to verify the certificate. I started a new thread that has a link which shows how to dual sign with both SHA-1 and SHA-2 (which is also known as SHA-256). This will help with verifying on multiple OS's and still only ship 1 EXE.
Thanks Tracy, I was not aware of that.
There seems to be a lot of Comodo resellers out there. Does it matter which one I use? Prices seem to vary quite a bit!
On January 26, 2016 4:19:38 AM EST, Paul Hill paulroberthill@gmail.com wrote:
On 25 January 2016 at 22:48, Tracy Pearson tracy@powerchurch.com wrote:
mbsoftwaresolutions@mbsoftwaresolutions.com wrote on 2016-01-25:
Comodo should really stop selling the SHA-1 and SHA-2 if they're problematic in today's computing world.
Mike,
The SHA-2 is the current standard. Windows XP and Vista probably won't be able to use the SHA-2 to
verify the
certificate. I started a new thread that has a link which shows how to dual sign
with
both SHA-1 and SHA-2 (which is also known as SHA-256). This will help
with
verifying on multiple OS's and still only ship 1 EXE.
Thanks Tracy, I was not aware of that.
There seems to be a lot of Comodo resellers out there. Does it matter which one I use? Prices seem to vary quite a bit!
Paul,
I would say, find the best price selling the Comodo code signing certificate and use K Software since they have a price beat guarantee.
Comodo is giving the SHA-1 certificate with the purchase of the SHA-2. I'm sure buying through any reseller will be the same. Having the SHA-1 currently, to get our SHA-2 we just need to go through the reseller. Comodo still sends us the certificate direct.
Tracy
Got this from a colleague. I believe this was in response to EXEs from our site being flagged improperly, not due to A/V software improperly flagging it as a false-positive for a virus.
--------------------------------------------------------------------------- You can get an SSL certificate at Namecheap.com. The domain validated certificate you'd want is called "Positive SSL". It should be around $10 / year. We'd need to generate a certificate signing request, which only requires your address and company name to match that on your domain registration. ---------------------------------------------------------------------------
--Mike
On 2016-01-21 12:04, Tracy Pearson wrote:
mbsoftwaresolutions@mbsoftwaresolutions.com wrote on 2016-01-21:
On 2016-01-21 11:07, Tracy Pearson wrote: Yes, what I didn't trim was the added text in the brackets [] that is where it was cut off. Lesson learned.
Well I still want to know what you said! What was your answer to my question regarding did you pay big bucks for the VeriSign certificate to digitally sign your executables?
Mike,
We forked out less than that with a COMODO code signing certificate. Starts at 166.95/year. There might be less expensive providers out there too. https://www.comodo.com/e-commerce/code-signing/code-signing-certificate.php
Tracy Pearson PowerChurch Software
[excessive quoting removed by server]
Yeah, I had missed that. Wes' original post ended up on my Spam folder, as Yahoo! sends along some mail headers that make relaying a Yahoo! email address via a mailing list always appear to be spam.
Sorry for the unhelpful suggestion.
On Mon, Jan 18, 2016 at 4:53 PM, John Weller john@johnweller.co.uk wrote:
I think he said he'd tried that.
John Weller 01380 723235 07976 393631
Change the extension to YourApp.exe.txt Then have the recipient take off the .txt
[excessive quoting removed by server]
-
Alan Bourke -
Darren -
Edward Leafe -
John Weller -
Ken McGinnis -
mbsoftwaresolutions@mbsoftwaresolutions.com -
Michael Oke, II -
Paul Hill -
Stephen Russell -
Ted Roche -
Tracy Pearson -
Tracy Pearson
-
Wes Wilson