2. NSIS Discussion
  3. NSIS Intallers and Smartscreen

Archive: NSIS Intallers and Smartscreen


jlpereira52
25th September 2013 12:48 UTC

NSIS Intallers and Smartscreen
How to make the installation program (.exe) created by NSIS Installer to be compatible with Windows 8 Smartscreen?

We are using NSIS for several years for all of our products without any problem but since IE 9 and Windows 8 were released our reputation and sales are going drastically down the hill as the potential customers are scary to death of those WARNING messages ("... is not commonly downloaded and could harm your computer" and "Windows SmartScreen prevented and unrecognized app from starting. Running this app might put your PC at risk.").

We tried to explain how they could install our software by clicking on the very small link "More info" instead of the big OK button but that it is not helping... They are still scary and we are sure that except for the power user, no one can be guilty of being scared with that kind of "warning".

We are sure you guys know the solution (even without a Digital certificate) as we just upgrade to NSIS 3.0a1 (using the program nsis-3.0a1-setup.exe) and that executable did not gave the terrible messages.

Please, help!

Thanks!

JL

stass
25th September 2013 14:30 UTC

Can disable Smartscreen during installation or downloading the program ?
And then again to include.
HKLM\SOFTWARE\Policies\Microsoft\Windows\System", "EnableSmartScreen", "REG_DWORD", 0

jlpereira52
25th September 2013 15:05 UTC

Thanks for the suggestion, but it seams that would even be worst for our image...

Microsoft states at several places on theirs websites:

"Should I believe a website that tells me to ignore the SmartScreen Filter warning?

No. SmartScreen Filter uses reputable information to alert you to phishing and fraudulent websites. In addition, website owners can contact Microsoft if their websites are mistakenly flagged as phishing sites. If a website tells you to ignore a SmartScreen Filter warning, do not ignore the warning and do not enter any personal or financial information."

We (small software developers) really need to be together to make the difference!

JL

Anders
25th September 2013 18:02 UTC

Originally posted by jlpereira52
How to make the installation program (.exe) created by NSIS Installer to be compatible with Windows 8 Smartscreen?
It is already "compatible". If there was anything we could do to avoid whatever problem you are having then the bad guys could also just do it. If you believe the flagging of your software is wrong you could try contacting MS but I doubt you'll get far. Maybe they have some sort of whitelist you could get on...

Ref:
http://www.microsoft.com/security/re...providers.aspx
http://answers.microsoft.com/en-us/i...f-65759fba91b9
http://social.msdn.microsoft.com/For...s-can-download
http://billpstudios.blogspot.com/201...xt-uac-20.html
http://windows.microsoft.com/en-US/w...d-questions-IE

jlpereira52
25th September 2013 18:35 UTC

Do you have any idea why the "nsis-3.0a1-setup.exe" (and a lot of other installation programs generated by NSIS Installer) do not have that problem and ALL the ones we create in any of our computers do?

Even the samples supplied on the NSIS\Examples folder like VersionInfo.nsi when we generate the VersionInfo.exe it will present the same problem? We are sure we have no virus neither malware and when we check the status of our web site, Smartscreen Filter checked it and did not report any threats.

Is there a way that someone would be able to check what we are doing wrong by analyzing our VersionInfo.nsi and VersionInfo.exe

Thanks!

JL

T.Slappy
26th September 2013 11:34 UTC

Can you post link to your software?
I have standard Win 8 configuration (fresh install) and i never seen this message before on any software.

jlpereira52
26th September 2013 12:21 UTC

The link to our web site is http://www.JLapRM.com and ALL of our software (trial and production installation) have the same issue.

Just to avoid the need to fill the forms and download the complete installation programs, you may download the small VersionInfo that was generated by VersionInfo.NSI supplied on the NSIS Examples folder (http://www.jlaprm.com/downLoads/VersionInfo.exe - ~34kb).

If you want to download the full installation for our software:
http://www.jlaprm.com/downLoads/JLapRM11_0.exe (~ 20Mb)
http://www.jlaprm.com/downLoads/LWSetup.exe (~9Mb)

Thanks a lot!

Theresias
2nd October 2013 11:53 UTC

We do have the same issue, though once you understand how smartscreen works it's much less of an issue. Essentially even if your stuff is OK it will still bitch assuming you don't have many users out there. Once we publish an update it often takes a day or two until smartscreen doesn't bitch anymore - presumable because enough people have downloaded and installed it which then makes smartscreen believe it's safe enough for the general public.

What helped a lot for us was properly signing the generated installer. Sure, it means spending some money for a certificate etc. but it's worth the effort considering you also have proof that your installer hasn't been tampered with, this also means a warm and fuzzy feeling for your customers considering the error message windows gives you is less "insisting". ;)

Fork me on GitHub