Run once signing does not reviel publisher RRS feed

  • Question

  • We have an installation program.  It schedules a program, SetupF.exe, to run after a re-boot by placing its name in the start once section of the registry.  We signed SetupF.exe with a VeriSign certificate. After the reboot a little pointer comes up and says a program was prevented from starting.  When we open Windows Defender it says SetupF.exe is under the section "Publisher Not Available" .  Windows Defender  says the SetupF.exe is signed with a VeriSign Class 3 Code Signing 2004 CA.  If we choose run startup program then a Vista box comes up and says SetupF.exe wants to run and is published by us using the same dialog box that the original AutoRun.exe had when it started.
    Does anyone here understand this behavior?  Ideally we would want only the second UAC style dialog to come up.  At worst if we get the dialog and the little warning sign then at least we would want it to show who published it.

    Monday, July 16, 2007 8:24 PM

All replies

  • We found a fix for the problem.  The setup program was scheduling SetupF.exe to run by placing a string entry in HKLM/.../Run. If you put it in HKLM/.../RunOnce then it will immediately run, blocking execution of other program and the user screen until it is done.  But, best of all, if you place it in HLCU/../RunOnce then it gives an opportunity to invoke a UAC dialog showing the proper signing. Then when the user allows it to run then it runs normally.
    Thursday, July 19, 2007 9:55 PM