When trying to access files quarantined by Windows Defender or another antivirus program, I receive 0xC0000906 STATUS_VIRUS_INFECTED error. How can I programmatically lock a file, so another program will see this error code? Is there Windows API the security software is using?
Related
I have a web application installed on server that has PCI complaint policy, I can't do almost anything unless I press ctrl-alt-end, I have an external tool on server l that launches a batch file which restarts a specific application service, but this not doable due to UAC policy, is there a way to make it doable?
Please note that there is no way to disable UAC.
I am currently trying to install my vb6 app on a Windows 8.1 computer via TeamViewer (it's kind of like remote desktop). However, the installation always hangs up after all the files are copied and this message is displayed:
Setup is updating your system
We've tried it on our own Win8.1Pro desktop (via Remote Desktop this time) and Win2008Server(both via Remote Desktop), and it installed just fine.
Right now, we've narrowed it down to one culprit - MyProjectInfo.exe the actual ActiveX .exe. Whether it is me trying to run the .exe for the first time to register it to DCOMCNFG or whether it is the setup.exe running the script $(EXESelfRegister) it just freezes up.
What differences should i look for between 1) our win8.1Pro and win2008server and 2) their win8.1? If it some coding/reference/dependency issue, what could be the cause for why it doesn't error in our desktops?
Thank you for all the help.
Uhmm... this is getting embarrassing.
Avast (present in the other person's Win8.1) was blocking MyProjectInfo.exe from running (which is basically what is does with $(EXESelfRegister).
To properly proceed with registering my ActiveEXE program, I had to turn Avast off for a while. And that was that.
This problem may also occur with other anti-virus scanners as well.
During install of our software package (NSIS as Admin), I write netfilter2.sys (which has been digitally signed) to c:\Windows\system32\drivers and register it for analyzing http packets. It then returns when executing "driverquery" from cmd with all other registered drivers. All functionality works fine, and seems to be all good.
However, after a reboot in WinVista(x86) and Win10 (x64), sporadically it will be unregistered, and no functionality will work. It will still be present in c:\Windows\system32\drivers, but will no longer be returned when executing "driverquery".
After a reboot where it is unregistered, in Event Viewer, Windows Logs\System, we see a reference to netfilter2.sys, saying that "Windows Defender Real-Time Protection agent has taken action to protect this machine from spyware or other potentially unwanted software."
I then look at Windows Defender History log, and see that it was "permitted", but do not see it under either allowed programs or quarantined programs.
Any idea why this driver is being unregistered, and how to prevent it from being unregistered in the future?
The issue stemmed from unregistering (-u tag) the driver and registering it directly after in the same batch file.
Apparently, when you unregister a driver like that it marks it for deletion.
Try a clean reinstall of Windows 10 to fix this issue we.
I would like to log the uninstall event onto my own web-server for my desktop application. Is there a way I can detect the uninstallation on Windows?
Your installer override the Installer.OnAfterUninstall method
http://msdn.microsoft.com/en-us/library/system.configuration.install.installer.onafteruninstall(v=vs.100).aspx
There, you can call back to your web server.
Be sure to program for the possibility that there is no internet connection at the time of uninstall. Also, note that some firewalls may block your attempt to connect to your server from the uninstall program, or prompt the user for permission to allow the connection.
If you are using an installer other than Microsoft's (e.g. NSIS or whatever) for the desktop application, there is probably a similar hook.
i was making an installer for my app its working fine on xp but on vista the UAC is giving problem unless i do a run as administrator the Unexpected error appears when i run my app afters installation, any idea?
i am installing the application in C:\xfolder\x
There is nothing you can do. You MUST run the installer as administrator.
As for the application, you will also need to run it as administrator with elevated priviledges but thre are options to make it ask automatically for elevation via application manifest. You can do a search on stackoverflow.com because there are more post related to this issue.
Here is a link to a post that might help.
Here are a couple more usefull link on app manifest and UAC:
App Manifest (1)
App Manifest (2)
UAC technology.
They are in C# but then again translating to VB.net is like a walk in the park.
You can make a windows service. And put all operations that require elevated rights into that service. You install the service as SYSTEM account and you communicate with the client via .net remoting or any other way for vb6.
if your app exe is an active x exe then you will need to register all the ocx file using regsvr command and then register your exe with regsvr32 command, for an active class to be used in win vista it first must be registered. make a batch to do these registration.