Macro Recording and Automating Windows with Macro Scheduler – Tips & News
Macro Scheduler 12.1.5 is now available with the following fixes since my last update announcement:
Workflow Designer and the SDK have also been updated to the same MacroScript version.
Registered Downloads/Upgrades | Evaluation Downloads | New License Sales
What is Code Signing?
Since XP, when you download an executable file from the Internet the browser checks the file’s Authenticode signature. This verifies who the publisher is. You get a dialog asking if you wish to download software from this publisher. If there is no signature the warning is more severe and it says something like:
The publisher could not be verified. Are you sure you want to run this software? This file does not have a valid digital signature that verifies its publisher. You should only run software from publishers you trust.
In some cases you will also get a similar warning when running applications that haven’t been signed, especially if the executable resides on a network drive. Apps that have been signed are trusted more by the operating system. Vista and Windows 7 are more fussy and certain types of app must be signed.
Code signing protects against tampering and impersonation. If a signed app is tampered with or modified in some way the signature becomes invalid and so the user will be warned when they try to run it.
How does it work?
A publisher applies for a digital certificate from a Certification Authority like Comodo or Verisign. Using the Microsoft Authenticode tools the publisher can sign their applications with their digital certificate. The signing tool basically makes a hash of the code and their private key and appends the signature to the end of the executable. If the code is later modified the signature will therefore be invalid as it is partially based on the application’s code itself.
Should I sign EXEs Compiled with Macro Scheduler?
If you distribute compiled macros to others, or let people download them from the web you should definitely be signing them. Users can then see who the publisher is and be sure that the file hasn’t been modified in any way, and will no longer see the unknown publisher warning presented by the web browser/operating system.
So how do I sign my EXEs?
First you need to obtain an Authenticode Certificate. We have negotiated a very helpful 10% discount for our customers off the price of Comodo Code Signing certificates supplied by K Software, an official Comodo Reseller. K Software prices are already extremely competitive and now, as a Macro Scheduler user, you get an extra 10% off.
The certificate used to sign our software, including Macro Scheduler was supplied by K Software. So you know you are in good company! 🙂
To find out more and place an order visit K Software’s Code Signing page. To get your 10% log into the Macro Scheduler Registered Customer area to obtain your special discount code.
You also need the code signing tools. These come with the Microsoft Platform SDK and can be downloaded here:
Platform SDK Redistributable: CAPICOM
Once installed, launch SignTool.exe to sign your EXE. For command line options see: Sign Tool (SignTool.exe)
For more step by step help Jeff Wilcox has written an excellent article about code signing and authenticode. It covers everything from the order process through the tools you’ll need to do the signing. Read the article about code signing here.
Several customers have written to us in the last couple of days reporting that the latest version of McAfee is detecting a “trojan” in the compiler (msrt.exe) that shipped with Macro Scheduler Pro v11. It also reports a virus in macros compiled with that version of the compiler.
The virus reported is “Generic.dx!xdn”.
The same version of McAfee does NOT report an issue with the Macro Scheduler 12 compiler. It seems to be particular to v11.
This is a FALSE POSITIVE. We have submitted the v11 compiler to virustotal.com and ALL other AV vendors report it as clean.
Unfortunately McAfee is quarantining this file and preventing our customers from using the software and their compiled macros.
I have submitted a false positive dispute to McAfee and I would ask all customers affected by this to do the same. Details on how to report a false positive can be found here:
https://community.mcafee.com/docs/DOC-1041
There is nothing that we at MJT Net can do to prevent this false positive apart from submit a claim to McAfee. We are at their mercy. My experience is that they usually fix these issues quickly and I would hope that the next definitions update solves the problem.
However, once McAfee has updated their database you may need to reinstall Macro Scheduler v11 and may need to recompile your macros unless it is possible to recover the quarantined files. We are happy to help with this but you may need to contact McAfee for assistance with recovering files from quarantine.
Given my last blog post it feels like AV vendors are out to get us at the moment! It is most frustrating.
But it’s not only us. Just the other day I read this report about a “keylogger” being wrongly reported on Samsung laptops by the “VIPRE Antivirus Software”. The false positive could be reproduced simply by creating a new folder called “SL” anywhere on the PC!
Update: 25/03/2011 1420 GMT – Symantec have just emailed me to say that this detection has been removed and will not be present in the next definition update.
Fake viruses are one thing. I recently helped out four people who fell victim to the fake “System Tool” virus which pretends that your PC has a virus, and preventing the computer from being used, tries to get people to visit their website to hand over their credit card details. They prey on fear.
But legitimate anti-virus vendors aren’t an awful lot better. I know a number of people who bought a home PC with Norton pre-installed. They get a free 12 month subscription for virus definitions. But they don’t know that. Most of them have no idea that an anti-virus product even needs to download new updates. Then 12 months later they get a nasty looking warning saying that their PC is unprotected and now they have to pay for a new subscription. Frightened that something nasty will happen to their PC they pony up.
What they didn’t realise is that there are cheaper/better and even free alternatives. When I tell them they seem pretty angry.
Now it seems Norton have decided that small software companies are not to be trusted and are scaring people into deleting perfectly good software.
I recently received reports from a couple of trial-downloaders saying that their Norton/Symantec software reports a possible virus in Macro Scheduler.
The “virus” is: ws.reputation.1
Details of this threat can be found here. I quote:
“WS.Reputation.1 is a detection for files that have a low reputation score based on analyzing data from Symantec’s community of users and therefore are likely to be security risks. Detections of this type are based on Symantec’s reputation-based security technology. Because this detection is based on a reputation score, it does not represent a specific class of threat like adware or spyware, but instead applies to all threat categories.
The reputation-based system uses “the wisdom of crowds” (Symantec’s tens of millions of end users) connected to cloud-based intelligence to compute a reputation score for an application, and in the process identify malicious software in an entirely new way beyond traditional signatures and behavior-based detection techniques.”
In other words it seems to be saying:
“Because only a few of our users have used this product, it must be dangerous, though we have no specific idea why.”
Isn’t there a catch 22 here? Since insufficient people are using it to deem it safe Norton blocks it, which means no further people CAN use it, which means the number of people using won’t grow which means its reputation gets worse. A new file needs lots of people to use it for Norton to pass it, but if they block it new people can’t use it? It’s daft and very unfair.
And we’ve been in business and selling Macro Scheduler since 1997! If you’re a start-up with a new product I guess you’re going to have trouble getting the average home PC user to install your software since so many of them use Norton.
I wonder what Peter Norton would make of this.
If you use Norton – in fact even if you don’t – please send them a false positive report by going to:
https://submit.symantec.com/false_positive/
In our latest podcast series Tracy talks to Gary DalSanto of Inventive Software Designs who is one of our partner consultants providing customers with custom automation solutions and helping them with their Macro Scheduler script development.
Gary has been working with Macro Scheduler since 2006 on a large variety of different automation scenarios. His first experience of Macro Scheduler was when he converted a large scale IBM Rational Robot project over to Macro Scheduler and found that Macro Scheduler matched the functionality at a much lower cost.
I quickly found out that not only Macro Scheduler could perform all the functionality that we were using with the higher priced commercial tool, but it could also do it for a fraction of the cost. So from that point on, I was pretty much sold.
Since then Gary has used Macro Scheduler in projects as diverse as data migration in Telecoms companies to automating ordering systems in a College Bookstore.
So to summarize it all up, by automating all these processes for them over the course of less than a year, the store turned a profit for the first time in the history of the store.
Gary has worked with many MJT Net customers, building custom automation solutions for them using Macro Scheduler, and providing assistance with their own scripts.
Macro Scheduler veteran John Brozycki has put together this fantastic video tutorial all about Macro Scheduler’s debugging capabilities. The video is 18 minutes long and demonstrates every debug feature, showing examples of their use and talks about how useful the debugger can be for problem resolution as well as script creation. Take a look:
A larger version of the video can be found here.
John Brozycki is an information security professional who uses Macro Scheduler as a tool to accomplish a wide range of tasks in his daily activities. His personal web site is www.trueinsecurity.com.
I think this is an excellent tutorial which all script developers should benefit from. Thanks John!
I received this in an email yesterday and just had to share it:
“Thank you for a truly superior product! I used this at a previous place of employment and developed a system to autopopulate our very static software. When the software vender sent training staff they were so impressed they offered me a job! I now work for them and have you to thank for it!”
It’s not always easy running a small software company. But receiving feedback like that certainly makes up for a lot of hard work.
In this forum post Armsys asks how he can determine which key the user pressed in an OnKeyPress dialog event handler. The solution I posted reveals an undocumented feature: Internal event parameters.
While there is a sample macro called “Dialogs – MouseOver” which ships with Macro Scheduler and demonstrates these event parameters, they are missing from the help file.
So here’s a short 3 minute video showing how this sample script works and demonstrating how you can determine what event parameters are available for use.
(Don’t forget you can view full screen and/or change the quality with the options in the video control panel above).
If you’re completely new to custom dialogs you might also want to watch part 1 and part 2 of the custom dialog video tutorials first.
For years now we’ve been making do with a less-than-perfect open source ticketing system. We’ve lived with missing attachments, emails not always getting through and the lack of embedded images, some garbled mime encodings and various other missing features.
Finally we have a brand spanking new helpdesk. It’s over at help.mjtnet.com. You can still email us as usual. And if you’ve emailed us recently you may have noticed the receipt of some snazzier looking emails containing your ticket history. You can also submit and view the status of tickets online. You may also have noticed that a “Feedback” tab has appeared to the left of the website. This is a quick way to send us a message from whatever page you are on (except the forums – we figured if you’re on the forums you would want to post a forum message not send an email).
Another new feature on the website is social networking sharing buttons. You’ll notice Twitter and Facebook buttons on each blog post. Facebook “like” buttons have also now appeared after every forum post, and at the top of every page you’ll see Facebook, Twitter and other bookmark buttons. So if you see a post or page you like please share it, or bookmark it and help introduce people to the world of Macro Scheduler!
Don’t forget you can also connect with us and other Macro Scheduler fans on the Macro Scheduler Facebook page, or follow my occasional tweets on Twitter.
So, whether by Facebook, Twitter, Forum, Email or Helpdesk, I look forward to chatting with you. 🙂
Macro Scheduler 12.1.4 is now available with the following fixes since my last update announcement:
Workflow Designer and the SDK have also been updated to the same MacroScript version.
Registered Downloads/Upgrades | Evaluation Downloads | New License Sales