Can't add to trusted vendors list

Ever since v3.14 and now with v4 as well, I can not add Blizzard Entertainment, the publishers of World of Warcraft to the trusted vendors list. The files are signed and are valid but CIS says otherwise. I also can not submit the files for analysis because CIS says there is a compression error. Screenshots are attached.

[attachment deleted by admin]

What file type? .msi cannot be added. :-\

Edit: Saw it in the screenshot, Wow.exe. :wink:

For anybody willing to confirm this issue can be reproduced using digitally signed Blizzard updaters.

For instance the digital cerificate of WoW-3.3.3.11685-to-3.3.3.11723-enUS-patch.exe (3.3.3 → 3.3.3a Incremental Patch (~5 MiB) available on mirror locations) is misidentified as invalid and cannot be added to trusted vendors.

SHA1: dac674d1de148aef7dda9527465e05632201abce

sigcheck: publisher....: n/a copyright....: Copyright (C) 2004-2009 Blizzard Entertainment product......: Updater description..: Blizzard Installer original name: Updater.exe internal name: Updater file version.: 4.1.1.3953 comments.....: n/a signers......: Blizzard Entertainment, Inc. Thawte Code Signing CA Thawte Premium Server CA signing date.: 4:26 AM 3/25/2010

OS: Windows XP SP3 32 latest patches.
CF 4.0.141842.828

I can add

WoW-3.3.3.11685-to-3.3.3.11723-deDE-patch.exe
SHA-1: BC445435F0AE1C12AD69174E65F8A6767C04C6EB

and

WoW-3.3.3.11685-to-3.3.3.11723-enUS-patch.exe
SHA-1: DAC674D1DE148AEF7DDA9527465E05632201ABCE

[attachment deleted by admin]

I tried WoW-3.3.3.11685-to-3.3.3.11723-enUS-patch.exe and CIS imported digital certificate just fine.

SHA-1: dac674d1de148aef7dda9527465e05632201abce

Looks like after a reboot I’m able to add Blizzard to Trusted vendors using the wow updaters.

Perhaps to reproduce the issue wow.exe actual executables would be needed. ???

I never tried it with the updaters because I delete them after they’ve done their job. I only know it doesn’t work with WoW.exe or with Launcher.exe.

Well, that is just plain strange. I downloaded the updater and tried it as the signed executable and it worked. I wonder why the actual game files don’t. If there’s a way for me to provide the Wow.exe file I will

Does not solve the central issue but I believe that if you make Wow.exe and Launcher.exe installer/updaters, the game runs OK. Ask Eric Cryptid if any queries.

Best wishes

Mouse

Did you try to compress it as a ZIP file and attach to your post?

Okay I zipped the two files, Wow.exe and Launcher.exe.

The issue is not with the game running, it runs fine. The issue is with not being able to add Blizzard to the Trusted Vendor list so I don’t get alerted about the updaters when they try to perform their necessary actions. As I have said, with all versions of CIS prior to 3.14, there was no problem using either one of the files in question to add Blizzard to the list. Maybe now that I have been able to add Blizzard by using an updater file, the problem will not occur with upcoming updates.

[attachment deleted by admin]

I’ve just tested these two EXE files on x86 virtual machine and on x64 real system. In both cases I could add digital certificate of Blizzard Entertainment, Inc. to My Trusted Software Vendors list with out any issue.

As a side note, even if you have Blizzard Entertainment, Inc. in My Trusted Software Vendors, then you still will be notified about updater’s actions, because your running Defense+ in Clean PC Mode. And in this mode every new executable introduced to the PC is threaded as unsafe. You need to switch to Safe Mode to achieve intended Defense+ behaviour.

Well, they do not work on my system and I think you’re wrong about Clean PC vs Safe mode. In Clean PC mode new executables are treated as unsafe but not if they are in Comodo’s whitelist or if the vendor is in the trusted list. The same thing is true in Safe mode. I know this for a fact because I am able to install anything from vendors in the trusted list with no alerts whatsoever. The only difference between the two is that in Clean PC, already installed files are treated as safe whereas in Safe mode they are not. New files being introduced are treated in exactly the same way in both modes. I will not use Safe mode because it causes too many problems and triggers far too many needless alerts when I first try to use things that were installed prior to CIS being introduced.

UPDATE
Well now this makes no sense at all. I extracted the files from the zip file into My Documents and tried to use them to add Blizzard to the Trusted Vendors and— it worked! If I try to do it from the files’ actual location in the WoW folder in Program Files, it says they are not valid signed executables. It even works if I copy and paste the files from the WoW folder into My Documents. Things just get stranger and stranger with CIS.

Maybe the behaviour was changed in CIS v4, I didn’t test it. But what I had said was true for CIS v3. If the information are wrong in relation to CIS v4, then I’m sorry for misleading you.

It seems to me that it is a file path related problem and the dialogue displaying the error message is a standard one and just misleading. Most probably CIS cannot read the content of the files at all because the path it resolves is invalid. Could you post the absolute path to those files at their original location so that I could verify that on my system?

I’m sorry but what you said was also wrong in v3.xxxx the modes behave pretty much the same now as they ever have. The way that I stated. The only basic difference has always been in the way previously installed files were treated. New executables have always been treated the same in both modes.

It seems to me that it is a file path related problem and the dialogue displaying the error message is a standard one and just misleading. Most probably CIS cannot read the content of the files at all because the path it resolves is invalid. Could you post the absolute path to those files at their original location so that I could verify that on my system?

The path is simply C:\Program Files\World of Warcraft\Wow.exe

Maybe it has something to do with the fact that the game really does not make any registry entries and you can transfer the entire contents of the World of Warcraft folder to another computer and the game will run flawlessly on the second machine. It’s pretty much a portable application. However, the versions of CIS prior to 3.14 did not have the problem of saying that the signed files were invalid. The earlier versions also did not keep telling you the files were invalid when you hit the purge button in the rules sections.

I doubt that. From my own experience Clean PC Mode and Safe Mode behaved differently. It might have changed in CIS v4, but here is how it worked in CIS v3.

Well, the path to the files is simple and CIS shouldn’t have any problems reading those files. It is weird that you see those files as invalid when you purge Defense+ policies. Such dialogue should only appear for files already deleted. I guess there is some other reason why CIS cannot read those files, therefore all these problems with importing digital certificates.

I see the moderator posted that but I know for a fact that he was wrong. I installed apps in Clean PC mode where the vendor was in the trusted list and they were assumed to be safe. One of the vendors was Auslogics and another one was Piriform. Clean PC mode uses the whitelists and Trusted vendors and safe files list in the same way that Safe mode does. The confusion comes from the last line in Clean PC mode that says that new executables are not assumed safe, but, it also says in the very first line that all actions of known safe files are learned. It only says what it does about new files to set them apart from already installed ones. It should say “except if they are known to be safe” because that’s how Clean PC actually works. The moderators are not developers or even employees of Comodo and they don’t know everything. Safe Mode is a step up in policy restrictions and amount of alerts generated. It would make no sense for Clean PC to be more restrictive of new files and in actual usage, it is not.

After sorting out the wow.exe launcher.exe and the updaters guess it remans to address the path scenario you mentioned.

With the executables you provided there would be no issue for anyone trying to reproduce this.

Just to make sure it would be possible to carry again those simple steps on your system to help reproduce what could have happened in detail:

[ol]- Reboot

  • Remove blizzard from trusted vendors
  • Confirm again that both the untouched wow.exe and launcher.exe found in C:\Program Files\World of Warcraft\ cannot be validated when added to trusted vendors
  • Remove blizzard from trusted vendors (if applicable)
  • ZIP the untouched wow.exe and launcher.exe found in C:\Program Files\World of Warcraft\ and replace them with the ones contained in the ZIP archive you attached
  • Confirm if also both the replaced wow.exe and launcher.exe in C:\Program Files\World of Warcraft\ cannot be validated when added to trusted vendors
  • Remove blizzard from trusted vendors (if applicable)
  • If the replaced executables cannot be validated unzip the untouched wow.exe and launcher.exe and attempt validation in a different folder (eg on desktop)[/ol]

I have done all of that. If the files (either the originals or the zipped ones) are in the folder in Program Files, they are flagged as invalid. If they are put into My Documents they work fine.

That’s too bad. :frowning:

It looks like something specific to your system that is not easy to reproduce. ???

The only chance appear to wait for somebody else who is unable to add C:\Program Files\World of Warcraft\Wow.exe certificate to trusted vendor and identify what your system and theirs have in common that is also missing from the system of anybody else who is unaffected.