For installer packages that contains multiple executable files, it is recommended to put the package into a common folder and set the folder to be Trusted Application. For the main installer file to be executed directly, set it as Trusted Installer (Eg: setup.exe) and run.
The prompting depends on the Application Whitelisting settings, by default, it is trust by digital signature if file is not in the whitelist but the digital signature has to be listed under the Trusted Certificate list. Therefore, if a new application has a digital signature that is not found in the list, you will get prompted for further actions.
If an untrusted executable file is being run and launched by Windows Explorer, Application Whitelisting will notify for further actions as below:
You will be given the option to Remember my answer for this entire process if you do not want to be prompted again. However, allowing this option will allow everything that is bring run by Windows Explorer to be trusted automatically. By doing so, malware that is being run by Windows Explorer will be trusted and enter the system.
Note that for executable file that is not accessible by Windows Explorer, you may not be able to see and manually set the trust level of the files. Hence, Application Whitelisting on-the-fly trust will allow you to set the appropriate actions for these files when it is being run.
Nevertheless, you are given the options to Unblock and set file as a trusted installer if you are sure that the installer file can be trusted and do not want to be further prompted by Application Whitelisting. Follow the steps below to set file as a trusted installer on-the-fly.
- Right click on the installer file name and select Unblock and set file as a trusted installer.
Note that clicking on the file name will bring you to the file location.
For trusted applications which create new executable files during running, Application Whitelisting will notify for further actions as below:
- Click on More options button to view more details of the executable.
- If you not want to get any further prompting and that anything created by the trusted application will not be trusted, click on This process is not an installer. Set it as a restricted applcation. This will place the application into the list of Restricted Applications. You can undo this action by removing the application from the list of Restricted Applications in the settings.
- Click on Trust this newly created file only to only allow the current newly created executable file to be elevated to trusted application so that it can be processed. However, the main trusted application will remain the same instead of elevating into a trusted installer. Therefore, you will still get prompts again if it creates any other new executable files.
For trusted installers, it will not prompt you for any further actions to elevate the newly created executable files as it will all be automatically set as trusted applications. Therefore, trusted installers can run smoothly as per normal without any unneeded prompting.
Follow these instructions to manually set the trust levels for your applications
- Right click on the executable file, point to Trust Level. In the menu displayed, the tick will indicate the trust level the executable file. Select the desired trust level for the executable file.
- Right click on the executable file again, point to Trust Level. In the menu displayed, the tick will indicate the new trust level the executable file.
- Alternatively, you can also set trust levels for the files within a folder. Right click on the executable file, point to Trust Level. In the menu displayed, select the desired trust level.
- Right click on the folder again, point to Manage Whitelist. A SecureAge Application Whitelisting window will show the new trust level of the files within the folder.
This post is also available in: Japanese