Run rubyw.exe from Fixed Location with Personal Firewall
Hi Y'all!
When the PIA client is started, it unpacks a rubyw.exe into a temporary location and executes it. Since the temporary location is different every time, it is impossible for most personal firewalls to whitelist that process, resulting in blocks or firewall popups every time.
There is a nice post about how a guy developed an application that allows executing PIA with rubyw.exe from a fixed location: https://www.privateinternetaccess.com/forum/discussion/2286/pia-from-a-fixed-location-in-windows/p1
However, it is MUCH easier to get there without the need of downloading anything or executing someone else's executable:
- Run PIA application, let it start
- Now you need to find the temp directory created by PIA, it has a patter like C:\Users\YOUR_USER_NAME\AppData\Local\Temp\ocrXXXX.tmp\
YOUR_USER_NAME <-- this is YOUR username
XXXX <-- randomly generated alphanumeric value
Tipp: You can get to your temporary directory easily if you just put %temp% into your Windows explorer location bar and hit Enter.
So, find this temp folder, it will contain 3 folders: bin, lib and src, keep it open. - Now open location where PIA is installed, in my case it was installed to "C:\Program Files\pia_manager" (I will refer to this location as "PIA directory" from now on)
Copy those 3 folders (bin, lib and src) to PIA directory. - Exit PIA application
- Right click on an empty spot on your desktop and choose New -> Shortcut
- Browse to the rubyw.exe that is inside your PIA directory in the bin folder,
then on the same wizard page add a space character at the and and add:
..\src\pia_manager.rb --run
- Click Next and there you can give a nice name for the shortcut, for example:
- Click Finish and you are done, technically.
- You might want to change the shortcut icon. Right-click the shortcut, choose Properties -> Change Icon... > Browse... and navigate to your pia_manager.exe application. Then you can select the green robot and klick OK (2 times).
That's all that's necessary! When you start PIA with this link, it uses the rubyw.exe from your Program Files. Turns out, you don't really need any other environment settings or a third-party app, at least in my environment (tested on 2 PCs).
Thought I share that with you...
Have a nice day,
djkrose
Comments
Issue I've been having is many multiple temp directories being created by PIA (especially after waking from sleep mode) that never get cleaned up.
Hi mate,
Thanks for the suggestion, I was too struggling with Task Scheduler. Well - I still am. I moved the shortcut .lnk file to the pia_manager folder, and I created just one-line batch file that just calls
start .\PrivateIntAccess.lnk
But here's my problem - when I run the batch file manually, it works perfectly. When I try to run it through the Task Scheduler, I get a command window which tries to run
C:\windows\system32\start .\PrivateIntAccess.lnk
Obviously that's not gonna work. I tried to modify the batch file to start the full path
start C:\Program Files\pia_manager\PrivateIntAccess.lnk
But that didn't work either. But my batch file runs OK manually, but has a problem with task manager. Could you please paste the screenshot of how you made the scheduled task here?
Thank you so much from spending time and creating such a good guide on how to start PIA from the fixed location!
Did anybody figure out what to do extra to make v5.9 (has new js.node engine) to run from fixed location? It does not want to do it anymore for me, unfortunately...
Anyway, never knew this was possible at all, and I'm sure I was told (by staff I think) that this was a security risk, which is why the run location is radomised in the first place.
They should and must make an option then,
run random - by default installation
run from fixed location in the "program folder" - advanced settings
I want to try the method out for the convenience to the AVG alert issue, but don't want to sacrifice or create a security loophole.
Hope some of you are still on alert for this post.
So i did send a mail to support if there was a possibility that they could implement an extra feature to install rubyw.exe from a fixed location, for example in "C:\Program Files\pia_manager".
I understand that the current method of using a non-fixed location is probably the most secure, but if they implement this extra feature with info that this is not the most safe option, then people who are using private firewalls can choose for themselves.
Support did send my question to the development department, let's see....and hope.
In my opinion this would be a great extra feature.
If it isn't I hope some smart person can work out how to get it going again.
Thanks to @djkrose , @p1r473 , @TimeBomb and @blaster71
Combining information from all of your posts provides a perfect temporary solution until the BD devs find a solution for this... Or until PIA devs add an advanced option to have a fixed location for rubyw.exe...
Here is a snippet with all of the information combined, the end result is a shortcut that starts PIA with rubyw interpreter inside pia_manager folder... If something is not clear then look at the original posts for more detailed instructions and possible screenshots.
____________________________________________________________________________________________________________________
Making PIA start with a static location rubyw.exe:
1) Open PIA and let it start
2) Go to your temp folder (Win + R and type in %temp%, press enter. OR type %temp% to your explorer window location bar)
3) You should see a folder (or two) called ocrXXXX (Where XXXX random string of numbers and letters). Open the folder and copy the 3 folders inside (bin, lib, src) to your PIA installation folder. (In most cases, C:\Program Files/pia_manager)
4) Exit PIA
5) Create a new shortcut on your desktop (Right click). Browse to your PIA installation folder and select rubyw.exe inside the /bin/ folder there and click OK. Then addafter the rubyw.exe path. This should result to the entire shortcut target line to be:
Click Next, give the shortcut a name (this example assumes that it's "Private Internet Access") and then click Finish.
6) Move the shortcut to PIA installation folder (C:\Program Files\pia_manager)
7) Open notepad as admin and paste in
where "Private Internet Access.lnk" is whatever name you chose for the shortcut in step #5
File -> Save As
Change Type to "All Files (*.*)" and save the file to PIA installation folder with the name of your choosing, but make sure it ends in .cmd (This example assumes you used PIA.cmd).
8) Optional: This tool will be used to hide the command prompt window created from running .bat or .cmd files.
Download NirCmd from http://nirsoft.net/utils/nircmd-x64.zip and extract NirCmd.exe to a folder, for example C:\Program Files, C:\Program Files\NirCmd or C\Program Files\pia_manager. (This example uses the second one)
9) Open task scheduler (Search in Start menu OR Win + R and type in "taskschd.msc")
10) Make sure "Task Scheduler (Local)" or "Task Scheduler Library" is selected on the left.
Create a new task (Action -> Create task)
Choose a name for it (this example uses name "PIA Start")
Check "Run with highest privileges"
Go to Actions tab -> New -> Choose action "Start a program"
Navigate to NirCmd.exe (or directly to your .cmd script if you don't want to use NirCmd) and choose it.
If you use NirCmd, add this to the "Add arguments" field:
Where "PIA.cmd" is whatever you specified in step #7.
That's all you need in task scheduler, press OK until you see main scheduler window and close it.
11) Create a new shortcut on your desktop. Set the target as:
Where "PIA Start" is whatever name you specified for the task in step #10. Name it whatever you want.
This shortcut will now start PIA with rubyw.exe located inside the PIA installation folder. You can for example pin it to start (tiles) by copying/moving it to C:\Users\USERNAME\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
After that you can open Start menu, and you should see the shortcut in recent items (or under the alphabetical list) and you can right click it and "Pin to start".
EXTENDED STEPS FOR BITDEFENDER PROBLEM:
12) Whitelist the rubyw.exe in your PIA installation folder (C:\Program Files\pia_manager\bin\rubyw.exe) in Bitdefender Advanced Threat Defense:
Open Bitdefender 2018.
View features -> Advanced Threat Defense -> *click on the cogwheel* -> "Add applications to the whitelist"
_____________________________________________________________________________________________________________________
Original posts:
https://www.privateinternetaccess.com/forum/discussion/18865/run-rubyw-exe-from-fixed-location-with-personal-firewall
https://www.privateinternetaccess.com/forum/discussion/comment/36423/#Comment_36423
https://www.privateinternetaccess.com/forum/discussion/comment/43266/#Comment_43266
https://www.privateinternetaccess.com/forum/discussion/comment/51243/#Comment_51243
WHY is this something that *users* should have to figure out???!!!
We all KNOW that this has been a persistent issue with the application. I find this utterly irresponsible and unprofessional of PIA. There ARE no excuses for it,
This is something that's specific to Windows as the Mac and Linux versions have it already extracted within the application package. It's because the software that embeds the Ruby interpreter and the code within a single .exe file works this way, so we'd need to make our own packaging software to do it.
I'm not saying it completely excuses it, because really this thread itself is a proof that it's doable and that it works just fine (if we ignore everything that this solution ends up unknowingly bypassing), although I know there's a few things that ends up calling the main pia_manager.exe which might be why they don't "just fix it". But there are other more widespread and more urgent issues that are being prioritized at the moment. PIA's development process also got a major overhaul this year and development has slowed down a bit while things settle with the new deploy pipeline, QA process, etc. Big plans for 2018 that might fix this one however
The most recent post in this thread by Mystik in Nov 2017) describes creating the following shortcut:
Unfortunately, C:\Program Files\pia_manager\src\bin\pia_manager.rb does not exist, so the shortcut method doesn't work.
Has anyone managed to work out how to get PIA v77 working from a fixed location?