d7x (PC Technician Software) – Foolish IT https://www.foolishit.com Computer Repair Software - PC Tech Utilities - Malware Prevention Thu, 15 Feb 2018 21:48:20 -0500 en-US hourly 1 https://wordpress.org/?v=4.9.4 42914034 d7II to d7x update error corrected, please accept my personal apology for any disruption in usage! https://www.foolishit.com/2017/10/d7ii-to-d7x-update-error-corrected-please-accept-my-personal-apology-for-any-disruption-in-usage/ Wed, 01 Nov 2017 02:35:25 +0000 http://www.foolishit.com/?p=13181 Please accept that I deeply regret any inconveniences you and others have experienced due to the upgrade failures.

A corrupted archive file (containing the final part of the update to the current d7x “FastTrack” release) was replaced on our servers this morning (around 12 hours ago) which resolved the issue in our testing (using the same copies of d7II on the same systems that consistently reproduced the behavior.)

To be clear, the issue resolved today on October 31st, 2017 at around 7AM or 8AM Eastern time zone (3-4AM UTC) is regarding the extraction failure occurring during the update from d7II to d7x, and leaving a d7II.exe file in the directory that may have the version 3.6.87 but that is reduced in size (about 1.2MB instead of the 6.9MB as would be a d7II v3.6.86 or actual newer v3.6.87 executable) and that smaller d7II.exe (an “update stub”) would give the same extraction failures consistently upon any subsequent relaunch.  This issue is now resolved in what is now extensive testing throughout today.  Relaunching the same d7II.exe file (around a 1.2MB file) should now (as of the time specified above) complete the update as expected, and run the newly extracted d7x executable.


During the failure, you may have noticed a few other files that were left in the d7II directory, one of which was d7II.exe.d7II_Exe_0 (or similar.)  Renaming the file to leave the first part of the filename “d7II.exe” (you can also think of as removing the temporary file extension) would leave you the previous v3.6.86 d7II.exe file, ready for full usage, as normal and expected.  Unfortunately, we must now regret that without instructions suddenly appearing in the d7II directory, this would not have been obvious to most users, and we realize a tech that is onsite, or out “in the field” might not have a second flash drive or a copy/backup/any other accessible means to recover and use d7II at that time.

While it didn’t help this time, currently d7x contains several update fail-safe mechanisms not in d7II, as well as new update prompts/information and textual instructions that can be delivered and saved in the d7x exe’s directory in plain text files prior to the update process, should something crazy ever occur again despite the fail-safe routines.  Unfortunately, the d7x capable of newer fail-safe behaviors is the very thing failing to extract from the corrupted download in this case (how embarrassing, but it does demonstrate the need for the new d7x code!)


Also, I feel like it is equally important to take this opportunity and make clear that the new d7x is a “FastTrack” build, and not all functionality may function as expected (although there should be few if any issues beyond “Offline” functionality and the minor issues in current documentation.)  Please always read about any current issues in the d7x manual.  FastTrack builds are like the “Pre-Release” updates in d7II, or think of the “Release Candidates” in similar Windows terminology of the recent past.)  For d7x, the FastTrack builds are intended to give techs a working copy of new d7x code to use and to provide us with feedback on any features or changes.

Once standard in d7II as “Pre-Release” updates, d7II no longer detects the cutting edge update type, which was disabled in the final releases before the d7II code freeze on new features during d7x Platform code development.  As a result, the early release of d7x was only possible via the mainstream d7II update.  Those who were not long-term subscribers of d7II or who may have updated without reading the information on our d7II -> d7x update announcement (linked to via the lower status bar of d7II) may not be aware of the meaning behind the “FastTrack” status reflected in d7x’s top title bar.


Please accept my personal apologies for any troubles incurred as a result of the recent update failure.  Also, please be aware of the d7x related links below, for your benefit now and in the future, and be sure to submit feedback on the product as your time permits, so we can ensure that d7x is the app you want and need it to be, and that we don’t miss anything as we strive to exceed your expectations!

Product Links:
d7x Release Information:  www.foolishit.com/d7x/update
d7x Manual/Current Info:  www.foolishit.com/d7x/manual
d7x Videos (Playlist):    www.foolishit.com/d7x/youtube
d7x Product Page:         www.foolishit.com/d7x

d7x is officially updating for all d7II subscribers… https://www.foolishit.com/2017/10/d7x-beta-is-officially-updating-for-all-d7ii-subscribers/ Tue, 24 Oct 2017 14:10:32 +0000 http://www.foolishit.com/?p=13060 d7II subscribers will notice their copy of d7II v3.6.86 (or earlier) now promotes that an update exists to v3.6.87 (there is no actual code change for this specific .exe version; the version number is incremented to silence d7II update notifications if used after this d7x release.)

d7x Release Information


[Some information may be outdated]  Please see the d7x Manual for ALL current product information and downloads.  

d7x is the name given to the successor of d7II, our current generation PC technician productivity software.  Initial incarnations of d7x combine the underlying d7x Platform code (developed separately from d7II itself) with the d7II interfaces and much of the specific functionality, to bring product updates to d7II subscribers as soon as possible (until a fully unique d7x release is achieved) while simultaneously moving towards that goal.  Therefore, an active d7II subscription is required for any testing or usage.  In fact, to have an active d7II subscription means you are a d7x subscriber, even if your billing plan doesn’t to change reflect the new name.

d7x is currently designed to sit beside d7II in the same folder, and maintains backwards compatibility with d7II configurations and active d7II session data (temporary files and settings specific to d7II and the current repair process) so a job can be finished with d7II if necessary.  Even if d7x stopped working during an auto mode, d7II should pick up where d7x left off.

We’re excited to once again invite any d7x (d7II) subscribers to actively participate in the feedback process for current development.  We hope to continue d7x in the d7 tradition where techs contribute insightful and experienced ideas for current needs, inspiring the program features that have made the d7 and d7II great from day one!  Contribute your ideas anytime by contacting us directly or via our official support portal where you will also find message forums capable of housing your discussions on feature requests and updates for all of our software!

What's Different

d7x Platform code controls the underlying operation of d7II specific functionality (from error handling/debug systems to interfacing with the OS, file system, registry, internet operations, and more…)

d7x interfaces with the OS using new APIs that allow newer OS features and replace older concepts and tools, while preserving Unicode characters with an aim to cover the different needs of those in non-English speaking countries and with localized versions of Windows.

d7x advances client/server communications adding full SSL and verifying server security certificates on connection, for secure update communications to safeguard against attacks.  These capabilities will be extended to the “dCloud” communications when accounts can be migrated/converted, and to Self-Hosted FTP options, as well as adding new HTTPS communication abilities for Self-Hosted options.

d7x also interfaces with itself using high accuracy and error correcting routines in certain input data verification code, and includes vastly improved error handling and debug systems that automatically track quite a bit of internal data flow without extra coding.

The initially availability of “d7IIx” (named to reflect a hybrid product) earlier this year began with d7x “Platform” code, built from the ground up with new considerations in design and new fundamental basic lower-level functionality, and integrated the d7II user interface and other code designed for specific purposes and functionality (e.g. specific Windows repair processes, the entire custom apps system, etc.)  Then, much of the d7II code was unmodified, although certain things reflected improvement right away (such as Windows 10 recognition.)  Now, d7II code and specific functionality is being replaced entirely in areas like config/definitions storage operations and remote deployment options, and more is to come.

The d7x Platform code is designed not only for innovations not possible with d7II code, but also to provide a more flexible platform to be used for rapid development (and updating) of multiple application projects going forward (including our other existing technician oriented apps such as KillEmAll, dUninstaller, and dSupportSuite to name a few, as well as other new apps on the horizon.)  In fact, d7x Platform code powers the CryptoPrevent v8.x “Program Filter” module, an invisible component enabling features based on the real-time hash signature and logic-based filtering of executable files at run-time.

Specific Examples of Code Integration

To get a better idea of how the d7II code fits in, below are a few examples which illustrate the relationship between new d7x Platform code [represented by (d7x) below] which performs the unseen “grunt work” vs. the ported d7II code [represented by (d7II) below] which still handles the interface and specific/customized functionality.

Current Example #1:  Run a custom app from the user interface (d7II), read user config (d7II), determine applicable operating environment/OS version (d7x), file exist/date stamp checking to determine if we should download a new fresh copy (d7x), download the file (d7x), extract file (d7x), find/verify extracted files (d7x), determine/initiate config customizations to app (d7II), perform file/registry operations related to app customizations (d7x), launch executable (d7x), wait for it to complete (d7x) in order to perform any cleanup/post actions like log gathering, etc. (d7II) before continuing with auto mode if in progress (d7II).

Current Example #2:  Launch a Windows repair function from the user interface (d7II), read user config if applicable (d7II), determine targeted repair methodologies for the specific circumstances based on the above (d7II), determine operating conditions/perform system checks/download reqs if applicable (d7x), actually perform targeted repairs via any number of file system/registry operations (d7x), report success/failure/subsequent actions determined (d7II).

Now that the d7x Platform code has been integrated fully with the last builds going by the “d7IIx” title, much of the existing d7II specific code (as mentioned above) is being replaced, and fast.  The current d7x v0.0.0.88 update brought an entirely new Config Mgmt Portal (older dCloud/Self-Hosted FTP functionality) and introduces the d7x Remote Deployment Tool (aka d7xRDT, the ‘SFX Mini‘ replacement) both of which are all new d7x specific/d7x Platform code (d7x-only) and together replace ALL client/server communications regarding config/definition files, as well as update tracking functionality.

Current Development Focus

Our first and foremost priority is to document/fix any remaining issues with functionality that worked correctly in the last release version of d7II.

New Feature Suggestions:  At this time we are open to new feature suggestions, and large ideas are welcome; please visit our support portal to start a community post, but we ask that you understand the consideration is in future implementation, and we may not address all requests.

For the near future:  major sections of d7x Platform code are already established (in the binary) and waiting to be integrated into existing d7II code replacements.  The new d7x Platform code focuses on advanced, tested, stable, and reusable code to allow for rapid development towards reconstructing many of d7II’s best attributes into a more powerful and more user friendly tool.

Focusing on stability in the integration of d7II specific interfaces and functionality, workflow and data formats must be re-designed before we can drop d7II operational compatibility, and we plan to drop d7II operational compatibility before we move on to newer possibilities and new features.

User Interface:  There is no foreseeable ETA on a complete user interface “change” at this time.  In valuing function over form, for the most part your familiar interface will change gradually when it isn’t optional, and optional when it isn’t gradual or “under the hood” and does not maintain a familiar d7II form.  Currently there may be few UI elements that reflect interface changes conceived for d7x, however there is a lot of re-usable code ready for interface changes or more simple enhancements.

Those hoping for few major “graphical” changes (if any) may delight in seeing the new KillEmAll’s background, which forces a consistent appearance of mostly the same traditional Windows app background color across all versions of Windows, while adding only a slight gradient effect from top to bottom using a bitmap that resizes nicely.  It’s worth noting that this bitmap could be replaced as a new brand-able property.

Compatibility issues must also be considered as we apply new interface concepts, not just in maintaining d7II compatibility during the early stages, but also to allow the optional usage of the current d7II interface as a new UI develops, because a large amount of specific d7II functionality is tightly integrated into the existing user interface.  In order to replace the d7II user interface that code must be updated heavily or entirely rewritten to work with new d7x code, and to simultaneously continue to work as expected with the existing d7II interface.

In other words, d7x is a ground up replacement, and basically the UI is more or less a major part of the very final stages in a full d7x release, but we’re not quite there yet.

d7x Release Timeline

October 2017:  d7x has been rolled out to d7II subscribers!

d7x initial rollout; d7II subscribers will notice their copy of d7II v3.6.86 (or earlier) promotes an update to v3.6.87 (there is no actual code change for this specific .exe version; the version number is incremented to silence d7II update notifications if used after this d7x release.)

  • Download d7II.exe for use as a backup (if missing) using the d7x “Main” menu > “Check for Updates” option.  (This should be done automatically when updating from d7II.exe)
  • NOTE:  Offline tab functionality is NOT fully functional in this d7x release.  Please continue to use d7II.exe for all Offline related functionality (including usage from a ‘Tech Bench’ PC and/or WinPE based boot disk.)


September 2017:  The latest d7x TestBuild replaced the d7IIx Alpha versions, which could be tested with confidence in a production environment (provided you kept d7II with you as a backup.)

March 2017:  d7IIx was released to early adopting d7II subscribers for assistance in testing.

Earlier:  d7II specific code was merged with a mostly completed d7x Platform based code project (being ready to adopt specific d7II functionality) under the name “d7IIx Alpha” for a time.

Where to Download / What to Expect

(Current availability) d7x has been released to all d7II subscribers through the standard in-app update system.  If you are not yet prompted to update, visit the Main menu (top left) > Check for Updates from within d7II.

Alternately, you can get blank-config product downloads from the d7x Manual, or pre-configured product downloads from dMZ Additional Downloads page (requires your “uid-” dMZ login.)  Both require supplying either your d7II/d7x registration information and account credentials, or the Reg.Settings.dat file from a d7II\Config directory containing a registered/working copy of d7II.

After the d7x update, d7II.exe can still be used on the same PC, and within the same session.  This is intended as a fail-safe option, in the event of any unexpected d7x crash or functional failure.

In order to facilitate the d7II fail-safe functionality, d7II is the “dominate” app, and will assume any active d7x session data yet replace the original path/.exe file in the registry with itself for future use.

Additionally, d7x will not start if an active d7II process is found, or if d7II is launched first without using End Session (except when d7x is launched during the update process.)  In order to switch back to using d7x on that system, you must use the End Session functionality in d7II, or modify/delete the appropriate d7II session data.

Detail:  d7x determines the location of the d7II path/.exe from values found in the “HKLM\Software\Foolish IT\d7II\Session\Paths” key.  If the .exe file exists, it will launch that .exe (passing any command line arguments that were received by this d7x process instance) then terminate itself as the d7II process starts up using the rest of the d7II session data created by d7x for backwards compatibility.

d7x-d7II session behavior may be phased out or triggered by user prompt as features are added to d7x which become necessary for the desired behavior, yet have no backwards compatible equivalent for d7II, causing incomplete (and possibly unknown) behavior with d7II.

Please see the d7x Manual for ALL current product information and downloads.  


d7x FAQ  

Q: I have d7II. Will I need to purchase a new or upgraded license?
A:  NO!  New name, new logo, same license/subscription!  ALL existing licensed copies of d7II will automatically update to d7IIx/d7x at their respective release dates, while incurring no additional charges of any type, at any time.  The d7IIx and d7x upgrades are naturally a part of your existing d7II license, including “lifetime” licenses.  Basically, if you have a licensed and working copy of d7II, you are included!

In fact, to have an active d7II subscription means you are now considered a d7x subscriber, and will be referred to as such in future documentation and emails.  Note that some billing related emails may not reflect the new name, nor will Paypal accounts/emails when used for recurring subscription payments.

Q: I have d7II. Will I need to reconfigure it after the update?
A:  Only a little, but we’re aiming to deliver a ‘painless’ experience!  Some configuration may be necessary for new or updated functionality, however d7x will upgrade anything relevant from an existing d7II configuration to the new d7x format automatically.  If necessary, you will be prompted during conversion with a central interface to aggregate the changes and assist you in making any decisions about any new settings which may be necessary.

Change may be required:

All copies of a “d7II SFX Mini” used in remote deployment will continue to download only the last versions of d7II.  If configured, d7II could automatically update to d7x with every usage adding considerable time to the initial startup from the SFX Mini, as well as allowing for potential complications (currently the d7II-d7x update process involves 5-7 separate downloads through an updater stub, and would occur after the SFX Mini downloads all d7II components that will be disregarded by d7x.)

  • To continue using d7II and the SFX Mini, you should ensure any d7II config(s) used with your SFX Mini have disabled automatic updating of the d7II application from the Config > Behavior tab, in the lower right column.  Save and upload any config back to the cloud (or your self-hosted FTP) if the d7II automatic update option was enabled for session or app startup.
  • For a d7x replacement to the SFX Mini, (which will download d7x instead of d7II) you must create and use the newer d7xRDT (Remote Deployment Tool) – details are in the d7x Manual.
Q: Will there be a price change?
A:  YES for NEW subscriptions (this includes REACTIVATED d7II accounts!)  [not yet implemented]  As d7x becomes available there will be pricing adjustment of some measure, but for new subscriptions only.  A new “subscription” refers to the subscription billing agreement/payment schedule, NOT the d7II owner account, therefore ALL previously cancelled/invalidated/lapsed d7II subscriptions have already lost the originally associated pricing rate, and any former subscriber who wishes resubscribe must do so under the current pricing rates available to new subscribers.

A:  NO for currently active d7II accounts!  Customer loyalty deserves reward, so ALL existing d7II accounts which remain active are eligible for d7x based upgrades with NO change in your existing pricing terms.  Actively billed subscription plans will continue to be charged at the previously agreed upon rate (as determined when you committed to that payment plan through our 3rd party payment processor) provided that your subscription is maintained without a lapse in payment or service.

* Please note that d7II is licensed at per-technician rates (single tech, 2-5 techs, 6-10, 11-15, etc.) and therefore to increase technician usage at any time would require a new/upgraded license, which does constitute a new subscription plan that may be charged at the current rates.  Additionally, any d7II account cancellation (prompted either by customer request, or due to a lapse in payment/subscription without a timely customer response to rectify the missed payment and reinstate service) will require a new subscription to be charged at the current rate for the product during that time.

Q: Will there be a free edition, trial period, or a one-time purchase option?
A:  We are considering a limited free edition possibly with full version trial capabilities, as well as a one-time purchase option for certain modular areas of d7x functionality.  These are low priority considerations and entirely dependent on finding a good functional balance in separation of features, with respect to what we have (or have not) planned for future functionality in the ever-evolving full edition.
Q: What does the 'x' stand for, 10 or something?

A:  NO!  To be honest, some of us believe the usage of the letter ‘X’ in pop culture is a bit annoying, so our ‘x’ actually gets its inspiration from a common convention in programming (and math formulas) to use ‘x’ as the primary variable name.  In programming a variable can be substituted with a real value in repetitious code blocks, with ‘x’ often used as the numerical index in For…Next loop statements e.g. For x = 0 to Ubound(SomeArray)…  ‘x’ is also the most recognized way to refer to multiple or unknown specific software versions, like referring to a range of revisions at once, e.g. v4.x instead of v4.0 and v4.1 and v4.2, etc.

Either way you look at it, d7x represents a variable:  it is ever-evolving and improving to suit the expanding needs of PC repair technicians everywhere!


d7x (Alpha) September Update (Updated) https://www.foolishit.com/2017/09/d7x-alpha-september-update-updated/ Fri, 22 Sep 2017 22:07:10 +0000 http://www.foolishit.com/?p=12988 d7x v0.0.0.90 just released adds Windows 10 to custom app platform/OS restriction settings.  If not configured, behavior should not change.  Backwards compatibility note:  This is the only area in d7x configurations where d7II may (and likely will) erase the setting entirely when used to edit the same custom app configuration.

Although we’re not looking to add new features in d7x Alpha at the moment until we have tested everything, had good feedback from testers, and are confident in bringing this to the d7II “Pre-Release” stage, there are *minor* improvements we’d like to make along the way.

This is a great example of what these look like.  So if you have any suggestions that will add some real use to d7x right now, let us know.  While we can’t guarantee anything no matter how small at the moment, we would like to see what the current ideas are shaping up to look like as we begin to wrap up some things and proceed to new areas in d7II code replacement.

See this post if you missed it, and/or need any links:

d7x (Alpha) September Update for d7II subscribers – Latest update includes a NEW d7x Remote Deployment Tool (d7II SFX Mini), a NEW Config Mgmt Portal, and more for testing!

This latest d7x Alpha “TestBuild” replaces the “d7IIx Alpha” versions opened to all d7II subscribers in March.   We believe this release can be tested with confidence in a production environment, provided you keep d7II with you as a backup.  d7x Alpha is designed to sit beside d7II in the same folder, and maintains backwards compatibility with […]


d7x (Alpha) September Update for d7II subscribers – Latest update includes a NEW d7x Remote Deployment Tool (d7II SFX Mini), a NEW Config Mgmt Portal, and more for testing! https://www.foolishit.com/2017/09/d7x-alpha-september-update-for-d7ii-subscribers-latest-update-includes-a-new-d7x-remote-deployment-tool-d7ii-sfx-mini-a-new-config-mgmt-portal-and-more-for-testing/ Thu, 21 Sep 2017 19:15:58 +0000 http://www.foolishit.com/?p=12919 This latest d7x Alpha “TestBuild” replaces the “d7IIx Alpha” versions opened to all d7II subscribers in March.  

We believe this release can be tested with confidence in a production environment, provided you keep d7II with you as a backup.  d7x Alpha is designed to sit beside d7II in the same folder, and maintains backwards compatibility with d7II configurations and active d7II session data (temporary files and settings specific to d7II and the current repair process) so a job can be finished with d7II if necessary.  Even if d7x stopped working during an auto mode, d7II should pick up where d7x left off.

The next release stage will bring the d7x “FastTrack” builds to the d7II “Pre-Release” update system, and later as a full next-version release through the standard automatic update system.

Please see the d7x Manual to download and learn more about what’s new with this release, including the d7x Remote Deployment Tool (aka d7xRDT) the “SFX Mini” replacement, and new Config Mgmt Portal replacing the dCloud/Self-Hosted FTP functionality.

Also, this d7x Alpha Youtube playlist was created for early demo and how-to content, and currently contains a new video on the d7x Bug Submission Interface, but 2 more videos with new content are already awaiting edit.  (Be sure to subscribe to our channel for update notifications!)

Tuesday’s Foolish Tech Show also has a rough/impromptu and fairly long overview of some new functionality, which we go over after the whole CCleaner fiasco.

Learn about the d7x “Alpha” series and the overall product direction here.  Only d7x subscribers (meaning current d7II subscribers with active subscriptions) may test d7x Alpha.


CCleaner (Piriform) Malicious Code Breach! d7x/d7II/dSupportSuite Users Take Notice! https://www.foolishit.com/2017/09/ccleaner-piriform-malicious-code-breach-d7xd7iidsupportsuite-users-take-notice/ https://www.foolishit.com/2017/09/ccleaner-piriform-malicious-code-breach-d7xd7iidsupportsuite-users-take-notice/#comments Wed, 20 Sep 2017 14:51:01 +0000 http://www.foolishit.com/?p=12907 Sept 26th, 2017 Update:  Yesterday this appeared on Bleeping Computer:

Avast Publishes Full List of Companies Affected by CCleaner Second-Stage Malware

Bleeping also put out a nice article from the 22nd, containing a nice summary if you’re just catching up on the news (because of course more has emerged since our last update, and we shouldn’t just assume you read it elsewhere):  

Info on CCleaner Infections Lost Due To Malware Server Running Out of Disk Space

Sept 21st, 2017 Update:  These articles also came out yesterday, unfolding some plot twists to this story.  If you get your news here, you could do better!  

It seems a new backdoor was discovered and … you just need to read these:

CCleaner Command and Control Causes Concern

CCleaner Malware Infects Big Tech Companies With Second Backdoor

Original post is below, but be aware some details may no longer be accurate as the story unfolds.

This came out two days ago on the CCleaner blog:  Security Notification for CCleaner v5.33.6162 and CCleaner Cloud v1.07.3191 for 32-bit Windows users.

It seems that CCleaner has had malicious code bundled into their 32bit binaries (along with their “Cloud” version) and the tampering occurred prior to distribution.  The infected binaries were provided for download from their official site/update servers and distributed legitimately for about a month, silently infecting users to send data back to the ethers.  It also occurred completely under the nose of their new parent company Avast, the anti-virus software maker who acquired Piriform (the makers of CCleaner) as recently as July.  In fact, yesterday Avast released their own blog post about it, Update to the CCleaner 5.33.6162 Security Incident.

For the consumers who’ve used any of their products, you need to know this, but I’ve got ZERO advice for what you do with that information (other than maybe call a tech if you aren’t tech oriented, because you have software on your PC that is sending bits of your data elsewhere.)  On second thought, I’m told that Malwarebytes says their software removes/fixes it, and I see they have a blog post here:  [Updated] Infected CCleaner downloads from official servers (they have the free/trial/paid user-level “scanner” software which I’m sure all editions take care of the issue quite effectively.)

With prevention, the damage is done and over for the most part unless you’re still running the infected CCleaner, but that person isn’t reading this article…  By next update at least all of our CryptoPrevent users who haven’t noticed or heard should have detection sigs for the affected binaries, and Folder Watch can quarantine or the Program Filtering can pick it up on execution as well.  In fact from a few days ago when ClamAV was the only anti-virus engine to detect it (VirusTotal.com) today it lists 41/64 engines detecting it, and that’s just how it goes in this industry.  If you have the infection but you have any sort of security software, you won’t have the infection for long.

Finally the elephant in the room is trust.

I’m sure that the CCleaner developer could’ve been as shocked as anyone else to learn about the incident, but I just don’t know.  As for Avast, if checking CCleaner (and their other software) binaries with their own security staff, or even just a little software scan with their product, was not part of their decision to acquire Piriform/CCleaner, then I’d be very surprised (and maybe I should be…)

Regardless, if you use CCleaner or Piriform products, I don’t think that this is any reason to stop using them, or the parent company’s Avast’s products.  We should all now agree that malicious activity can breach even the most trustworthy, and we should also agree that when the incident is over it isn’t always a “trust” issue at all, maybe it’s more rare than we’d normally admit, but we just got burned.  So far that’s all anyone knows here, but the thing is it wasn’t just CCleaner users, but the people at Piriform got burned too, meaning whoever punches the clock there that isn’t involved in this (which is up to and including maybe everyone.)

I have no real advice here, and in fact I would like to explicitly offer no suggestion at all; but at this point in time, there are two points to understand:

1.  Piriform hasn’t entirely dealt with the issue until they know who did it, but that is a legitimate and long established “good” app and company, and you should have no doubt that Piriform (and their parent company Avast, the makers of that big anti-virus software product, I might reiterate) will be paying attention more closely from here on out.  That should be more comforting than it might sound to someone already burned.

2.  Realize that this can happen to any other legitimate and long established (“trusted”) software by the time you make the switch, if it didn’t happen already and it’s just undetected to date (as was the case here.)  

So the best I can offer for the time being is just a little food for your own thought, with the disclaimer that you take this information like anything else you read on the internets, with a grain of salt!  (That, and don’t forget you are likely infected, so get your PC looked at!)  


Now, speaking only to our IT Professional / Tech Shop customers, here’s what you need to know as a tech/IT pro who maybe uses CCleaner through a custom app profile with our software:

Malicious code has infected 32bit binaries of the 3rd party software CCleaner, which can be found as a default/included custom app profile in our more popular tech-oriented/non-consumer Foolish IT apps dating back to the original d7, so there’s a high probability that someone is using it in their tech work and repair scenarios…  64bit systems are unaffected, and there isn’t a “Cloud” version in our example profiles for 3rd party applications, so you should know if that’s an issue because you created and use the customized profile.

It’s worthy of note the malicious code was planted … ok I haven’t read it all (it would seem at least before digital code signing) which means it was an “inside job” and therefore changing your download links in the custom app profiles won’t matter, it wasn’t that kind of breach…

For more technicals on the CCleaner thing, the folks at Cisco’s Talos Intelligence Group have a nice technical analysis in CCleanup: A Vast Number of Machines at Risk and thanks to our own Brantley for the link, who pointed out the pic of ClamAV near the bottom with the very first detection, good job!  (ClamAV is an anti-virus engine which seems like the historical last to recognize or do much of anything, another fine example of how things shift quickly, frequently, and wildly in this industry.)


d7II and d7x (Alpha)

CCleaner (under the default custom app in d7II/d7x) should re-download itself every 7 days, so if the affected version exists in your d7II 3rd Party Tools directory, and for example you lived under a rock and didn’t know about the breach, then the infected version will be there for at most another 5 days before it is replaced by Piriform’s most recent version which we would all hope is still as clean as it should be right now.

In fact, you can disable the re-download option right now (d7II Config for the custom app, persistent settings tab, you want the check at the top I believe) and it won’t ever update unless it isn’t there, so in a bench / network / office / USB flash drive scenario you’re good to go with the download you have, still a very good program for what it does and more than likely legit/clean at the moment, and it won’t update anymore so you can use it without worrying about the profile updating it to a version you don’t trust yet.

Of course you’re reading this, and hopefully you clicked on the alert in the lower status bar, then please just go delete the entire “\3rd Party Tools\ccleaner” directory, and the “\3rd Party Tools\ccleaner.zip” file if they exist from ALL of your copies of d7II/d7x, and be done with it; the (hopefully) still clean versions will download automatically as usual, as you decide to use them.

If you made it this far and you are a d7II subscriber, please also check out the d7x Alpha info page to understand what is different and consider testing it, the download is found in the new d7x Manual.


d7 (original/free)

I do believe it is a default option for maintenance, and although I don’t recall the specific download rules in the final v10.something, I do not believe it updates much.  Anyone using this tool should seek to do the same as mentioned above and delete your CCleaner files, let them re-download and use that if you insist, for the time being.  Then look into d7II and the upcoming d7x first and step up.


dSupportSuite (and dMaintenance)

Owners of dSupportSuite may know the software includes example custom app profiles for CCleaner/Defraggler as 3rd party downloads, and those who’ve deployed dSS profiles to your clients using these apps are of course affected.

So with every maintenance cycle of dSupportSuite (weekly) by default when an internet connection exists it should attempt to download the latest 3rd party tools configured for use.  Good for the fix, not so much when it was a problem!  The same automated re-download on every maintenance also applies to the older dMaintenance stand-alone apps (both the original tech version and later home edition.)

Although the issue has been corrected (for the moment) on Piriform’s end, and we’re sure that they (and their parent company alike) will be keeping a close eye on future releases, you wouldn’t be wrong to push out a new profile that doesn’t include it, at least for a time.

Also, those machines have infected code possibly running on them right now, and as much as any fix (which will more than likely be present in their security product already on their system within the next few days, if it isn’t already neutralized) your clients need to be made aware of the breach itself.


The same goes for many tech shops and repair guys out there, I think your customers need to hear it IF they can possibly be affected.  Probably most tech shops at one point in time or another have had at least one employee use CCleaner on a customer’s system, quite a few probably within the last month, world-wide…  That’s conservative, but my guess more than likely is that CCleaner is just part of the way things are done in many tech shops, by most if not all techs who are allowed to do their own thing, if not being some semi-to-official company mandate (depending on how large the company is they shy away from 3rd party apps without $$ agreements, but under 20 employees it’s completely possible.)  It surely is in the toolbox of most door to door guys, wouldn’t you think?

This wide-spread usage is for a good reason, let’s not forget.  I think most agree it’s also good at doing what it advertises.  Dispute the app’s necessity all you want (and I would personally do it in some other article to some degree) but I don’t ever recall finding fault with the company’s character, and we still have it in the custom app profiles our tech customers use for a reason.  As stated earlier it is a legitimate and long established “good” app and company, so don’t’ forget Piriform’s reputation and read up on how they are handling it well right now.

I’m sure since it’s so widely respected and used, a quick visit to your favorite tech forums and you’ll find plenty of tips and example scripts on what others are already saying to their customers.

I know it’s an ugly conversation with any client, depending on how one might view the situation, but if you approach it with honesty, it can be a good opportunity to reconnect with clients maybe you haven’t seen in a while, and show them some concern and care.  It’s good to build any of your client relationships through all seasons, and the integrity pays in good ways.


https://www.foolishit.com/2017/09/ccleaner-piriform-malicious-code-breach-d7xd7iidsupportsuite-users-take-notice/feed/ 1 12907
Happy Foolish Day! d7IIx v0.0.0.9 released! https://www.foolishit.com/2017/04/happy-foolish-day-d7iix-v0-0-0-9-released/ Sat, 01 Apr 2017 14:30:02 +0000 http://www.foolishit.com/?p=12499

New d7IIx v0.0.0.9 released!

No time for the changes today, except that users updating to v0.0.0.9 from a previous version will be missing a new config file, used for altering the behavior of d7IIx Alpha TestBuild versions when troubleshooting various issues.

Head over to the page linked below to get the new config file by itself with instructions (you only need the 2nd download on the page, marked “TestBuild Mod – April 1st 2017“)

d7IIx Alpha – Known Issues / Submit Bug Report

d7II and dSupportSuite Updates! (d7IIx Alpha and dSupportSuite Mgmt Console) https://www.foolishit.com/2017/03/d7ii-and-dsupportsuite-updates-d7iix-alpha-and-dsupportsuite-mgmt-console/ Fri, 17 Mar 2017 21:20:06 +0000 http://www.foolishit.com/?p=12455 For d7II subscribers / IT Providers:

Today we’ve released a new update for d7IIx Alpha, but also today we’re making the Alpha builds public to all d7II subscribers (a currently active d7II subscription is required.)  This release contains no new features (in fact it IS d7II as far as existing functionality) yet it has been ported to the underlying d7x Platform code, in order to make current updates once again available.

This release is NOT for production environments, rather it is only a TEST BUILD, so please do NOT use this in your production environment!  d7II subscribers may however use the new build for testing purposes, and to contribute by submitting bug reports on features that previously functioned as expected in d7II.

See the d7x Alpha page for more information, or skip straight to the d7II Alpha – Known Issues / Submit a Bug Report page for the download and instructions!  Users of the d7IIx Alpha during previous testing closed to the public should see their d7IIx.exe update itself to the latest version upon launch, but it may also be downloaded manually if there are any issues.  


For dSupportSuite owners / IT Providers:

Yesterday an update was released to dSupportSuite Mgmt Console!  This update brings some minor bug fixes to the app used in creating/deploying your custom configurations, as well as preparing it to be moved to the new d7x Platform code for a future release, which will enable new functionality!

To receive the update, use the top left options menu in dSupportSuite Mgmt Console to find and select “Check for Updates” — the new version should download and start automatically after notifying you of the update; if the update fails to start for any reason, simply launch the Mgmt Console again.  Note you also may be prompted for the update automatically upon starting the Mgmt Console, depending on how recently it has been used.

Among this releases notable improvements are:

  • Introduced a new launcher, enabling you to choose the version of the Mgmt Console to use from within the app, as well as view the revision notes on the new version prior to usage.  While this new release was tested well, the launcher makes switching back to a previous version extremely easy, should a future update fail to function as expected.
  • Introduced a new convenience feature:  when closing the Mgmt Console you will be prompted to “Sync all modified content to server before exit (please be aware that currently this prompt is presented even when no changes have been made, but this will be addressed in a future update.)
  • Corrects an issue where using the “Sort by Dateand Sort by Name” functionality in the the “List” button drop down menu will crash the app under most circumstances.
  • Removes the /Migrate command line parameter to a separate executable (for migrating from legacy dCloud accounts to a self-hosted FTP server.)  Please be aware the documentation for self-hosted FTP migration has yet to be updated as of this post has now been updated in the dSupportSuite Online Manual.


EDIT:  I forgot to mention the new Emsisoft a2cmd profiles for dSupportSuite maintenance routines, which were also released last week (following new releases for the same in d7II custom apps) and are currently available for download at the bottom of the page in the dSupportSuite Online Manual.


There’s plenty more to talk about, but it’ll have to wait for next week!  

Have a great weekend!  

d7II News: Critical Update to Custom Apps for Emsisoft a2cmd on Friday Includes Batch File Tips, Custom Apps Configuration Mini-Tutorial Here, and Yes, We Are d7IIx Alpha Testing on the d7x Code Platform! https://www.foolishit.com/2017/02/d7ii-news-critical-update-to-custom-apps-for-emsisoft-a2cmd-on-friday-includes-batch-file-tips-custom-apps-configuration-mini-tutorial-here-and-yes-we-are-d7iix-alpha-testing-on-the-d7x-code-plat/ https://www.foolishit.com/2017/02/d7ii-news-critical-update-to-custom-apps-for-emsisoft-a2cmd-on-friday-includes-batch-file-tips-custom-apps-configuration-mini-tutorial-here-and-yes-we-are-d7iix-alpha-testing-on-the-d7x-code-plat/#comments Tue, 07 Feb 2017 21:04:06 +0000 http://www.foolishit.com/?p=12086 In Today’s News:
    Critical Update to Emsisoft a2cmd
	Help fix my customized a2cmd config!

    d7II Custom Apps:  Configuration Options for Batch Files and Scripts
	Configuration Field Syntax
	Storage Locations (all additional files used with these settings)
	Today's Batch File

    d7II Custom App Config Explained:  Emsisoft a2cmd (All)
	Batch File as a Custom App
	Command Line Parameters/Arguments Passed to the Batch File
	WHY do it like that?
	Moving On...  What happened with a2cmd?
	Final Thoughts:  (More of this!)

    d7IIx Alpha Testing (with the d7x Platform Code)
	FEED Me (d7II/d7x Specific RSS/Atom info...)

Critical Update to Emsisoft a2cmd

Last Friday evening, we released an updated d7II default custom apps profile (#58) for the default Emsisoft a2cmd custom app configurations, due to changes that company made to their portable app’s distribution, which caused failures with newer versions of their download/installer changes.

If using any default custom apps, this update requires NO prior knowledge from the technician in usage/configuration, nor any adjustment of your customized auto mode profiles or other d7II configuration options.

If using any non-default custom apps based on the affected ‘a2cmd’ configurations (e.g. “Save a Copy” button used to save modifications to a custom app’s config, and/or renamed to a new app, etc.) or for any other reason have a non-functional custom app using a2cmd.exe, then you should recreate your custom app based on what we have done for this update, if possible.

We believe the few reasons to alter the default configurations (beyond the persistent settings options) would mostly be alteration of the command line parameters/arguments passed to the custom app’s main executable, to the preference of the technician or tech shop.  Should this be the case, and you see the size and complexity to this explanation, you may do well to spend just a minute or two on this quick fix for your own custom apps profiles using a2cmd.exe:


Help fix my customized a2cmd config!  

Nothing beyond step 1 is necessary if you use our default apps configuration!  You should only proceed with step 2 if you have a custom app that you copied/modified or created, which uses Emsisoft a2cmd, and is currently broken in any way (download failures, where automation is concerned, maybe you just can’t stop the user prompts for “installation” paths) then go to step 2!  

1. Update to ensure Default Apps #58 (released late on 2017-02-03)  If not updated, you should be notified at the lower status bar, and if not click d7II’s Main menu (top drop down) and then the “Check for Updates” menu item.

2. Find and select any of the Emsisoft a2cmd based custom apps in d7II Config on the Custom Apps tab.  Note the search is ‘pattern’ style, so select the “Default Apps” radio button, then search for “a2” in the box above the list, and you should see all of them.

3. Ensure you have clicked the “New / Edit App” tab so you can see the “Save a Copy” button, and do that to create a copy of our updated configuration.

4. Update fields from your custom app to ours, taking care not to disturb (add/remove/modify) ANY settings on ANY tab before “Execution” and there starting only with the “App Command Line Parameters:” field.

5. If the command line parameters field from your existing custom app’s configuration ever differed at all from original, you’ll want to copy the changes you made to this new custom app based on our settings.  I would strongly recommend pasting the entire configuration text field from both your original and the new custom apps into a text editor, or even just notepad.exe will do in a pinch 😉  The goal is to compare and ensure you have modified your parameters to utilize the different filenames (whitelist) and paths necessary in various parameters that you use.  Paste the changes back in to the new custom app.

6. Final Step – decision time, either:

Keep old custom app for reference?  Modify all of your Auto Mode profiles (or copy to new) in d7II config to implement the new custom app in place of the old.


Replace old custom app entirely?  Find/select the custom apps from the “User Created Apps” radio button view, located above the left column in the Custom Apps tab; this ensures the appearance of the “Delete” and “Rename” buttons below the listbox where the app will be selected/highlighted.

  1. From d7II Config, delete the old custom app, after ensuring you have copied the name exactly!
  2. Rename the new custom app to the exact name of the old custom app.



… but don’t rush off too quick, there’s more to learn!   This update prompted the necessity of a very different custom app configuration, and I thought it was a good opportunity to take a few extra minutes and explain more about not only working with batch files, but also on how they can work with d7II custom apps system to solve a lot of unique problems…


d7II Custom Apps:  Configuration Options for Batch Files and Scripts

Some apps use batch files to accomplish extra tasks, and the setting for that is found in the configuration for the custom app under “Import Config Before Execution” which does some trickery many may not be aware of even with the mouse hover description.

Designed initially to copy configuration files (e.g. .INI/.CFG/.DAT/etc.) or anything with specific settings for the custom app into the app directory prior to running the app, and in this way customized settings for different apps can be carried along and used with the same configuration even in a d7II dir that doesn’t have any 3rd party apps downloaded yet, or re-downloads/re-installs the custom app.

Importing .REG files was also added to the functionality, as well as .BAT/.CMD and .VBS scripts which are copied to the app’s directory and run prior to running the app (but after any configured installer has been run for the app…)

Also note the “Save Config After Execution” checkbox setting will wait for the app to finish, at which point all files that were copied TO the app’s directory as part of the above functionality are then saved back to your d7II config directories, overwriting the old copy, which will be used for the next time the custom app is used on another PC (since you are most likely saving your config/profiles to either dCloud storage or your own local/cloud hosted FTP server, either can be configured as an automatic Start or End Session option if not already…)

The purpose for this is that updated settings in those configuration files, which you MAY have changed during a manual/non-auto mode run of the app, will be saved for the future and not lost, only to be used on this one machine…

Since it’s a dumb file copy, there isn’t much to say about the affect of this setting on .REG files (it doesn’t know what keys you configured or what to backup just by the import, so that isn’t done) and obviously the scripts aren’t usually dynamically changed, but if they were they would get updated/saved too, that’s just unlikely.


Configuration Field Syntax

  • Syntax is filename.ext without any path info, since it will always look in set paths relative to the d7II.exe file for them.
  • The setting support multiple files separated by a comma, and the syntax is:  “file1.dat,file2.cmd,file3,vbs,file4.ini
  • Batch/scripts would run in the order of input in the config field, as in the above example the .CMD file runs prior to the .VBS
  • All files (in the above bold example) including the .DAT and .INI, even though in a different order, should be copied to the directory before executing the batch/scripts…  Please note that “should” means if it doesn’t work, it isn’t a bug so much as I need to remember the exact mechanics before I go blog posting, and that I will need to verify but if that isn’t the case, then the expected behavior should then be to put them first in the field just as you would respect order of the the batch/scripts…


Storage Locations (all additional files used with these settings)

[Your d7II directory\Config\CustomApps\3rd Party Configs]  (Your created/modified custom apps.)   While at least the last subdir would not exist if you didn’t make it, it can be created or you can copy the same dir from our default app storage discussed below and remove what you don’t want…

[Your d7II directory\Config\CustomApps_d7II\3rd Party Configs]  (Our maintained default custom apps.)  

Important!  Everything from [CustomApps_d7II\*] including subdirs is overwritten on a custom apps update (in fact I believe the dir is completely deleted) so any changes you make there WILL be gone, with only one exception:  changes made from the “Persistent Settings” tab when configuring a custom app can persist, although only by using the “Save Custom Settings Only” button specific to that tab alone.  Configuration is saved separately only for those settings with respect to that default custom app, and when saved along with your d7II configuration profile locally and/or to/from cloud services, they do persist after a default apps configuration update…

I would strongly recommend rather than manually copying any default custom app configuration file [\CustomApps_d7II\*.*] to instead use the “Save a Copy” button in d7II Config, when you find and select the app from the list on the Custom Apps tab, and then choose the New/Edit tab.

Here’s why:  Apps with the same name in the two different directories WILL confuse d7II auto mode profiles in a big way, so please don’t do that!  This behavior is a side effect of the system used to intelligently find pieces of modified custom apps as necessary, as well as a limitation added from the configuration of other settings related to both the apps and d7II interface itself.

d7x Update Tidbit:  We do plan to work on removing this same-name app limitation using possibilities available in the new d7x platform code to replace older functionality that produces these limitations.  More below!

Please note that the “Save a Copy” button only saves the single Custom App configuration file to a new filename and perhaps there is another minor config modification, but it won’t create the [\CustomApps\3rd Party Configs] subdir for you, or copy any corresponding custom configuration or script from the [\CustomApps_d7II\3rd Party Configs] location.

Instead d7II.exe will intelligently determine which location has the config as necessary.  So a config for your copy will still be pulled from our maintained default apps storage, UNLESS you manually copy that to the new location.

If the same file exists in both different 3rd Party Config directories, your custom one should take precedence currently, however (another let me verify this) but if not already, the behavior for this will likely be changed in the future to consider the last modified date of the file itself, and possibly other factors.


Today’s Batch File:  

After updating to default apps 58 profile, check out the batch file!  (Ahem, right click / edit if you’re not used to that, but a double click won’t hurt anything if you make the mistake…)

[Your d7II directory\Config\CustomApps_d7II\3rd Party Config\a2cmd.cmd]

With all that said, I’ll leave the batch file lesson itself in the file itself which contains a few good practices in the bits of code/syntax that should be commented well for the interested, including a section that retrieves d7II “Session” data from the registry (path info in this use case) that creates a whitelist for the Emsisoft a2cmd scanner to protect d7II and other custom applications from being targeted during the custom app’s run (a task actually being done for most any custom app providing the opportunity, and though some utilize per-path direct command line arguments, others allow a whitelist file to be generated, which is performed by this batch file.

Note the context of the batch file code, which needs to know where it is located in the file system, and as the author you need to know that d7II copies this to the final app path, which is found in the d7II Custom Apps config field “32/64bit App Path/Executable Name” and if not a complete path, then by default it is the root of  [Your d7II directory\3rd Party Tools\]  directory for apps where this setting has no path but only a filename; likewise adding a partial path, e.g. [some subdir\file.ext] will prepend the 3rd party tools directory to this path (note there is no preceding backslash in the partial path.)  For partial paths, unless it is a complete path (static paths are accepted, but Windows environment and other d7II specific variables can be used here as well and are recommended where possible, as in certain other configuration fields.)


d7II Custom App Config Explained:  Emsisoft a2cmd (All)

The largest concept here that you wouldn’t normally see, is the idea that the batch file used with the custom app is used BOTH as the config setting/script to run BEFORE the app, AND as the custom app itself, causing it to be run twice as part of the app’s execution, and with both executing prior to the app itself.


Batch File as a Custom App

See the last paragraph of the last topic above for more on the d7II Config field “32/64bit App Path/Executable Name

For this custom app, we’ve chosen to configure this field from the “Execution” tab to actually launch our batch file (as well as the Pre-Execution tab’s “Import Config…” field) instead of the custom app’s main .EXE file.  Since our batch file exists in your d7II configuration, and NOT anywhere you want to just host it and download from your own FTP/web server, then it isn’t a complete custom app.  As such certain things must be satisfied to make it all come together, and it helps to have insight on a few little intricacies in how the spider web of d7II custom apps handles processing the order of certain config settings, such as the actions taken to get the apps setup/started and cleaned up later.

For one, having the download URLs configured means that the app is always expected to be there (if not installed it will be) at least if internet access is to be had and/or the installer exists in your [\3rd Party Tools] dir…  but there’s more to consider.

Since our batch file’s first run will be to run the app installers (after deciding on using the 32/64bit exe) there’s a problem – the batch file is copied to the app directory, which doesn’t exist until the installer is run.  Since d7II can’t do that for running the installer and the batch file will, the problem now is that even though d7II is downloading the installer, it isn’t running it, and still it will expect the app to have been installed to the actual (final/installed) custom app’s main path\executable directory (the one linked/explained above.)

The issue here is ultimately pretty silly compared to the normally powerful no-nonsense do it or else functions in d7II…  but specifically for the “Copy Config…” option, the functionality does not copy our batch file to the app directory (to execute it) when the app directory doesn’t exist first; it is in fact coded to skip creation on non-existence, unusual for d7/d7II, but it was for a reason!  Even with failure checking, there are little to no blanket recovery options other than try the same thing a second time and expect the different result (determination or insanity?)  So when different 3rd party apps fail differently from time to time, depending on the different ways they were coded in the different languages, with the different levels of whatever requirement is broken under various system conditions…

So it was reasoned this behavior would be more work on the tech using d7II when it came time to cleanup.  For example if it created the directory anyway, copied the config (or script, not originally an option I might point out) and then moved on to the next app, well it just essentially did that for no reason — since we know the app was not working already when it failed to install, the dumb planting of the config that created new directories was inviting hassle for our techs when it came noticing the resulting omissions in cleanup through automatic d7II tasks, and a minor pain in the PSU for the obsessive cleanup qualities that we techs mostly seem to share…

Since the dir creation would’ve been pointless, the foresight at the time of original development didn’t include it ever being necessary to set a custom app up in this way (one of many lessons learned for the d7x platform code and the design of the new custom apps system!)

Now the installers will normally download to our [\3rd Party Tools] dir, and that’s where we want the batch file to be, but you want a partial path/subdir of 3rd Party Tools else other issues can occur; it’s also can’t be in the final app path of [%systemdrive%\Emsisoft …..], which doesn’t exist until the installer completes.

A [\3rd Party Tools\Emsisoft_a2cmd\] subdir is created by the download syntax where the “Save As File” field will contain a filename with partial path (the subdir to create within 3rd Party Tools) which in this case was “Emsisoft_a2cmd\EmsisoftCommandlineScanner??.exe”   Naturally keeping it different in the 32/64bit settings for filename, so they can co-exist, the same directory can be used, and the batch code simplified a little as well as the entire process.

After this directory is created by the download, the installer setting is skipped, and the copy config setting triggers the first run of the batch file, which is copied to the directory created by the downloading of the necessary installer, and that only works because again, the batch file is configured as the custom app’s main path\exe.


Command Line Parameters/Arguments Passed to the Batch File

The concept works with logic contained within the batch file to act differently depending on how it was started, and this serves to prevent potential issues caused by the same tasks being performed twice; in this case it is a simple determination on whether or not the batch file was launched with any command line arguments/parameters.

With NOTHING passed, it performs the config/batch (pre-app execution) functionality necessary.

With ANYTHING passed, it will act as the custom app itself as far as d7II is concerned, but in fact the batch file just runs the custom app using the parameters passed to it by d7II, which of course were all intended for the custom app anyway, NOT the batch file…

You may have previously seen the “Wait for App Termination & …” checkbox used with this app in the past, and since we’re running our own console window (for the batch file) which d7II must wait on, the batch file is configured to identify itself (for the tech using it) and also it launches a2cmd.exe with syntax designed to wait on the process.

The potential problem with this is that the console window waiting on the custom app could be unknowingly closed by another app or accidentally closed by the tech manually, for whatever reason, at which point d7II would stop waiting on the closed console window.  The next d7II action is to continue with any configured post-processing for this app, or the execution of other custom apps in a running auto mode profile, which could interfere with this app’s operation.  Especially since it’s now “flying solo” and no longer part of anything d7II is paying attention to, many of d7II internal functions will cause problems as well, both manual and automated.

To prevent the issue above an additional measure was added to keep automation smooth, and just below the “Wait…” checkbox you’ll see the text field to add additional process names that d7II can look for and wait on those processes to terminate as well, before moving on to anything that could interfere with this custom app…  in this instance it will wait for the process named “a2cmd.exe” which is launched by the batch file, and of course that is the main executable for this custom app.


WHY do it like that?

Well a few reasons exist, but the convenience method here is that we don’t need multiple custom apps with chaining configured to do a few specific things, and these app profiles (if you use the defaults) we don’t want to replace the config with one using chained app configs, since you might need to re-think the setup – being a direct replacement design as we strive for with all default apps, no user (re)configuration of d7II should be required for the use or update of app itself nor the d7II auto mode profile order/arrangement.

Namely the issues here stem from being able to run the installer for a2cmd first within the custom app config, a 32/64bit issue.  Again, since this is a direct default apps replacement that shouldn’t require any user configuration changes, so separating 32/64bit app configs wasn’t a consideration.

With 32/64bit installers, downloads were usually either spawned from the same exe or they are zipped separately, and as such, the somewhat limiting configuration for the installer field in a d7II custom app, which by default assumes only one exe name for any 32/64bit install.

Keep in mind while separate zips might throw this off, they are usually saved under the same name or extracted to different locations or similar and a batch file, like the one we’re talking about, that carry out the installer based 32/64bit decisions and operations.

It’s also important to note that even single file .EXE installers are either wrapped in or entirely consisting of just another form of compressed file like .ZIP that extracts itself, and sometimes you can save the file as .ZIP/.7z/.RAR/.LZH/.???/etc.

If you learn the actual format of the file (7zip file manager > file properties) and name it appropriately, you can save an .EXE download as a .7z or whatever the appropriate format is in it’s “Save File As” field in d7II config, where it will be treated just like any other .ZIP or compressed file supported by d7II…

Use this technique to solve problems with EXE installers that automate things you don’t want done  (e.g.  automate extraction to avoid user prompting, certain “installation” tasks, etc.)

More often than not this works without issue, but it was NOT the solution for this custom app update!  See below!

(wow, yes I referenced the LHarc format above, did you spot it?  Surprised me too, I guess my muscle memory hit a long term thought?)


Moving On…  What happened with a2cmd?

This latest Emsisoft update did in fact move to an a2cmd installer (in EXE file format) but unlike the above mentions which is just education/side note material, this specific update uses Nullsoft installer as the extraction container (which to my knowledge doesn’t work as stated above, at least with d7II!)

What the Nullsoft installer will do, if configured to allow this at time of creation, is honor a silent extraction switch.  The silent switch that pushes the app to the default directory as pre-configured by the creator (which is not uncommon among .EXE installer files, at least when the creator allows silent usage) but Nullsoft is a bit finicky, frustrating many with an requirement quite odd these days with similar tasks:  it’s silent switch is “/S(caps required) and not “/s” or “/Silent” or anything else you’ll find in dated or incorrect documentation and even some example scripts found here and there.


Final Thoughts: (More of this!)

d7II subscribers who haven’t checked out our dMZ section of the website, where you can get a lot of info like this on many topics as they pertain/coincide with more advanced d7II configuration and usage.   (Note the dMZ/website has a login req which, for later recurring subscribers with no account changes, will likely equal your d7II/dCloud subscriber credentials; for any older subscribers would have dMZ/website credentials different credentials, most likely obtained at a later date.)



d7IIx Alpha Testing (with the d7x Platform Code)

The d7IIx binaries which will become the next d7II update are currently in a limited alpha testing, which is not freely open to all subscribers at this time.  Big update/little news we realize, but you can learn more on the d7IIx Alpha page.




This is a great opportunity to point out the category feature to those who read the blog occasionally and/or use RSS/Atom feed readers, specifically to those not interested in all of our various blog content (e.g. techs and d7II subscribers who don’t follow our main blog due to the end-user CryptoPrevent stuff.)  

Instead of the main blog, follow only one of our specific blog categories!  Also by adding a “/feed/” to the end of any blog/category link makes it available for RSS/Atom/etc. feed viewers, e.g. https://www.bla/bla/d7x/feed/  (both styles demonstrated below for d7x categories!)

d7x Announcements  (Feed)  Includes all d7II/d7x news, Custom Apps, and Release Notes.

d7x Custom Apps  (Feed)  Includes d7II/d7x related custom app information only.

d7x Release Notes  (Feed)  Different than in the past, upon any new d7x public release, we plan to use the blog/RSS method for d7x release notes/revision histories, as opposed to a single static page…  by using a feed from the beginning, we would like to eventually take advantage of some additional in-app features that are possible with the d7x platform…

That’s all for today!

https://www.foolishit.com/2017/02/d7ii-news-critical-update-to-custom-apps-for-emsisoft-a2cmd-on-friday-includes-batch-file-tips-custom-apps-configuration-mini-tutorial-here-and-yes-we-are-d7iix-alpha-testing-on-the-d7x-code-plat/feed/ 1 12086
50% off ALL Products SALE with announcement of CryptoPrevent v8 Bulk Release https://www.foolishit.com/2017/01/50-off-all-products-sale-with-announcement-of-cryptoprevent-v8-bulk-release/ Tue, 17 Jan 2017 22:39:08 +0000 http://www.foolishit.com/?p=11946

v8 Bulk License Packs


Click Here for Coupon Codes!

What you’ve been waiting for is here!

CryptoPrevent Version 8 was released October 31st with exciting new features like our new FolderWatch Protection and HoneyPot Detection, We also beefed up the number of Software Restriction Policies from around 400 to over 3500 with the higher protection levels, added a QuickAccess SystemTray Notification,updated the filter module with d7x technology, updated malware definitions, and integrated KillEmAll v5.

Exciting News! Until now you’ve only been able to purchase CPv8 in single quantities or our White-Label reseller packs.  Starting today you will be able to get bulk packs of CPv8 in quantities of 10, 25, 50, 100, 250, and 500.

CryptoPrevent v8 Bulk License Packs
Available Here!

New Features Included in Version 8

FolderWatch Protection
Going past just Software Restriction Policies and improving on what Filter Module provides in protection. FolderWatch will allow CPv8 to monitor and protect folders from items that match the new and improved malware definitions included with CPv8.  Customize which folders are protected (beyond standard user folders) with the Premium Version (including CPv7 lifetime licenses).

HoneyPot Detection via Folder Watch Protection
This is the feature we are most excited about providing in CPv8.  If ransomware does manage to get through your other defenses, the HoneyPot Detection feature will limit or even prevent the encryption of files on a computer.  This feature will be one of our first Premium Only Protection options in CryptoPrevent.  (Because we feel it is that good, but CPv7 lifetime licenses will have it included!)
How does it work:
-creates and monitors honey pot files on selected FolderWatch folders
-when malicious activity is detected all processes are terminated and user is prompted to shutdown or reboot (customizable options will be provided in the White-Label Edition!)

Updated Filter Module
Filter Module has also been completely re-written from the ground up using the d7x technology platform Nick has been working on.  Improved performance, improved compatibility and  more updates to come as the d7x platform continues to evolve. This will also take advantage of the new and improved malware definitions being included with CPv8.

Updated Malware Defintions
The malware hash definitions have been completely redesigned and a significant number of hashes have been added including hashes of samples we have found or have been submitted to us.  There is also a new Expanded Definition set that includes even more definitions although these may carry a risk of having a higher false positive rate.  The malware definitions backend has also undergone improvements on our side to provide a more regularly scheduled release ability automatically.

QuickAccess SystemTray Notification
Providing the ability to review or quickly change CryptoPrevent protections (like when you need to lower protections to install certain software or run backup operations.  Convenient access to KillEmAll and balloon notifications of when files execution is prevent, files are quarantined or when HoneyPot Detection has been activated.  This feature will be Premium Only option.  (CPv7 lifetime licenses will have this included)

KillEmAll v5
KillEmAll v5 will be integrated into CPv8.  Based on the d7x technology platform, this feature provides quick, efficient process termination when you can’t trust the “X-button” to close a window.  From malicious pop-up windows, to sites that display unmovable windows, to programs that just won’t exit…KillEmAll stops them dead in their tracks.  This can be accessed from the main CPv8 interface for all edtions (including the free version) but comes in handy the most from the QuickAccess SystemTray feature (which is Premium Only) and plays a major role in the HoneyPot Detection feature as well (which is also Premium Only) (CPv7 lifetime licenses will have these premium features included)

Updated Software Restriction Policies
The protection that started it all has been vastly updated to attempt to protect your system even more.  With over 2500+ just on minimum protection level with up to 3500+ on higher protection levels, new extensions will be blocked as well as new preventions of certain windows features/applications that can be used maliciously against your files.  Even more software restriction protections options are in planning/internal testing phases, so there is still even more to come after CPv8 is released.

Click Here for Coupon Codes!

Click Here for Coupon Codes!

We’re having a 50% off SALE on ALL PRODUCTS!! [Expired] https://www.foolishit.com/2017/01/were-having-a-50-off-sale-on-all-products/ https://www.foolishit.com/2017/01/were-having-a-50-off-sale-on-all-products/#comments Tue, 17 Jan 2017 21:42:57 +0000 http://www.foolishit.com/?p=11932 This Sale Has Expired Codes Are No Longer Valid

To celebrate the release of CryptoPrevent v8 Bulk Edition (completing the availability of all CryptoPrevent v8 product types) we’re having a huge sale!

Get 50% off ALL Foolish IT products by using the coupon codes below at checkout!

Hurry this sale could end at anytime so don’t miss your chance to take advantage of this amazing opportunity!!

Make sure to use the following coupon codes during checkout:
  • CryptoPrevent Premium Sub
  • Use coupon code:  2pasjb  for 50% off purchase price!
  • CryptoPrevent Premium 1-Year
  • Use coupon code:  gtbxg6  for 50% off purchase price!
  • CryptoPrevent Premium Bulk Packs
  • Use coupon code:  ww1yaz  for 50% off purchase price!
  • CryptoPrevent Premium White-Label Packs
  • Use coupon code:  yg9wyw  for 50% off purchase price!
  • d7II
  • Use coupon code:  fmxrqm  for 50% off purchase price!
  • dMZ Add-On for d7II
  • Use coupon code:  jrbluy  for 50% off purchase price!
  • dSupportSuite
  • Use coupon code:  wukhpd  for 50% off purchase price!
  • dSupportSuite 3-Month
  • Use coupon code:  pxcyf5  for 50% off purchase price!
  • All Other Foolish IT Products
  • Use coupon code:  wukhpd  for 50% off purchase price!
  • ]]>
    https://www.foolishit.com/2017/01/were-having-a-50-off-sale-on-all-products/feed/ 1 11932