2Shirt/WizardKit
2Shirt/WizardKit
1
0
Fork 0
Code Issues 2 Pull requests Projects Releases 26 Packages Wiki Activity Actions

Merge branch 'd7' into dev

Browse source
This commit is contained in:
2Shirt 2018-10-09 00:28:14 -06:00
commit 3bb8e786e4
184 changed files with 8333 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

27
.bin/d7ii/3rd Party Tools/MBAM_Install.cmd Normal file
View file

@ -0,0 +1,27 @@
@echo off
setlocal
pushd "%~dp0"
rem Remove stale marker if present
if exist "%SYSTEMDRIVE%\1201\Preserve-MBAM.marker" (
del /f "%SYSTEMDRIVE%\1201\Preserve-MBAM.marker"
)
rem Set marker to prevent unintended MBAM removal
if exist "%PROGRAMFILES%\Malwarebytes\Anti-Malware\mbam.exe" (
echo Previous Malwarebytes installation detected.
echo. > "%SYSTEMDRIVE%\1201\Preserve-MBAM.marker"
)
if exist "%PROGRAMFILES(X86)%\Malwarebytes Anti-Malware\mbam.exe" (
rem MBAM v2 installation
echo Previous Malwarebytes [v2] installation detected.
echo. > "%SYSTEMDRIVE%\1201\Preserve-MBAM.marker"
)
rem Install/Upgrade MBAM
echo Installing Malwarebytes...
start "" /wait mbam-setup.exe /VERYSILENT /NORESTART
popd
endlocal

63
.bin/d7ii/3rd Party Tools/MBAM_Uninstall.cmd Normal file
View file

@ -0,0 +1,63 @@
@echo off
setlocal
pushd "%~dp0"
:GetDate
:: Credit to SS64.com Code taken from http://ss64.com/nt/syntax-getdate.html
:: Use WMIC to retrieve date and time in ISO 8601 format.
for /f "skip=1 tokens=1-6" %%G in ('WMIC Path Win32_LocalTime Get Day^,Hour^,Minute^,Month^,Second^,Year /Format:table') do (
if "%%~L"=="" goto s_done
set _yyyy=%%L
set _mm=00%%J
set _dd=00%%G
set _hour=00%%H
set _minute=00%%I
)
:s_done
:: Pad digits with leading zeros
set _mm=%_mm:~-2%
set _dd=%_dd:~-2%
set _hour=%_hour:~-2%
set _minute=%_minute:~-2%
set iso_date=%_yyyy%-%_mm%-%_dd%
rem Get uninstaller path from registry
set "uninstaller="
for /f usebackq^ tokens^=2^ delims^=^" %%s in (
`reg query "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1" /v UninstallString`
) do (
set "uninstaller=%%s"
)
rem Copy logs to 1201 folder
echo "Copying logs..."
robocopy /e "%PROGRAMDATA%\Malwarebytes\MBAMService\LOGS" "%SYSTEMDRIVE%\1201\Logs\%iso_date%\Tools\MBAM" >nul
robocopy /e "%PROGRAMDATA%\Malwarebytes\MBAMService\ScanResults" "%SYSTEMDRIVE%\1201\Logs\%iso_date%\Tools\MBAM" >nul
if exist "%SYSTEMDRIVE%\1201\Preserve-MBAM.marker" (
rem Keep MBAM
echo Previous Malwarebytes installation detected.
) else (
rem Move Quarantine to 1201 folder
move "%PROGRAMDATA%\Malwarebytes\Malwarebytes Anti-Malware\Quarantine" "%SYSTEMDRIVE%\1201\Quarantine\MBAM_%iso_date%_%_hour%%_minute%"
rem Remove MBAM
echo No previous Malwarebytes installation detected.
if exist "%uninstaller%" (
echo "Uninstalling Malwarebytes..."
start "" /wait "%uninstaller%" /VERYSILENT /NORESTART /LOG
) else (
color 4e
echo "Malwarebytes installation not found."
echo ""
echo "Press any key to exit... "
pause >nul
)
)
rem Remove marker
del /f "%SYSTEMDRIVE%\1201\Preserve-MBAM.marker"
popd
endlocal

14
.bin/d7ii/3rd Party Tools/WizardKit Launcher.cmd Normal file
View file

@ -0,0 +1,14 @@
:: Launch WizardKit item
@echo off
setlocal
pushd "%~dp0\..\..\.."
rem Run WizardKit Launcher
call "%*"
rem Sleep for 5 sec so d7II can wait for launched proc
"%systemroot%\System32\ping.exe" -n 5 127.0.0.1>nul
popd
endlocal

BIN
.bin/d7ii/Config/1201Logo.bmp Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 2 KiB

39
.bin/d7ii/Config/AltText.ini Normal file
View file

@ -0,0 +1,39 @@
[ShortDesc]
Autoruns=Manages Startup Items
Autoruns_Copy=Manages Startup Items
Autoruns (Verify and Log)=Manages Startup Items
Google Chrome Software Removal Tool=Remove add-ons, extensions, toolbars, and other software that may interfere with the operation of Google Chrome.
VipreRescueScanner (Deep Scan)=Virus scanner (Designed for both the Malware Removal and the Offline Operations tab)
VipreRescueScanner (Quick Scan)=Virus scanner (Designed for both the Malware Removal and the Offline Operations tab)
=Install/Upgrade MBAM
[ReportDesc]
Autoruns=Examined Windows startup items and removed unnecessary entries.
Autoruns_Copy=Examined Windows startup items and removed unnecessary entries.
Autoruns (Verify and Log)=Examined Windows startup items and removed unnecessary entries.
Google Chrome Software Removal Tool=Scanned for and removed any toolbars/extensions/add-ons that may interfere with the operation of Google Chrome.
VipreRescueScanner (Deep Scan)=Ran virus scans (Vipre)
VipreRescueScanner (Quick Scan)=Ran virus scans (Vipre)
28=Created a System Restore point.
32=Ran a Zero Access malware scan.
2=Uninstalled unnecessary applications
41=Re-wrote the default Safe Mode services to prevent potential issues with blue screens when entering Safe Mode.
33=Backed up all Registry Hives.
1=Uninstalled unnecessary applications
9=Repaired file associations for executable files.
10=Removed restrictive Windows policy settings.
11=Cleared proxy settings.
18=Scanned for known malware files and registry entries and removed anything found.
12=Deleted unnecessary temporary files from user profiles and temporary files used by Windows.
13=Deleted temporary internet cache from user profiles.
34=Scanned for viruses/malware with Microsoft Security Essentials / Windows Defender.
49=Scanned for Windows system component corruption to repair any issues found.
24=Repaired the built-in Windows firewall.
31=Set all network adapters to DHCP.
75=Apply static DNS settings to all NICs.
21=Ran repair and reset procedures on networking components.
25=Reset all settings to defaults for the built-in Windows firewall.
36=Manually examined the HOSTS file for hijacks or other issues.
22=Repaired the Windows Update services responsible for Windows Update functionality.
38=Performed repair routines to ensure the Winsock is operating properly.
83=Examined internet speed/bandwidth.
=Malwarebytes installed successfully.

42
.bin/d7ii/Config/AppOverrides.ini Normal file
View file

@ -0,0 +1,42 @@
[Autoruns]
PostRunApp=
AlwaysAttemptDownload=1
DLafterXdays=7
EmailBeforeExecution=0
PriorAlert=1
[Autoruns_Copy]
PostRunApp=
AlwaysAttemptDownload=1
DLafterXdays=7
EmailBeforeExecution=0
PriorAlert=1
[Autoruns (Verify and Log)]
PostRunApp=
AlwaysAttemptDownload=1
DLafterXdays=7
EmailBeforeExecution=0
PriorAlert=0
[Google Chrome Software Removal Tool]
PostRunApp=
AlwaysAttemptDownload=1
DLafterXdays=0
EmailBeforeExecution=0
PriorAlert=1
[VipreRescueScanner (Deep Scan)]
PostRunApp=
AlwaysAttemptDownload=1
DLafterXdays=1
EmailBeforeExecution=0
PriorAlert=0
[VipreRescueScanner (Quick Scan)]
PostRunApp=
AlwaysAttemptDownload=1
DLafterXdays=1
EmailBeforeExecution=0
PriorAlert=0
[]
PostRunApp=
AlwaysAttemptDownload=1
DLafterXdays=.5
EmailBeforeExecution=0
PriorAlert=0

37
.bin/d7ii/Config/CustomApps/AdwCleaner (Updated).cfg Normal file
View file

@ -0,0 +1,37 @@
[Config]
LastEditDate=10/8/2018 10:56:15 PM
PostRunApp=
AppWebsite=https://www.malwarebytes.com/adwcleaner/
AppDLPage=https://downloads.malwarebytes.com/file/adwcleaner
AppDesc=Toolbar Remover
App=AdwCleaner.exe
UseFTPServer=0
AppURL=https://downloads.malwarebytes.com/file/adwcleaner
AppDLName=AdwCleaner.exe
AlwaysAttemptDownload=1
DLafterXdays=.5
AppWait=1
EmailBeforeExecution=0
PriorAlert=1
ServiceWait=1
AppMsgBox=0
AppRandomize=0
SaveConfigAfter=0
MoveSnatchReports=1
SnatchReportsLoc=%systemdrive%\AdwCleaner\AdwCleaner*.txt
SnatchReportsToMalwareLogs=1
RunInCMD=0
SendEnter=0
RunWithSystemAccess=0
IsDLInstaller=0
LogVerbiage=Removed unnecessary internet browser add-ins (e.g. Toolbars) [AdwCleaner]
32=1
64=1
XP=1
Vista=1
7=1
8=1
Servers=1
NonDirectURLs=0
AutoFlag=0
LastDownload=8/14/2018

45
.bin/d7ii/Config/CustomApps/HitmanPro (Auto).cfg Normal file
View file

@ -0,0 +1,45 @@
[Config]
Author=2Shirt
LastEditDate=10/8/2018 10:56:18 PM
PostRunApp=
AppWebsite=http://www.surfright.nl/en/hitmanpro/
AppDLPage=http://www.surfright.nl/en/downloads/
AppDesc=Malware scanner
App=HitmanPro.exe
App64=HitmanPro_x64.exe
AppParms=/clean /noinstall /excludelist="%3rdpath%\HMP_Excludes.txt" /logtype=txt /log="%malreportdir%\HitmanPro_Scan_Log_%date%.txt"
AppURL64=https://dl.surfright.nl/HitmanPro_x64.exe
AppURL64B=http://dl.surfright.nl/FoolishIT/HitmanPro_x64.exe
AppDLName64=HitmanPro_x64.exe
UseFTPServer=0
AppURL=https://dl.surfright.nl/HitmanPro.exe
AppURLB=http://dl.surfright.nl/FoolishIT/HitmanPro.exe
AppDLName=HitmanPro.exe
AlwaysAttemptDownload=1
DLafterXdays=.5
AppWait=1
EmailBeforeExecution=0
PriorAlert=0
ServiceWait=0
AppMsgBox=1
AppWaitTime=60
AppRandomize=1
CopyConfigFirst=HMP.cmd
SaveConfigAfter=0
MoveSnatchReports=0
SnatchReportsToMalwareLogs=1
RunInCMD=0
SendEnter=0
RunWithSystemAccess=0
IsDLInstaller=0
LogVerbiage=Ran Malware Scans (HitmanPro)
32=1
64=1
XP=1
Vista=1
7=1
8=1
Servers=1
NonDirectURLs=0
AutoFlag=1
LastDownload=8/19/2018

34
.bin/d7ii/Config/CustomApps/IObit Uninstaller.cfg Normal file
View file

@ -0,0 +1,34 @@
[Config]
LastEditDate=8/25/2018 3:50:11 PM
PostRunApp=
App=WizardKit Launcher.cmd
UseFTPServer=0
AlwaysAttemptDownload=0
DLafterXdays=5
AppWait=1
EmailBeforeExecution=0
PriorAlert=1
ServiceWait=0
AppMsgBox=1
AppRandomize=0
SaveConfigAfter=0
MoveSnatchReports=0
SnatchReportsToMalwareLogs=1
RunInCMD=0
SendEnter=0
RunWithSystemAccess=0
IsDLInstaller=0
32=1
64=1
XP=1
Vista=1
7=1
8=1
Servers=1
NonDirectURLs=0
AutoFlag=0
LogVerbiage=Uninstalled unnecessary / junk programs.
AppDesc=Application uninstaller and cleanup utility
AppParms=Uninstallers\IObit Uninstaller.cmd
WaitOnProcesses=IObitUninstallerPortable.exe
AppWaitTime=60

34
.bin/d7ii/Config/CustomApps/Install SW Bundle.cfg Normal file
View file

@ -0,0 +1,34 @@
[Config]
LastEditDate=8/30/2018 10:49:46 AM
PostRunApp=
AppParms=.bin\Scripts\launchers_for_d7\Install SW Bundle.cmd
UseFTPServer=0
AlwaysAttemptDownload=0
DLafterXdays=5
AppWait=1
EmailBeforeExecution=0
PriorAlert=0
ServiceWait=0
AppMsgBox=1
AppRandomize=0
SaveConfigAfter=0
MoveSnatchReports=0
SnatchReportsToMalwareLogs=1
RunInCMD=0
SendEnter=0
RunWithSystemAccess=0
IsDLInstaller=0
32=1
64=1
XP=1
Vista=1
7=1
8=1
Servers=1
NonDirectURLs=0
App=WizardKit Launcher.cmd
AutoFlag=0
WaitOnProcesses=ConEmu.exe;ConEmuC.exe;ConEmu64.exe;ConEmuC64.exe;python.exe;Ninite.exe
AppDesc=Install software bundle
LogVerbiage=Installed or updated commonly used applications (Adobe Reader, Google Chrome, etc)
AppWaitTime=60

35
.bin/d7ii/Config/CustomApps/Malwarebytes Download.cfg Normal file
View file

@ -0,0 +1,35 @@
[Config]
LastEditDate=10/8/2018 10:55:27 PM
PostRunApp=
AppWebsite=https://www.malwarebytes.com/
AppDLPage=https://downloads.malwarebytes.com/file/mb3/
AppDesc=Download MBAM setup
UseFTPServer=0
AppURL=https://downloads.malwarebytes.com/file/mb3/
AppDLName=mbam-setup.exe
AlwaysAttemptDownload=1
DLafterXdays=3
AppWait=1
EmailBeforeExecution=0
PriorAlert=0
ServiceWait=0
AppMsgBox=0
AppRandomize=0
SaveConfigAfter=0
MoveSnatchReports=0
SnatchReportsToMalwareLogs=1
RunInCMD=1
SendEnter=0
RunWithSystemAccess=0
IsDLInstaller=0
32=1
64=1
XP=1
Vista=1
7=1
8=1
Servers=1
NonDirectURLs=0
AutoFlag=1
App=exit
LastDownload=10/7/2018

34
.bin/d7ii/Config/CustomApps/Malwarebytes Install.cfg Normal file
View file

@ -0,0 +1,34 @@
[Config]
LastEditDate=10/7/2018 3:51:22 PM
PostRunApp=
App=MBAM_Install.cmd
UseFTPServer=0
AlwaysAttemptDownload=0
DLafterXdays=0
AppWait=1
EmailBeforeExecution=0
PriorAlert=0
ServiceWait=0
AppMsgBox=1
AppRandomize=0
SaveConfigAfter=0
MoveSnatchReports=0
SnatchReportsToMalwareLogs=1
RunInCMD=0
SendEnter=0
RunWithSystemAccess=0
IsDLInstaller=0
32=1
64=1
XP=1
Vista=1
7=1
8=1
Servers=1
NonDirectURLs=0
AutoFlag=1
AppDesc=Install/Upgrade MBAM
LogVerbiage=Malwarebytes installed successfully.
LastDownload=8/18/2018
Author=2Shirt
AppWaitTime=5

34
.bin/d7ii/Config/CustomApps/Malwarebytes Scan.cfg Normal file
View file

@ -0,0 +1,34 @@
[Config]
LastEditDate=8/13/2018 4:48:53 PM
PostRunApp=
AppWebsite=https://www.malwarebytes.com/
AppDLPage=https://downloads.malwarebytes.com/file/mb3/
AppDesc=Malwarebytes Execution
App=%programfiles%\Malwarebytes\Anti-Malware\mbam.exe
App64=%programfiles%\Malwarebytes\Anti-Malware\mbam.exe
UseFTPServer=0
AlwaysAttemptDownload=0
DLafterXdays=5
AppWait=1
EmailBeforeExecution=0
PriorAlert=1
ServiceWait=0
AppMsgBox=0
AppRandomize=1
SaveConfigAfter=0
MoveSnatchReports=0
SnatchReportsToMalwareLogs=1
RunInCMD=0
SendEnter=0
RunWithSystemAccess=0
IsDLInstaller=0
LogVerbiage=Malwarebytes ran successfully.
32=1
64=1
XP=1
Vista=1
7=1
8=1
Servers=1
NonDirectURLs=0
AutoFlag=0

30
.bin/d7ii/Config/CustomApps/Malwarebytes Uninstall.cfg Normal file
View file

@ -0,0 +1,30 @@
[Config]
LastEditDate=8/13/2018 7:32:30 PM
PostRunApp=
App=MBAM_Uninstall.cmd
UseFTPServer=0
AlwaysAttemptDownload=0
DLafterXdays=5
AppWait=1
EmailBeforeExecution=0
PriorAlert=0
ServiceWait=0
AppMsgBox=0
AppRandomize=0
SaveConfigAfter=0
MoveSnatchReports=0
SnatchReportsToMalwareLogs=1
RunInCMD=0
SendEnter=0
RunWithSystemAccess=0
IsDLInstaller=0
32=1
64=1
XP=1
Vista=1
7=1
8=1
Servers=1
NonDirectURLs=0
AutoFlag=1
AppDesc=Uninstall MBAM (if not previously installed)

40
.bin/d7ii/Config/CustomApps/RKill (Auto).cfg Normal file
View file

@ -0,0 +1,40 @@
[Config]
Author=2Shirt
LastEditDate=10/8/2018 10:56:23 PM
PostRunApp=
AppWebsite=http://www.bleepingcomputer.com/forums/t/308364/rkill-what-it-does-and-what-it-doesnt-a-brief-introduction-to-the-program/
AppDLPage=http://www.bleepingcomputer.com/download/rkill/
AppDesc=Anti-Malware app.
App=rkill.exe
AppParms=-s -w "%3rdpath%\rkill_Excludes.txt"
UseFTPServer=0
AppURL=https://download.bleepingcomputer.com/grinler/rkill.exe
AppDLName=rkill.exe
AlwaysAttemptDownload=1
DLafterXdays=.5
AppWait=1
EmailBeforeExecution=0
PriorAlert=0
ServiceWait=0
AppMsgBox=0
AppRandomize=1
CopyConfigFirst=rkill.cmd
SaveConfigAfter=0
MoveSnatchReports=1
SnatchReportsLoc=%userprofile%\Desktop\rkill*.txt
SnatchReportsToMalwareLogs=1
RunInCMD=0
SendEnter=0
RunWithSystemAccess=0
IsDLInstaller=0
LogVerbiage=Ran Malware Scan (RKill)
32=1
64=1
XP=1
Vista=1
7=1
8=1
Servers=1
NonDirectURLs=0
AutoFlag=1
LastDownload=10/7/2018

35
.bin/d7ii/Config/CustomApps/WizardKit Browser Reset.cfg Normal file
View file

@ -0,0 +1,35 @@
[Config]
Author=2Shirt
LastEditDate=8/25/2018 3:50:41 PM
PostRunApp=
AppDesc=WizardKit browser reset script (d7II mode)
App=WizardKit Launcher.cmd
AppParms=.bin\Scripts\launchers_for_d7\Browser Reset.cmd
UseFTPServer=0
AlwaysAttemptDownload=0
DLafterXdays=5
AppWait=1
WaitOnProcesses=ConEmu.exe;ConEmuC.exe;ConEmu64.exe;ConEmuC64.exe;python.exe
EmailBeforeExecution=0
PriorAlert=1
ServiceWait=0
AppMsgBox=1
AppRandomize=0
SaveConfigAfter=0
MoveSnatchReports=0
SnatchReportsToMalwareLogs=1
RunInCMD=0
SendEnter=0
RunWithSystemAccess=0
IsDLInstaller=0
LogVerbiage=Reset web browsers to safe defaults and removed any malicous addons found.
32=1
64=1
XP=1
Vista=1
7=1
8=1
Servers=1
NonDirectURLs=0
AutoFlag=0
AppWaitTime=30

35
.bin/d7ii/Config/CustomApps/WizardKit System Checklist.cfg Normal file
View file

@ -0,0 +1,35 @@
[Config]
Author=2Shirt
LastEditDate=8/25/2018 3:50:50 PM
PostRunApp=
AppDesc=WizardKit system checklist script (d7II mode)
App=WizardKit Launcher.cmd
AppParms=.bin\Scripts\launchers_for_d7\System Checklist.cmd
UseFTPServer=0
AlwaysAttemptDownload=0
DLafterXdays=5
AppWait=1
WaitOnProcesses=ConEmu.exe;ConEmuC.exe;ConEmu64.exe;ConEmuC64.exe;python.exe
EmailBeforeExecution=0
PriorAlert=1
ServiceWait=0
AppMsgBox=1
AppRandomize=0
SaveConfigAfter=0
MoveSnatchReports=0
SnatchReportsToMalwareLogs=1
RunInCMD=0
SendEnter=0
RunWithSystemAccess=0
IsDLInstaller=0
32=1
64=1
XP=1
Vista=1
7=1
8=1
Servers=1
NonDirectURLs=0
AutoFlag=0
LogVerbiage=Examined and verified system-wide settings (available updates, drivers, activation, etc)
AppWaitTime=60

35
.bin/d7ii/Config/CustomApps/WizardKit System Diagnostics.cfg Normal file
View file

@ -0,0 +1,35 @@
[Config]
Author=2Shirt
LastEditDate=8/25/2018 3:49:49 PM
PostRunApp=
AppDesc=WizardKit system diagnostics script (d7II mode)
App=WizardKit Launcher.cmd
AppParms=.bin\Scripts\launchers_for_d7\System Diagnostics.cmd
UseFTPServer=0
AlwaysAttemptDownload=0
DLafterXdays=5
AppWait=1
WaitOnProcesses=ConEmu.exe;ConEmuC.exe;ConEmu64.exe;ConEmuC64.exe;python.exe
EmailBeforeExecution=0
PriorAlert=1
ServiceWait=0
AppMsgBox=1
AppRandomize=0
SaveConfigAfter=0
MoveSnatchReports=0
SnatchReportsToMalwareLogs=1
RunInCMD=0
SendEnter=0
RunWithSystemAccess=0
IsDLInstaller=0
32=1
64=1
XP=1
Vista=1
7=1
8=1
Servers=1
NonDirectURLs=0
AutoFlag=0
LogVerbiage=Ran OS built-in repairs and backed up system information
AppWaitTime=60

35
.bin/d7ii/Config/CustomApps/WizardKit User Checklist.cfg Normal file
View file

@ -0,0 +1,35 @@
[Config]
Author=2Shirt
LastEditDate=8/25/2018 3:50:59 PM
PostRunApp=
AppDesc=WizardKit user checklist script (d7II mode)
App=WizardKit Launcher.cmd
AppParms=.bin\Scripts\launchers_for_d7\User Checklist.cmd
UseFTPServer=0
AlwaysAttemptDownload=0
DLafterXdays=5
AppWait=1
WaitOnProcesses=ConEmu.exe;ConEmuC.exe;ConEmu64.exe;ConEmuC64.exe;python.exe;firefox.exe;chrome.exe
EmailBeforeExecution=0
PriorAlert=1
ServiceWait=0
AppMsgBox=1
AppRandomize=0
SaveConfigAfter=0
MoveSnatchReports=0
SnatchReportsToMalwareLogs=1
RunInCMD=0
SendEnter=0
RunWithSystemAccess=0
IsDLInstaller=0
LogVerbiage=Verified web browser settings and functionality
32=1
64=1
XP=1
Vista=1
7=1
8=1
Servers=1
NonDirectURLs=0
AutoFlag=0
AppWaitTime=60

485
.bin/d7ii/Config/CustomApps_d7II/3rd Party Configs/Everything.ini Normal file
View file

@ -0,0 +1,485 @@
[Everything]
app_data=0
run_as_admin=1
window_x=1614
window_y=186
window_wide=794
window_high=664
maximized=0
minimized=0
fullscreen=0
ontop=0
match_whole_word=0
match_path=0
match_case=0
match_diacritics=0
match_regex=0
selection_mask_right_bottom_inclusive=1
allow_multiple_windows=0
allow_multiple_instances=0
run_in_background=1
show_tray_icon=1
alternate_row_color=0
show_mouseover=0
check_for_updates_on_startup=0
beta_updates=0
show_highlighted_search_terms=1
text_size=0
hide_empty_search_results=0
clear_selection_on_search=1
new_window_key=0
show_window_key=0
toggle_window_key=0
language=0
show_selected_item_in_statusbar=0
open_folder_command2=
open_file_command2=
open_path_command2=
explore_command2=
explore_path_command2=
window_title_format=
taskbar_notification_title_format=
instance_name=
translucent_selection_rectangle_alpha=70
min_zoom=-6
max_zoom=27
context_menu_type=0
auto_include_fixed_volumes=1
auto_include_removable_volumes=0
last_export_type=0
max_threads=0
reuse_threads=1
single_parent_context_menu=0
auto_size_1=512
auto_size_2=640
auto_size_3=768
auto_size_aspect_ratio_x=9
auto_size_aspect_ratio_y=7
auto_size_path_x=1
auto_size_path_y=2
sticky_vscroll_bottom=1
last_options_page=9
draw_focus_rect=1
date_format=
time_format=
invert_layout=0
listview_item_high=0
debug=0
home_match_case=0
home_match_whole_word=0
home_match_path=0
home_match_diacritics=0
home_regex=0
home_search=1
home_filter=0
home_sort=0
home_index=1
allow_multiple_windows_from_tray=0
single_click_tray=0
close_on_execute=0
double_click_path=0
update_display_after_scroll=0
update_display_after_mask=1
auto_scroll_view=0
double_quote_copy_as_path=0
snap=0
snaplen=10
rename_select_filepart_only=0
rename_move_caret_to_selection_end=0
search_edit_move_caret_to_selection_end=0
select_search_on_mouse_click=1
focus_search_on_activate=0
reset_vscroll_on_search=1
wrap_focus=0
load_icon_priority=0
load_fileinfo_priority=0
header_high=0
hide_on_close=0
winmm=0
menu_escape_amp=1
fast_ascii_search=1
match_path_when_search_contains_path_separator=1
allow_literal_operators=0
allow_round_bracket_parenthesis=0
expand_environment_variables=0
search_as_you_type=1
convert_forward_slash_to_backslash=0
match_whole_filename_when_using_wildcards=1
double_buffer=1
search=
show_number_of_results_with_selection=0
date_descending_first=0
size_descending_first=0
size_format=2
alpha_select=0
tooltips=1
rtl_listview_edit=0
bookmark_remember_case=1
bookmark_remember_wholeword=1
bookmark_remember_path=1
bookmark_remember_diacritic=1
bookmark_remember_regex=1
bookmark_remember_sort=1
bookmark_remember_filter=1
bookmark_remember_index=1
exclude_list_enabled=1
exclude_hidden_files_and_folders=0
exclude_system_files_and_folders=0
include_only_files=
exclude_files=
db_location=
db_multi_user_filename=0
db_compress=0
extended_information_cache_monitor=1
keep_missing_indexes=0
editor_x=0
editor_y=0
editor_wide=0
editor_high=0
editor_maximized=0
file_list_relative_paths=1
max_recv_size=8388608
display_full_path_name=0
size_tiny=10240
size_small=102400
size_medium=1048576
size_large=16777216
size_huge=134217728
themed_toolbar=1
show_copy_path=2
show_copy_full_name=2
show_open_path=2
show_explore=2
show_explore_path=2
copy_path_folder_append_backslash=0
custom_verb01=
custom_verb02=
custom_verb03=
custom_verb04=
custom_verb05=
custom_verb06=
custom_verb07=
custom_verb08=
custom_verb09=
custom_verb10=
custom_verb11=
custom_verb12=
filters_visible=0
filters_wide=128
filters_right_align=1
filters_tab_stop=0
filter=
filter_everything_name=
sort=Name
sort_ascending=1
always_keep_sort=0
index=0
index_file_list=
index_etp_server=
index_link_type=1
status_bar_visible=1
select_search_on_focus_mode=1
select_search_on_set_mode=2
search_history_enabled=0
run_history_enabled=1
search_history_days_to_keep=90
run_history_days_to_keep=90
search_history_always_suggest=0
search_history_max_results=24
search_history_show_above=0
service_port=15485
etp_server_enabled=0
etp_server_bindings=
etp_server_port=21
etp_server_username=
etp_server_password=
etp_server_welcome_message=
etp_server_log_file_name=
etp_server_logging_enabled=1
etp_server_log_max_size=4194304
etp_server_log_delta_size=524288
etp_server_allow_file_download=1
http_server_enabled=0
http_server_bindings=
http_title_format=
http_server_port=80
http_server_username=
http_server_password=
http_server_home=
http_server_default_page=
http_server_log_file_name=
http_server_logging_enabled=1
http_server_log_max_size=4194304
http_server_log_delta_size=524288
http_server_allow_file_download=1
name_column_pos=0
name_column_width=256
path_column_visible=1
path_column_pos=1
path_column_width=256
size_column_visible=1
size_column_pos=2
size_column_width=96
extension_column_visible=0
extension_column_pos=3
extension_column_width=96
type_column_visible=0
type_column_pos=4
type_column_width=96
last_write_time_column_visible=1
last_write_time_column_pos=3
last_write_time_column_width=153
creation_time_column_visible=0
creation_time_column_pos=6
creation_time_column_width=140
date_accessed_column_visible=0
date_accessed_column_pos=7
date_accessed_column_width=140
attribute_column_visible=0
attribute_column_pos=8
attribute_column_width=70
date_recently_changed_column_visible=0
date_recently_changed_column_pos=9
date_recently_changed_column_width=96
run_count_column_visible=0
run_count_column_pos=10
run_count_column_width=96
date_run_column_visible=0
date_run_column_pos=11
date_run_column_width=140
file_list_filename_column_visible=0
file_list_filename_column_pos=12
file_list_filename_column_width=96
translucent_selection_rectangle_background_color=
translucent_selection_rectangle_border_color=
ntfs_volume_paths=
ntfs_volume_includes=
ntfs_volume_load_recent_changes=
ntfs_volume_include_onlys=
ntfs_volume_monitors=
filelists=
folders=
folder_monitor_changes=
folder_update_types=
folder_update_days=
folder_update_ats=
folder_update_intervals=
folder_update_interval_types=
exclude_folders=
connect_history_hosts=
connect_history_ports=
connect_history_usernames=
connect_history_link_types=
file_new_search_window_keys=334
file_open_file_list_keys=335
file_close_file_list_keys=
file_close_keys=343,27
file_export_keys=339
file_copy_full_name_to_clipboard_keys=9539
file_copy_path_to_clipboard_keys=
file_set_run_count_keys=
file_create_shortcut_keys=
file_delete_keys=8238
file_delete_permanently_keys=9262
file_edit_keys=
file_open_keys=8205
file_open_selection_and_close_everything_keys=
file_explore_path_keys=
file_open_new_keys=
file_open_path_keys=8461
file_open_with_keys=
file_open_with_default_verb_keys=
file_play_keys=
file_preview_keys=
file_print_keys=
file_print_to_keys=
file_properties_keys=8717
file_read_extended_information_keys=8517
file_rename_keys=8305
file_run_as_keys=
file_exit_keys=337
file_custom_verb_1_keys=
file_custom_verb_2_keys=
file_custom_verb_3_keys=
file_custom_verb_4_keys=
file_custom_verb_5_keys=
file_custom_verb_6_keys=
file_custom_verb_7_keys=
file_custom_verb_8_keys=
file_custom_verb_9_keys=
file_custom_verb_10_keys=
file_custom_verb_11_keys=
file_custom_verb_12_keys=
edit_cut_keys=8536
edit_copy_keys=8515,8493
edit_paste_keys=8534,9261
edit_select_all_keys=8513
edit_invert_selection_keys=
view_filters_keys=
view_status_bar_keys=
view_window_size_small_keys=561
view_window_size_medium_keys=562
view_window_size_large_keys=563
view_window_size_auto_fit_keys=564
view_zoom_zoom_in_keys=443,363
view_zoom_zoom_out_keys=445,365
view_zoom_reset_keys=304,352
view_go_to_back_keys=549,166
view_go_to_forward_keys=551,167
view_go_to_home_keys=548
view_sort_by_name_keys=305
view_sort_by_path_keys=306
view_sort_by_size_keys=307
view_sort_by_extension_keys=308
view_sort_by_type_keys=309
view_sort_by_date_modified_keys=310
view_sort_by_date_created_keys=311
view_sort_by_attributes_keys=312
view_sort_by_file_list_filename_keys=
view_sort_by_run_count_keys=
view_sort_by_date_run_keys=
view_sort_by_date_recently_changed_keys=313
view_sort_by_date_accessed_keys=
view_sort_by_ascending_keys=
view_sort_by_descending_keys=
view_refresh_keys=116
view_fullscreen_keys=122
view_toggle_ltrrtl_keys=
view_on_top_never_keys=
view_on_top_always_keys=340
view_on_top_while_searching_keys=
search_match_case_keys=329
search_match_whole_word_keys=322
search_match_path_keys=341
search_match_diacritics_keys=333
search_enable_regex_keys=338
search_add_to_filters_keys=
search_organize_filters_keys=1350
bookmarks_add_to_bookmarks_keys=324
bookmarks_organize_bookmarks_keys=1346
tools_options_keys=336
tools_console_keys=448
tools_file_list_editor_keys=
tools_connect_to_etp_server_keys=
tools_disconnect_from_etp_server_keys=
help_everything_help_keys=112
help_search_syntax_keys=
help_regex_syntax_keys=
help_command_line_options_keys=
help_everything_website_keys=
help_check_for_updates_keys=
help_about_everything_keys=368
search_edit_focus_search_edit_keys=326,114
search_edit_delete_previous_word_keys=4360
search_edit_auto_complete_search_keys=4384
search_edit_show_search_history_keys=
search_edit_show_all_search_history_keys=4646,4648
result_list_item_up_keys=8230,4134
result_list_item_down_keys=8232,4136
result_list_page_up_keys=8225,4129
result_list_page_down_keys=8226,4130
result_list_start_of_list_keys=8228
result_list_end_of_list_keys=8227
result_list_item_up_extend_keys=9254,5158
result_list_item_down_extend_keys=9256,5160
result_list_page_up_extend_keys=9249,5153
result_list_page_down_extend_keys=9250,5154
result_list_start_of_list_extend_keys=9252
result_list_end_of_list_extend_keys=9251
result_list_focus_up_keys=8486,4390
result_list_focus_down_keys=8488,4392
result_list_focus_page_up_keys=8481,4385
result_list_focus_page_down_keys=8482,4386
result_list_focus_start_of_list_keys=8484
result_list_focus_end_of_list_keys=8483
result_list_focus_up_extend_keys=9510,5414
result_list_focus_down_extend_keys=9512,5416
result_list_focus_page_up_extend_keys=9505,5409
result_list_focus_page_down_extend_keys=9506,5410
result_list_focus_start_of_list_extend_keys=9508
result_list_focus_end_of_list_extend_keys=9507
result_list_focus_result_list_keys=
result_list_toggle_path_column_keys=1330
result_list_toggle_size_column_keys=1331
result_list_toggle_extension_column_keys=1332
result_list_toggle_type_column_keys=1333
result_list_toggle_date_modified_column_keys=1334
result_list_toggle_date_created_column_keys=1335
result_list_toggle_attributes_column_keys=1336
result_list_toggle_file_list_filename_column_keys=
result_list_toggle_run_count_column_keys=
result_list_toggle_date_recently_changed_column_keys=1337
result_list_toggle_date_accessed_column_keys=
result_list_toggle_date_run_column_keys=
result_list_size_all_columns_to_fit_keys=8555
result_list_size_result_list_to_fit_keys=
result_list_context_menu_keys=9337
result_list_scroll_left_keys=8229
result_list_scroll_right_keys=8231
result_list_scroll_page_left_keys=8485
result_list_scroll_page_right_keys=8487
result_list_select_focus_keys=8224
result_list_toggle_focus_selection_keys=8480
result_list_copy_selection_to_clipboard_as_csv_keys=
result_list_font=
result_list_font_size=
search_edit_font=
search_edit_font_size=
status_bar_font=
status_bar_font_size=
header_font=
header_font_size=
normal_background_color=
normal_foreground_color=
normal_bold=
highlighted_background_color=
highlighted_foreground_color=
highlighted_bold=
selected_background_color=
selected_foreground_color=
selected_bold=
highlighted_selected_background_color=
highlighted_selected_foreground_color=
highlighted_selected_bold=
selected_inactive_background_color=
selected_inactive_foreground_color=
selected_inactive_bold=
highlighted_selected_inactive_background_color=
highlighted_selected_inactive_foreground_color=
highlighted_selected_inactive_bold=
drop_target_background_color=
drop_target_foreground_color=
drop_target_bold=
highlighted_drop_target_background_color=
highlighted_drop_target_foreground_color=
highlighted_drop_target_bold=
current_sort_background_color=
current_sort_foreground_color=
current_sort_bold=
highlighted_current_sort_background_color=
highlighted_current_sort_foreground_color=
highlighted_current_sort_bold=
mouseover_background_color=
mouseover_foreground_color=
mouseover_bold=
mouseover_highlighted_background_color=
mouseover_highlighted_foreground_color=
mouseover_highlighted_bold=
current_sort_mouseover_background_color=
current_sort_mouseover_foreground_color=
current_sort_mouseover_bold=
mouseover_current_sort_highlighted_background_color=
mouseover_current_sort_highlighted_foreground_color=
mouseover_current_sort_highlighted_bold=
alternate_row_background_color=
alternate_row_foreground_color=
alternate_row_bold=
alternate_row_highlighted_background_color=
alternate_row_highlighted_foreground_color=
alternate_row_highlighted_bold=
current_sort_alternate_row_background_color=
current_sort_alternate_row_foreground_color=
current_sort_alternate_row_bold=
current_sort_alternate_row_highlighted_background_color=
current_sort_alternate_row_highlighted_foreground_color=
current_sort_alternate_row_highlighted_bold=

11
.bin/d7ii/Config/CustomApps_d7II/3rd Party Configs/HMP.cmd Normal file
View file

@ -0,0 +1,11 @@
pushd "%~dp0"
cd..
set d7IIpath=%cd%
pushd "%~dp0"
echo %d7IIpath%\>HMP_Excludes.txt
echo %programfiles%\dSupportSuite\>>HMP_Excludes.txt
echo %programfiles(x86)%\dSupportSuite\>>HMP_Excludes.txt
echo %programfiles%\CryptoPrevent\>>HMP_Excludes.txt
echo %programfiles(x86)%\CryptoPrevent\>>HMP_Excludes.txt
echo %programfiles%\Foolish IT\CryptoPrevent\>>HMP_Excludes.txt
echo %programfiles(x86)%\Foolish IT\CryptoPrevent\>>HMP_Excludes.txt

17
.bin/d7ii/Config/CustomApps_d7II/3rd Party Configs/JRT_Auto.cmd Normal file
View file

@ -0,0 +1,17 @@
@echo off&pushd "%~dp0"
start /wait JRT.exe -y -nr
pushd "%temp%\jrt"
if not exist "get.bat" pushd %systemdrive%\JRT
if not exist "get.bat" goto :eof
findstr /v /i "pause" get.bat>tmp.txt
findstr /v /i /b "notepad" tmp.txt>get.bat
echo.>>"%temp%\jrt\wl_services.cfg"
echo d7iisvc>>"%temp%\jrt\wl_services.cfg"
echo dSSEventSvc>>"%temp%\jrt\wl_services.cfg"
echo CryptoPreventEventSvc>>"%temp%\jrt\wl_services.cfg"
echo.>>"%temp%\jrt\wl_processes.cfg"
echo d7ii>>"%temp%\jrt\wl_processes.cfg"
echo dfunk>>"%temp%\jrt\wl_processes.cfg"
echo dSupportSuite>>"%temp%\jrt\wl_processes.cfg"
echo CryptoPrevent>>"%temp%\jrt\wl_processes.cfg"
start /wait cmd.exe /c get.bat

26
.bin/d7ii/Config/CustomApps_d7II/3rd Party Configs/Neutron.ini Normal file
View file

@ -0,0 +1,26 @@
[Options]
AutoSync=1
AutoExit=1
Retry=1
[Servers]
0="time-a.nist.gov"
1="time-a.timefreq.bldrdoc.gov"
2="time-b.nist.gov"
3="time-b.timefreq.bldrdoc.gov"
4="time-c.timefreq.bldrdoc.gov"
5="us.pool.ntp.org"
6="1.us.pool.ntp.org"
7="2.us.pool.ntp.org"
8="3.us.pool.ntp.org"
9="pubts1-sj.witime.net"
10="pubts2-sj.witime.net"
11="rolex.usg.edu"
12="timekeeper.isi.edu"
13="nist1.symmetricom.com"
14="clock.via.net"
15="nist1.aol-ca.truetime.com"
16="nist.expertsmi.com"
17="nist1-dc.WiTime.net"
18="nist1-sj.WiTime.net"
19="utcnist.colorado.edu"

BIN
.bin/d7ii/Config/CustomApps_d7II/3rd Party Configs/PatchMyPC.reg Normal file
View file

Binary file not shown.

167
.bin/d7ii/Config/CustomApps_d7II/3rd Party Configs/a2cmd.cmd Normal file
View file

@ -0,0 +1,167 @@
::
:: --- BEGIN INFO ---
::
::
:: Applicable Custom App: All 'Emsisoft xxx' app configurations in d7II default custom app configurations.
::
:: Last Update: 2017-02-03
::
:: Created by Nick @ FoolishIT.com [Foolish IT LLC] as an example for the user-configurable d7II custom app's system.
::
::
:: - d7II Config Location: (applicable to most anything having to do with this batch file)
:: Open Config (under Main drop down menu) \ Custom Apps (tab) \ (search/find/highlight desired custom app in left column/box first) \ New/Edit App (sub-tab)
::
:: - This batch file is referenced from custom app configuration items in d7II Config, and may make references to other data available from within
:: the custom app configuration or used by it such as noted here.
::
:: - The 'Whitelist.txt' file created by this batch file will by referenced in the command line arguments passed to the custom app; the configuration
:: for this is located in custom apps config as mentioned above \ then the Execution (sub-tab)
::
:: - This batch file is called into action when configured in the 'Import Config Before Execution' setting in a d7II custom app configuration,
:: which can be found on the 'Pre-Execution' tab of the custom app configuration mentioned above.
::
:: NOTES: * When a .BAT/.CMD file such as this is found configured under this setting (as opposed to any other text or data file) it will be
:: copied to the custom app's final running directory (the same as any other files would be) but then executed as a batch script (after
:: the installer is executed if one is configured, but prior to execution of the main custom app itself.
::
:: * Similarly, a .VBS file would be copied to the custom app directory and executed as a script as above.
::
:: * Further, a .REG file would be imported to the registry if found configured for this setting.
::
:: * This setting may reference multiple files separated by a comma with no spacing required; e.g. 'file1.bat,file2.txt,file3.reg'
::
:: * All files (no paths) configured here must be located within your 'd7II\Config\CustomApps\3rd Party Configs' path (create the last
:: dirs if not exist.) They will likely work if located in the 'd7II\Config\CustomApps_d7II\3rd Party Configs' path, but with all
:: d7II default custom app configurations, this path with all content will be deleted and rewritten during updates to the default apps.
::
::
:: Batch File Objectives:
::
:: 1. Obtain d7II path via registry; use this in creating a whitelist to be used by the custom app
:: (to include all custom apps in subdirs of d7II)
::
:: 2. Obtain 3rd Party Tools path via registry; if this is not a subdir of the main d7II Path, then
:: add this to a whitelist to be used by the custom app (to include all custom apps in subdirs)
::
:: 3. create a2cmd whitelist as a new file in the location/directory of the custom app (overwrite existing if any)
:: - batch file current directory should be same as the main executable of the custom app (Execution tab)
:: - add d7II path and include all custom apps within the d7II subdir structure) and other Foolish IT apps
:: to a new file (overwrite) in the current directory (of the custom app whitelist for a2cmd.)
::
::
:: --- BEGIN CODE ---
:: Disable local echo, clear screen, output a blank line.
::
@echo off&cls&echo.
:: Set window title to visually identify what this console window is doing.
title [a2cmd] Performing Additional Custom App Tasks...
:: Change from the Current Working Directory (available to the %cd% variable)
:: to the Current Directory (available as %~dp0 below) where the file actually "lives"
:: and was the location where this batch file was copied to by d7II.exe prior to running it.
::
:: - This should be the path of the main exe for this custom app as configured in d7II;
:: located in custom apps config as mentioned above \ then the Execution (sub-tab)
::
:: - Syntax explanation:
::
:: '~' removes wrapping quotes (never use in a variable if possible, instead wrap the variable as necessary!)
:: 'd' returns a drive letter and colon
:: 'p' returns a full directory path (without a prepended driveletter, and including a trailing backslash)
:: '0' refers to self (this batch file) as the subject of the above conditions
::
pushd "%~dp0"
:: Set variables for registry value queries and app info
::
set "RegKey=HKLM\Software\Foolish IT\d7II\Session\Paths"
set "RegNameEXE=AppEXE"
set "RegName3PT=3PTDir"
set "MainPath=%systemdrive%\EmsisoftCmd"
set "MainEXE=a2cmd.exe"
set "InstEXE32=EmsisoftCommandlineScanner32.exe"
set "InstEXE64=EmsisoftCommandlineScanner64.exe"
set "InstParms=/S"
:: Determine if 64bit paths should be used. Note that by using the syntax '%programfiles% (x86)' and not the single
:: '%programfiles(x86)%' then we avoid any errors with the variable not existing and throwing off the actual exist check.
::
if "[%programfiles(x86)%]" NEQ "[]" if exist "%programfiles% (x86)" set Win64=True
::
if defined Win64 (
set "ProgramDir32=%programfiles(x86)%"
set "InstEXE=%InstEXE64%"
) else (
set "ProgramDir32=%programfiles%"
set "InstEXE=%InstEXE32%"
)
:: Run installer/self-extractor
::
if not exist "%MainPath%\%MainEXE%" if exist %InstEXE% start "" /wait "%InstEXE%" %InstParms%
:: Exit if install path does not exist...
::
if not exist "%MainPath%" (
goto :eof
) else (
pushd "%MainPath%"
)
:: Add exclusions for other Foolish IT product paths (unrelated to d7II) that may be on a system;
:: While we could first test for dir exist, the dumb addition of a few extra exclusions to the
:: whitelist without checking for their existence will make much of a difference to any custom app...
::
:: - NOTE: observe the first code line using a single ">" chr prior to the whitelist filename,
:: this creates new or overwrites an existing file; all subsequent usage for the same
:: filename must include the syntax of double ">>" chrs, which creates new or appends
:: to an existing file.
::
echo %ProgramDir32%\dSupportSuite\>a2cmd_Whitelist.txt
echo %ProgramDir32%\CryptoPrevent\>>a2cmd_Whitelist.txt
echo %ProgramDir32%\Foolish IT\CryptoPrevent\>>a2cmd_Whitelist.txt
:: Extract the full path to d7II.exe for the "d7IIPath" variable; obtain d7II path for the currently active
:: d7II 'session' via a registry query to the registry's copy of d7II's current session configuration.
::
:: - NOTE: The ' 2^>nul' syntax below redirects errors from the 'reg query' command to 'nul' in order to
:: keep garbage/error messages from defining this variable on an unexpected error...
::
:: Also, similar to the '%~dp0' syntax used with pushd at the beginning of the batch file, the
:: variable syntax '~dp' is used with the variable '%%_' to ensure output as a drive\path without
:: without a filename and without wrapping quotes (a trailing backslash is included in the output
:: and for these purposes it is also expected syntax for the custom app whitelist.
::
for /f "usebackq tokens=2*" %%a in (`reg query "%RegKey%" /v "%RegNameEXE%" 2^>nul`) do set "d7IIPath=%%~dpb"
::
:: Check for a result; if variable is defined above then add this path to the whitelist.
::
if defined d7IIPath echo %d7IIpath%>>a2cmd_Whitelist.txt
:: Next get the path to d7II custom apps / 3rd party tools via reg query, to provide redundancy if this path
:: for any reason is not located within a subdir of d7II.exe itself. First set the new registry value name.
::
for /f "usebackq tokens=2*" %%a in (`reg query "%RegKey%" /v "%RegName3PT%" 2^>nul`) do set "ToolsPath=%%~b"
::
:: Check for a result; if variable is defined above then add this path to the whitelist, otherwise the rest
:: of this script is useless, so exit.
::
if not defined ToolsPath goto :eof
echo %ToolsPath%\>>a2cmd_Whitelist.txt
:: If no parameters were passed to this batch file, it is being run as part of the "Copy Config" custom app
:: setting (it will be run a second time with parameters for the execution of the custom app itself, which is
:: configured to run this batch file again instead of %MainEXE% as the actual configured exe for this custom
:: app.)
::
:: Test to find out if any parameters were passed to this batch file, and if none are found just update...
::
if [%1] EQU [] goto :RunUpdate
:: If we make it this far then this batch file was launched with command line parameters intended for %MainEXE%,
:: so run the custom app passing all parameters as received and waiting for exit.
::
echo Running scan... (in a separate window; please do NOT close this window!)
::
start "" /wait "%MainEXE%" %*
goto :eof
:RunUpdate
::
:: Since getting here means no parameters were passed, run %MainEXE% using parameters for it's own internal
:: definition/signature update, then exit.
::
echo Starting update... (in a separate window; please do NOT close this window!)
::
start "" /wait "%MainEXE%" /update
goto :eof

BIN
.bin/d7ii/Config/CustomApps_d7II/3rd Party Configs/cpuz.ini Normal file
View file

Binary file not shown.

BIN
.bin/d7ii/Config/CustomApps_d7II/3rd Party Configs/pagedfrg.reg Normal file
View file

Binary file not shown.

5
.bin/d7ii/Config/CustomApps_d7II/3rd Party Configs/rkill.cmd Normal file
View file

@ -0,0 +1,5 @@
pushd "%~dp0"
cd..
set d7IIpath=%cd%
pushd "%~dp0"
echo %d7IIpath%\d7II.exe>rkill_Excludes.txt

35
.bin/d7ii/Config/CustomApps_d7II/AS SSD Benchmark.cfg Normal file
View file

@ -0,0 +1,35 @@
[Config]
DisableCloudShare=0
AppURL=http://www.alex-is.de/PHP/fusion/downloads.php?cat_id=4&file_id=9
AppDLName=AS SSD Benchmark.zip
AlwaysAttemptDownload=1
AppWait=1
ServiceWait=0
AppMsgBox=0
AppRandomize=0
SaveConfigAfter=0
MoveSnatchReports=0
SnatchReportsToMalwareLogs=1
RunInCMD=0
RunWithSystemAccess=0
IsDLInstaller=0
32=1
64=1
XP=1
Vista=1
7=1
8=1
Servers=1
App=AS SSD Benchmark\AS SSD Benchmark.exe
UseFTPServer=0
DLafterXdays=7
PriorAlert=0
LogVerbiage=Ran SSD testing/benchmark
LastDownload=10/27/2017
AppWebsite=www.alex-is.de/PHP/fusion/downloads.php?cat_id=4&download_id=9
Author=FoolishTech
LastEditDate=2/7/2014 9:45:12 AM
NonDirectURLs=0
AppDLPage=www.alex-is.de/PHP/fusion/downloads.php?cat_id=4&download_id=9
AppDesc=SSD Benchmark Utility
AutoFlag=0

36
.bin/d7ii/Config/CustomApps_d7II/AdwCleaner.cfg Normal file
View file

@ -0,0 +1,36 @@
[Config]
Author=FoolishTech
LastEditDate=7/21/2014 11:16:06 AM
AppWebsite=http://www.bleepingcomputer.com/download/adwcleaner/
AppDLPage=http://www.bleepingcomputer.com/download/adwcleaner/
AppDesc=Toolbar Remover
App=AdwCleaner.exe
UseFTPServer=0
AppURL=http://download.bleepingcomputer.com/Xplode/AdwCleaner.exe
AppURLB=http://general-changelog-team.fr/fr/downloads/finish/20-outils-de-xplode/2-adwcleaner
AppDLName=AdwCleaner.exe
AlwaysAttemptDownload=1
DLafterXdays=.5
AppWait=1
PriorAlert=1
ServiceWait=1
AppMsgBox=0
AppRandomize=0
SaveConfigAfter=0
MoveSnatchReports=1
SnatchReportsLoc=%systemdrive%\AdwCleaner\AdwCleaner*.txt
SnatchReportsToMalwareLogs=1
RunInCMD=0
RunWithSystemAccess=0
IsDLInstaller=0
LogVerbiage=Removed unnecessary internet browser add-ins (e.g. Toolbars) [AdwCleaner]
32=1
64=1
XP=1
Vista=1
7=1
8=1
Servers=1
NonDirectURLs=0
LastDownload=10/27/2017
AutoFlag=0

34
.bin/d7ii/Config/CustomApps_d7II/Auslogics DD Portable.cfg Normal file
View file

@ -0,0 +1,34 @@
[Config]
DisableCloudShare=0
AppWebsite=http://www.auslogics.com/en/software/disk-defrag/command-line/
App=ausdiskdefragportable.exe
AppURL=http://www.auslogics.com/en/downloads/disk-defrag/ausdiskdefragportable.exe
AppDLName=ausdiskdefragportable.exe
AlwaysAttemptDownload=1
AppWait=1
ServiceWait=0
AppMsgBox=0
AppRandomize=0
SaveConfigAfter=0
MoveSnatchReports=0
SnatchReportsToMalwareLogs=0
RunInCMD=0
RunWithSystemAccess=0
IsDLInstaller=0
32=1
64=1
XP=1
Vista=1
7=1
8=1
Servers=0
UseFTPServer=0
DLafterXdays=7
PriorAlert=1
LogVerbiage=Defragmented file system (Auslogics)
Author=FoolishTech
LastEditDate=2/7/2014 9:45:41 AM
NonDirectURLs=0
AppDesc=Disk Defragmenter
AppDLPage=http://www.auslogics.com/en/software/disk-defrag/
AutoFlag=0

36
.bin/d7ii/Config/CustomApps_d7II/Autoruns.cfg Normal file
View file

@ -0,0 +1,36 @@
[Config]
App=autoruns\autoruns.exe
AppURL=http://download.sysinternals.com/files/Autoruns.zip
AppDLName=autoruns.zip
AppWait=1
AppMsgBox=0
AppRandomize=1
MoveSnatchReports=0
SnatchReportsToMalwareLogs=1
RunInCMD=0
AppParms=-accepteula
DisableCloudShare=0
UseFTPServer=0
AlwaysAttemptDownload=1
DLafterXdays=7
PriorAlert=1
ServiceWait=0
SaveConfigAfter=0
RunWithSystemAccess=0
IsDLInstaller=0
32=1
64=1
XP=1
Vista=1
7=1
8=1
Servers=1
AppWebsite=http://technet.microsoft.com/en-us/sysinternals/bb963902
LogVerbiage=Examined Windows startup items and removed unnecessary entries.
LastDownload=10/27/2017
Author=FoolishTech
LastEditDate=2/7/2014 9:46:37 AM
NonDirectURLs=0
AppDLPage=http://technet.microsoft.com/en-us/sysinternals/bb963902
AppDesc=Manages Startup Items
AutoFlag=0

33
.bin/d7ii/Config/CustomApps_d7II/Avast! aswMBR.cfg Normal file
View file

@ -0,0 +1,33 @@
[Config]
App=aswMBR.exe
AppURL=http://public.avast.com/~gmerek/aswMBR.exe
AppWait=1
AppMsgBox=0
AppRandomize=1
MoveSnatchReports=0
SnatchReportsToMalwareLogs=1
RunInCMD=0
AppDLName=aswMBR.exe
DisableCloudShare=0
UseFTPServer=0
AlwaysAttemptDownload=0
PriorAlert=1
ServiceWait=0
SaveConfigAfter=0
RunWithSystemAccess=0
IsDLInstaller=0
32=1
64=1
XP=1
Vista=1
7=1
8=1
Servers=1
AppWebsite=http://public.avast.com/~gmerek/aswMBR.htm
LogVerbiage=Checked MBR for infections and scanned for additional malicious items (Avast!).
Author=FoolishTech
LastEditDate=2/7/2014 9:46:53 AM
AppDLPage=http://public.avast.com/~gmerek/aswMBR.htm
AppDesc=MBR Checker and Virus Scanner
NonDirectURLs=0
AutoFlag=0

34
.bin/d7ii/Config/CustomApps_d7II/BatteryInfoView.cfg Normal file
View file

@ -0,0 +1,34 @@
[Config]
DisableCloudShare=0
App=batteryinfoview.exe
AppURL=http://www.nirsoft.net/panel/batteryinfoview.exe
AppDLName=batteryinfoview.exe
AlwaysAttemptDownload=0
AppWait=1
ServiceWait=0
AppMsgBox=0
AppRandomize=0
SaveConfigAfter=0
MoveSnatchReports=0
SnatchReportsToMalwareLogs=0
RunInCMD=0
RunWithSystemAccess=0
IsDLInstaller=0
32=1
64=1
XP=1
Vista=1
7=1
8=1
Servers=1
AppWebsite=www.nirsoft.net/utils/battery_information_view.html
UseFTPServer=0
PriorAlert=0
LogVerbiage=Checked battery life and wear level.
Author=FoolishTech
LastEditDate=2/7/2014 9:47:17 AM
AppDLPage=www.nirsoft.net/utils/battery_information_view.html
AppDesc=Detailed info on installed batteries
NonDirectURLs=0
AutoFlag=0
LastDownload=10/27/2017

36
.bin/d7ii/Config/CustomApps_d7II/Belarc Advisor (Install-Report).cfg Normal file
View file

@ -0,0 +1,36 @@
[Config]
Author=FoolishTech
LastEditDate=2/7/2014 9:49:58 AM
App=advisorinstaller.exe
AppParms=/silent
UseFTPServer=0
AppURL=http://www.belarc.com/Programs/advisorinstaller.exe
AppDLName=advisorinstaller.exe
AlwaysAttemptDownload=0
DLafterXdays=5
AppWait=1
WaitOnProcesses=Belarc~1.exe
PriorAlert=0
ServiceWait=0
AppMsgBox=0
AppRandomize=0
SaveConfigAfter=0
MoveSnatchReports=0
SnatchReportsLoc=%programfiles(x86)%\Belarc\BelarcAdvisor\System\tmp\(%computername%).html
SnatchReportsToMalwareLogs=0
RunInCMD=0
RunWithSystemAccess=0
IsDLInstaller=0
32=1
64=1
XP=1
Vista=1
7=1
8=1
Servers=1
NonDirectURLs=0
AppWebsite=http://www.belarc.com/free_download.html
AppDLPage=http://www.belarc.com/free_download.html
AppDesc=System Information Utility (Not 'Portable' - Installation Necessary)
AutoFlag=1
LastDownload=10/27/2017

38
.bin/d7ii/Config/CustomApps_d7II/Bitdefender Rootkit Remover.cfg Normal file
View file

@ -0,0 +1,38 @@
[Config]
DisableCloudShare=0
App=BootkitRemoval_x86.exe
App64=BootkitRemoval_x64.exe
AppURL64=http://download.bitdefender.com/removal_tools/BootkitRemoval_x64.exe
AppDLName64=BootkitRemoval_x64.exe
UseFTPServer=0
AppURL=http://download.bitdefender.com/removal_tools/BootkitRemoval_x86.exe
AppDLName=BootkitRemoval_x86.exe
AlwaysAttemptDownload=1
DLafterXdays=5
AppWait=1
PriorAlert=1
ServiceWait=0
AppMsgBox=0
AppRandomize=1
SaveConfigAfter=0
MoveSnatchReports=0
SnatchReportsToMalwareLogs=1
RunInCMD=0
RunWithSystemAccess=0
IsDLInstaller=0
32=1
64=1
XP=1
Vista=1
7=1
8=1
Servers=1
AppWebsite=http://labs.bitdefender.com/projects/rootkit-remover/rootkit-remover/
LogVerbiage=Performed additional rootkit scanning. (BRR)
Author=FoolishTech
LastEditDate=2/7/2014 9:50:38 AM
AppDLPage=http://labs.bitdefender.com/projects/rootkit-remover/rootkit-remover/
AppDesc=Bitdefender Rootkit Remover
NonDirectURLs=0
AutoFlag=0
LastDownload=8/13/2018

34
.bin/d7ii/Config/CustomApps_d7II/BluescreenView.cfg Normal file
View file

@ -0,0 +1,34 @@
[Config]
DisableCloudShare=0
App=bluescreenview.exe
AppURL=http://www.nirsoft.net/panel/bluescreenview.exe
AppDLName=bluescreenview.exe
AlwaysAttemptDownload=0
AppWait=1
ServiceWait=0
AppMsgBox=0
AppRandomize=0
SaveConfigAfter=0
MoveSnatchReports=0
SnatchReportsToMalwareLogs=0
RunInCMD=0
RunWithSystemAccess=0
IsDLInstaller=0
32=1
64=1
XP=1
Vista=1
7=1
8=1
Servers=1
UseFTPServer=0
PriorAlert=0
LogVerbiage=Checked for previous blue screens / crash dumps.
AppWebsite=www.nirsoft.net/utils/blue_screen_view.html
Author=FoolishTech
LastEditDate=2/7/2014 9:51:06 AM
AppDLPage=www.nirsoft.net/utils/blue_screen_view.html
AppDesc=Analyze blue screens / memory dumps created by Windows
NonDirectURLs=0
AutoFlag=0
LastDownload=10/27/2017

39
.bin/d7ii/Config/CustomApps_d7II/CPU-Z.cfg Normal file
View file

@ -0,0 +1,39 @@
[Config]
Author=FoolishIT
LastEditDate=12/8/2015 9:51:43 AM
PostRunApp=
AppWebsite=http://www.cpuid.com/softwares/cpu-z.html
AppDLPage=http://www.cpuid.com/softwares/cpu-z.html
App=cpu-z\cpuz_x32.exe
App64=cpu-z\cpuz_x64.exe
UseFTPServer=0
AppURL=http://download.cpuid.com/cpu-z/cpu-z_1.74-en.zip
AppDLName=cpu-z.zip
AlwaysAttemptDownload=1
DLafterXdays=5
AppWait=1
EmailBeforeExecution=0
PriorAlert=0
ServiceWait=0
AppMsgBox=0
AppRandomize=0
SaveConfigAfter=1
MoveSnatchReports=0
SnatchReportsToMalwareLogs=0
RunInCMD=0
SendEnter=0
RunWithSystemAccess=0
IsDLInstaller=0
32=1
64=1
XP=1
Vista=1
7=1
8=1
Servers=1
NonDirectURLs=0
AutoFlag=0
AppDesc=Display hardware information (CPU, RAM, MB)
LogVerbiage=Reviewed hardware information of the system.
LastDownload=12/8/2015
CopyConfigFirst=cpuz.ini

33
.bin/d7ii/Config/CustomApps_d7II/ComboFix (Uninstall).cfg Normal file
View file

@ -0,0 +1,33 @@
[Config]
App=combofix.exe
AppParms=/uninstall
AppURL=http://download.bleepingcomputer.com/sUBs/ComboFix.exe
AppDLName=combofix.exe
AppWait=1
AppMsgBox=0
AppRandomize=0
MoveSnatchReports=0
SnatchReportsToMalwareLogs=1
RunInCMD=0
32=1
64=1
XP=1
Vista=1
7=1
8=0
AlwaysAttemptDownload=0
SaveConfigAfter=0
DisableCloudShare=0
UseFTPServer=0
PriorAlert=1
ServiceWait=1
RunWithSystemAccess=0
IsDLInstaller=0
Servers=1
AppWebsite=http://www.bleepingcomputer.com/download/combofix/
Author=FoolishTech
LastEditDate=2/7/2014 9:51:39 AM
AppDLPage=http://www.bleepingcomputer.com/download/combofix/
AppDesc=Uninstalls Combofix, cleaning up any leftover files/settings.
NonDirectURLs=0
AutoFlag=0

34
.bin/d7ii/Config/CustomApps_d7II/ComboFix.cfg Normal file
View file

@ -0,0 +1,34 @@
[Config]
App=combofix.exe
AppURL=http://download.bleepingcomputer.com/sUBs/ComboFix.exe
AppDLName=combofix.exe
AppWait=1
AppMsgBox=0
AppRandomize=0
MoveSnatchReports=0
SnatchReportsToMalwareLogs=1
RunInCMD=0
AlwaysAttemptDownload=1
SaveConfigAfter=0
32=1
64=1
XP=1
Vista=1
7=1
8=0
DisableCloudShare=0
UseFTPServer=0
DLafterXdays=.5
PriorAlert=1
ServiceWait=1
RunWithSystemAccess=0
IsDLInstaller=0
Servers=1
AppWebsite=http://www.bleepingcomputer.com/download/combofix/
LogVerbiage=Ran malware scans (Combofix)
Author=FoolishTech
LastEditDate=2/7/2014 9:52:03 AM
AppDLPage=http://www.bleepingcomputer.com/download/combofix/
AppDesc=Malware removal tool.
NonDirectURLs=0
AutoFlag=0

33
.bin/d7ii/Config/CustomApps_d7II/CrowdInspect.cfg Normal file
View file

@ -0,0 +1,33 @@
[Config]
Author=FoolishTech
LastEditDate=3/15/2014 3:49:54 PM
AppWebsite=www.crowdstrike.com
AppDLPage=www.crowdstrike.com/crowdinspect/
AppDesc=Analyze running processes against VirusTotal, Web of Trust, and the Malware Hash Project.
App=CrowdInspect\CrowdInspect.exe
UseFTPServer=0
AppURL=http://download.crowdstrike.com/crowdinspect/CrowdInspect.zip
AppDLName=CrowdInspect.zip
AlwaysAttemptDownload=0
DLafterXdays=5
AppWait=1
PriorAlert=1
ServiceWait=0
AppMsgBox=0
AppRandomize=0
SaveConfigAfter=0
MoveSnatchReports=1
SnatchReportsToMalwareLogs=1
RunInCMD=0
RunWithSystemAccess=0
IsDLInstaller=0
32=1
64=1
XP=1
Vista=1
7=1
8=1
Servers=1
NonDirectURLs=0
AutoFlag=0
LastDownload=10/27/2017

37
.bin/d7ii/Config/CustomApps_d7II/CrystalDiskInfo.cfg Normal file
View file

@ -0,0 +1,37 @@
[Config]
Author=FoolishTech
LastEditDate=4/1/2016 12:41:03 PM
PostRunApp=
AppWebsite=http://crystalmark.info/software/CrystalDiskInfo/index-e.html
AppDLPage=http://crystalmark.info/software/CrystalDiskInfo/index-e.html
AppDesc=Hard drive diagnostics / information.
App=CrystalDiskInfo\DiskInfo.exe
App64=CrystalDiskInfo\DiskInfoX64.exe
UseFTPServer=0
AppURL=https://osdn.jp/frs/redir.php?m=tcpdiag&f=%2Fcrystaldiskinfo%2F65634%2FCrystalDiskInfo6_8_2.zip
AppDLName=CrystalDiskInfo.zip
AlwaysAttemptDownload=0
AppWait=1
EmailBeforeExecution=0
PriorAlert=0
ServiceWait=0
AppMsgBox=0
AppRandomize=0
SaveConfigAfter=0
MoveSnatchReports=0
SnatchReportsToMalwareLogs=1
RunInCMD=0
SendEnter=0
RunWithSystemAccess=0
IsDLInstaller=0
LogVerbiage=Examined Hard Drive health (CrystalDiskInfo)
32=1
64=1
XP=1
Vista=1
7=1
8=1
Servers=1
NonDirectURLs=0
AutoFlag=0
LastDownload=10/27/2017

39
.bin/d7ii/Config/CustomApps_d7II/CurrPorts.cfg Normal file
View file

@ -0,0 +1,39 @@
[Config]
Author=dSupportOnline
LastEditDate=11/6/2014 10:33:04 PM
PostRunApp=
AppWebsite=http://www.nirsoft.net/utils/cports.html
AppDLPage=http://www.nirsoft.net/utils/cports.html
AppDesc=Displays current ports in use on system and by which process
App=cports\cports.exe
AppURLSpoof=http://www.nirsoft.net/utils/cports.html
UseFTPServer=0
AppURL=http://www.nirsoft.net/utils/cports.zip
AppDLName=cports.zip
AlwaysAttemptDownload=1
DLafterXdays=5
AppWait=1
EmailBeforeExecution=0
PriorAlert=0
ServiceWait=0
AppMsgBox=0
AppRandomize=0
CopyConfigFirst=cports.cfg
SaveConfigAfter=1
MoveSnatchReports=0
SnatchReportsToMalwareLogs=1
RunInCMD=0
SendEnter=0
RunWithSystemAccess=0
IsDLInstaller=0
LogVerbiage=Reviewed current ports in use by various applications on the system
32=1
64=1
XP=1
Vista=1
7=1
8=1
Servers=1
NonDirectURLs=0
AutoFlag=0
LastDownload=10/27/2017

36
.bin/d7ii/Config/CustomApps_d7II/ESET Smart Installer.cfg Normal file
View file

@ -0,0 +1,36 @@
[Config]
DisableCloudShare=0
App=esetsmartinstaller_enu.exe
AppURL=http://download.eset.com/special/eos/esetsmartinstaller_enu.exe
AppDLName=esetsmartinstaller_enu.exe
AlwaysAttemptDownload=1
AppWait=1
AppMsgBox=0
AppRandomize=0
SaveConfigAfter=0
MoveSnatchReports=0
SnatchReportsToMalwareLogs=1
RunInCMD=0
RunWithSystemAccess=0
32=1
64=1
XP=1
Vista=1
7=1
8=1
UseFTPServer=0
DLafterXdays=7
PriorAlert=1
ServiceWait=0
IsDLInstaller=0
Servers=1
AppWebsite=http://www.eset.com/int/online-scanner-popup/
LogVerbiage=Ran Virus/Malware scans (ESET)
LastDownload=9/28/2013
WaitOnProcesses=onlinescannerapp.exe
NonDirectURLs=0
Author=FoolishTech
LastEditDate=2/7/2014 9:53:54 AM
AppDLPage=http://www.eset.com/int/online-scanner-popup/
AppDesc=Online Virus Scanner
AutoFlag=0

42
.bin/d7ii/Config/CustomApps_d7II/Emsisoft a2cmd Deep Scan (Offline).cfg Normal file
View file

@ -0,0 +1,42 @@
[Config]
Author=FoolishTech
LastEditDate=2/3/2017 5:45:31 PM
PostRunApp=
AppWebsite=http://www.emsisoft.com/en/software/cmd/
AppDLPage=http://www.emsisoft.com/en/software/cmd/
AppDesc=Virus Scanner (configured for scanning from the Offline Operations tab)
AppParms=/f=%tdrive% /deep /rk /pup /a /n /ac /dq /la="%malreportdir%\a2cmd_deep_log_offline_%date%.txt"
AppURL64=http://dl.emsisoft.com/EmsisoftCommandlineScanner64.exe
AppDLName64=Emsisoft_a2cmd\EmsisoftCommandlineScanner64.exe
UseFTPServer=0
AppURL=http://dl.emsisoft.com/EmsisoftCommandlineScanner32.exe
AppDLName=Emsisoft_a2cmd\EmsisoftCommandlineScanner32.exe
AlwaysAttemptDownload=1
DLafterXdays=1
AppWait=1
EmailBeforeExecution=0
PriorAlert=0
ServiceWait=0
AppMsgBox=0
AppRandomize=0
SaveConfigAfter=0
MoveSnatchReports=1
SnatchReportsToMalwareLogs=1
RunInCMD=0
SendEnter=0
RunWithSystemAccess=0
IsDLInstaller=0
LogVerbiage=Ran deep virus scans (Emsisoft)
32=1
64=1
XP=1
Vista=1
7=1
8=1
Servers=1
NonDirectURLs=0
AutoFlag=1
App=Emsisoft_a2cmd\a2cmd.cmd
CopyConfigFirst=a2cmd.cmd
WaitOnProcesses=a2cmd.exe
LastDownload=10/27/2017

42
.bin/d7ii/Config/CustomApps_d7II/Emsisoft a2cmd Deep Scan.cfg Normal file
View file

@ -0,0 +1,42 @@
[Config]
Author=FoolishTech
LastEditDate=2/3/2017 5:45:31 PM
PostRunApp=
AppWebsite=http://www.emsisoft.com/en/software/cmd/
AppDLPage=http://www.emsisoft.com/en/software/cmd/
AppDesc=Virus Scanner - Scans all files on all hard disks thoroughly. (does not need prior update)
AppParms=/f=%tdrive% /deep /rk /m /t /c /pup /a /n /ac /d /wl="%systemdrive%\EmsisoftCmd\a2cmd_Whitelist.txt" /la="%malreportdir%\a2cmd_deep_log_%date%.txt"
AppURL64=http://dl.emsisoft.com/EmsisoftCommandlineScanner64.exe
AppDLName64=Emsisoft_a2cmd\EmsisoftCommandlineScanner64.exe
UseFTPServer=0
AppURL=http://dl.emsisoft.com/EmsisoftCommandlineScanner32.exe
AppDLName=Emsisoft_a2cmd\EmsisoftCommandlineScanner32.exe
AlwaysAttemptDownload=1
DLafterXdays=1
AppWait=1
EmailBeforeExecution=0
PriorAlert=0
ServiceWait=0
AppMsgBox=0
AppRandomize=0
SaveConfigAfter=0
MoveSnatchReports=1
SnatchReportsToMalwareLogs=1
RunInCMD=0
SendEnter=0
RunWithSystemAccess=0
IsDLInstaller=0
LogVerbiage=Ran deep virus scans (Emsisoft)
32=1
64=1
XP=1
Vista=1
7=1
8=1
Servers=1
NonDirectURLs=0
AutoFlag=1
App=Emsisoft_a2cmd\a2cmd.cmd
CopyConfigFirst=a2cmd.cmd
WaitOnProcesses=a2cmd.exe
LastDownload=10/7/2018

41
.bin/d7ii/Config/CustomApps_d7II/Emsisoft a2cmd Quick Scan.cfg Normal file
View file

@ -0,0 +1,41 @@
[Config]
Author=FoolishTech
LastEditDate=2/3/2017 5:45:31 PM
PostRunApp=
AppWebsite=http://www.emsisoft.com/en/software/cmd/
AppDLPage=http://www.emsisoft.com/en/software/cmd/
AppDesc=Virus Scanner - Scans all active programs, malware traces (registry, files) and Tracking Cookies. Skips ADS, archive files, and some cookies. (does not need prior update)
AppParms=/f=%tdrive% /quick /rk /m /t /pup /ac /d /wl="%systemdrive%\EmsisoftCmd\a2cmd_Whitelist.txt" /la="%malreportdir%\a2cmd_quick_log_%date%.txt"
AppURL64=http://dl.emsisoft.com/EmsisoftCommandlineScanner64.exe
AppDLName64=Emsisoft_a2cmd\EmsisoftCommandlineScanner64.exe
UseFTPServer=0
AppURL=http://dl.emsisoft.com/EmsisoftCommandlineScanner32.exe
AppDLName=Emsisoft_a2cmd\EmsisoftCommandlineScanner32.exe
AlwaysAttemptDownload=1
DLafterXdays=1
AppWait=1
EmailBeforeExecution=0
PriorAlert=0
ServiceWait=0
AppMsgBox=0
AppRandomize=0
SaveConfigAfter=0
MoveSnatchReports=1
SnatchReportsToMalwareLogs=1
RunInCMD=0
SendEnter=0
RunWithSystemAccess=0
IsDLInstaller=0
LogVerbiage=Ran virus scans (Emsisoft)
32=1
64=1
XP=1
Vista=1
7=1
8=1
Servers=1
NonDirectURLs=0
AutoFlag=1
App=Emsisoft_a2cmd\a2cmd.cmd
CopyConfigFirst=a2cmd.cmd
WaitOnProcesses=a2cmd.exe

41
.bin/d7ii/Config/CustomApps_d7II/Emsisoft a2cmd Smart Scan.cfg Normal file
View file

@ -0,0 +1,41 @@
[Config]
Author=FoolishTech
LastEditDate=2/3/2017 5:45:31 PM
PostRunApp=
AppWebsite=http://www.emsisoft.com/en/software/cmd/
AppDLPage=http://www.emsisoft.com/en/software/cmd/
AppDesc=Virus Scanner - Scans the Windows and program files folders in addition to everything scanned by the quick scan. Skips ADS, archive files, and some cookies. (does not need prior update)
AppParms=/f=%tdrive% /smart /rk /m /t /pup /ac /d /wl="%systemdrive%\EmsisoftCmd\a2cmd_Whitelist.txt" /la="%malreportdir%\a2cmd_smart_log_%date%.txt"
AppURL64=http://dl.emsisoft.com/EmsisoftCommandlineScanner64.exe
AppDLName64=Emsisoft_a2cmd\EmsisoftCommandlineScanner64.exe
UseFTPServer=0
AppURL=http://dl.emsisoft.com/EmsisoftCommandlineScanner32.exe
AppDLName=Emsisoft_a2cmd\EmsisoftCommandlineScanner32.exe
AlwaysAttemptDownload=1
DLafterXdays=1
AppWait=1
EmailBeforeExecution=0
PriorAlert=0
ServiceWait=0
AppMsgBox=0
AppRandomize=0
SaveConfigAfter=0
MoveSnatchReports=1
SnatchReportsToMalwareLogs=1
RunInCMD=0
SendEnter=0
RunWithSystemAccess=0
IsDLInstaller=0
LogVerbiage=Ran virus scans (Emsisoft)
32=1
64=1
XP=1
Vista=1
7=1
8=1
Servers=1
NonDirectURLs=0
AutoFlag=1
App=Emsisoft_a2cmd\a2cmd.cmd
CopyConfigFirst=a2cmd.cmd
WaitOnProcesses=a2cmd.exe

39
.bin/d7ii/Config/CustomApps_d7II/Everything Search Engine.cfg Normal file
View file

@ -0,0 +1,39 @@
[Config]
Author=dSupportOnline
LastEditDate=10/9/2014 1:20:00 PM
PostRunApp=
AppWebsite=http://www.voidtools.com/support/everything/
AppDLPage=http://www.voidtools.com/downloads/
App=everything32\Everything.exe
App64=everything64\Everything.exe
AppURL64=http://www.voidtools.com/Everything-1.3.4.686.x64.zip
AppDLName64=everything64.zip
UseFTPServer=0
AppURL=http://www.voidtools.com/Everything-1.3.4.686.x86.zip
AppDLName=everything32.zip
AlwaysAttemptDownload=0
AppWait=1
EmailBeforeExecution=0
PriorAlert=0
ServiceWait=0
AppMsgBox=0
AppRandomize=0
CopyConfigFirst=Everything.ini
SaveConfigAfter=1
MoveSnatchReports=0
SnatchReportsToMalwareLogs=1
RunInCMD=0
SendEnter=0
RunWithSystemAccess=0
IsDLInstaller=0
32=1
64=1
XP=1
Vista=1
7=1
8=1
Servers=1
NonDirectURLs=0
AutoFlag=0
AppDesc=Quickly searches files and folders
LogVerbiage=Searched system for files and folders to further inspect or remove.

37
.bin/d7ii/Config/CustomApps_d7II/ExecutedProgramsList.cfg Normal file
View file

@ -0,0 +1,37 @@
[Config]
LastEditDate=3/29/2016 4:09:19 PM
PostRunApp=
UseFTPServer=0
AppURL=http://www.nirsoft.net/utils/executedprogramslist.zip
AppDLName=ExecutedProgramsList.zip
AlwaysAttemptDownload=1
DLafterXdays=30
AppWait=1
EmailBeforeExecution=0
PriorAlert=0
ServiceWait=0
AppMsgBox=0
AppRandomize=0
SaveConfigAfter=0
MoveSnatchReports=0
SnatchReportsToMalwareLogs=1
RunInCMD=0
SendEnter=0
RunWithSystemAccess=0
IsDLInstaller=0
32=1
64=1
XP=1
Vista=1
7=1
8=1
Servers=1
NonDirectURLs=0
Author=Foolish IT
AppWebsite=http://www.nirsoft.net/utils/executed_programs_list.html
AppDLPage=http://www.nirsoft.net/utils/executed_programs_list.html
AutoFlag=0
App=ExecutedProgramsList\ExecutedProgramsList.exe
AppDesc=List out recently executed programs.
LogVerbiage=Checked recently executed programs.
LastDownload=3/29/2016

34
.bin/d7ii/Config/CustomApps_d7II/GMER.cfg Normal file
View file

@ -0,0 +1,34 @@
[Config]
App=gmer\gmer.exe
AppURL=http://www2.gmer.net/gmer.zip
AppDLName=gmer.zip
AppWait=1
AppMsgBox=0
AppRandomize=1
MoveSnatchReports=0
SnatchReportsToMalwareLogs=1
RunInCMD=0
DisableCloudShare=0
UseFTPServer=0
AlwaysAttemptDownload=1
DLafterXdays=7
PriorAlert=1
ServiceWait=0
SaveConfigAfter=0
RunWithSystemAccess=0
IsDLInstaller=0
32=1
64=1
XP=1
Vista=1
7=1
8=1
Servers=1
AppWebsite=http://www.gmer.net/
LogVerbiage=Manually scanned for rootkit activity.
Author=FoolishTech
LastEditDate=2/7/2014 9:54:39 AM
AppDLPage=http://www.gmer.net/
AppDesc=Rootkit / Malware Scanner
NonDirectURLs=0
AutoFlag=0

37
.bin/d7ii/Config/CustomApps_d7II/GPU-Z Report.cfg Normal file
View file

@ -0,0 +1,37 @@
[Config]
Author=Proctor Foolish IT
LastEditDate=3/2/2016 5:09:19 PM
PostRunApp=
AppWebsite=https://www.techpowerup.com/gpuz/
AppDesc=Reported on Graphis Adapter Information
LogVerbiage=Reviewed hardware information of the system.
UseFTPServer=0
AppURL=https://www.techpowerup.com/downloads/2627/techpowerup-gpu-z-v0-8-7/start?server=6
AppDLName=GPU-Z.exe
AlwaysAttemptDownload=0
DLafterXdays=5
AppWait=1
EmailBeforeExecution=0
PriorAlert=0
ServiceWait=0
AppMsgBox=0
AppRandomize=0
SaveConfigAfter=0
MoveSnatchReports=1
SnatchReportsToMalwareLogs=0
RunInCMD=0
SendEnter=0
RunWithSystemAccess=0
IsDLInstaller=0
32=1
64=1
XP=1
Vista=1
7=1
8=1
Servers=1
NonDirectURLs=0
AutoFlag=1
AppParms=-dump gpu-z.xml
SnatchReportsLoc=gpu-z.xml
App=GPU-Z.exe

35
.bin/d7ii/Config/CustomApps_d7II/GPU-Z.cfg Normal file
View file

@ -0,0 +1,35 @@
[Config]
Author=Proctor Foolish IT
LastEditDate=3/2/2016 4:24:41 PM
PostRunApp=GPU-Z Report
AppWebsite=https://www.techpowerup.com/gpuz/
App64=GPU-Z.exe
UseFTPServer=0
AppURL=https://www.techpowerup.com/downloads/2627/techpowerup-gpu-z-v0-8-7/start?server=6
AppDLName=GPU-Z.exe
AlwaysAttemptDownload=0
DLafterXdays=5
AppWait=1
EmailBeforeExecution=0
PriorAlert=0
ServiceWait=0
AppMsgBox=0
AppRandomize=0
SaveConfigAfter=0
MoveSnatchReports=0
SnatchReportsToMalwareLogs=1
RunInCMD=0
SendEnter=0
RunWithSystemAccess=0
IsDLInstaller=0
32=1
64=1
XP=1
Vista=1
7=1
8=1
Servers=1
NonDirectURLs=0
AutoFlag=1
AppDesc=Review Graphis Adapter Information
LogVerbiage=Reviewed hardware information of the system.

36
.bin/d7ii/Config/CustomApps_d7II/Google Chrome Software Removal Tool.cfg Normal file
View file

@ -0,0 +1,36 @@
[Config]
LastEditDate=10/13/2014 6:35:14 AM
PostRunApp=
AppWebsite=https://support.google.com/chrome/answer/6086368?p=ui_software_removal_tool&rd=1
AppDLPage=https://www.google.com/chrome/srt/
App=software_removal_tool.exe
UseFTPServer=0
AppURL=https://dl.google.com/dl/softwareremovaltool/win/software_removal_tool.exe
AppDLName=software_removal_tool.exe
AlwaysAttemptDownload=1
DLafterXdays=0
AppWait=1
EmailBeforeExecution=0
PriorAlert=1
ServiceWait=0
AppMsgBox=0
AppRandomize=0
SaveConfigAfter=0
MoveSnatchReports=0
SnatchReportsToMalwareLogs=1
RunInCMD=0
SendEnter=0
RunWithSystemAccess=0
IsDLInstaller=0
32=1
64=1
XP=1
Vista=1
7=1
8=1
Servers=1
NonDirectURLs=0
AutoFlag=0
Author=FoolishTech
AppDesc=Remove add-ons, extensions, toolbars, and other software that may interfere with the operation of Google Chrome.
LogVerbiage=Scanned for and removed any toolbars/extensions/add-ons that may interfere with the operation of Google Chrome.

39
.bin/d7ii/Config/CustomApps_d7II/HeavyLoad.cfg Normal file
View file

@ -0,0 +1,39 @@
[Config]
Author=Foolish IT
LastEditDate=3/30/2016 11:11:09 AM
PostRunApp=
AppWebsite=https://www.jam-software.de/heavyload/
AppDLPage=https://www.jam-software.de/heavyload/
App=HeavyLoadx86\HeavyLoad.exe
UseFTPServer=0
AppURL=http://www.jam-software.com/heavyload/HeavyLoad-x86.zip
AppDLName=HeavyLoadx86.zip
AlwaysAttemptDownload=1
DLafterXdays=5
AppWait=1
EmailBeforeExecution=0
PriorAlert=0
ServiceWait=0
AppMsgBox=0
AppRandomize=0
SaveConfigAfter=0
MoveSnatchReports=0
SnatchReportsToMalwareLogs=1
RunInCMD=0
SendEnter=0
RunWithSystemAccess=0
IsDLInstaller=0
32=1
64=1
XP=1
Vista=1
7=1
8=1
Servers=1
NonDirectURLs=0
AutoFlag=0
AppURL64=http://www.jam-software.com/heavyload/HeavyLoad-x64.zip
AppDLName64=HeavyLoadx64.zip
App64=HeavyLoadx64\HeavyLoad.exe
AppDesc=Stress Testing Application
LogVerbiage=Stress Tested System

44
.bin/d7ii/Config/CustomApps_d7II/HitmanPro (Manual).cfg Normal file
View file

@ -0,0 +1,44 @@
[Config]
Author=FoolishTech
LastEditDate=10/10/2014 4:14:36 AM
PostRunApp=
AppWebsite=http://www.surfright.nl/en/hitmanpro/
AppDLPage=http://www.surfright.nl/en/downloads/
AppDesc=Malware scanner (Manual removal)
App=HitmanPro.exe
App64=HitmanPro_x64.exe
AppParms=/noinstall /excludelist="%3rdpath%\HMP_Excludes.txt" /log="%malreportdir%\HitmanPro_Scan_Log_%date%.txt"
AppURL64=http://dl.surfright.nl/HitmanPro_x64.exe
AppURL64B=http://dl.surfright.nl/FoolishIT/HitmanPro_x64.exe
AppDLName64=HitmanPro_x64.exe
UseFTPServer=0
AppURL=http://dl.surfright.nl/HitmanPro.exe
AppURLB=http://dl.surfright.nl/FoolishIT/HitmanPro.exe
AppDLName=HitmanPro.exe
AlwaysAttemptDownload=1
DLafterXdays=4
AppWait=1
EmailBeforeExecution=0
PriorAlert=0
ServiceWait=0
AppMsgBox=1
AppWaitTime=60
AppRandomize=1
CopyConfigFirst=HMP.cmd
SaveConfigAfter=0
MoveSnatchReports=0
SnatchReportsToMalwareLogs=1
RunInCMD=0
SendEnter=0
RunWithSystemAccess=0
IsDLInstaller=0
LogVerbiage=Ran Malware Scans and manually investigated results (HitmanPro)
32=1
64=1
XP=1
Vista=1
7=1
8=1
Servers=1
NonDirectURLs=0
AutoFlag=0

45
.bin/d7ii/Config/CustomApps_d7II/HitmanPro.cfg Normal file
View file

@ -0,0 +1,45 @@
[Config]
Author=FoolishTech
LastEditDate=7/13/2015 10:52:20 AM
PostRunApp=
AppWebsite=http://www.surfright.nl/en/hitmanpro/
AppDLPage=http://www.surfright.nl/en/downloads/
AppDesc=Malware scanner
App=HitmanPro.exe
App64=HitmanPro_x64.exe
AppParms=/clean /noinstall /excludelist="%3rdpath%\HMP_Excludes.txt" /log="%malreportdir%\HitmanPro_Scan_Log_%date%.txt"
AppURL64=http://dl.surfright.nl/HitmanPro_x64.exe
AppURL64B=http://dl.surfright.nl/FoolishIT/HitmanPro_x64.exe
AppDLName64=HitmanPro_x64.exe
UseFTPServer=0
AppURL=http://dl.surfright.nl/HitmanPro.exe
AppURLB=http://dl.surfright.nl/FoolishIT/HitmanPro.exe
AppDLName=HitmanPro.exe
AlwaysAttemptDownload=1
DLafterXdays=3
AppWait=1
EmailBeforeExecution=0
PriorAlert=0
ServiceWait=0
AppMsgBox=1
AppWaitTime=60
AppRandomize=1
CopyConfigFirst=HMP.cmd
SaveConfigAfter=0
MoveSnatchReports=0
SnatchReportsToMalwareLogs=1
RunInCMD=0
SendEnter=0
RunWithSystemAccess=0
IsDLInstaller=0
LogVerbiage=Ran Malware Scans (HitmanPro)
32=1
64=1
XP=1
Vista=1
7=1
8=1
Servers=1
NonDirectURLs=0
AutoFlag=1
LastDownload=10/7/2018

42
.bin/d7ii/Config/CustomApps_d7II/JRT.cfg Normal file
View file

@ -0,0 +1,42 @@
[Config]
Author=FoolishTech
LastEditDate=7/13/2015 9:38:52 AM
PostRunApp=
AppWebsite=http://thisisudax.org/
AppDLPage=http://thisisudax.org/
AppDesc=Junkware Removal Tool - toolbar remover.
App=JRT.exe
AppParms=-y -om1 -nr
UseFTPServer=0
AppURL=http://thisisudax.org/downloads/JRT.exe
AppDLName=JRT.exe
AlwaysAttemptDownload=1
DLafterXdays=1
AppWait=1
EmailBeforeExecution=0
PriorAlert=0
ServiceWait=0
AppMsgBox=0
AppRandomize=0
CopyConfigFirst=JRT_Auto.cmd
SaveConfigAfter=0
MoveSnatchReports=1
SnatchReportsLoc=%userprofile%\Desktop\JRT.txt
SnatchReportsToMalwareLogs=1
RunInCMD=0
SendEnter=0
RunWithSystemAccess=0
IsDLInstaller=0
LogVerbiage=Removed unnecessary internet browser add-ins (e.g. Toolbars) [JRT]
32=1
64=1
XP=1
Vista=1
7=1
8=1
Servers=1
NonDirectURLs=0
AutoFlag=1
WaitOnProcesses=wget.dat,jq.dat,nircmd.dat,sed.dat,grep.dat,cut.dat,reg.exe
LastDownload=8/19/2018
AppWaitTime=30

35
.bin/d7ii/Config/CustomApps_d7II/Kaspersky TDSSKiller (Silent).cfg Normal file
View file

@ -0,0 +1,35 @@
[Config]
Author=FoolishTech
LastEditDate=5/27/2014 1:45:37 PM
AppWebsite=http://support.kaspersky.com/5350
AppDLPage=http://support.kaspersky.com/viruses/disinfection/5350
AppDesc=TDSS / Rootkit scanner
App=TDSSKiller.exe
AppParms=-accepteula -accepteulaksn -l "%malreportdir%\TDSSKiller_Report_%date%.txt" -tdlfs -dcexact -silent
UseFTPServer=0
AppURL=http://media.kaspersky.com/utilities/VirusUtilities/EN/tdsskiller.exe
AppDLName=tdsskiller.exe
AlwaysAttemptDownload=1
DLafterXdays=3
AppWait=1
PriorAlert=0
ServiceWait=0
AppMsgBox=0
AppRandomize=1
SaveConfigAfter=0
MoveSnatchReports=0
SnatchReportsToMalwareLogs=1
RunInCMD=0
RunWithSystemAccess=0
IsDLInstaller=0
LogVerbiage=Scanned for MBR infections / rootkits (TDSSKiller)
32=1
64=1
XP=1
Vista=1
7=1
8=1
Servers=1
NonDirectURLs=0
AutoFlag=2
LastDownload=10/7/2018

35
.bin/d7ii/Config/CustomApps_d7II/Kaspersky TDSSKiller.cfg Normal file
View file

@ -0,0 +1,35 @@
[Config]
Author=FoolishTech
LastEditDate=5/27/2014 1:45:26 PM
AppWebsite=http://support.kaspersky.com/5350
AppDLPage=http://support.kaspersky.com/viruses/disinfection/5350
AppDesc=TDSS / Rootkit scanner
App=TDSSKiller.exe
AppParms=-accepteula -accepteulaksn -l "%malreportdir%\TDSSKiller_Report_%date%.txt" -tdlfs -dcexact
UseFTPServer=0
AppURL=http://media.kaspersky.com/utilities/VirusUtilities/EN/tdsskiller.exe
AppDLName=tdsskiller.exe
AlwaysAttemptDownload=1
DLafterXdays=3
AppWait=1
PriorAlert=1
ServiceWait=0
AppMsgBox=0
AppRandomize=1
SaveConfigAfter=0
MoveSnatchReports=0
SnatchReportsToMalwareLogs=1
RunInCMD=0
RunWithSystemAccess=0
IsDLInstaller=0
LogVerbiage=Scanned for MBR infections / rootkits (TDSSKiller)
32=1
64=1
XP=1
Vista=1
7=1
8=1
Servers=1
NonDirectURLs=0
AutoFlag=0
LastDownload=10/27/2017

36
.bin/d7ii/Config/CustomApps_d7II/KillEmAll v5.cfg Normal file
View file

@ -0,0 +1,36 @@
[Config]
Author=Foolish IT
LastEditDate=1/28/2016 3:33:42 PM
PostRunApp=
AppWebsite=https://www.foolishit.com/d7x/killemall/
AppDLPage=https://www.foolishit.com/d7x/killemall/
UseFTPServer=0
AppURL=http://download.foolishit.com/killemall/KillEmAll_Portable.zip
AppDLName=KillEmAll_Portable.zip
AlwaysAttemptDownload=1
DLafterXdays=5
AppWait=1
EmailBeforeExecution=0
PriorAlert=0
ServiceWait=0
AppMsgBox=0
AppRandomize=0
SaveConfigAfter=0
MoveSnatchReports=0
SnatchReportsToMalwareLogs=1
RunInCMD=0
SendEnter=0
RunWithSystemAccess=0
IsDLInstaller=0
32=1
64=1
XP=1
Vista=1
7=1
8=1
Servers=1
NonDirectURLs=0
App=KillEmAll_Portable\KillEmAll.exe
AutoFlag=0
AppDesc=Kills non-essential processes
LastDownload=5/17/2016

36
.bin/d7ii/Config/CustomApps_d7II/MBRCheck (Offline).cfg Normal file
View file

@ -0,0 +1,36 @@
[Config]
DisableCloudShare=0
App=MBRCheck.exe
AppURL=http://ad13.geekstogo.com/MBRCheck.exe
AppDLName=MBRCheck.exe
AlwaysAttemptDownload=1
AppWait=1
AppMsgBox=0
AppRandomize=0
SaveConfigAfter=0
MoveSnatchReports=1
SnatchReportsLoc=%userprofile%\Desktop\MBRCheck*.txt
SnatchReportsToMalwareLogs=1
RunInCMD=0
RunWithSystemAccess=0
32=1
64=1
XP=1
Vista=1
7=1
8=1
Servers=1
UseFTPServer=0
DLafterXdays=7
PriorAlert=1
ServiceWait=0
IsDLInstaller=0
AppWebsite=http://www.majorgeeks.com/files/details/mbrcheck.html
LogVerbiage=Checked MBR for infections.
Author=FoolishTech
LastEditDate=2/7/2014 9:59:38 AM
AppDLPage=http://www.majorgeeks.com/files/details/mbrcheck.html
AppDesc=MBR scanner, this profile is intended to be used from the Offline Operations page.
NonDirectURLs=0
AutoFlag=0
LastDownload=10/27/2017

38
.bin/d7ii/Config/CustomApps_d7II/MBRCheck (Report Only).cfg Normal file
View file

@ -0,0 +1,38 @@
[Config]
Author=FoolishTech
LastEditDate=9/28/2014 4:13:43 PM
PostRunApp=Autoruns_Copy
AppWebsite=http://www.majorgeeks.com/files/details/mbrcheck.html
AppDLPage=http://www.majorgeeks.com/files/details/mbrcheck.html
AppDesc=MBR scanner - use as a second opinion, not reliable especially to repair any damage.
App=MBRCheck.exe
UseFTPServer=0
AppURL=http://ad13.geekstogo.com/MBRCheck.exe
AppDLName=MBRCheck.exe
AlwaysAttemptDownload=1
DLafterXdays=7
AppWait=1
EmailBeforeExecution=0
PriorAlert=1
ServiceWait=0
AppMsgBox=0
AppRandomize=1
SaveConfigAfter=0
MoveSnatchReports=1
SnatchReportsLoc=%userprofile%\Desktop\MBRCheck*.txt
SnatchReportsToMalwareLogs=1
RunInCMD=1
SendEnter=1
RunWithSystemAccess=0
IsDLInstaller=0
LogVerbiage=Checked MBR for infections.
32=1
64=1
XP=1
Vista=1
7=1
8=1
Servers=1
NonDirectURLs=0
AutoFlag=2
LastDownload=9/28/2014

36
.bin/d7ii/Config/CustomApps_d7II/MBRCheck.cfg Normal file
View file

@ -0,0 +1,36 @@
[Config]
DisableCloudShare=0
App=MBRCheck.exe
AppURL=http://ad13.geekstogo.com/MBRCheck.exe
AppDLName=MBRCheck.exe
AlwaysAttemptDownload=1
AppWait=1
AppMsgBox=0
AppRandomize=1
SaveConfigAfter=0
MoveSnatchReports=1
SnatchReportsLoc=%userprofile%\Desktop\MBRCheck*.txt
SnatchReportsToMalwareLogs=1
RunInCMD=0
RunWithSystemAccess=0
32=1
64=1
XP=1
Vista=1
7=1
8=1
Servers=1
UseFTPServer=0
DLafterXdays=7
PriorAlert=1
ServiceWait=0
IsDLInstaller=0
AppWebsite=http://www.majorgeeks.com/files/details/mbrcheck.html
LogVerbiage=Checked MBR for infections.
Author=FoolishTech
LastEditDate=2/7/2014 10:00:33 AM
AppDLPage=http://www.majorgeeks.com/files/details/mbrcheck.html
AppDesc=MBR scanner - use as a second opinion, not reliable especially to repair any damage.
NonDirectURLs=0
AutoFlag=0
LastDownload=10/27/2017

35
.bin/d7ii/Config/CustomApps_d7II/MS Office Config Analyzer Tool (Install).cfg Normal file
View file

@ -0,0 +1,35 @@
[Config]
Author=FoolishTech
LastEditDate=2/8/2014 1:17:11 AM
AppWebsite=http://support.microsoft.com/kb/2812744
AppDLPage=http://www.microsoft.com/en-us/download/details.aspx?id=36852
AppDesc=Fixes a wide variety of issues with Microsoft Office - Installer version
App=%programfiles(x86)%\Microsoft OffCAT\OffCAT.exe
UseFTPServer=0
InstallerParms=/passive
InstallerName=OffCAT.msi
AppURL=http://go.microsoft.com/fwlink/?LinkID=286211
AppDLName=OffCAT.msi
AlwaysAttemptDownload=0
DLafterXdays=5
AppWait=1
PriorAlert=1
ServiceWait=0
AppMsgBox=0
AppRandomize=0
SaveConfigAfter=0
MoveSnatchReports=0
SnatchReportsToMalwareLogs=1
RunInCMD=0
RunWithSystemAccess=0
IsDLInstaller=1
32=1
64=1
XP=1
Vista=1
7=1
8=1
Servers=1
NonDirectURLs=0
AutoFlag=0
LastDownload=10/27/2017

32
.bin/d7ii/Config/CustomApps_d7II/MS Office Config Analyzer Tool (Portable).cfg Normal file
View file

@ -0,0 +1,32 @@
[Config]
Author=FoolishTech
LastEditDate=2/8/2014 1:17:02 AM
AppWebsite=http://support.microsoft.com/kb/2812744
AppDLPage=http://www.microsoft.com/en-us/download/details.aspx?id=36852
AppDesc=Fixes a wide variety of issues with Microsoft Office - Portable Version
App=OffCAT\OffCAT.exe
UseFTPServer=0
AppURL=http://go.microsoft.com/fwlink/?LinkID=286208
AppDLName=OffCAT.zip
AlwaysAttemptDownload=0
DLafterXdays=5
AppWait=1
PriorAlert=1
ServiceWait=0
AppMsgBox=0
AppRandomize=0
SaveConfigAfter=0
MoveSnatchReports=0
SnatchReportsToMalwareLogs=1
RunInCMD=0
RunWithSystemAccess=0
IsDLInstaller=0
32=1
64=1
XP=1
Vista=1
7=1
8=1
Servers=1
NonDirectURLs=0
AutoFlag=0

37
.bin/d7ii/Config/CustomApps_d7II/MalwareBytes Anti-Rootkit.cfg Normal file
View file

@ -0,0 +1,37 @@
[Config]
DisableCloudShare=0
App=mbar\mbar\mbar.exe
AppURL=http://downloads.malwarebytes.org/file/mbar
AppDLName=mbar.7z
AlwaysAttemptDownload=1
AppWait=1
AppMsgBox=0
AppRandomize=1
SaveConfigAfter=0
MoveSnatchReports=1
SnatchReportsToMalwareLogs=1
RunInCMD=1
RunWithSystemAccess=0
32=1
64=1
XP=1
Vista=1
7=1
8=1
ServiceWait=0
SnatchReportsLoc=%3rdpath%\system-log.txt
IsDLInstaller=0
Servers=1
UseFTPServer=0
DLafterXdays=7
PriorAlert=1
LogVerbiage=Scanned for MBR infections / rootkits (MBAR)
AppWebsite=http://www.malwarebytes.org/products/mbar/
LastDownload=11/3/2013
NonDirectURLs=0
WaitOnProcesses=mbar.exe
Author=FoolishTech
LastEditDate=2/7/2014 9:59:08 AM
AppDLPage=http://www.malwarebytes.org/products/mbar/
AppDesc=Rootkit scanner
AutoFlag=0

39
.bin/d7ii/Config/CustomApps_d7II/Malwarebytes v2.cfg Normal file
View file

@ -0,0 +1,39 @@
[Config]
Author=FoolishTech
LastEditDate=1/26/2015 3:38:04 PM
PostRunApp=
AppWebsite=http://www.malwarebytes.org/products/malwarebytes_free/
AppDLPage=http://www.malwarebytes.org/products/malwarebytes_free/
AppDesc=Malware scanner
App=%programfiles(x86)%\Malwarebytes Anti-Malware\mbam.exe
UseFTPServer=0
InstallerParms=/silent /suppressmsgboxes /norestart /nocancel /lang=1033
InstallerName=mbam2-setup.exe
AppURL=http://downloads.malwarebytes.org/file/mbam/
AppDLName=mbam2-setup.exe
AlwaysAttemptDownload=1
DLafterXdays=0
AppWait=1
EmailBeforeExecution=0
PriorAlert=1
ServiceWait=0
AppMsgBox=0
AppRandomize=1
SaveConfigAfter=0
MoveSnatchReports=0
SnatchReportsLoc=%programdata%\Malwarebytes\Malwarebytes Anti-Malware\Logs\*.xml
SnatchReportsToMalwareLogs=1
RunInCMD=0
SendEnter=0
RunWithSystemAccess=0
IsDLInstaller=1
LogVerbiage=Scanned for Malware (MBAM)
32=1
64=1
XP=1
Vista=1
7=1
8=1
Servers=1
NonDirectURLs=0
AutoFlag=0

38
.bin/d7ii/Config/CustomApps_d7II/McAfee Stinger (Offline).cfg Normal file
View file

@ -0,0 +1,38 @@
[Config]
DisableCloudShare=0
App=stinger32.exe
App64=stinger64.exe
AppParms=--go --repair --noprocess --noregistry --scanpath=%tdrive% --reportpath="%malreportdir%"
AppURL64=http://downloadcenter.mcafee.com/products/mcafee-avert/Stinger/stinger64.exe
AppDLName64=stinger64.exe
AppURL=http://downloadcenter.mcafee.com/products/mcafee-avert/Stinger/stinger32.exe
AppDLName=stinger32.exe
AlwaysAttemptDownload=1
AppWait=1
AppMsgBox=0
AppRandomize=0
SaveConfigAfter=0
MoveSnatchReports=1
SnatchReportsToMalwareLogs=1
RunInCMD=0
RunWithSystemAccess=0
32=1
64=1
XP=1
Vista=1
7=1
8=1
Servers=1
ServiceWait=1
AppWebsite=http://www.mcafee.com/us/downloads/free-tools/stinger.aspx
UseFTPServer=0
PriorAlert=1
IsDLInstaller=0
LogVerbiage=Ran virus scans (McAfee Stinger)
Author=FoolishTech
LastEditDate=2/7/2014 10:01:11 AM
AppDLPage=http://www.mcafee.com/us/downloads/free-tools/stinger.aspx
AppDesc=Virus scanner - meant to be used from the Offline Operations tab.
NonDirectURLs=0
AutoFlag=0
LastDownload=10/27/2017

37
.bin/d7ii/Config/CustomApps_d7II/McAfee Stinger (Silent).cfg Normal file
View file

@ -0,0 +1,37 @@
[Config]
Author=FoolishTech
LastEditDate=5/27/2014 1:47:06 PM
AppWebsite=http://www.mcafee.com/us/downloads/free-tools/stinger.aspx
AppDLPage=http://www.mcafee.com/us/downloads/free-tools/stinger.aspx
AppDesc=Virus scanner
App=stinger32.exe
App64=stinger64.exe
AppParms=--silent --go --repair --adl --reportpath="%malreportdir%"
AppURL64=http://downloadcenter.mcafee.com/products/mcafee-avert/Stinger/stinger64.exe
AppDLName64=stinger64.exe
UseFTPServer=0
AppURL=http://downloadcenter.mcafee.com/products/mcafee-avert/Stinger/stinger32.exe
AppDLName=stinger32.exe
AlwaysAttemptDownload=1
DLafterXdays=3
AppWait=1
PriorAlert=0
ServiceWait=1
AppMsgBox=0
AppRandomize=0
SaveConfigAfter=0
MoveSnatchReports=1
SnatchReportsToMalwareLogs=1
RunInCMD=0
RunWithSystemAccess=0
IsDLInstaller=0
LogVerbiage=Ran virus scans (McAfee Stinger)
32=1
64=1
XP=1
Vista=1
7=1
8=1
Servers=1
NonDirectURLs=0
AutoFlag=2

38
.bin/d7ii/Config/CustomApps_d7II/McAfee Stinger (Silent-Offline).cfg Normal file
View file

@ -0,0 +1,38 @@
[Config]
DisableCloudShare=0
AppWebsite=http://www.mcafee.com/us/downloads/free-tools/stinger.aspx
App=stinger32.exe
App64=stinger64.exe
AppParms=--silent --go --repair --noprocess --noregistry --scanpath=%tdrive% --reportpath="%malreportdir%"
AppURL64=http://downloadcenter.mcafee.com/products/mcafee-avert/Stinger/stinger64.exe
AppDLName64=stinger64.exe
UseFTPServer=0
AppURL=http://downloadcenter.mcafee.com/products/mcafee-avert/Stinger/stinger32.exe
AppDLName=stinger32.exe
AlwaysAttemptDownload=1
AppWait=1
PriorAlert=0
ServiceWait=1
AppMsgBox=0
AppRandomize=0
SaveConfigAfter=0
MoveSnatchReports=1
SnatchReportsToMalwareLogs=1
RunInCMD=0
RunWithSystemAccess=0
IsDLInstaller=0
LogVerbiage=Ran virus scans (McAfee Stinger)
32=1
64=1
XP=1
Vista=1
7=1
8=1
Servers=1
Author=FoolishTech
LastEditDate=2/7/2014 10:01:42 AM
AppDLPage=http://www.mcafee.com/us/downloads/free-tools/stinger.aspx
AppDesc=Virus scanner - meant to be used from the Offline Operations tab.
NonDirectURLs=0
AutoFlag=2
LastDownload=10/27/2017

38
.bin/d7ii/Config/CustomApps_d7II/McAfee Stinger.cfg Normal file
View file

@ -0,0 +1,38 @@
[Config]
Author=FoolishTech
LastEditDate=5/27/2014 1:46:41 PM
AppWebsite=http://www.mcafee.com/us/downloads/free-tools/stinger.aspx
AppDLPage=http://www.mcafee.com/us/downloads/free-tools/stinger.aspx
AppDesc=Virus scanner
App=stinger32.exe
App64=stinger64.exe
AppParms=--go --repair --adl --reportpath="%malreportdir%"
AppURL64=http://downloadcenter.mcafee.com/products/mcafee-avert/Stinger/stinger64.exe
AppDLName64=stinger64.exe
UseFTPServer=0
AppURL=http://downloadcenter.mcafee.com/products/mcafee-avert/Stinger/stinger32.exe
AppDLName=stinger32.exe
AlwaysAttemptDownload=1
DLafterXdays=3
AppWait=1
PriorAlert=1
ServiceWait=0
AppMsgBox=0
AppRandomize=0
SaveConfigAfter=0
MoveSnatchReports=1
SnatchReportsToMalwareLogs=1
RunInCMD=0
RunWithSystemAccess=0
IsDLInstaller=0
LogVerbiage=Ran virus scans (McAfee Stinger)
32=1
64=1
XP=1
Vista=1
7=1
8=1
Servers=1
NonDirectURLs=0
AutoFlag=0
LastDownload=10/27/2017

35
.bin/d7ii/Config/CustomApps_d7II/Microsoft .NET Framework Repair Tool.cfg Normal file
View file

@ -0,0 +1,35 @@
[Config]
Author=Microsoft
LastEditDate=6/20/2016 2:00:27 PM
PostRunApp=
AppWebsite=https://support.microsoft.com/en-us/kb/2698555
AppDLPage=http://go.microsoft.com/fwlink/?LinkID=246062
App=NetFxRepairTool.exe
UseFTPServer=0
AppURL=https://download.microsoft.com/download/2/B/D/2BDE5459-2225-48B8-830C-AE19CAF038F1/NetFxRepairTool.exe
AlwaysAttemptDownload=0
DLafterXdays=30
AppWait=1
EmailBeforeExecution=0
PriorAlert=0
ServiceWait=0
AppMsgBox=0
AppRandomize=0
SaveConfigAfter=0
MoveSnatchReports=0
SnatchReportsToMalwareLogs=1
RunInCMD=0
SendEnter=0
RunWithSystemAccess=0
IsDLInstaller=0
32=1
64=1
XP=1
Vista=1
7=1
8=1
Servers=1
NonDirectURLs=1
LastDownload=6/20/2016
AppDLName=NetFxRepairTool.exe
AutoFlag=0

34
.bin/d7ii/Config/CustomApps_d7II/Microsoft FixIt Portable.cfg Normal file
View file

@ -0,0 +1,34 @@
[Config]
LastEditDate=2/8/2014 12:42:30 AM
AppWebsite=www.microsoft.com
AppDLPage=http://go.microsoft.com/?linkid=9775982
AppDesc=Fix a wide variety of Windows issues all in one portable MS FixIT
App=MicrosoftFixit-portable.exe
UseFTPServer=0
AppURL=http://download.microsoft.com/download/E/2/3/E237A32D-E0A9-4863-B864-9E820C1C6F9A/MicrosoftFixit-portable.exe
AppDLName=MicrosoftFixit-portable.exe
AlwaysAttemptDownload=0
DLafterXdays=5
AppWait=1
PriorAlert=1
ServiceWait=0
AppMsgBox=0
AppRandomize=0
SaveConfigAfter=0
MoveSnatchReports=0
SnatchReportsToMalwareLogs=1
RunInCMD=0
RunWithSystemAccess=0
IsDLInstaller=0
LogVerbiage=Fixed misc. broken Windows functions with %app%
32=1
64=1
XP=1
Vista=1
7=1
8=1
Servers=0
NonDirectURLs=0
Author=FoolishTech
AutoFlag=0
LastDownload=10/27/2017

34
.bin/d7ii/Config/CustomApps_d7II/Microsoft FixIt Win Update (Auto).cfg Normal file
View file

@ -0,0 +1,34 @@
[Config]
Author=FoolishTech
LastEditDate=2/8/2014 1:20:09 AM
AppWebsite=http://support.microsoft.com/kb/971058/en-US
AppDLPage=http://go.microsoft.com/?linkid=9665683
AppDesc=MS FixIt 50202 fixes issues with Windows Update - This will reboot!
App=MicrosoftFixIt50202.msi
AppParms=/passive
UseFTPServer=0
AppURL=http://go.microsoft.com/?linkid=9665683
AppDLName=MicrosoftFixIt50202.msi
AlwaysAttemptDownload=0
DLafterXdays=5
AppWait=1
PriorAlert=0
ServiceWait=0
AppMsgBox=0
AppRandomize=0
SaveConfigAfter=0
MoveSnatchReports=0
SnatchReportsToMalwareLogs=1
RunInCMD=0
RunWithSystemAccess=0
IsDLInstaller=0
32=1
64=1
XP=1
Vista=1
7=1
8=1
Servers=1
NonDirectURLs=0
LastDownload=10/27/2017
AutoFlag=1

34
.bin/d7ii/Config/CustomApps_d7II/Microsoft FixIt Winsock (Auto).cfg Normal file
View file

@ -0,0 +1,34 @@
[Config]
Author=FoolishTech
LastEditDate=2/8/2014 1:03:54 AM
AppWebsite=http://support.microsoft.com/kb/811259
AppDLPage=http://go.microsoft.com/?linkid=9662461
AppDesc=Microsoft FixIt 50203 fixes Winsock corruption issues - This will reboot!
App=MicrosoftFixit50203.msi
AppParms=/passive
UseFTPServer=0
AppURL=http://go.microsoft.com/?linkid=9662461
AppDLName=MicrosoftFixit50203.msi
AlwaysAttemptDownload=0
DLafterXdays=5
AppWait=1
PriorAlert=0
ServiceWait=0
AppMsgBox=0
AppRandomize=0
SaveConfigAfter=0
MoveSnatchReports=0
SnatchReportsToMalwareLogs=1
RunInCMD=0
RunWithSystemAccess=0
IsDLInstaller=0
32=1
64=1
XP=1
Vista=1
7=1
8=1
Servers=1
NonDirectURLs=0
AutoFlag=1
LastDownload=10/27/2017

38
.bin/d7ii/Config/CustomApps_d7II/Microsoft Safety Scanner.cfg Normal file
View file

@ -0,0 +1,38 @@
[Config]
Author=Microsoft
LastEditDate=7/11/2016 1:23:26 PM
PostRunApp=
AppWebsite=https://www.microsoft.com/security/scanner/en-us/default.aspx
AppDLPage=https://www.microsoft.com/security/scanner/en-us/default.aspx
App=msert.exe
App64=msert.exe
AppURL64=http://definitionupdates.microsoft.com/download/definitionupdates/safetyscanner/amd64/msert.exe
AppDLName64=msert.exe
UseFTPServer=0
AppURL=http://definitionupdates.microsoft.com/download/definitionupdates/safetyscanner/x86/msert.exe
AppDLName=msert.exe
AlwaysAttemptDownload=1
DLafterXdays=9
AppWait=1
EmailBeforeExecution=0
PriorAlert=0
ServiceWait=0
AppMsgBox=0
AppRandomize=0
SaveConfigAfter=0
MoveSnatchReports=0
SnatchReportsToMalwareLogs=1
RunInCMD=0
SendEnter=0
RunWithSystemAccess=0
IsDLInstaller=0
32=1
64=1
XP=1
Vista=1
7=1
8=1
Servers=1
NonDirectURLs=0
AutoFlag=0
LastDownload=7/11/2016

35
.bin/d7ii/Config/CustomApps_d7II/Neutron (Sync Time).cfg Normal file
View file

@ -0,0 +1,35 @@
[Config]
DisableCloudShare=0
AppWebsite=http://keir.net/neutron.html
App=neutron\Neutron.exe
UseFTPServer=0
AppURL=http://keir.net/download/neutron.zip
AppDLName=neutron.zip
AlwaysAttemptDownload=0
AppWait=1
ServiceWait=0
AppMsgBox=0
AppRandomize=0
CopyConfigFirst=neutron.ini
SaveConfigAfter=0
MoveSnatchReports=0
SnatchReportsToMalwareLogs=1
RunInCMD=0
RunWithSystemAccess=0
IsDLInstaller=0
32=1
64=1
XP=1
Vista=1
7=1
8=1
Servers=1
PriorAlert=0
LogVerbiage=Synced Windows time with the atomic clock.
Author=FoolishTech
LastEditDate=2/7/2014 10:03:42 AM
AppDLPage=http://keir.net/neutron.html
AppDesc=Sync time with an internet time server
NonDirectURLs=0
AutoFlag=1
LastDownload=10/8/2018

34
.bin/d7ii/Config/CustomApps_d7II/OTL.cfg Normal file
View file

@ -0,0 +1,34 @@
[Config]
App=OTL.exe
AppURL=http://oldtimer.geekstogo.com/OTL.exe
AppDLName=OTL.exe
AppWait=1
AppMsgBox=0
AppRandomize=1
MoveSnatchReports=0
SnatchReportsToMalwareLogs=1
RunInCMD=0
DisableCloudShare=0
UseFTPServer=0
AlwaysAttemptDownload=1
DLafterXdays=7
PriorAlert=1
ServiceWait=0
SaveConfigAfter=0
RunWithSystemAccess=0
IsDLInstaller=0
32=1
64=1
XP=1
Vista=1
7=1
8=1
Servers=1
AppWebsite=http://www.geekstogo.com/forum/topic/277391-otl-tutorial-how-to-use-oldtimer-listit/
LogVerbiage=Performed manual inspection for viruses/malware.
Author=FoolishTech
LastEditDate=2/7/2014 10:05:19 AM
AppDLPage=http://www.geekstogo.com/forum/topic/277391-otl-tutorial-how-to-use-oldtimer-listit/
AppDesc=Malware scanner and startup manager.
NonDirectURLs=0
AutoFlag=0

34
.bin/d7ii/Config/CustomApps_d7II/OpenHardwareMonitor.cfg Normal file
View file

@ -0,0 +1,34 @@
[Config]
DisableCloudShare=0
App=openhardwaremonitor\OpenHardwareMonitor\OpenHardwareMonitor.exe
AppURL=http://openhardwaremonitor.org/files/openhardwaremonitor-v0.6.0-beta.zip
AppDLName=openhardwaremonitor.zip
AlwaysAttemptDownload=0
AppWait=1
ServiceWait=0
AppMsgBox=0
AppRandomize=0
SaveConfigAfter=0
MoveSnatchReports=0
SnatchReportsToMalwareLogs=0
RunInCMD=0
RunWithSystemAccess=0
IsDLInstaller=0
32=1
64=1
XP=1
Vista=1
7=1
8=1
Servers=1
AppWebsite=http://openhardwaremonitor.org/
UseFTPServer=0
PriorAlert=0
LogVerbiage=Checked hardware temperatures / fan speeds.
Author=FoolishTech
LastEditDate=2/7/2014 10:04:27 AM
AppDLPage=http://openhardwaremonitor.org/downloads/
AppDesc=Detailed hardware information
NonDirectURLs=0
AutoFlag=0
LastDownload=10/27/2017

42
.bin/d7ii/Config/CustomApps_d7II/Opened Files View.cfg Normal file
View file

@ -0,0 +1,42 @@
[Config]
Author=dSupportOnline
LastEditDate=10/29/2014 9:41:55 AM
PostRunApp=
AppWebsite=http://www.nirsoft.net/utils/opened_files_view.html
AppDLPage=http://www.nirsoft.net/utils/opened_files_view.html
AppDesc=Shows currently opened files in use by the system
App=ofview\OpenedFilesView.exe
App64=ofview-x64\OpenedFilesView.exe
AppURL64=http://www.nirsoft.net/utils/ofview-x64.zip
AppDLName64=ofview-x64.zip
AppURLSpoof=http://www.nirsoft.net/utils/opened_files_view.html
UseFTPServer=0
AppURL=http://www.nirsoft.net/utils/ofview.zip
AppDLName=ofview.zip
AlwaysAttemptDownload=1
DLafterXdays=5
AppWait=1
EmailBeforeExecution=0
PriorAlert=0
ServiceWait=0
AppMsgBox=0
AppRandomize=0
SaveConfigAfter=1
MoveSnatchReports=0
SnatchReportsToMalwareLogs=1
RunInCMD=0
SendEnter=0
RunWithSystemAccess=0
IsDLInstaller=0
LogVerbiage=Detected currently open files and manipulated as necessary.
32=1
64=1
XP=1
Vista=1
7=1
8=1
Servers=1
NonDirectURLs=0
AutoFlag=0
LastDownload=10/27/2017
CopyConfigFirst=OpenedFilesView.cfg

24
.bin/d7ii/Config/CustomApps_d7II/OpenedFilesView.cfg Normal file
View file

@ -0,0 +1,24 @@
[General]
ToolTipTimeAutoPop=-1
ToolTipTimeInitial=10
ToolTipTimeReshow=10
TrayIcon=0
ShowGridLines=0
ShowOpenedFiles=1
ShowOpenedDirectories=0
ShowNetworkFiles=0
SortOnRefresh=0
HideWindowsFiles=0
HideSystemProcessFiles=0
HideSvchostFiles=0
AddExportHeaderLine=0
ShowInfoTip=1
AutoRefresh=0
SaveFilterIndex=0
ConvertToLongPath=0
MarkModifiedFilenames=1
MarkPositionChange=1
MarkOddEvenRows=0
WinPos=2C 00 00 00 00 00 00 00 01 00 00 00 FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF 00 00 00 00 00 00 00 00 80 02 00 00 E0 01 00 00
Columns=82 00 00 00 2C 01 01 00 3C 00 02 00 78 00 03 00 78 00 04 00 46 00 05 00 64 00 06 00 3C 00 07 00 3C 00 08 00 3C 00 09 00 3C 00 0A 00 3C 00 0B 00 3C 00 0C 00 50 00 0D 00 50 00 0E 00 50 00 0F 00 78 00 10 00 FA 00 11 00 50 00 12 00 50 00 13 00
Sort=0

37
.bin/d7ii/Config/CustomApps_d7II/PatchMyPC (Auto).cfg Normal file
View file

@ -0,0 +1,37 @@
[Config]
Author=FoolishTech
LastEditDate=5/27/2014 1:45:01 PM
AppWebsite=www.patchmypc.net
AppDLPage=www.patchmypc.net
AppDesc=Windows and misc application updater
App=PatchMyPC.exe
AppParms=/auto /update
UseFTPServer=0
AppURL=https://patchmypc.net/freeupdater/PatchMyPC.exe
AppDLName=PatchMyPC.exe
AlwaysAttemptDownload=1
DLafterXdays=3
AppWait=1
PriorAlert=0
ServiceWait=0
AppMsgBox=0
AppRandomize=0
CopyConfigFirst=PatchMyPC.reg
SaveConfigAfter=0
MoveSnatchReports=1
SnatchReportsLoc=%systemdrive%\%computername%.rtf
SnatchReportsToMalwareLogs=0
RunInCMD=0
RunWithSystemAccess=0
IsDLInstaller=0
LogVerbiage=Installed updates Windows and commonly used applications.
32=1
64=1
XP=1
Vista=1
7=1
8=1
Servers=1
NonDirectURLs=0
AutoFlag=1
LastDownload=10/27/2017

37
.bin/d7ii/Config/CustomApps_d7II/PatchMyPC.cfg Normal file
View file

@ -0,0 +1,37 @@
[Config]
Author=FoolishTech
LastEditDate=5/27/2014 1:44:22 PM
AppWebsite=www.patchmypc.net
AppDLPage=www.patchmypc.net
AppDesc=Windows and misc application updater
App=PatchMyPC.exe
UseFTPServer=0
AppURL=http://www.patchmypc.net/PatchMyPC.exe
AppDLName=PatchMyPC.exe
AlwaysAttemptDownload=1
DLafterXdays=3
AppWait=1
PriorAlert=1
ServiceWait=0
AppMsgBox=0
AppRandomize=0
CopyConfigFirst=PatchMyPC.reg
ExportRegAfter=HKLM\Software\Patch My PC\Options
SaveConfigAfter=1
MoveSnatchReports=1
SnatchReportsLoc=%systemdrive%\%computername%.rtf
SnatchReportsToMalwareLogs=0
RunInCMD=0
RunWithSystemAccess=0
IsDLInstaller=0
LogVerbiage=Installed updates Windows and commonly used applications.
32=1
64=1
XP=1
Vista=1
7=1
8=1
Servers=1
NonDirectURLs=0
AutoFlag=0
LastDownload=10/27/2017

36
.bin/d7ii/Config/CustomApps_d7II/Petya Encryption Fix.cfg Normal file
View file

@ -0,0 +1,36 @@
[Config]
Author=Foolish Proctor
LastEditDate=4/13/2016 3:12:07 PM
PostRunApp=
AppWebsite=http://rmprepusb.blogspot.co.uk/2016/04/petya-whole-disk-encryption-fix.html
AppDLPage=http://rmprepusb.blogspot.co.uk/2016/04/petya-whole-disk-encryption-fix.html
App=PetyaExtractor\PetyaExtractor.exe
UseFTPServer=0
AppURL=http://download.bleepingcomputer.com/fabian-wosar/PetyaExtractor.zip
AppDLName=PetyaExtractor.zip
AlwaysAttemptDownload=1
DLafterXdays=7
AppWait=1
EmailBeforeExecution=0
PriorAlert=0
ServiceWait=0
AppMsgBox=0
AppRandomize=0
SaveConfigAfter=0
MoveSnatchReports=0
SnatchReportsToMalwareLogs=1
RunInCMD=0
SendEnter=0
RunWithSystemAccess=0
IsDLInstaller=0
32=1
64=1
XP=1
Vista=1
7=1
8=1
Servers=1
NonDirectURLs=0
AutoFlag=0
AppDesc=Decrypt Disk with Petya malware infection
LogVerbiage=Decrypt Disk infected with Petya malware

38
.bin/d7ii/Config/CustomApps_d7II/Piriform CCleaner (Auto).cfg Normal file
View file

@ -0,0 +1,38 @@
[Config]
App=ccleaner\CCleaner.exe
App64=ccleaner\CCleaner64.exe
AppParms=/auto
AppURL=http://www.piriform.com/ccleaner/download/portable/downloadfile
AppDLName=ccleaner.zip
AppWait=0
AppMsgBox=0
AppRandomize=0
MoveSnatchReports=0
SnatchReportsToMalwareLogs=1
RunInCMD=0
32=1
64=1
XP=1
Vista=1
7=1
8=1
AlwaysAttemptDownload=1
CopyConfigFirst=CCleaner.ini
SaveConfigAfter=0
DisableCloudShare=0
UseFTPServer=0
DLafterXdays=7
PriorAlert=0
ServiceWait=0
RunWithSystemAccess=0
IsDLInstaller=0
Servers=1
AppWebsite=www.piriform.com/ccleaner
LogVerbiage=Scanned registry for unnecessary data and removed.
Author=FoolishTech
LastEditDate=2/7/2014 10:06:48 AM
AppDLPage=http://www.piriform.com/ccleaner/builds
AppDesc=Temp file remover and registry cleaner
NonDirectURLs=0
AutoFlag=1
LastDownload=8/13/2018

37
.bin/d7ii/Config/CustomApps_d7II/Piriform CCleaner.cfg Normal file
View file

@ -0,0 +1,37 @@
[Config]
App=ccleaner\CCleaner.exe
App64=ccleaner\CCleaner64.exe
AppURL=http://www.piriform.com/ccleaner/download/portable/downloadfile
AppDLName=ccleaner.zip
AppWait=0
AppMsgBox=0
AppRandomize=0
MoveSnatchReports=0
SnatchReportsToMalwareLogs=1
RunInCMD=0
32=1
64=1
XP=1
Vista=1
7=1
8=1
AlwaysAttemptDownload=1
CopyConfigFirst=CCleaner.ini
SaveConfigAfter=1
DisableCloudShare=0
UseFTPServer=0
DLafterXdays=7
PriorAlert=1
ServiceWait=0
RunWithSystemAccess=0
IsDLInstaller=0
Servers=1
AppWebsite=www.piriform.com/ccleaner
LogVerbiage=Scanned registry for unnecessary data and removed.
LastEditDate=2/7/2014 10:07:10 AM
AppDLPage=http://www.piriform.com/ccleaner/builds
NonDirectURLs=0
Author=FoolishTech
AppDesc=Temp file remover and registry cleaner
AutoFlag=0
LastDownload=10/27/2017

38
.bin/d7ii/Config/CustomApps_d7II/Piriform Defraggler (Auto).cfg Normal file
View file

@ -0,0 +1,38 @@
[Config]
App=defraggler\df.exe
App64=defraggler\df64.exe
AppParms=%systemdrive%
AppURL=http://www.piriform.com/defraggler/download/portable/downloadfile
AppDLName=defraggler.zip
AppWait=1
AppMsgBox=0
AppRandomize=0
MoveSnatchReports=0
SnatchReportsToMalwareLogs=1
RunInCMD=0
32=1
64=1
XP=1
Vista=1
7=1
8=1
AlwaysAttemptDownload=1
CopyConfigFirst=Defraggler.ini
SaveConfigAfter=0
DisableCloudShare=0
UseFTPServer=0
DLafterXdays=7
PriorAlert=0
ServiceWait=0
RunWithSystemAccess=0
IsDLInstaller=0
Servers=1
AppWebsite=www.piriform.com/defraggler
LogVerbiage=Defragmented file system (Defraggler)
Author=FoolishTech
LastEditDate=2/7/2014 10:07:50 AM
AppDLPage=http://www.piriform.com/defraggler/builds
AppDesc=Disk defragmenter
NonDirectURLs=0
AutoFlag=1
LastDownload=10/27/2017

37
.bin/d7ii/Config/CustomApps_d7II/Piriform Defraggler.cfg Normal file
View file

@ -0,0 +1,37 @@
[Config]
App=Defraggler\Defraggler.exe
App64=Defraggler\Defraggler64.exe
AppURL=http://www.piriform.com/defraggler/download/portable/downloadfile
AppDLName=defraggler.zip
AppWait=1
AppMsgBox=0
AppRandomize=0
MoveSnatchReports=0
SnatchReportsToMalwareLogs=1
RunInCMD=0
32=1
64=1
XP=1
Vista=1
7=1
8=1
AlwaysAttemptDownload=1
CopyConfigFirst=Defraggler.ini
SaveConfigAfter=1
DisableCloudShare=0
UseFTPServer=0
DLafterXdays=7
PriorAlert=1
ServiceWait=0
RunWithSystemAccess=0
IsDLInstaller=0
Servers=1
AppWebsite=www.piriform.com/defraggler
LogVerbiage=Defragmented file system (Defraggler)
Author=FoolishTech
LastEditDate=2/7/2014 10:08:05 AM
AppDLPage=http://www.piriform.com/defraggler/builds
AppDesc=Disk defragmenter
NonDirectURLs=0
AutoFlag=0
LastDownload=10/27/2017

33
.bin/d7ii/Config/CustomApps_d7II/Piriform Recuva.cfg Normal file
View file

@ -0,0 +1,33 @@
[Config]
DisableCloudShare=0
App=recuva\recuva.exe
App64=recuva\recuva64.exe
AppURL=http://www.piriform.com/recuva/download/portable/downloadfile
AppDLName=recuva.zip
AlwaysAttemptDownload=0
AppWait=1
ServiceWait=0
AppMsgBox=0
AppRandomize=0
SaveConfigAfter=0
MoveSnatchReports=0
SnatchReportsToMalwareLogs=0
RunInCMD=0
RunWithSystemAccess=0
IsDLInstaller=0
32=1
64=1
XP=1
Vista=1
7=1
8=1
Servers=1
AppWebsite=www.piriform.com/recuva
UseFTPServer=0
PriorAlert=0
Author=FoolishTech
LastEditDate=2/7/2014 10:08:40 AM
AppDLPage=http://www.piriform.com/recuva/builds
AppDesc=File undelete utility
NonDirectURLs=0
AutoFlag=0

35
.bin/d7ii/Config/CustomApps_d7II/Piriform Speccy.cfg Normal file
View file

@ -0,0 +1,35 @@
[Config]
DisableCloudShare=0
App=speccy\Speccy.exe
App64=speccy\Speccy64.exe
AppURL=http://www.piriform.com/speccy/download/portable/downloadfile
AppDLName=speccy.zip
AlwaysAttemptDownload=0
AppWait=1
ServiceWait=0
AppMsgBox=0
AppRandomize=0
SaveConfigAfter=0
MoveSnatchReports=0
SnatchReportsToMalwareLogs=0
RunInCMD=0
RunWithSystemAccess=0
IsDLInstaller=0
32=1
64=1
XP=1
Vista=1
7=1
8=1
Servers=1
AppWebsite=www.piriform.com/speccy
UseFTPServer=0
PriorAlert=0
LogVerbiage=Gathered information on system specs.
Author=FoolishTech
LastEditDate=2/7/2014 10:09:08 AM
AppDLPage=http://www.piriform.com/speccy/builds
AppDesc=System information utility.
NonDirectURLs=0
AutoFlag=0
LastDownload=10/27/2017

39
.bin/d7ii/Config/CustomApps_d7II/PreviousFilesRecovery.cfg Normal file
View file

@ -0,0 +1,39 @@
[Config]
LastEditDate=7/14/2016 4:49:58 PM
PostRunApp=
AppWebsite=http://www.nirsoft.net/utils/previous_files_recovery.html
AppDLPage=http://www.nirsoft.net/utils/previous_files_recovery.html
AppDesc=Recover Previous Files
App=previousfilesrecovery\PreviousFilesRecovery.exe
App64=previousfilesrecovery-x64\PreviousFilesRecovery.exe
AppURL64=http://www.nirsoft.net/utils/previousfilesrecovery-x64.zip
AppDLName64=previousfilesrecovery-x64.zip
UseFTPServer=0
AppURL=http://www.nirsoft.net/utils/previousfilesrecovery.zip
AppDLName=previousfilesrecovery.zip
AlwaysAttemptDownload=1
DLafterXdays=30
AppWait=1
EmailBeforeExecution=0
PriorAlert=0
ServiceWait=0
AppMsgBox=0
AppRandomize=0
SaveConfigAfter=0
MoveSnatchReports=0
SnatchReportsToMalwareLogs=1
RunInCMD=0
SendEnter=0
RunWithSystemAccess=0
IsDLInstaller=0
LogVerbiage=Recover Previous Files
32=1
64=1
XP=1
Vista=1
7=1
8=1
Servers=1
NonDirectURLs=0
AutoFlag=0
Author=FoolishProctor

39
.bin/d7ii/Config/CustomApps_d7II/RegFromApp-x32.cfg Normal file
View file

@ -0,0 +1,39 @@
[Config]
Author=dSupportOnline
LastEditDate=10/29/2014 9:50:53 AM
PostRunApp=
AppWebsite=http://www.nirsoft.net/utils/reg_file_from_application.html
AppDLPage=http://www.nirsoft.net/utils/reg_file_from_application.html
AppDesc=Shows registry entries created by a selected process
App=regfromapp\RegFromApp.exe
AppURLSpoof=http://www.nirsoft.net/utils/reg_file_from_application.html
UseFTPServer=0
AppURL=http://www.nirsoft.net/utils/regfromapp.zip
AppDLName=regfromapp.zip
AlwaysAttemptDownload=1
DLafterXdays=5
AppWait=1
EmailBeforeExecution=0
PriorAlert=0
ServiceWait=0
AppMsgBox=0
AppRandomize=0
CopyConfigFirst=RegFromApp.cfg
SaveConfigAfter=1
MoveSnatchReports=0
SnatchReportsToMalwareLogs=1
RunInCMD=0
SendEnter=0
RunWithSystemAccess=0
IsDLInstaller=0
LogVerbiage=Detected registry entries created by 32-bit application.
32=1
64=1
XP=1
Vista=1
7=1
8=1
Servers=1
NonDirectURLs=0
AutoFlag=0
LastDownload=10/27/2017

39
.bin/d7ii/Config/CustomApps_d7II/RegFromApp-x64.cfg Normal file
View file

@ -0,0 +1,39 @@
[Config]
Author=dSupportOnline
LastEditDate=10/29/2014 9:52:31 AM
PostRunApp=
AppWebsite=http://www.nirsoft.net/utils/reg_file_from_application.html
AppDLPage=http://www.nirsoft.net/utils/reg_file_from_application.html
AppDesc=Shows registry entries created by a selected 64-bit process
App=regfromapp-x64\RegFromApp.exe
AppURLSpoof=http://www.nirsoft.net/utils/reg_file_from_application.html
UseFTPServer=0
AppURL=http://www.nirsoft.net/utils/regfromapp-x64.zip
AppDLName=regfromapp-x64.zip
AlwaysAttemptDownload=1
DLafterXdays=5
AppWait=1
EmailBeforeExecution=0
PriorAlert=0
ServiceWait=0
AppMsgBox=0
AppRandomize=0
CopyConfigFirst=RegFromApp.cfg
SaveConfigAfter=1
MoveSnatchReports=0
SnatchReportsToMalwareLogs=1
RunInCMD=0
SendEnter=0
RunWithSystemAccess=0
IsDLInstaller=0
LogVerbiage=Detected registry entries created by 64-bit application.
32=0
64=1
XP=1
Vista=1
7=1
8=1
Servers=1
NonDirectURLs=0
AutoFlag=0
LastDownload=10/27/2017

9
.bin/d7ii/Config/CustomApps_d7II/RegFromApp.cfg Normal file
View file

@ -0,0 +1,9 @@
[General]
RegFileVersion=5
AddOnlyModifiedValues=1
DisplayMode=1
ProcessPath=
ProcessParams=
StartImmediately=0
ListViewSortProcess=0
WinPos=2C 00 00 00 00 00 00 00 01 00 00 00 FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF 00 00 00 00 00 00 00 00 80 02 00 00 E0 01 00 00

38
.bin/d7ii/Config/CustomApps_d7II/Revo Uninstaller.cfg Normal file
View file

@ -0,0 +1,38 @@
[Config]
Author=FoolishTech
LastEditDate=8/30/2016 3:23:42 PM
PostRunApp=
AppWebsite=http://www.revouninstaller.com/
AppDLPage=http://www.revouninstaller.com/download-free-portable.php
AppDesc=Application uninstaller and cleanup utility
App=revouninstaller\RevoUninstaller_Portable\x86\RevoUn.exe
App64=revouninstaller\RevoUninstaller_Portable\x64\RevoUn.exe
UseFTPServer=0
AppURL=http://www.revouninstaller.com/download/revouninstaller.zip
AppDLName=revouninstaller.zip
AlwaysAttemptDownload=1
DLafterXdays=7
AppWait=1
EmailBeforeExecution=0
PriorAlert=1
ServiceWait=0
AppMsgBox=0
AppRandomize=0
SaveConfigAfter=0
MoveSnatchReports=0
SnatchReportsToMalwareLogs=1
RunInCMD=0
SendEnter=0
RunWithSystemAccess=0
IsDLInstaller=0
LogVerbiage=Uninstalled unnecessary / junk programs.
32=1
64=1
XP=1
Vista=1
7=1
8=1
Servers=1
NonDirectURLs=0
AutoFlag=0
LastDownload=10/27/2017

41
.bin/d7ii/Config/CustomApps_d7II/Rogue Killer.cfg Normal file
View file

@ -0,0 +1,41 @@
[Config]
Author=FoolishTech
LastEditDate=6/19/2015 4:06:02 PM
PostRunApp=
AppWebsite=http://www.adlice.com/softwares/roguekiller/
AppDLPage=http://www.adlice.com/softwares/roguekiller/
AppDesc=Rogue malware remover.
App=RogueKiller.exe
App64=RogueKillerX64.exe
AppURL64=http://download.adlice.com/RogueKiller/RogueKillerX64.exe
AppDLName64=RogueKillerX64.exe
UseFTPServer=0
AppURL=http://download.adlice.com/RogueKiller/RogueKiller.exe
AppDLName=RogueKiller.exe
AlwaysAttemptDownload=1
DLafterXdays=3
AppWait=1
EmailBeforeExecution=0
PriorAlert=1
ServiceWait=1
AppMsgBox=0
AppRandomize=1
SaveConfigAfter=0
MoveSnatchReports=1
SnatchReportsLoc=%programdata%\RogueKiller\Logs\RKreport*.txt
SnatchReportsToMalwareLogs=1
RunInCMD=0
SendEnter=0
RunWithSystemAccess=0
IsDLInstaller=0
LogVerbiage=Scanned for rogue applications and malware (RogueKiller)
32=1
64=1
XP=1
Vista=1
7=1
8=1
Servers=0
NonDirectURLs=0
AutoFlag=0
LastDownload=6/19/2015

39
.bin/d7ii/Config/CustomApps_d7II/ShadowCopyView.cfg Normal file
View file

@ -0,0 +1,39 @@
[Config]
Author=Proctor Foolish IT LLC
LastEditDate=6/27/2016 9:46:36 AM
PostRunApp=
AppWebsite=http://www.nirsoft.net/utils/shadow_copy_view.html
AppDLPage=http://www.nirsoft.net/utils/shadow_copy_view.html
App=shadowcopyview\ShadowCopyView.exe
App64=shadowcopyview-x64\ShadowCopyView.exe
AppURL64=http://www.nirsoft.net/utils/shadowcopyview-x64.zip
AppDLName64=shadowcopyview-x64.zip
UseFTPServer=0
AppURL=http://www.nirsoft.net/utils/shadowcopyview.zip
AppDLName=shadowcopyview.zip
AlwaysAttemptDownload=1
DLafterXdays=30
AppWait=1
EmailBeforeExecution=0
PriorAlert=0
ServiceWait=0
AppMsgBox=0
AppRandomize=0
SaveConfigAfter=0
MoveSnatchReports=0
SnatchReportsToMalwareLogs=1
RunInCMD=0
SendEnter=0
RunWithSystemAccess=0
IsDLInstaller=0
32=1
64=1
XP=1
Vista=1
7=1
8=1
Servers=1
NonDirectURLs=0
AppDesc=Manage Shadow Copy files
LogVerbiage=Manage Shadow Copy files
LastDownload=6/27/2016

33
.bin/d7ii/Config/CustomApps_d7II/Should I Remove It (Uninstall).cfg Normal file
View file

@ -0,0 +1,33 @@
[Config]
Author=dSupportOnline
LastEditDate=10/9/2014 1:41:32 PM
PostRunApp=
AppWebsite=http://www.shouldiremoveit.com
App=%WINDIR%\System32\MsiExec.exe
App64=%WINDIR%\SysWow64\MsiExec.exe
AppParms=/X{4E62123C-4C0D-4123-A8A2-C0103B92D7EA} /qn
UseFTPServer=0
AlwaysAttemptDownload=0
DLafterXdays=5
AppWait=1
EmailBeforeExecution=0
PriorAlert=0
ServiceWait=0
AppMsgBox=0
AppRandomize=0
SaveConfigAfter=0
MoveSnatchReports=0
SnatchReportsToMalwareLogs=1
RunInCMD=0
SendEnter=0
RunWithSystemAccess=0
IsDLInstaller=0
32=1
64=1
XP=1
Vista=1
7=1
8=1
Servers=0
NonDirectURLs=0
AutoFlag=1

39
.bin/d7ii/Config/CustomApps_d7II/Should I Remove It.cfg Normal file
View file

@ -0,0 +1,39 @@
[Config]
LastEditDate=10/9/2014 2:12:59 PM
AppWebsite=http://www.shouldiremoveit.com
AppDLPage=http://www.shouldiremoveit.com/download.aspx
UseFTPServer=0
InstallerParms=/qn
InstallerName=ShouldIRemoveIt_Setup.exe
AppURL=http://www.shouldiremoveit.com/installers/ShouldIRemoveIt_Setup.exe
AppDLName=ShouldIRemoveIt_Setup.exe
AlwaysAttemptDownload=1
DLafterXdays=5
AppWait=1
PriorAlert=0
ServiceWait=0
AppMsgBox=0
AppRandomize=0
SaveConfigAfter=0
MoveSnatchReports=0
SnatchReportsToMalwareLogs=1
RunInCMD=0
RunWithSystemAccess=0
IsDLInstaller=1
32=1
64=1
XP=1
Vista=1
7=1
8=1
Servers=0
NonDirectURLs=0
App=%programfiles(x86)%\Reason\Should I Remove It\ShouldIRemoveIt.exe
Author=dSupportOnline
PostRunApp=Should I Remove It (Uninstall)
EmailBeforeExecution=0
SendEnter=0
AutoFlag=0
LastDownload=10/27/2017
AppDesc=Crowdsource installed programs to determine if they are malicious.
LogVerbiage=Verified installed programs against crowdsource rating system.

Some files were not shown because too many files have changed in this diff Show more