Help & Support

See All FAQs and Terms (Quick Links) for links to all FAQs including purchase terms, free software agreements, and software licensing terms.

A note about Anti-Virus detections

Sometimes our software can be falsely flagged as a ‘threat’ by some Anti-Virus, Anti-Malware, etc. security software vendors.

Read more about Anti-Virus Detections (False Positives) on this page, which includes external links to submit “false positive” detections to most security software vendors.

If you happen to be looking at results from VirusTotal.com, please be aware that several anti-virus scanning engines used will detect a virus in just about any software, VBA32 is particularly known for this, as well as several others.  Therefore, it is very typical for perfectly legitimate/clean files to have one, two, even three or more detections from the nearly 70 scanning engines used in a typical VirusTotal.com scan.

Email  (Troubleshooting Issues)

For CryptoPrevent, please see the CryptoPrevent Email FAQ here.

For d7x, please see the Email Configuration section of the d7x manual here.

All other applications, if you are having issues with GMail try the steps below:

GMail’s SMTP server is “smtp.gmail.com” and it can be accessed on port 465/SSL or port 587/TLS or StartTLS; select “Auto” for authentication if available.

Be certain to include the domain name (e.g. @gmail.com or @yourcustomdomain.com) in the SMTP username field.

For accounts without two factor authentication, enabling the “less secure application” feature may help:  https://www.google.com/settings/security/lesssecureapps

Two factor authentication can complicate things as well, and when using this you will need an “application specific password” in order to connect properly to the server through this app.  Learn more and obtain application specific passwords here:  https://support.google.com/accounts/answer/185833?hl=en and you can manage them at this link:  https://security.google.com/settings/security/apppasswords

Finally, we have also had reports that Gmail will sometimes block what it considers a ‘suspicious login‘ and that it should alert you of this the next time you login to the webmail interface.  You should be notified that you can ‘unlock‘ your account by going to this link:  https://accounts.google.com/DisplayUnlockCaptcha  after which the account should be unlocked and email sending will no longer be blocked.

Digital Signatures and User Account Control

Most if not all of our applications are digitally signed.  Information from the digital signature is displayed in User Account Control pop-ups (requesting admin rights) prior to running the apps.

You can examine any digital certificate by clicking more info on one of these prompts, or by right-clicking on the file from Windows Explorer, selecting “Properties” from the bottom of the drop-down menu, and then selecting the “Digital Signatures” tab.

There are two issues that may occur related to Digital Signatures, both amount to the same symptom:

1. With some of our very old software, on some systems the signature was not correctly recognized as a trusted publisher, invoking the yellow/orange warning “User Account Control” box and displaying “unknown” as the publisher.  This should no longer be an issue; several years ago we moved away from StartSSL for our code signing certificates; most recently we have used SSL.com, which should be supported on all modern platforms “out of the box” and without update.

To resolve the issue, be sure and install the Trusted Root Certificates update from Microsoft/Windows Update.  If this does not appear in the updates list, you may manually download and install the package directly from Microsoft HERE for Windows XP.  Alternately, visit  which will prompt you to download the appropriate cert, open the file and select Install.

2. With some of our aging software (where a new version has not been released in several years) the pre-existing digital certificates that the application is signed with have expired.  An expired certificate will cause Windows to act as if there was no certificate at all, invoking the yellow/orange warning “User Account Control” box and displaying “unknown” as the publisher, rather than d7xTech, Inc.  This is because the certificate is designed to expire after a period of time (we choose the maximum 3-year certificates) and that “we just need to update the digital signature” on that file because it is over 3 years old; but this in no way indicates the software is malicious or infected.  You can still manually examine an expired digital certificate for validity as mentioned above, if you wish to make your own decision based on that.

Current versions of our software are signed with an Extended Validation (EV) certificate, meaning essentially that we (as a company, and myself as the owner) underwent a more stringent identity verification process before the EV certificate was issued; it also means we paid a good bit more for the EV certificate.  We chose to go with an EV certificate because it allows our software to download and slip past any initial Windows Smart Screen warnings/user prompts by establishing a “relationship” with the Smart Screen filter.  When an EV certificate is NOT present, Windows Smart Screen filter normally triggers a warning when software is either known to be malicious (of course) OR if the software not “well-known” according to some unknown Microsoft standard/logic (which ultimately amounts to not having the EV certificate.)

Digital Signatures and White-Label Software

If you are an IT services provider using our related software such as d7x or dSupportSuite, you may expect the ability to fully brand this “White-Label” software with your business logo and details.  Unfortunately, this is only partially true (without a lot of effort on your part) because the User Account Control dialog will always display information to the user from the file’s digital signature, specifically the original name of the software (before any white-label modifications) and of course the trusted publisher which is our company name.

This issue affects not only our software, but all software from anywhere else, because the trusted publisher information appearing on the User Account Control prompt of ANY application cannot be altered, except by “signing” the executable with a new digital signature.  Otherwise, User Account Control would be a pretty pointless feature, as all manner of malware could disguise itself as legitimate applications!

So how can you sign the executable with your own digital signature, specifying your own company name?  The process can be somewhat involved and requires paying for and obtaining an identity verification from a trusted certificate authority, such as SSL.com (now the least expensive company mentioned), Comodo, Verisign, Digicert, or StartSSL.  Granted this information may be a little outdated, the process of obtaining identity verification, a digital code signing certificate, and applying that to the executable is outlined in a now very old blog post called Digital Code Signing – What a Chore! if you are curious and maybe want to do this yourself.

Anti-Virus/Malware/Security Software and “False Positives”

Please note that our software here at FoolishIT.com (as well as software from other reputable vendors such as Nirsoft.net) will trigger a certain amount of ‘false positive’ alerts with various anti-virus or anti-malware software.  This is to be expected depending on the nature of the product, and tends to happen with software vendors that create powerful tools (like some of ours which are used by PC technicians in the repair industry.)

This causes major headaches especially for small developers like ourselves (terminology borrowed from Nir Sofer’s blog post from 2009) who do not have the notoriety, influence, or gangs of attorneys waiting and working to ensure our reputation isn’t damaged by careless Anti-Virus/Anti-Malware software vendors.  Often aggressive heuristics and even definition releases flag our PC technician software in particular, which is very powerful with many capabilities and features that do access and alter Windows files and configurations but of course only for repair (and tweak) purposes.

Scroll to the bottom of the page for external links and resources!!!

The first type:  “Infected”

Often these ‘false positives’ directly state the file is infected, typically with something ‘generic’ in the name.  Many times this is due to the software compression applied to the executable (program) file, in order to reduce file size and perhaps to help make the software “portable” (meaning it doesn’t require ‘installation’ on a PC, but can run from wherever you downloaded it to.)

Tools used to compress executable files (aka ‘exe packers’ or similar) can greatly reduce file size, saving space but also internet bandwidth in distribution efforts, ultimately reducing overhead costs.  They can also obscure source code that is visible (using the right tools) inside the program, providing protection against decompilation and other techniques of ‘reverse-engineering’ the software, which software crackers would use in theft of the product, such as ‘piracy’ (through usage and/or distribution) but also with theft of the intellectual property itself by direct source code reproduction.

Of course, the above also makes it more difficult for an Anti-whatever vendor to make a determination about the software’s intent – more often than not they don’t care to properly unpack and examine the executable, but rather mark it as malicious simply because that type of compression is detected.

The second type:  “Potentially Unwanted” (or similar)

Another ‘false positive’ is what the Anti-Virus or Anti-Malware vendors DO NOT consider a ‘false positive’ but rather an intentional but ‘potentially unwanted’ program (or using similar terminology) while the text DOES NOT mention an ‘infection’ in any way.  The alert box presented to the user also generally appears as if it were an infection however, using the same BOLD/RED text or other scheme as they do with real infections.

The problem is that some software, while NOT being used maliciously, COULD be used maliciously, depending on the user of such software…  The Anti-whatever software doesn’t know that YOU are trying to USE it, it just knows that it could be used by an attacker maliciously and without your knowledge.

Almost always Anti-whatever vendors will make the default (or ‘recommended’) action to stop/block/quarantine/remove the software, even when it is quite harmless.  This can be bad for a number of reasons, such as by letting the Anti-whatever do it’s thing to ‘protect’ you, it just might damage the legitimate installation beyond a clean removal, possibly impacting your operating system negatively in some way.  Depending on the software, it may be better to uninstall it the proper way.

There are really too many variables in the determination above to explain here, so don’t take our word for it because we aren’t giving it (we don’t know what you’ve downloaded either) but we know that the Anti-whatever software isn’t taking those variables into account, in fact they ignore them completely.  Only an informed ‘you’ can and should make that decision!  So if you are unsure, think about it, search the web carefully for more information, and finally call a local professional for help if that doesn’t work.

Either way it is always better to pay attention to the terminology and make your own informed decisions!

If you are receiving a detection with our software:

We’re not saying our software is immune to infection, rather due to the nature of our software it is often flagged as malicious, or “potentially unwanted” programs.  Rarely do security software vendors explain what they consider “potentially unwanted” to their customers, specifically not differentiating this category properly from actual threats, which can be seen in various indicators and reports from within the program’s interface.  It is also inevitable that some real threats are introduced to these “potentially unwanted” categories, for one reason or another, creating further confusion.

If you believe our software is potentially infected, please visit www.VirusTotal.com and upload our software for review.  Please understand however that the results are not fact, and you will likely see false positives here!  VirusTotal.com (now Google owned) is a mass virus scan engine designed to use a large variety of security software scanners from various vendors, and it is the very thing we’re talking about here!  As such, it is important to realize that if one should not use the results of a the scan to determine an actual infection.  The results are however a good indicator, as a high number of detections from vendors may reveal an infection, whereas a low number suggests a false positive.

We also strongly encourage you to consider submitting a “false positive” report to the vendor.  Typically the software allows submission of the detected samples along with gathered information for review.  If this option isn’t available, please fill out a false positive submission with the vendor.  You can find links to various vendors’ false positive submission forms below.

For large security software vendors, it may take many false positive submissions before they are noticed and can invest their time and resources to investigate.  Additionally, new versions of the same software often trigger the same or completely new detections, so they must be submitted again in the same way that previous versions of the software were reported.

Simply put, do not assume that someone else did it.  Numbers matter, so the more people who help in submitting false positives, the sooner they can get these issues resolved.  Your help will always be appreciated in this effort!

Known False Positive Submission Links:

If any information in the list is incorrect, please let us know!

• Avast (email only)
• AVG (20MB file limit, else use this email and compress it with a password.)
• Avira (or this email)
• Bitdefender (also this email, and the Emsisoft forum is another option (free account/login required.)
• ClamAV (or this email; uses Immunet Protect definitions)
• Comodo (or this email)
• Emsisoft (or the Emsisoft forum)
• Kaspersky (or this email)
• McAfee (email only)
• NOD32 (email only)
• Panda (or this email)
• Sophos (or this email)
• Symantec
• Trend Micro
• Vipre (or this email)
• Windows Defender (or this email)
• If your product is not listed here, a more comprehensive list with links is available on techsupportalert.com.

* Please realize that any request or submission does not guarantee any vendor will fix a false positive.  As an example:  some of our software has the capability of retrieve the Windows product key, used to install Windows on a PC – which could be used for legitimate or illegitimate purposes.  For this reason certain detections will likely never be removed, though some vendors may opt to downgrade their classification of the ‘threat’ to their ‘potentially unwanted programs’ category.  Nir Sofer’s blog post from 2009 shows us this isn’t even close to being a new phenomenon, so as we constantly fight these battles with “big a/v” we’re not expecting to win the war anytime soon…