- Performed a lot of work to improve deleting stubborn files/directories and registry keys/values in various functions, part of which has to do with the next item.
- Vastly improved internal d7x functionality to take ownership of files and registry keys/values, and taking ownership of files and registry keys/values.
- Updated “Extensions – Action\Take Ownership/Permissions” shell extension to use faster internal d7x functionality before resorting to subinacl.exe.
- Replaced all functionality involving (the d7II based) FileHandler.exe with internal d7x.exe functionality, fixing and improving numerous functions related to the shell extensions temporarily installed in Windows Explorer by d7x.
- Several other d7x Resources\Modules were made obsolete with d7x.exe functionality in addition to FileHandler.exe, such as StartupKill.exe, and more.
- Fixed “Extensions\Upload to VirusTotal” shell extension, and VirusTotal functionality in the Examine File shell extension and through other areas of d7x such as the Malware Search Tool.
- Fixed “StartupKill” functionality (first tab in Config) which would not properly save/read the definition files.
- Fixed “Extensions – Action\Unlock File” shell extension and “File Unlocker” functionality on the d7x Tools tab, which closes all open file handles to any file you select, thereby “unlocking” the file for use/move/delete operations. Subsequently all internal functionality which uses the underlying UnlockFile function in d7x is now working properly as well (e.g. delete functionality which unlocks a file as a small part of it’s delete failure/retry process.)
- Fixed “Extensions – Action\Secure Delete” shell extension.
- The “Extensions – Action\Delete” function has been greatly improved, not just with the improved delete, unlock file, and take ownership/permissions functionality, but also including auto-elevation to TrustedInstaller privileges, and bringing back an older d7 feature to prompt you to “Rename with Dummy” “Create an IFEO to prevent EXE from running” and “Delete file on Reboot” should all other attempts to delete in real-time fail. Logging has been updated to include delete results in the “Manual Tools Log.txt” report file under Malware Logs. This is truly the best delete function you will find anywhere.
- Improved “Extensions – Action\Rename with Dummy…” shell extension and logging, also under “Manual Tools Log.txt”
- Removed a few old and pointless shell extensions such as “Delete on Reboot” (see above.)
Leave a Reply