Killer_Virus

Level 2
For the next version, FixAll'll kill all processes except those vital to the launch.
I removed this feature temporarily...
 
M

MalwareT

I'd like to use it in my VM,so what's the purpose of this tool ?
 

Prorootect

Level 53
Verified
Hi Kiler_virus,

The translation of your Frech post that I made, with Google translator together:

'FixAll v1.5

Redesign of the GUI, and the removal section
Reattaching the kill processes when starting FixAll

Adding Exceptions

FixAll changes the appearance to offer a RogueKiller like interface. This helps to better manage FPs as simply uncheck the incriminated box ..

New interface:


I at the same time completely redone the suppression part which provides increased speed and cleaner code
In accordance with the votes on Helper Training, I reattached the function kill processes

I also took the opportunity to update the Changelog'

________________

- my short comment:

Interface is clean, with interesting possibilities .. how works Security button?

- my small suggestion - make English GUI only ..
I see all your tabs - too on PCHunter, or too on PowerTool .. and to check USB - I have MCShield ..

Thank you!

PS.
Link to Download page (does not work in IE8 ..): https://toolslib.net/downloads/viewdownload/5-fixall
 
Last edited:
  • Like
Reactions: Killer_Virus

Prorootect

Level 53
Verified
I started your portable (good!) soft .. and the desktop with all icons refreshed, and my browsers stopped .. why, please?

Then crowdinspect.exe is legit.
All positions in 'Winlogon/Notify' are legit too.

So I have nothing bad.
 

Killer_Virus

Level 2
In accordance with the votes on Helper Training, I reattached the function kill processes
FixAll kill all processes in start (for kill FakeAv, for exemple).
Can you send the FixAll's report ? :D

++

Edit : Oh, i have fixed the Winlogon\Notify's bug. I will upload the new version ;)
Edit 2 : The new version is uploaded.
 
Last edited:
  • Like
Reactions: Prorootect

Dubseven

New Member
No need to contact Mcafee, he isn't trying to hide anything or doing anything against their licensing restrictions. Mcafee don't need to have a partnership with the software in order for the Fixall tool to download RootkitRemover.

@Fantasy ~ Exactly what I was thinking too and it can be quite harmful for people to go reporting this kind of behaviour software to antivirus vendors when there is no evidence it's doing something not allowed. What if Mcafee mark this tool as a trojan now simply because of receiving the report and not having time to analyse it properly? I've seen it happen before, and I don't think it's fair to be honest, certainly not helpful to either the programmer or Mcaffee.
It's not the first time that's someone on MT reports softwares to antivirus vendors without evidence of "not allowed" :D

-----------------------------------

I have tryed your software, it's look like a ComboFix v2.
Closing all processes is a very bad idea because Tiranium and avast! stopped it multiple time and this function will not really change anything for your software because you can't run FixAll with a rogue/ransomware running in the background.

About the power of detection, my five home-made trojans are not detected and 3 downloaded trojans not detected.
About the DNS, it's bad too. You reset the DNS installed on the network, that is a bad idea because i need the OpenDNS to access some pages and your tool remove it for no reason and it's painful to put it again everytime.

Need a little more work :)

Regards,
 
  • Like
Reactions: Cowpipe

Prorootect

Level 53
Verified
.. and why new Registry entry (MFE_RR\ImagePath) is created and persistent after reboot?

Edit:
OK., MFE_RR is McAfe RootkitRemover driver, designed to Temp folder.
I deleted Registry entry ..
 
Last edited:

Killer_Virus

Level 2
It's not the first time that's someone on MT reports softwares to antivirus vendors without evidence of "not allowed" :D
McAfee allow this usage. You can read the McAfee's licence if you want :p

Closing all processes is a very bad idea because Tiranium and avast! stopped it multiple time and this function will not really change anything for your software because you can't run FixAll with a rogue/ransomware running in the background.
The good AV can't be stopped by FixAll (services, drivers,...) :D And FakeAv is an exemple : others malwares can be stopped ;)


About the power of detection, my five home-made trojans are not detected and 3 downloaded trojans not detected.
It's a tool of disinfection, are you launch your trojans ?

About the DNS, it's bad too. You reset the DNS installed on the network, that is a bad idea because i need the OpenDNS to access some pages and your tool remove it for no reason and it's painful to put it again everytime.
FixAll doesn't reset the legitimate DNS, only malicious ;)


.. and why new Registry entry (MFE_RR\ImagePath) is created and persistent after reboot?

Edit:
OK., MFE_RR is McAfe RootkitRemover driver, designed to Temp folder.
I deleted Registry entry ..
Oh sorry, i add the driver's removal in the next version ;)

Thanks ! :D
 
  • Like
Reactions: Prorootect