Ok will test it and see what it can do
FixAll kill all processes in start (for kill FakeAv, for exemple).In accordance with the votes on Helper Training, I reattached the function kill processes
It's not the first time that's someone on MT reports softwares to antivirus vendors without evidence of "not allowed"No need to contact Mcafee, he isn't trying to hide anything or doing anything against their licensing restrictions. Mcafee don't need to have a partnership with the software in order for the Fixall tool to download RootkitRemover.
@Fantasy ~ Exactly what I was thinking too and it can be quite harmful for people to go reporting this kind of behaviour software to antivirus vendors when there is no evidence it's doing something not allowed. What if Mcafee mark this tool as a trojan now simply because of receiving the report and not having time to analyse it properly? I've seen it happen before, and I don't think it's fair to be honest, certainly not helpful to either the programmer or Mcaffee.
McAfee allow this usage. You can read the McAfee's licence if you wantIt's not the first time that's someone on MT reports softwares to antivirus vendors without evidence of "not allowed"
The good AV can't be stopped by FixAll (services, drivers,...) And FakeAv is an exemple : others malwares can be stoppedClosing all processes is a very bad idea because Tiranium and avast! stopped it multiple time and this function will not really change anything for your software because you can't run FixAll with a rogue/ransomware running in the background.
It's a tool of disinfection, are you launch your trojans ?About the power of detection, my five home-made trojans are not detected and 3 downloaded trojans not detected.
FixAll doesn't reset the legitimate DNS, only maliciousAbout the DNS, it's bad too. You reset the DNS installed on the network, that is a bad idea because i need the OpenDNS to access some pages and your tool remove it for no reason and it's painful to put it again everytime.
Oh sorry, i add the driver's removal in the next version.. and why new Registry entry (MFE_RR\ImagePath) is created and persistent after reboot?
OK., MFE_RR is McAfe RootkitRemover driver, designed to Temp folder.
I deleted Registry entry ..