[Tool] FixAll

Status
Not open for further replies.

WinXPert

Level 25
Verified
Honorary Member
Top Poster
Malware Hunter
Well-known
Jan 9, 2013
1,457
Ok will test it and see what it can do
 

Killer_Virus

Level 2
Thread author
Verified
Jul 11, 2014
92
Okay, thanks but you want me to post a bêta version with a processus kill in start ?
 

WinXPert

Level 25
Verified
Honorary Member
Top Poster
Malware Hunter
Well-known
Jan 9, 2013
1,457
Well my only problem is I don't speak the lingo :)
 

Killer_Virus

Level 2
Thread author
Verified
Jul 11, 2014
92
For the next version, FixAll'll kill all processes except those vital to the launch.
I removed this feature temporarily...
 

Prorootect

Level 69
Verified
Nov 5, 2011
5,855
Hi Kiler_virus,

The translation of your Frech post that I made, with Google translator together:

'FixAll v1.5

Redesign of the GUI, and the removal section
Reattaching the kill processes when starting FixAll

Adding Exceptions

FixAll changes the appearance to offer a RogueKiller like interface. This helps to better manage FPs as simply uncheck the incriminated box ..

New interface:
7RMh3EL.jpg


I at the same time completely redone the suppression part which provides increased speed and cleaner code
In accordance with the votes on Helper Training, I reattached the function kill processes

I also took the opportunity to update the Changelog'

________________

- my short comment:

Interface is clean, with interesting possibilities .. how works Security button?

- my small suggestion - make English GUI only ..
I see all your tabs - too on PCHunter, or too on PowerTool .. and to check USB - I have MCShield ..

Thank you!

PS.
Link to Download page (does not work in IE8 ..): https://toolslib.net/downloads/viewdownload/5-fixall
 
Last edited:
  • Like
Reactions: Killer_Virus

Prorootect

Level 69
Verified
Nov 5, 2011
5,855
I started your portable (good!) soft .. and the desktop with all icons refreshed, and my browsers stopped .. why, please?

Then crowdinspect.exe is legit.
All positions in 'Winlogon/Notify' are legit too.

So I have nothing bad.
 

Killer_Virus

Level 2
Thread author
Verified
Jul 11, 2014
92
In accordance with the votes on Helper Training, I reattached the function kill processes

FixAll kill all processes in start (for kill FakeAv, for exemple).
Can you send the FixAll's report ? :D

++

Edit : Oh, i have fixed the Winlogon\Notify's bug. I will upload the new version ;)
Edit 2 : The new version is uploaded.
 
Last edited:
  • Like
Reactions: Prorootect

Dubseven

Level 14
Verified
Aug 12, 2013
694
No need to contact Mcafee, he isn't trying to hide anything or doing anything against their licensing restrictions. Mcafee don't need to have a partnership with the software in order for the Fixall tool to download RootkitRemover.

@Fantasy ~ Exactly what I was thinking too and it can be quite harmful for people to go reporting this kind of behaviour software to antivirus vendors when there is no evidence it's doing something not allowed. What if Mcafee mark this tool as a trojan now simply because of receiving the report and not having time to analyse it properly? I've seen it happen before, and I don't think it's fair to be honest, certainly not helpful to either the programmer or Mcaffee.

It's not the first time that's someone on MT reports softwares to antivirus vendors without evidence of "not allowed" :D

-----------------------------------

I have tryed your software, it's look like a ComboFix v2.
Closing all processes is a very bad idea because Tiranium and avast! stopped it multiple time and this function will not really change anything for your software because you can't run FixAll with a rogue/ransomware running in the background.

About the power of detection, my five home-made trojans are not detected and 3 downloaded trojans not detected.
About the DNS, it's bad too. You reset the DNS installed on the network, that is a bad idea because i need the OpenDNS to access some pages and your tool remove it for no reason and it's painful to put it again everytime.

Need a little more work :)

Regards,
 
  • Like
Reactions: Cowpipe

Prorootect

Level 69
Verified
Nov 5, 2011
5,855
.. and why new Registry entry (MFE_RR\ImagePath) is created and persistent after reboot?

Edit:
OK., MFE_RR is McAfe RootkitRemover driver, designed to Temp folder.
I deleted Registry entry ..
 
Last edited:

Killer_Virus

Level 2
Thread author
Verified
Jul 11, 2014
92
It's not the first time that's someone on MT reports softwares to antivirus vendors without evidence of "not allowed" :D
McAfee allow this usage. You can read the McAfee's licence if you want :p

Closing all processes is a very bad idea because Tiranium and avast! stopped it multiple time and this function will not really change anything for your software because you can't run FixAll with a rogue/ransomware running in the background.
The good AV can't be stopped by FixAll (services, drivers,...) :D And FakeAv is an exemple : others malwares can be stopped ;)


About the power of detection, my five home-made trojans are not detected and 3 downloaded trojans not detected.
It's a tool of disinfection, are you launch your trojans ?

About the DNS, it's bad too. You reset the DNS installed on the network, that is a bad idea because i need the OpenDNS to access some pages and your tool remove it for no reason and it's painful to put it again everytime.
FixAll doesn't reset the legitimate DNS, only malicious ;)


.. and why new Registry entry (MFE_RR\ImagePath) is created and persistent after reboot?

Edit:
OK., MFE_RR is McAfe RootkitRemover driver, designed to Temp folder.
I deleted Registry entry ..
Oh sorry, i add the driver's removal in the next version ;)

Thanks ! :D
 
  • Like
Reactions: Prorootect
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top