Thread Rating:
  • 1 Vote(s) - 5 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Windows Repair Toolbox
#31
(05-23-2015, 08:16 PM)AlexCa Wrote:  
(05-23-2015, 11:23 AM)Britec Wrote:  I did try and use your program Alex on a infected machine, don't know if you see it. You might need to try and work out a way to stop malware stopping your program. This is one of the biggest problems with apps like these. Not bashing your program, just testing.  Big Grin




Hi Britec! I haven't saw it before, thank you for re-visiting my program Smile I'll add that feature to my "to do" list, i'll have to research about that (that's a great suggestion)

For now i would suggest rkill or a AV boot cd to deal with extreme cases like those; or even a first run with Malwarebytes Chamaleon/MBAM, like you used, and then continue using Windows Repair Toolbox at will.

One way of achieving it may be to give the process(es) a alternative and random name. In the SAS program there is a Alternative start option which shows up in Task Manager as a random number (such as 2855179.exe), another option (and a better one) would be to give the program a .com extension as opposed to a .exe. This tends to fool malware into thinking it's a browser type program and as most malware need the internet to 'phone home' they tend to allow the process to continue. SAS Portable Free used to have this ability but they removed it some time ago, now I think the (purchased) Technicians Portable version is the only one that uses it.
Reply

#32
(05-25-2015, 05:14 PM)GuiltySpark Wrote:  One way of achieving it may be to give the process(es) a alternative and random name. In the SAS program there is a Alternative start option which shows up in Task Manager as a random number (such as 2855179.exe), another option (and a better one) would be to give the program a .com extension as opposed to a .exe. This tends to fool malware into thinking it's a browser type program and as most malware need the internet to 'phone home' they tend to allow the process to continue. SAS Portable Free used to have this ability but they removed it some time ago, now I think the (purchased) Technicians Portable version is the only one that uses it.

Thanks for the suggestion GuiltySpark, i'll investigate that option!

Meanwhile, while working in the next version of WRT, i found a bug in the Unattended Fix feature:

Either the "Disk Defrag" button or the "Ccleaner" button must be selected in order to the unattended fix be executed completely. If not, the process will stop after the download of the other tools you selected: it won't actually start the scanning part.

This bug is already fixed in the upcoming version of Windows Repair Toolbox, in which i'm working right now... I'm sorry if you had any inconvenience.
Reply

#33
Hi,

i've just released version 1.0.0.8 BETA:

[Image: wrt_2.jpg]

Fixed: Either the "Disk Defrag" button or the "Ccleaner" button would have to be selected in order to the unattended fix be executed completely. If not, the process would stop after the download of the other tools you selected: it wouldn’t actually start the scanning part. This bug has been fixed.

New: The malware removal section has been reworked. RKill and Kaspersky Virus Removal Tool were added. Most checkboxes from this section were removed, only the ones that are used to select the tools to automate were left. In “Automatic Tools” groupbox are the tools that can be automated (they can also be launched manually by clicking the respective button; and although Ccleaner and Defrag are in the “Optimize” groupbox but they can also be automated).

Some other minor improvements.

As usual, all feedback, bug reports, suggestions, etc. are welcome.

Thanks!
Reply

#34
Cheers Alex, I will test and let you know if there is any bugs.
<left><form action="https://www.paypal.com/cgi-bin/webscr" method="post">If you are satisfied with my help, consider a donation. Thank you so much for your continued support! 
<input type="hidden" name="cmd" value="_s-xclick">
<input type="hidden" name="hosted_button_id" value="Y4ZDLXGFS4F8Q">
<input type="image" src="https://www.paypalobjects.com/en_US/GB/i/btn/btn_donateCC_LG.gif" border="0" name="submit" alt="PayPal — The safer, easier way to pay online.">
<img alt="" border="0" src="https://www.paypalobjects.com/en_GB/i/scr/pixel.gif" width="0" height="0">
</form>

   </div></left> 
Reply

#35
(06-03-2015, 11:52 AM)Britec Wrote:  Cheers Alex, I will test and let you know if there is any bugs.

Much appreciated! Smile

edit: btw, the tool ServicesRepair by Eset (button "ServRepair" in "Repairs" groupbox) isn't working at the moment, it simply hangs. That's not related to Windows Repair Toolbox (i downloaded it from the browser, and tried it in Windows 8.1 x64 and Win7 x32. also another person confirmed having the same issue), i send a email to Eset support a few hours ago reporting the problem and i'm now waiting for some feedback.

Link for the tool:
https://kb.eset.com/library/ESET/KB%20Team%20Only/Malware/ServicesRepair.exe
Reply

#36
Thanks Alex. Keep up the good work.
Tim's Computer Repair (TCR) 
1503 Kings Way, Savannah, GA 31406, US
912-220-0765
https://www.TimsComputerFix.net 

Reply

#37
(06-03-2015, 01:53 PM)Timster Wrote:  Thanks Alex. Keep up the good work.

Thank you! Smile

(06-03-2015, 12:10 PM)AlexCa Wrote:  
(06-03-2015, 11:52 AM)Britec Wrote:  Cheers Alex, I will test and let you know if there is any bugs.

Much appreciated! Smile

edit: btw, the tool ServicesRepair by Eset (button "ServRepair" in "Repairs" groupbox) isn't working at the moment, it simply hangs. That's not related to Windows Repair Toolbox (i downloaded it from the browser, and tried it in Windows 8.1 x64 and Win7 x32. also another person confirmed having the same issue), i send a email to Eset support a few hours ago reporting the problem and i'm now waiting for some feedback.

Link for the tool:
https://kb.eset.com/library/ESET/KB%20Team%20Only/Malware/ServicesRepair.exe

Eset ServicesRepair is running ok now, Eset fixed it Smile
Reply

#38
Good Job Alex
<left><form action="https://www.paypal.com/cgi-bin/webscr" method="post">If you are satisfied with my help, consider a donation. Thank you so much for your continued support! 
<input type="hidden" name="cmd" value="_s-xclick">
<input type="hidden" name="hosted_button_id" value="Y4ZDLXGFS4F8Q">
<input type="image" src="https://www.paypalobjects.com/en_US/GB/i/btn/btn_donateCC_LG.gif" border="0" name="submit" alt="PayPal — The safer, easier way to pay online.">
<img alt="" border="0" src="https://www.paypalobjects.com/en_GB/i/scr/pixel.gif" width="0" height="0">
</form>

   </div></left> 
Reply

#39
Thanks!

I've just released Version 1.0.0.9 BETA:

Fixed: If Kaspersky wasn’t selected to run during the unattended fix, the error “Could not find a part of the path 'C:\Windows_Repair_Toolbox\Downloads\Reports” would occur in a later stage and would break the process.

Fixed: The update feature of the portable version of Windows Repair Toolbox wasn’t working properly. If you’re running the portable version, don’t use the internal update feature to update to the current version 1.0.0.9. When prompted to update, click “No”, close the software, and visit the homepage get the new version. Since its fixed in version 1.0.0.9, there’s no need do this for future versions.

Added: information about the definitions version in the “About” tab.

Improved: During the unattended fix, the process seems to stop right after the download of Vipre Rescue Scanner. This is because the additional processing of Vipre files, that happens after the download, takes some time to complete. Now that information will be present in the text above the progress bar, and the progress bar itself will be filled during that event .

Several other small improvements and fixes.
Reply

#40
I like the addition of Emsisoft in the unattended. Need to list that as part of the check box options. Had the "Microsoft" unattended halt on me twice for whatever reason. What does that run anyway? Defender? ON this machine system was so heavily infected WRT had trouble executing commands in this environment using unattended. Once we lightened things up a bit it did well during final cleanup. Keep working on it. The too has done well under light infection environments.
Tim's Computer Repair (TCR) 
1503 Kings Way, Savannah, GA 31406, US
912-220-0765
https://www.TimsComputerFix.net 

Reply



Forum Jump:


Users browsing this thread:
2 Guest(s)

Powered By MyBB, © 2002-2024 Melroy van den Berg.