Skip to content
Which type of operating system are you running?



Release Notes

What's New in FreeFixer 0.54

  • FreeFixer now scans Winlogon.exe modules.
  • Minor updates to the code to support the upcoming 64-bit version of FreeFixer.

What's New in FreeFixer 0.53

What's New in FreeFixer 0.52

  • FreeFixer now scans Autorun.inf files.
  • FreeFixer will now check the NoChangingWallpaper, NoActiveDesktopChanges, NoSetActiveDesktop and Wallpaper settings.
  • FreeFixer no longer checks for the WSPStartup and NSPStartup exports while deleting dynamic link libraries. This was previously used to identify transport and namespace service provider and prevent deletion of these library since it could break the Internet connection. However, since FreeFixer can remove missing transport and namespace service providers from the provider chain this check is no longer needed.
  • If a missing transport or namespace service provider .DLL is identified, FreeFixer reports that removing the missing provider can repair a broken Internet connection.
  • Files identified as a UserInit will only have a delete checkbox when presented under the UserInit section of the scan result. This will allow FreeFixer to properly restore the UserInit registry value if necessary.

What's New in FreeFixer 0.51

  • FreeFixer now scans the Windows Security providers.
  • FreeFixer will now ask the user to upload a crash dump when an assertion fails. Previously the assertion message was displayed in a message box. This change will be of great help to track down remaining defects in the FreeFixer application.
  • Fixed a bug where FreeFixer halted the scan with an assertion message saying string(value.get()).size() == valueSize, when trying to enumerate a registry value with an embedded ASCII 0.
  • Fixed a minor issue where FreeFixer halted the scan with the following assertion failed message: _key != 0. This problem only appeared on systems infected with a particular rootkit that was hooking the Windows Registry functions.

What's New in FreeFixer 0.50

  • FreeFixer will now check if there's a settings.txt file located in the same directory as freefixer.exe. If so, that settings file will be used instead of C:\Documents and Settings\%USERNAME%\Application Data\FreeFixer\settings.txt. This feature is added to better support FreeFixer as a portable application. Now you can put FreeFixer on your USB stick and all settings will be loaded and saved to the USB.
  • FreeFixer now opens the default browser instead of Internet Explorer when clicking the "more info" links in the scan result.
  • Added the following companies to the trusted list. Files signed by these companies will appear greenlisted in FreeFixer scan result: AT&T Services, Inc., ATI Technologies, Inc, Agnitum Ltd., Authentium, Inc., Authentium, inc, Autodesk, Inc, BITDEFENDER LLC, BillP Studios, BitTorrent Inc, Blizzard Entertainment, Cisco Systems, Inc., Cisco-Linksys LLC, Citrix Systems, Inc, Comodo Security Solutions, Comodo Security Solutions, Inc., Computer Associates International, Creative Labs Inc, Dell Inc, Dell Inc., Dell Incorporated, Doctor Web Ltd., Hewlett-Packard, InstallShield Software Corporation, Lenovo (United States) Inc., Lexmark International, Inc., Macromedia, Inc., Malwarebytes Corporation, Microsoft Corporation MSN, Microsoft Windows 2000 Publisher, Motorola, NVIDIA Corporation, National Instruments Corporation, Nero AG, Nitro PDF Software, Nokia, Norman ASA, Opera Software ASA, PGP Corporation, Panda Security S.L, Panda Software International, Prevx, Raxco Software, Inc., Secunia, Sony Corporation, Sony Ericsson Mobile Communications AB, Sophos Plc, Spotify Ltd, Synaptics Incorporated, Sysinternals, TOSHIBA CORPORATION, TeamViewer GmbH, Valve, WinZip Computing and Zone Labs, Inc.
  • FreeFixer will now add c:\windows\system32\userinit.exe, to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon, UserInit, if it is missing, while removing unwanted programs from the UserInit startup location.
  • Fixed a minor bug in the history section of the FreeFixer log, where an extra carriage return was added between the items.
  • Version information is now added to the freefixersetup.exe file.
  • The installer no longer shows language options.

What's New in FreeFixer 0.49

  • FreeFixer now tracks the changes it does to the registry and file deletions. These changes are reported in the end of the FreeFixer log, located under 'History'.
  • Added settings to enable and disable scan locations.
  • FreeFixer now adds End of FreeFixer log to clearly show where the log file ends.
  • FreeFixer now ignores NTFS reparse points when scanning recently modified or created files. This fixes three issues: 1) where FreeFixer never finished the scan when running into a drive that has itself mounted. For example, if C:\ had been mounted into C:\mydrive\. 2) where scanning of recently modified or created files moved on to scan files that were not really on any of the system's fixed drives. 3) where FreeFixer reported an access denied message (on Windows Vista/2008/7) for some reparse points, such as Problems opening folder 'c:\Documents and Settings' to enumerate files. System error message: Access is denied. Error code: 5.
  • Fixed a bug in FreeFixer's icon extraction code which could result in reading inaccessible memory when extracting an icon from a malformed executable file.
  • Fixed a bug in FreeFixers's scan for recently modified or created files which under some conditions never finished. This could occur when the FindNextFile API failed with another error code than ERROR_NO_MORE_FILES.

What's New in FreeFixer 0.48

  • FreeFixer now support third-party definitions to detect malware.
  • Many small improvements throughout the codebase to properly handle low memory conditions.
  • FreeFixer now uses EnumProcesses instead of CreateToolhelp32Snapshot, Process32First and Process32Next to enumerate processes.

What's New in FreeFixer 0.47

  • FreeFixer now scans the Shell settings.
  • Fixed a bug where FreeFixer in some cases did not do complete bounds-checking while extracting export names from dynamic link libraries. This bug could under some conditions cause FreeFixer to crash.
  • FreeFixer's crash dumps now include the version number in the file name.

What's New in FreeFixer 0.46

  • Fixed a number of bugs in FreeFixer's parsing and extraction of icons from scanned executables. These bugs could under some conditions cause FreeFixer to crash.
  • Fixed a bug where FreeFixer did not correctly handle the file format for 64-bit dlls. This bug could under some conditions cause FreeFixer to crash.

What's New in FreeFixer 0.45

  • FreeFixer now catches critical errors in the application and offers the possibility to send a dump file to the freefixer.com server. This will be of great help while identifying and fixing remaining defects in the FreeFixer application.
  • Fixed a bug where FreeFixer failed to enumerate the system's page files on Windows 2000. FreeFixer failed during startup with the following error message: The Procedure entry point EnumPageFilesA could not be located in the dynamic link library PSAPI.DLL.
  • Fixed a minor bug which appeared when FreeFixer scanned a file of zero bytes size. The bug caused the following error message to appeared in the scan result: Failed to calculate hash for '%FILENAME%' using 'CryptCATAdminCalcHashFromFileHandle' while verifying trust. System error message: The volume for a file has been externally altered so that the opened file is no longer valid. Error code: 1006.

What's New in FreeFixer 0.44

  • Added a settings tab in FreeFixer's user interface.
  • Added setting to optionally add the MD5 or SHA256 hash to the FreeFixer log. This will improve the collaboration possibilities with third party developers. By default, hashes are not included in the log.
  • Settings are now saved on disk in "C:\Documents and Settings\%USERNAME%\Application Data\FreeFixer", instead of the Windows Registry.
  • Fixed a bug where FreeFixer did not remember the dialog size and position between runs.
  • Fixed a minor formatting bug in the FreeFixer log.
  • Fixed a minor bug where the whitelist report number was incorrect for the "AppInit_DLLs" and "Suspicious file names" in the FreeFixer log.
  • Fixed a minor problem where some errors that appeared in the user interface code was not reported to the user.

What's New in FreeFixer 0.43

  • Fixed a bug which sometimes halted the scan for recently modified or created files with the assertion message strlen(startdir) <= MAX_PATH. This happened when the currently scanned drive had a directory whose absolute representation exceeded 260 characters.
  • Fixed minor issue where "global errors" encountered during the scan were displayed in the beginning of the scan result. These error messages are now displayed at the end of scan result.
  • Fixed a minor bug where FreeFixer did not display a hidden process when the associated executable file was a critical system file (like svchost.exe).
  • Fixed a bug where FreeFixer during the scan for recently modified or created files tried to close down handles to the page file, which could result in a stop error. This bug only appeared on systems with a customized name for the page file. FreeFixer now completely ignores all paging files during the scan for recently modified or created files.

What's New in FreeFixer 0.42

What's New in FreeFixer 0.41

  • FreeFixer now scans the Windows XP Firewall Authorized Applications.
  • FreeFixer can now unlock files that are locked by another process. This feature is used when FreeFixer runs into a file which cannot be read. FreeFixer then closes all handles in the process that locks or has opened the file in an exclusive mode. This should reduce or completely eliminate errors saying: The process cannot access the file because it is being used by another process.
  • The AppInit_DLL plugin and the Suspicious file names plugin now show the number of whitelisted items in the log file.
  • Fixed a bug on the FreeFixer web site where searching for the CustomizeSearch and SearchAssistant Internet Explorer settings, resulted in an error message saying Insufficient input.
  • Fixed a minor issue where the scan result gave an incorrect number of whitelisted drivers.

What's New in FreeFixer 0.40

  • Fixed a severe flaw in the malware removal code which under some circumstances could cause another item than the one the user selected to be removed. Many thanks to Mr Mita for reporting in this problem.

What's New in FreeFixer 0.39

  • FreeFixer now supports Windows 7 RC1.
  • FreeFixer now correctly displays file and registry information for all languages in both the log file and the scan result. Characters from languages such as Russian, Chinese, Hindi, Arabic and Japanese should no longer cause any problems.
  • The FreeFixer.com web site and FreeFixer file database now correctly handle characters from all languages.
  • Added glossary item for Vendor and version information.
  • Fixed a bug where some whitelisted files did not appear as whitelisted in the scan result.
  • Fixed minor issue where whitespace BootExecute items appeared in the scan result.
  • FreeFixer now correctly sets the locale. This fixed a bug that could halt the program before showing the scan result with the error message: An error occurred when trying to open the file for writing. Filename: 'C:\Documents and Settings\%USERNAME%\Local Settings\Application Data\FreeFixer\icons\%MD5%.ico'.
  • Fixed bug where FreeFixer did not check revocation lists while verifying certificate chains for files with embedded certificates.

What's New in FreeFixer 0.38

  • FreeFixer will now whitelist files from trusted software publishers, such Microsoft, Kaspersky, Symantec, TrendMicro, etc. The trusted files will appear with a green background in the scan result without the delete option. Trusted files will not appear in the FreeFixer log, in order to reduce the noise and simplify inspection of the logs.
  • The Start Page http://www.microsoft.com/ is now whitelisted and will no appear in the scan result.

What's New in FreeFixer 0.37

  • FreeFixer now scans the Terminal Server AutoRuns Run, Runonce and RunonceEx, located under HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\Install\Software\Microsoft\Windows\CurrentVersion.
  • Improved the scan for files that have the same name as legitimate system files.
    These files where added: bfsvc.exe, fveupdate.exe, HelpPane.exe, ACW.exe, AdapterTroubleshooter.exe, AtBroker.exe, audiodg.exe, auditpol.exe, bcdedit.exe, bitsadmin.exe, bridgeunattend.exe, bthudtask.exe, certreq.exe, certutil.exe, clip.exe, cmdkey.exe, cofire.exe, colorcpl.exe, CompMgmtLauncher.exe, ComputerDefaults.exe, consent.exe, credwiz.exe, csrstub.exe, DeviceEject.exe, DeviceProperties.exe, DFDWiz.exe, dfrgifc.exe, dfrgui.exe, dfsr.exe, dialer.exe, diskraid.exe, dispdiag.exe, dnscacheugc.exe, dpapimig.exe, DpiScaling.exe, drvinst.exe, dwm.exe, efsui.exe, FirewallControlPanel.exe, FirewallSettings.exe, fltMC.exe, forfiles.exe, hdwwiz.exe, icacls.exe, icardagt.exe, icsunattend.exe, ieUnatt.exe, InfDefaultInstall.exe, iscsicli.exe, iscsicpl.exe, ktmutil.exe, lpksetup.exe, lpremove.exe, lsm.exe, mblctr.exe, mcbuilder.exe, MdRes.exe, MdSched.exe, mfpmp.exe, MigAutoPlay.exe, mrt.exe, msconfig.exe, msdt.exe, msfeedssync.exe, msinfo32.exe, msra.exe, MuiUnattend.exe, NAPSTAT.EXE, netbtugc.exe, netcfg.exe, netiougc.exe, Netplwiz.exe, newdev.exe, ntprint.exe, ocsetup.exe, OptionalFeatures.exe, p2phost.exe, pcaelv.exe, pcalua.exe, pcaui.exe, PkgMgr.exe, plasrv.exe, PnPUnattend.exe, PnPutil.exe, poqexec.exe, powercfg.exe, PresentationHost.exe, prevhost.exe, printfilterpipelinesvc.exe, printui.exe, RacAgent.exe, raserver.exe, rdrleakdiag.exe, rekeywiz.exe, RelPost.exe, RMActivate.exe, RMActivate_isv.exe, RMActivate_ssp.exe, RMActivate_ssp_isv.exe, RmClient.exe, Robocopy.exe, RpcPing.exe, rrinstaller.exe, rstrui.exe, RunLegacyCPLElevated.exe, sbunattend.exe, sdchange.exe, sdclt.exe, SearchFilterHost.exe, SearchIndexer.exe, SearchProtocolHost.exe, secinit.exe, setupcl.exe, setupSNK.exe, setupugc.exe, setx.exe, SLLUA.exe, SLsvc.exe, SLUI.exe, SndVol.exe, snmptrap.exe, SoundRecorder.exe, srdelayed.exe, sxstrace.exe, SystemPropertiesAdvanced.exe, SystemPropertiesComputerName.exe, SystemPropertiesDataExecutionPrevention.exe, SystemPropertiesHardware.exe, SystemPropertiesPerformance.exe, SystemPropertiesProtection.exe, SystemPropertiesRemote.exe, tabcal.exe, takeown.exe, TapiUnattend.exe, taskeng.exe, timeout.exe, TpmInit.exe, tssetup.exe, TSTheme.exe, ucsvc.exe, UI0Detect.exe, unattendedjoin.exe, unregmp2.exe, vds.exe, vdsldr.exe, verclsid.exe, waitfor.exe, wecutil.exe, wercon.exe, WerFault.exe, WerFaultSecure.exe, wermgr.exe, wevtutil.exe, where.exe, whoami.exe, WindowsAnytimeUpgrade.exe, WinFXDocObj.exe, wininit.exe, winload.exe, winresume.exe, winrs.exe, winrshost.exe, WinSAT.exe, wisptis.exe, wlanext.exe, wlrmdr.exe, wpcer.exe, wpcumi.exe, WPDShextAutoplay.exe, WSManHTTPConfig.exe, wsqmcons.exe, wuapp.exe, WUDFHost.exe and wusa.exe.

What's New in FreeFixer 0.36

  • Fixed bug in the user interface HTML generator and log generation code that could result in the error message Cannot convert registry data of the REGISTRY_DATA_INVALID type to a string. This error could appeared under some conditions when FreeFixer failed to read a registry key.

What's New in FreeFixer 0.35

  • FreeFixer now verifies the digital signature for all files in the scan result. It also checks that the certificate chains ends in a trusted root. See Dwm.exe and VMwareTray.exe as an example of two legitimate files with a valid digital signature. The signature information on the FreeFixer web site is now continuously updated when users press the "more info" link in the scan result.
  • FreeFixer now starts automatically after finishing the installer.

What's New in FreeFixer 0.34

  • FreeFixer now scans the BootExecute registry setting.
  • FreeFixer now supports Windows Server 2008
  • Fixed bug in UserInit plugin where FreeFoxer did not determine full path for userinit specified as filename only.
  • The Start Page res://iesetup.dll/HardAdmin.htm is now whitelisted and will no appear in the scan result.

What's New in FreeFixer 0.33

  • FreeFixer now supports Windows Vista 32-bit
  • FreeFixer now displays the full path of the AppInit_DLLs in the FreeFixer log.

What's New in FreeFixer 0.32

  • Fixed bug where FreeFixer was unable to modify a read-only HOSTS file.

What's New in FreeFixer 0.31

  • Fixed bug where FreeFixer was unable to extract properties from files lacking a translation table. The error message Error getting translation table with 'VerQueryValue'.. should no longer appear when FreeFixer scan this type of file.
  • Disabled the Hidden Process plugin for users running FreeFixer on a 64-bit platform. This will be enabled again as soon as I have located and fixed a bug in this plugin that interrupts the scan.

What's New in FreeFixer 0.30

What's New in FreeFixer 0.29

What's New in FreeFixer 0.28

  • Fixed a defect where FreeFixer sometimes stopped during scan with the error message: Assertion failed. Message: bitmapSize == SizeofResource(dll.getModule(), hRsrc). This occurred when scanning a file with a malformed icon resource.

What's New in FreeFixer 0.27

What's New in FreeFixer 0.26

  • FreeFixer now shows icons for executable files and other known file types.
  • HOSTS file redirections to the 0.0.0.0 IP address is now ignored and does not show up in the scan result.
  • Fixed a minor issue in the user interface.

What's New in FreeFixer 0.25

  • FreeFixer now scans the UserInit setting.
  • FreeFixer now use the common names for the operating systems when generating a log file. For example, Windows XP is used instead of Windows NT 5.1.
  • Service pack number is now listed in the log file.

What's New in FreeFixer 0.24

  • FreeFixer now adds experimental support for Windows Vista.
  • Support for the new IPv6 format on addresses when they appear in the HOSTS file.
  • FreeFixer now puts a more reasonable size on its window when it is launched for the first time.
  • Fixed an bug where FreeFixer sometimes failed to terminate multi value strings (REG_MULTI_SZ).

What's New in FreeFixer 0.23

What's New in FreeFixer 0.22

  • FreeFixer now scans the TCP/IP settings.
  • Fixed a defect in the code that reads file properties. The defect made FreeFixer stop with the message Assertion failed. Message: cbTranslate >= 4.
  • Fixed a problem in FreeFixer's code that reads the registry. The bug made FreeFixer stop with the message Assertion failed. Message: lastInBuf == 0.

What's New in FreeFixer 0.21

What's New in FreeFixer 0.20

  • Fixed a defect where an error message was displayed when an Internet Explorer toolbar specified a CLSID which did not exists under 'HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\'.
  • Fixed a number of problems related to scanning with a limited user account.
  • FreeFixer no longer halt the process and hidden process scan if a problem occur while extracting information from one of the processes.

What's New in FreeFixer 0.19

  • FreeFixer now scans drivers installed on the system.
  • Fixed a defect which under some conditions halted the scan of the autostart shortcuts, with an error messages saying Assertion failed. Message: initialDirectory != "".

What's New in FreeFixer 0.18

  • The delayed file deletion feature has been improved to deal with files that cannot be deleted once the Win32 subsystem is started. This is done by FreeFixer's Native Deleter (ffnd.exe), a native program that runs before the log on box appears.
  • FreeFixer does no longer display files protected by the Windows File Protection (WFP) feature in the scan result. WFP protects critical operating system files, such as .dll, .exe and .sys files. This will help users to quickly identify and remove unwanted third-party programs, rather than legitimate Microsoft files.
  • Scan time reduced by approximately 50%