Computer Fix
Posted: November 21, 2011
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
Threat Level: | 8/10 |
---|---|
Infected PCs: | 5 |
First Seen: | November 21, 2011 |
---|---|
Last Seen: | November 6, 2020 |
OS(es) Affected: | Windows |
Computer Fix, unlike the implications inherent in its name, has no interest in fixing your PC and doesn't even have the ability to do so. As a rogue defragmenter and diagnostics tool, Computer Fix only provides malicious features, such as inaccurate system scans and misleading pop-ups that present false information about your computer's integrity. If Computer Fix has been installed on your PC by a Trojan or drive-by-download script, it's recommended that you also be on guard against browser hijacks, blocked applications and file-viewing issues that are all caused by Computer Fix as part of its scam. SpywareRemove.com malware analysts also discourage any attempts to purchase Computer Fix, since this not only wastes money, but also gives your credit card information to Computer Fix's criminal maintainers. Instead, remove Computer Fix with a good anti-malware scanner and, if necessary, a reboot into Safe Mode which prevents Computer Fix from launching itself.
Why You Don't Want a Computer Fix Tune Up
Even though its appearance is that of a standard file, RAM and Registry scanner, Computer Fix doesn't have any features that are related to fixing your PC or analyzing its contents. Rather than providing such useful features, Computer Fix has been seen to cause issues like the following:
- Computer Fix will launch itself without your consent and stay active, unless forcibly-closed by appropriate anti-malware techniques. This allows Computer Fix to launch its other attacks, even if Computer Fix isn't visibly-active at the time.
- Fake system scans are Computer Fix's favorite ways of presenting inaccurate system information, and will show results that are always filled with a colorful range of hard drive errors.
- Computer Fix may also create pop-ups and other forms of fake alerts, even if Computer Fix doesn't appear to be scanning your computer in an active sense.
- Shortcuts and other program files may be moved to unusual locations, such as your Temp folder.
- Most damningly, Computer Fix will attempt to block anti-malware and security programs so that removing Computer Fix is much more difficult than it would otherwise be. These software blocks may also make use of fake errors to make you believe that the program is being blocked for your own protection.
Computer Fix – a Rote Infection That's Helpless Against Baseline Anti-Malware Tactics
Although Computer Fix does cause a variety of problems, its fake alerts are recycled from other types of rogue diagnostics programs from its family, FakeSysDef like System Defragmenter, Ultra Defragger, HDD Control, Win HDD, Win Defrag, Win Defragmenter, Disk Doctor, Hard Drive Diagnostic, HDD Diagnostic, HDD Plus, HDD Repair, HDD Rescue, Smart HDD, Defragmenter, HDD Tools, Disk Repair, Windows Optimization Center, Scanner, HDD Low and Hdd Fix. SpywareRemove.com malware researchers note that this makes recognizing fake warnings from Computer Fix a fairly-simple job, since you can simply look for standard error messages like the examples shown here:
Bad sectors on hard drive or damaged file allocation table – Critical Error
28% of HDD space is unreadable – Critical Error
Critical Error
A critical error has occurred while indexing data stored on hard drive. System restart required.
A problem detected while reading boot operation system files
System Restore
The system has been restored after a critical error. Data integrity and hard drive integrity verification required.
Boot sector of the hard drive disk is damaged – Critical Error – Limited Edition
Windows – No Disk
Exception Processing Message 0×0000013
Read time of hard drive cluster less than 500 ms – Critical Error
Serious system error
The system will reboot in 30 seconds
Windows can not continue operating due to fatal system error.
Windows was forced to restart.
All unsaved data will be lost.
Disk Error
Can not find file: C:\Program Files\Messenger\msmsgs.exe
File may be deleted or corrupt.
It is strongly recommended to check the disk for errors.
Computer Fix's copy-and-paste code also makes deleting Computer Fix easy, if you have an appropriate anti-malware product (even though Computer Fix will try to prevent you from using it). Viable methods of avoiding Computer Fix's software barricade include switching to Safe Mode, booting Windows from a USB drive or renaming the anti-malware program's .exe file. After that, total removal of Computer Fix can be accomplished with a quick and efficient system scan.
Technical Details
File System Modifications
Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.
The following files were created in the system:%Documents and Settings%\[User Name]\Local Settings\Application Data\~
File name: %Documents and Settings%\[User Name]\Local Settings\Application Data\~Group: Malware file
%Documents and Settings%\[User Name]\Local Settings\Temp\smtmp\
File name: %Documents and Settings%\[User Name]\Local Settings\Temp\smtmp\Group: Malware file
%Documents and Settings%\[User Name]\Local Settings\Temp\smtmp\1
File name: %Documents and Settings%\[User Name]\Local Settings\Temp\smtmp\1Group: Malware file
%Documents and Settings%\[User Name]\Local Settings\Temp\smtmp\2
File name: %Documents and Settings%\[User Name]\Local Settings\Temp\smtmp\2Group: Malware file
%Documents and Settings%\[User Name]\Local Settings\Temp\smtmp\3
File name: %Documents and Settings%\[User Name]\Local Settings\Temp\smtmp\3Group: Malware file
%Documents and Settings%\[User Name]\Local Settings\Temp\smtmp\4
File name: %Documents and Settings%\[User Name]\Local Settings\Temp\smtmp\4Group: Malware file
%Documents and Settings%\[User Name]\Local Settings\Application Data\[random]
File name: %Documents and Settings%\[User Name]\Local Settings\Application Data\[random]Group: Malware file
%Documents and Settings%\[User Name]\Local Settings\Application Data\[random].exe
File name: %Documents and Settings%\[User Name]\Local Settings\Application Data\[random].exeFile type: Executable File
Mime Type: unknown/exe
Group: Malware file
%Documents and Settings%\[User Name]\Start Menu\\Programs\Computer Fix\
File name: %Documents and Settings%\[User Name]\Start Menu\\Programs\Computer Fix\Group: Malware file
%Documents and Settings%\[User Name]\Desktop\Computer Fix.lnk
File name: %Documents and Settings%\[User Name]\Desktop\Computer Fix.lnkFile type: Shortcut
Mime Type: unknown/lnk
Group: Malware file
%Documents and Settings%\[User Name]\Start Menu\\Programs\Computer Fix\Uninstall Computer Fix.lnk
File name: %Documents and Settings%\[User Name]\Start Menu\\Programs\Computer Fix\Uninstall Computer Fix.lnkFile type: Shortcut
Mime Type: unknown/lnk
Group: Malware file
%Documents and Settings%\[User Name]\Start Menu\\Programs\Computer Fix\Computer Fix.lnk
File name: %Documents and Settings%\[User Name]\Start Menu\\Programs\Computer Fix\Computer Fix.lnkFile type: Shortcut
Mime Type: unknown/lnk
Group: Malware file
Registry Modifications
HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer "NoDesktop" = '1'HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Associations "LowRiskFileTypes" = '/{hq:/s`s:/ogn:/uyu:/dyd:/c`u:/bnl:/ble:/sdf:/lrh:/iul:/iulm:/fhg:/clq:/kqf:/`wh:/lqf:/lqdf:/lnw:/lq2:/l2t:/v`w:/rbs:'HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "WarnonBadCertRecving" = '0'HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main "Use FormSuggest" = 'Yes'HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download "CheckExeSignatures" = 'no'HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\LastVisitedMRU "MRUList"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system "DisableTaskMgr" = '1'HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "CertificateRevocation" = '0'HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop "NoChangingWallPaper" = '1'HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "[random].exe"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "[random]"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "ShowSuperHidden" = '0'HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "Hidden" = '0'HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System "DisableTaskMgr" = '1'HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments "SaveZoneInformation" = '1'
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.