Computer Fix

Computer Fix Description

Type: Trojan

Do not be fooled by Computer Fix. This fake defragmenter program does the complete opposite of what its name implies; instead of fixing your computer system, Computer Fix has been designed to harm it deliberately. Computer Fix is part of a scam that intends to steal your money by convincing you to purchase a useless, fake security utility for your computer system. Computer Fix has several clones, some of which include System Restore, System Fix, and HDD Repair. Computer Fix will display an extremely large number of alarming system alerts and error messages that are designed to convince the victim that the computer system is infected with a number of dangerous Trojans. Remember, Computer Fix is associated with a Trojan infection and is probably at the root of any possible problems on your computer system. Because of this, our malware analysts strongly recommend removing Computer Fix with a legitimate anti-malware program that is fully up to date.

Symptoms of Computer Fix

As was mentioned before, Computer Fix wants its victim to detect a problem. It does this so that the victim will purchase a useless "full version" of Computer Fix. ESG security researchers have listed a few other symptoms associated with Computer Fix:

  • Computer Fix will use a Trojan to try to make you believe that your files have been deleted suddenly. To do this the Trojan will change your file's settings so that they will be hidden from view. Most of the time, the Trojan not be able to delete files or folders permanently.
  • The main way to recognize a Computer Fix infection is by its large number of constant security alerts and error messages. These can become an annoying presence that can seriously interfere with your daily operations.
  • Computer Fix is not designed to interact nicely with your operating system or with other applications. Because of this, a computer system infected with this malware invader will typically become extremely slow and unstable. In the event of a Computer Fix infection, you can expect constant crashes and the appearance of the "Blue Screen of Death".

Technical Information

File System Details

Computer Fix creates the following file(s):
# File Name Detection Count
1 %Documents and Settings%\[User Name]\Local Settings\Application Data\[RANDOM CHARACTERS].exe N/A
2 %Documents and Settings%\[User Name]\Local Settings\Temp\smtmp\3 N/A
3 %Documents and Settings%\[User Name]\Local Settings\Temp\smtmp\ N/A
4 %Documents and Settings%\[User Name]\Start Menu\\Programs\Computer Fix\Uninstall Computer Fix.lnk N/A
5 %Documents and Settings%\[User Name]\Local Settings\Temp\smtmp\2 N/A
6 %Documents and Settings%\[User Name]\Local Settings\Application Data\~ N/A
7 %Documents and Settings%\[User Name]\Start Menu\\Programs\Computer Fix\Computer Fix.lnk N/A
8 %Documents and Settings%\[User Name]\Local Settings\Application Data\[RANDOM CHARACTERS] N/A
9 %Documents and Settings%\[User Name]\Local Settings\Temp\smtmp\1 N/A
10 %Documents and Settings%\[User Name]\Local Settings\Temp\smtmp\4 N/A
11 %Documents and Settings%\[User Name]\Start Menu\\Programs\Computer Fix\ N/A
12 %Documents and Settings%\[User Name]\Desktop\Computer Fix.lnk N/A

Registry Details

Computer Fix creates the following registry entry or registry entries:
Registry key
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments "SaveZoneInformation" = '1'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "[RANDOM CHARACTERS].exe"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "WarnonBadCertRecving" = '0'
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download "CheckExeSignatures" = 'no'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\LastVisitedMRU "MRUList"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Associations "LowRiskFileTypes" = '/{hq:/s`s:/ogn:/uyu:/dyd:/c`u:/bnl:/ble:/sdf:/lrh:/iul:/iulm:/fhg:/clq:/kqf:/`wh:/lqf:/lqdf:/lnw:/lq2:/l2t:/v`w:/rbs:'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System "DisableTaskMgr" = '1'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "CertificateRevocation" = '0'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "[RANDOM CHARACTERS]"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "ShowSuperHidden" = '0'
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system "DisableTaskMgr" = '1'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer "NoDesktop" = '1'
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main "Use FormSuggest" = 'Yes'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop "NoChangingWallPaper" = '1'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "Hidden" = '0'

Site Disclaimer

Enigmasoftware.com is not associated, affiliated, sponsored or owned by the malware creators or distributors mentioned on this article. This article should NOT be mistaken or confused in being associated in any way with the promotion or endorsement of malware. Our intent is to provide information that will educate computer users on how to detect, and ultimately remove, malware from their computer with the help of SpyHunter and/or manual removal instructions provided on this article.

This article is provided "as is" and to be used for educational information purposes only. By following any instructions on this article, you agree to be bound by the disclaimer. We make no guarantees that this article will help you completely remove the malware threats on your computer. Spyware changes regularly; therefore, it is difficult to fully clean an infected machine through manual means.