WindowFix
WindowFix is just another name for WindoFix, and is a fake optimization tool presented as a useful program in order to gain the trust of the user. WindowFix must be installed manually, and once active, begins display fake infection results in order to trick the user into believing that the computer has been compromised. The user is then prompted to purchase the commercial version of WindowFix in order to combat these threats or fix the various problems.
File System Details
WindowFix may create the following file(s):
| # | File Name |
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
|
|---|---|---|
| 1. | windofixsetup.exe | |
| 2. | %program_files%\windofix\unins000.exe | |
| 3. | windofix.exe | |
| 4. | %program_files%\windofix\windofix.exe | |
| 5. | %common_programs%\windofix\windofix on the web.url | |
| 6. | %common_programs%\windofix\uninstall windofix.lnk | |
| 7. | %program_files%\windofix\unins000.dat | |
| 8. | %common_desktopdirectory%\windofix.lnk | |
| 9. | %common_programs%\windofix\windofix.lnk |
Registry Details
WindowFix may create the following registry entry or registry entries:
HKEY_CURRENT_USER\software\windofix
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{0f464999-9928-4b44-b57e-057033961349}_is1
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{0f464999-9928-4b44-b57e-057033961349}_is1 inno setup codefile: email
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{0f464999-9928-4b44-b57e-057033961349}_is1 inno setup: icon group
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{0f464999-9928-4b44-b57e-057033961349}_is1 inno setup: user
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{0f464999-9928-4b44-b57e-057033961349}_is1 nomodify
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{0f464999-9928-4b44-b57e-057033961349}_is1 quietuninstallstring
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{0f464999-9928-4b44-b57e-057033961349}_is1 urlupdateinfo
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\menuorder\start menu2\programs\windofix order
HKEY_CURRENT_USER\software\windofix\windofix\settings
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{0f464999-9928-4b44-b57e-057033961349}_is1 helplink
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{0f464999-9928-4b44-b57e-057033961349}_is1 inno setup: app path
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{0f464999-9928-4b44-b57e-057033961349}_is1 inno setup: setup version
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{0f464999-9928-4b44-b57e-057033961349}_is1 installlocation
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{0f464999-9928-4b44-b57e-057033961349}_is1 publisher
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{0f464999-9928-4b44-b57e-057033961349}_is1 urlinfoabout
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\menuorder\start menu2\programs\windofix
HKEY_CURRENT_USER\software\windofix\windofix
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{0f464999-9928-4b44-b57e-057033961349}_is1 displayname
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{0f464999-9928-4b44-b57e-057033961349}_is1 inno setup codefile: name
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{0f464999-9928-4b44-b57e-057033961349}_is1 inno setup: selected tasks
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{0f464999-9928-4b44-b57e-057033961349}_is1 installdate
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{0f464999-9928-4b44-b57e-057033961349}_is1 norepair
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{0f464999-9928-4b44-b57e-057033961349}_is1 uninstallstring
