1. Symantec/
  2. Security Response/
  3. FixToolFraud

FixToolFraud

Updated:
April 17, 2009 4:09:45 PM
Type:
Misleading Application
Name:
Fix-Tool
Version:
4.0.10.18
Publisher:
www.fix-tool.com
Risk Impact:
Medium
Systems Affected:
Windows
Behavior
The program must be manually installed.





The program reports false or exaggerated errors on the computer.




The user is then prompted to pay for a full license of the application in order to remove the threats.





Installation
When the program is executed, it creates the following folders:
  • %UserProfile%\Desktop\FixTool
  • %ProgramFiles%\Fix Tool\Backup\Application
  • %ProgramFiles%\Fix Tool\Backup\Registry\FullBackup
  • %ProgramFiles%\Fix Tool\Backup\Service
  • %ProgramFiles%\Fix Tool\Data
  • %ProgramFiles%\Fix Tool\Update


It also creates the following files:
  • %UserProfile%\Desktop\Fix Tool.lnk
  • %UserProfile%\Desktop\Fix-Tool.exe
  • %UserProfile%\Start Menu\Programs\Fix Tool\Fix Tool.lnk
  • %UserProfile%\Start Menu\Programs\Fix Tool\Uninstall.lnk
  • %UserProfile%\Start Menu\Programs\Fix Tool\Website.lnk
  • %ProgramFiles%\Fix Tool\ActiveX.dat
  • %ProgramFiles%\Fix Tool\Apps.dat
  • %ProgramFiles%\Fix Tool\Backup\Registry\FirstBackup\20090417134619.Reg
  • %ProgramFiles%\Fix Tool\Components.dat
  • %ProgramFiles%\Fix Tool\Fix Tool.url
  • %ProgramFiles%\Fix Tool\Fix-Tool.exe
  • %ProgramFiles%\Fix Tool\MFC42D.DLL
  • %ProgramFiles%\Fix Tool\MFCO42D.DLL
  • %ProgramFiles%\Fix Tool\MSVCRTD.DLL
  • %ProgramFiles%\Fix Tool\Res\Alert.png
  • %ProgramFiles%\Fix Tool\Res\Bad.png
  • %ProgramFiles%\Fix Tool\Res\Bad_24x24.png
  • %ProgramFiles%\Fix Tool\Res\Bad_32x32.png
  • %ProgramFiles%\Fix Tool\Res\Check.png
  • %ProgramFiles%\Fix Tool\Res\Data.png
  • %ProgramFiles%\Fix Tool\Res\Disk.png
  • %ProgramFiles%\Fix Tool\Res\DotLine.png
  • %ProgramFiles%\Fix Tool\Res\Error.png
  • %ProgramFiles%\Fix Tool\Res\Frame.png
  • %ProgramFiles%\Fix Tool\Res\Good_24x24.png
  • %ProgramFiles%\Fix Tool\Res\Good_32x32.png
  • %ProgramFiles%\Fix Tool\Res\Home\green.png
  • %ProgramFiles%\Fix Tool\Res\Home\orange.png
  • %ProgramFiles%\Fix Tool\Res\Home\Red.png
  • %ProgramFiles%\Fix Tool\Res\Home\Thumbs.db
  • %ProgramFiles%\Fix Tool\Res\Home\yellow.png
  • %ProgramFiles%\Fix Tool\Res\Icon\block_activeX.png
  • %ProgramFiles%\Fix Tool\Res\Icon\evidence_clean.png
  • %ProgramFiles%\Fix Tool\Res\Icon\junk_file_clean.png
  • %ProgramFiles%\Fix Tool\Res\Icon\registry_clean.png
  • %ProgramFiles%\Fix Tool\Res\Icon\startup_optimize.png
  • %ProgramFiles%\Fix Tool\Res\Icon\system_optimize.png
  • %ProgramFiles%\Fix Tool\Res\Icon\Thumbs.db
  • %ProgramFiles%\Fix Tool\Res\Info.png
  • %ProgramFiles%\Fix Tool\Res\Jpg\SEM_EC_Image_BG.jpg
  • %ProgramFiles%\Fix Tool\Res\Jpg\SEM_FSR_Image_BG.jpg
  • %ProgramFiles%\Fix Tool\Res\Jpg\SEM_FSS_Image_BG.jpg
  • %ProgramFiles%\Fix Tool\Res\Jpg\SEM_FST_Image_BG.jpg
  • %ProgramFiles%\Fix Tool\Res\Jpg\SEM_Home_Image_BG.jpg
  • %ProgramFiles%\Fix Tool\Res\Jpg\SEM_MO_Image_BG.jpg
  • %ProgramFiles%\Fix Tool\Res\Jpg\SEM_RSO_Image_BG.jpg
  • %ProgramFiles%\Fix Tool\Res\Jpg\SEM_RSO_Image_Info.jpg
  • %ProgramFiles%\Fix Tool\Res\Jpg\SEM_RSR_Image_BG.jpg
  • %ProgramFiles%\Fix Tool\Res\Jpg\SEM_RSS_Image_BG.jpg
  • %ProgramFiles%\Fix Tool\Res\Jpg\SEM_RST_Image_BG.jpg
  • %ProgramFiles%\Fix Tool\Res\Jpg\SEM_Top.jpg
  • %ProgramFiles%\Fix Tool\Res\Jpg\Thumbs.db
  • %ProgramFiles%\Fix Tool\Res\Menu\SEM_BackGround.png
  • %ProgramFiles%\Fix Tool\Res\Menu\SEM_Button_BackGround.png
  • %ProgramFiles%\Fix Tool\Res\Menu\SEM_Button_Backup_Down.png
  • %ProgramFiles%\Fix Tool\Res\Menu\SEM_Button_Backup_Normal.png
  • %ProgramFiles%\Fix Tool\Res\Menu\SEM_Button_Backup_Over.png
  • %ProgramFiles%\Fix Tool\Res\Menu\SEM_Button_Clean_Down.png
  • %ProgramFiles%\Fix Tool\Res\Menu\SEM_Button_Clean_Normal.png
  • %ProgramFiles%\Fix Tool\Res\Menu\SEM_Button_Clean_Over.png
  • %ProgramFiles%\Fix Tool\Res\Menu\SEM_Button_DriveBackup_Down.png
  • %ProgramFiles%\Fix Tool\Res\Menu\SEM_Button_DriveBackup_Normal.png
  • %ProgramFiles%\Fix Tool\Res\Menu\SEM_Button_DriveBackup_Over.png
  • %ProgramFiles%\Fix Tool\Res\Menu\SEM_Button_EvidenceClean_Down.png
  • %ProgramFiles%\Fix Tool\Res\Menu\SEM_Button_EvidenceClean_Normal.png
  • %ProgramFiles%\Fix Tool\Res\Menu\SEM_Button_EvidenceClean_Over.png
  • %ProgramFiles%\Fix Tool\Res\Menu\SEM_Button_FavoritesBackup_Down.png
  • %ProgramFiles%\Fix Tool\Res\Menu\SEM_Button_FavoritesBackup_Normal.png
  • %ProgramFiles%\Fix Tool\Res\Menu\SEM_Button_FavoritesBackup_Over.png
  • %ProgramFiles%\Fix Tool\Res\Menu\SEM_Button_Home_Down.png
  • %ProgramFiles%\Fix Tool\Res\Menu\SEM_Button_Home_Normal.png
  • %ProgramFiles%\Fix Tool\Res\Menu\SEM_Button_Home_Over.png
  • %ProgramFiles%\Fix Tool\Res\Menu\SEM_Button_IERepair_Down.png
  • %ProgramFiles%\Fix Tool\Res\Menu\SEM_Button_IERepair_Normal.png
  • %ProgramFiles%\Fix Tool\Res\Menu\SEM_Button_IERepair_Over.png
  • %ProgramFiles%\Fix Tool\Res\Menu\SEM_Button_JunkFileClean_Down.png
  • %ProgramFiles%\Fix Tool\Res\Menu\SEM_Button_JunkFileClean_Normal.png
  • %ProgramFiles%\Fix Tool\Res\Menu\SEM_Button_JunkFileClean_Over.png
  • %ProgramFiles%\Fix Tool\Res\Menu\SEM_Button_MomeryOptimizer_Down.png
  • %ProgramFiles%\Fix Tool\Res\Menu\SEM_Button_MomeryOptimizer_Normal.png
  • %ProgramFiles%\Fix Tool\Res\Menu\SEM_Button_MomeryOptimizer_Over.png
  • %ProgramFiles%\Fix Tool\Res\Menu\SEM_Button_OneClick_Down.png
  • %ProgramFiles%\Fix Tool\Res\Menu\SEM_Button_OneClick_Normal.png
  • %ProgramFiles%\Fix Tool\Res\Menu\SEM_Button_OneClick_Over.png
  • %ProgramFiles%\Fix Tool\Res\Menu\SEM_Button_Optimize_Down.png
  • %ProgramFiles%\Fix Tool\Res\Menu\SEM_Button_Optimize_Normal.png
  • %ProgramFiles%\Fix Tool\Res\Menu\SEM_Button_Optimize_Over.png
  • %ProgramFiles%\Fix Tool\Res\Menu\SEM_Button_Options_Down.png
  • %ProgramFiles%\Fix Tool\Res\Menu\SEM_Button_Options_Normal.png
  • %ProgramFiles%\Fix Tool\Res\Menu\SEM_Button_Options_Over.png
  • %ProgramFiles%\Fix Tool\Res\Menu\SEM_Button_RegistryClean_Down.png
  • %ProgramFiles%\Fix Tool\Res\Menu\SEM_Button_RegistryClean_Normal.png
  • %ProgramFiles%\Fix Tool\Res\Menu\SEM_Button_RegistryClean_Over.png
  • %ProgramFiles%\Fix Tool\Res\Menu\SEM_Button_RegsitryBackup_Down.png
  • %ProgramFiles%\Fix Tool\Res\Menu\SEM_Button_RegsitryBackup_Normal.png
  • %ProgramFiles%\Fix Tool\Res\Menu\SEM_Button_RegsitryBackup_Over.png
  • %ProgramFiles%\Fix Tool\Res\Menu\SEM_Button_Repair_Down.png
  • %ProgramFiles%\Fix Tool\Res\Menu\SEM_Button_Repair_Normal.png
  • %ProgramFiles%\Fix Tool\Res\Menu\SEM_Button_Repair_Over.png
  • %ProgramFiles%\Fix Tool\Res\Menu\SEM_Button_Results_Down.png
  • %ProgramFiles%\Fix Tool\Res\Menu\SEM_Button_Results_Normal.png
  • %ProgramFiles%\Fix Tool\Res\Menu\SEM_Button_Results_Over.png
  • %ProgramFiles%\Fix Tool\Res\Menu\SEM_Button_Small_BackGround.png
  • %ProgramFiles%\Fix Tool\Res\Menu\SEM_Button_SpyClean_Down.png
  • %ProgramFiles%\Fix Tool\Res\Menu\SEM_Button_SpyClean_Normal.png
  • %ProgramFiles%\Fix Tool\Res\Menu\SEM_Button_SpyClean_Over.png
  • %ProgramFiles%\Fix Tool\Res\Menu\SEM_Button_StartupManager_Down.png
  • %ProgramFiles%\Fix Tool\Res\Menu\SEM_Button_StartupManager_Normal.png
  • %ProgramFiles%\Fix Tool\Res\Menu\SEM_Button_StartupManager_Over.png
  • %ProgramFiles%\Fix Tool\Res\Menu\SEM_Button_SystemOptimizer_Down.png
  • %ProgramFiles%\Fix Tool\Res\Menu\SEM_Button_SystemOptimizer_Normal.png
  • %ProgramFiles%\Fix Tool\Res\Menu\SEM_Button_SystemOptimizer_Over.png
  • %ProgramFiles%\Fix Tool\Res\Menu\SEM_Button_SystemRepair_Down.png
  • %ProgramFiles%\Fix Tool\Res\Menu\SEM_Button_SystemRepair_Normal.png
  • %ProgramFiles%\Fix Tool\Res\Menu\SEM_Button_SystemRepair_Over.png
  • %ProgramFiles%\Fix Tool\Res\Menu\SEM_Button_SystemRestore_Down.png
  • %ProgramFiles%\Fix Tool\Res\Menu\SEM_Button_SystemRestore_Normal.png
  • %ProgramFiles%\Fix Tool\Res\Menu\SEM_Button_SystemRestore_Over.png
  • %ProgramFiles%\Fix Tool\Res\Menu\SEM_Button_UninstallManager_Down.png
  • %ProgramFiles%\Fix Tool\Res\Menu\SEM_Button_UninstallManager_Normal.png
  • %ProgramFiles%\Fix Tool\Res\Menu\SEM_Button_UninstallManager_Over.png
  • %ProgramFiles%\Fix Tool\Res\Menu\SEM_Button_WindowsRepair_Down.png
  • %ProgramFiles%\Fix Tool\Res\Menu\SEM_Button_WindowsRepair_Normal.png
  • %ProgramFiles%\Fix Tool\Res\Menu\SEM_Button_WindowsRepair_Over.png
  • %ProgramFiles%\Fix Tool\Res\Menu\Thumbs.db
  • %ProgramFiles%\Fix Tool\Res\Progrss.bmp
  • %ProgramFiles%\Fix Tool\Res\Safe.png
  • %ProgramFiles%\Fix Tool\Res\Sys.png
  • %ProgramFiles%\Fix Tool\Res\Thumbs.db
  • %ProgramFiles%\Fix Tool\Res\Uncheck.png
  • %ProgramFiles%\Fix Tool\SEClean.dll
  • %ProgramFiles%\Fix Tool\SERepair.dll
  • %ProgramFiles%\Fix Tool\SEStyle.dll
  • %ProgramFiles%\Fix Tool\Temp\__clean_disk.bat
  • %ProgramFiles%\Fix Tool\Temp\__repair_components.bat
  • %ProgramFiles%\Fix Tool\Temp\__repair_errors.bat
  • %ProgramFiles%\Fix Tool\Temp\__start_schedule.bat
  • %ProgramFiles%\Fix Tool\uninst.exe
  • %ProgramFiles%\Fix Tool\Update.exe
  • %Windìr%\Tasks\Fix_Tool_OneClick.job


Next, the program creates the following registry entry so that it executes whenever Windows starts:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\"Fix Tool" = "C:\Program Files\Fix Tool\Fix-Tool.exe"

It also creates the following registry subkeys:
  • HKEY_CLASSES_ROOT\.pox
  • HKEY_CLASSES_ROOT\pofile
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Fix-Tool.exe
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Fix Tool
  • HKEY_LOCAL_MACHINE\SOFTWARE\Miracle
Summary| Technical Details| Removal

Search Threats

Search by name
Example: W32.Beagle.AG@mm
STAR Antimalware Protection Technologies
2016 Internet Security Threat Report, Volume 21
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube