F-Secure
Tools
Rogue:W32/UltimateFix
| Name : | Rogue:W32/UltimateFix |
| Category: | Riskware |
| Type: | Rogue |
| Platform: | W32 |
Summary
Dishonest antivirus software which tricks users into buying or installing it, usually by infecting a user's computer, or by pretending the computer is infected.
Additional Details
This is the family description for the Rogue:W32/UltimateFix family of rogueware.
Variants in the UltimateFix rogueware family are rogue anti-malware programs that generate fake or misleading scan results, in an attempt to trick users into purchasing their products.
Installation
UltimateFix variants commonly launch a downloader that installs the application. much like the one shown below:
Screenshots of known UltimateFix variants can be seen below :
During installation, the program creates these files :
Registry
During installation, the program creates the following registry key to automatically execute itself:
Variants in the UltimateFix rogueware family are rogue anti-malware programs that generate fake or misleading scan results, in an attempt to trick users into purchasing their products.
Installation
UltimateFix variants commonly launch a downloader that installs the application. much like the one shown below:
Screenshots of known UltimateFix variants can be seen below :
During installation, the program creates these files :
• %Desktop%\UltimateFixer 2007.lnk
• %ProgramFiles%\UltimateFixer 2007\Register UltimateFixer 2007.lnk
• %ProgramFiles%\UltimateFixer 2007\Start UltimateFixer 2007.lnk
• %ProgramFiles%\UltimateFixer 2007\Uninstall UltimateFixer 2007.lnk
• %ProgramFiles%\Ultimate Fixer\program.info
• %ProgramFiles%\Ultimate Fixer\ufixer.pkg
• %ProgramFiles%\Ultimate Fixer\UltimateFixer.db
• %ProgramFiles%\Ultimate Fixer\UltimateFixer.exe
• %ProgramFiles%\Ultimate Fixer\Uninstall.exe
Registry
During installation, the program creates the following registry key to automatically execute itself:
• HKLM\Software\Microsoft\Windows\CurrentVersion\Run = %ProgramFiles%\Ultimate Fixer\UltimateFixer.exe