Seeking opinions on Tweakbit “FixMyPC” and “File Recovery” software and their website..

Topic

New Reply

Had a call from a client complaining his Windows 7 Pro PC had started doing weird things so I logged in remotely with Logmein Rescue to take a look.

My first port of call was to check what AV he was using. Turned out to be Microsoft Security Essentials.

Not having the greatest faith in MSE, I downloaded and installed Malwarebytes Premium v3.x, let it update and do a scan. It turned out that a week or so ago he’d purchased and installed TweakBit FixMyPC and File Recovery software. Malwarebytes went crazy and identified just about every component of Tweakbit Software as either Malware or a PUP.

Using my own PC, I tried to check out their website tweakbit.com and Malwarebytes immediately blocked it..

46308-Malwarebytes-Block

Clicking the “Learn More” link, Malwarebytes stated (in part) ;

Your Malwarebytes malicious website blocking technology has blocked outgoing or incoming communication between your computer and a malicious Internet Protocol (IP) address. That’s a good thing. This communication could be:

[*]An attempt to download malware onto your computer
[*]An attempt to redirect you to a malicious webpage
[*]An attempt to deliver malicious advertising
[*]

If you are receiving these notifications without a browser being open, we recommend you run a scan with your Malwarebytes Anti-Malware pronto to check for malware on your computer.

Curious, but not wanting to risk running or checking out the software on my clients machine, I decided to purchase a copy of both for myself so I could take a better look at it. Using Avast’s Safezone Browser, I went to their site and downloaded the products, installing them into a spare Vanilla Win 7 Pro Virtual Machine I have here for such testing purposes.

Here’s where it gets a little interesting and a tad confusing..

TweakBit “FixMyPC” claims to be a MICROSOFT PARTNER Gold Application Development

46309-Tweakbit-FixMyPc

TweakBit “File Recovery” also claims to be a MICROSOFT PARTNER Gold Application Development

46310-Tweakbit-File-Recovery

The final thing I found interesting is that Tweakbit’s website claims to be Norton Secured

46311-Norton-Secured

Now, given all that information;

[*]Why is Malwarebytes being so paranoid about tweakbit.com being a Malicous Website

and

[*]Why does Malwarebytes consider Tweakbit Software to be chocka block full of PUPS and Malicious content?

Anyone with experience about Tweakbit Software care to offer an opinion?

Have become curious about it, so for the time being, I’ve disabled Tweakbit Software on the clients machine until I can learn more about it.

Interested in hearing about your experiences (if any) with this particular website and software.

Cheers..

Andrew

Reply | Quote

Replies

…Interested in hearing about your experiences (if any) with this particular website and software…

This happens when you install a “Fix My PC” program

Over the years I have cleaned up thousands of customers’ Windows systems that had been severly infected w/ PUPs/adware/spyware/malware/rootkits & even full-blown viruses after the user had fallen for misleading/lying ads on websites.

“Microsoft Partner…” & “Norton SECURED” – yeah sure (liars). So if they’re lying about that what would make you think their programs will actually do what they claim?

IMO it is generally a mistake to second-guess such highly-reputable programs as Malwarebytes (MBAM) – if MBAM detects PUPs/adware/spyware/malware/rootkits or blocks a suspect web link you can take MBAM’s advise with great confidence.

Re: “tuneup”/”fix”/”registry clean” type programs in general; most experienced WSL members generally advise against such programs.

However, there are a couple of exceptions: “CCleaner” and “jv16 Power Tools”. I have used CCleaner occasionally when customers have already had it installed and have not seen adverse results. But I have more confidence w/ jv16 which I tried after reading an article by Fred Langa in his “Langalist” email newsletter years ago (after trying jv16 I bought a licence in 2005, and upgraded to a “Platinum VIP” licence in 2011). Nevertheless I avoid running such programs unless I see a specific indication they will help.

Reply | Quote

”Microsoft Partner…” & “Norton SECURED” – yeah sure (liars).

Might write both Microsoft and Norton an email and see if they’re faking membership. I would imagine they wouldn’t take it kindly if they are

IMO it is generally a mistake to second-guess such highly-reputable programs as Malwarebytes (MBAM) – if MBAM detects PUPs/adware/spyware/malware/rootkits or blocks a suspect web link you can take MBAM’s advise with great confidence.

Indeed.. I have a lot of faith in MBAM which is what prompted me to do some research on the products, even testing them out myself by actually buying a copy of both to try on Win 7 PRO VM. :wacko:

Thanks for your input Coochin..

Reply | Quote

Might write both Microsoft and Norton an email and see if they’re faking membership. I would imagine they wouldn’t take it kindly if they are

Don’t waste your efforts the Microsoft Partner Network program has little real world meaning for the end user and IMHO is mostly just another way M$ racks up ‘share holder value’. If they get their check, do they care?
:cheers:

Just because you don't know where you are going doesn't mean any road will get you there.

Reply | Quote

hpHosts, part of the MBAM group and supplier of a large part of the MWAC blocklist, gives the reason for the Tweakbit block as MMT: misleading marketing. MBAM detects the setup file for FixMyPC as a PUP:Optional.

Here’s another ‘tool’ (looks like an internal downloader run from a setup.exe) that contacts/downloads from the Tweakbit site, as rated by Virustotal (see the Behavioural info tab): https://www.virustotal.com/en/file/51a045059eec215e7b6d2e027dc92ef071bea70283153a2d826fb1a0d5aa0f44/analysis/

Comments at WOT might be useful too: https://www.mywot.com/en/scorecard/www.tweakbit.com

Reply | Quote

hpHosts, part of the MBAM group and supplier of a large part of the MWAC blocklist, gives the reason for the Tweakbit block as MMT: misleading marketing. MBAM detects the setup file for FixMyPC as a PUP:Optional.

Here’s another ‘tool’ (looks like an internal downloader run from a setup.exe) that contacts/downloads from the Tweakbit site, as rated by Virustotal (see the Behavioural info tab): https://www.virustotal.com/en/file/51a045059eec215e7b6d2e027dc92ef071bea70283153a2d826fb1a0d5aa0f44/analysis/

Very useful information that kind of mirrors my own Google research on the product. Well, I purchased both products to run in a VM because I didn’t want to risk my customers machine so given they offer a 30 money back guarantee, I think I I’ll be taking them up on that and advise my client to do the same after I uninstall it for him.

Comments at WOT might be useful too: https://www.mywot.com/en/scorecard/www.tweakbit.com

This link provided a huge amount of insight and feedback from users of their products and proved very useful. Thanks very much for pointing that one out satrow.

Best regards..

Reply | Quote

Just a final comment on TweakBit Software ( in particular, their “FixMyPC” and “File Recovery”

As I wrote earlier in this thread to “satrow”

[Quote]Very useful information that kind of mirrors my own Google research on the product. Well, I purchased both products to run in a VM because I didn’t want to risk my customers machine so given they offer a 30 money back guarantee, I think I I’ll be taking them up on that and advise my client to do the same after I uninstall it for him.[/QUOTE]

Well I went ahead and asked for a refund on both products that I’d bought using the relevant section of their page (using Avast’s SafeZone Browser of course) and I must say I was quite surprised. I received an email 24 hours later apologising that the software didn’t do what I was hoping it would do for me and refunded the full amount I paid to me without argument within 48 hours of my refund request. I originally paid for the products via my business PayPal account received a notice from PayPal that the refund was received soon after.

I suggested my client do the same, but he’d purchased it much earlier than he first admitted to me, so he was well past the 30 day period the Money Back Guarantee is valid.

The software may not be great, but the honesty of the company in honoring their terms of purchase must be acknowledged and commended.

Cheers..

Reply | Quote