System Fix

By LoneStar in Rogue Anti-Spyware Program

Threat Scorecard

Threat Level:	100 % (High)
Infected Computers:	188

First Seen:	November 14, 2011
Last Seen:	April 18, 2018
OS(es) Affected:	Windows

System Fix Image

Despite its name, System Fix is not designed to fix your computer system. Rather, System Fix is a rogue hard disk defragmentation program, which pretends to be a legitimate security program in order to steal your money. System Fix is part of a large number of fake defragmenters which include HDD Fix, HDD Repair, and System Restore. ESG PC security researchers strongly recommend against downloading or installing System Fix. If System Fix is already on your computer, this is a definite sign that your computer has become infected with dangerous Trojans. A System Fix infection is quite an obvious event since, as soon as the rogue defragmenter is installed, it will display a huge number of alarming error messages and fake security alerts. Do not fall for the System Fix scam; these fake notifications are all designed to alarm the victim, in order to convince the infected computer's owner to acquire a "full version" of this bogus security application.

Table of Contents

Problems Associated with System Fix

A System Fix infection is highly visible. Unlike other Trojan infections which depend on being undetectable, System Fix wants you to know that System Fix is present, and deliberately cause a large number of problems to ensure that you buy this fake security program. Some problems associated with System Fix include the following.

In the event of a System Fix infection, many of your files, folders and applications may appear to disappear suddenly. Do not worry, your files are not gone; System Fix changes their settings to "hidden" so that it will appear that they have been deleted.
One of the main symptoms of a System Fix infection is a flood of constant alarming error messages, claiming catastrophic problems in your operating system.
A computer infected with System Fix will launch this fake security program at start-up without the user's authorization. This means that every time you start up Windows you will be greeted by the System Fix splash screen, followed by a fake system scan and a plea for you to acquire a "full version" of this malicious security application.
A System Fix infection does not play nice with your system. Computers infected with System Fix will become slow and prone to frequent crashes and the dreaded "blue screen of death."

Aliases

15 security vendors flagged this file as malicious.

Anti-Virus Software	Detection
Kaspersky	Trojan.Win32.Vilsel.bfhb
Avast	Win32:Jorik-DR [Trj]
Ikarus	Trojan.Win32.Vilsel
DrWeb	Trojan.Fakealert.27030
BitDefender	Trojan.Generic.KDV.436378
Kaspersky	Trojan.Win32.Vilsel.bfdz
Kaspersky	Trojan.Win32.Jorik.Fraud.iyg
Kaspersky	Trojan.Win32.Vilsel.bfgw
NOD32	a variant of Win32/Kryptik.WEN
AVG	Downloader.Zlob.BDYF
AhnLab-V3	Trojan/Win32.Vilsel
DrWeb	Trojan.Fakealert.27037
BitDefender	Trojan.Generic.KDV.437189
Kaspersky	Trojan.Win32.Vilsel.bfdv
eSafe	Win32.FakeAV.Oz

SpyHunter Detects & Remove System Fix

System Fix Video

Tip: Turn your sound ON and watch the video in Full Screen mode.

File System Details

System Fix may create the following file(s):

Expand All | Collapse All

#	File Name	MD5	Detections Detections: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
1.	ovLtSvlXCxH.exe	5775d6d45730566c4ad1a08f69396799	35
Name: ovLtSvlXCxH.exe MD5: 5775d6d45730566c4ad1a08f69396799 Size: 434.94 KB (434944 bytes) Detections: 35 Type: Executable File Path: %ALLUSERSPROFILE%\Dati applicazioni Group: Malware file Last Updated: November 30, 2011
2.	ovLtSvlXCxH.exe	b3d049c86963176bfa97cb69e6f2ece1	31
Name: ovLtSvlXCxH.exe MD5: b3d049c86963176bfa97cb69e6f2ece1 Size: 435.96 KB (435968 bytes) Detections: 31 Type: Executable File Path: %ALLUSERSPROFILE%\Application Data Group: Malware file Last Updated: November 30, 2011
3.	ovLtSvlXCxH.exe	514841dc38f8b35eeb43fbdb36ca8bfd	23
Name: ovLtSvlXCxH.exe MD5: 514841dc38f8b35eeb43fbdb36ca8bfd Size: 435.96 KB (435968 bytes) Detections: 23 Type: Executable File Path: %ALLUSERSPROFILE%\Application Data Group: Malware file Last Updated: December 1, 2011
4.	lvvm.exe	4f988d2cd0e25b8dedcd7d9321819846	22
Name: lvvm.exe MD5: 4f988d2cd0e25b8dedcd7d9321819846 Size: 182.27 KB (182272 bytes) Detections: 22 Type: Executable File Path: %PROGRAMFILES%\5A0CC Group: Malware file Last Updated: November 23, 2011
5.	IoWwDnqsYPU.exe	9979ba49d3bc0db9e237b1986e319987	8
Name: IoWwDnqsYPU.exe MD5: 9979ba49d3bc0db9e237b1986e319987 Size: 491.52 KB (491520 bytes) Detections: 8 Type: Executable File Path: %ALLUSERSPROFILE%\Application Data Group: Malware file Last Updated: November 21, 2011
6.	5EE61.exe	d962c1c3149b4f99f3ab339137ae8921	4
Name: 5EE61.exe MD5: d962c1c3149b4f99f3ab339137ae8921 Size: 166.4 KB (166400 bytes) Detections: 4 Type: Executable File Path: %APPDATA%\6831C Group: Malware file Last Updated: November 23, 2011
7.	186.exe	bcd0e7764edf6cb3119990826fb70662	4
Name: 186.exe MD5: bcd0e7764edf6cb3119990826fb70662 Size: 275.45 KB (275456 bytes) Detections: 4 Type: Executable File Path: %PROGRAMFILES(x86)%\LP\F53F Group: Malware file Last Updated: November 23, 2011
8.	lvvm.exe	01ddb1f6d60ee53a5f27746a622e4365	3
Name: lvvm.exe MD5: 01ddb1f6d60ee53a5f27746a622e4365 Size: 189.95 KB (189952 bytes) Detections: 3 Type: Executable File Path: %APPDATA%\B423E Group: Malware file Last Updated: November 23, 2011
9.	dSPEfJqNGav.exe	b8b4d7fd7f49141f2a2459cdf18b975a	3
Name: dSPEfJqNGav.exe MD5: b8b4d7fd7f49141f2a2459cdf18b975a Size: 444.67 KB (444672 bytes) Detections: 3 Type: Executable File Path: %ALLUSERSPROFILE%\Application Data Group: Malware file Last Updated: December 1, 2011
10.	B2C9A.exe	66ad60d42754559638d94554f999b563	2
Name: B2C9A.exe MD5: 66ad60d42754559638d94554f999b563 Size: 174.59 KB (174592 bytes) Detections: 2 Type: Executable File Path: %APPDATA%\80359 Group: Malware file Last Updated: November 21, 2011
11.	java.exe	64eaa4d0f5feb73c65174a25f2d9942f	2
Name: java.exe MD5: 64eaa4d0f5feb73c65174a25f2d9942f Size: 2.91 MB (2918912 bytes) Detections: 2 Type: Executable File Path: %APPDATA% Group: Malware file Last Updated: November 21, 2011
12.	97E.exe	3a132d79ff5b577c8ea00bad8da6304d	2
Name: 97E.exe MD5: 3a132d79ff5b577c8ea00bad8da6304d Size: 289.79 KB (289792 bytes) Detections: 2 Type: Executable File Path: %APPDATA%\Microsoft\D5EA Group: Malware file Last Updated: November 21, 2011
13.	lvvm.exe	2d52a454a9b78db1509d62dea385d15c	2
Name: lvvm.exe MD5: 2d52a454a9b78db1509d62dea385d15c Size: 187.9 KB (187904 bytes) Detections: 2 Type: Executable File Path: %APPDATA%\7D1BF Group: Malware file Last Updated: November 28, 2011
14.	POrAEHHCNGan.exe	1cd587b82c91914d9a3de874a5362437	1
Name: POrAEHHCNGan.exe MD5: 1cd587b82c91914d9a3de874a5362437 Size: 422.65 KB (422656 bytes) Detections: 1 Type: Executable File Path: %ALLUSERSPROFILE%\Application Data Group: Malware file Last Updated: November 18, 2011
15.	gcM4SGa6XY2qLk.exe	e3de193284cc955efc5fb4b0e4b348de	1
Name: gcM4SGa6XY2qLk.exe MD5: e3de193284cc955efc5fb4b0e4b348de Size: 335.1 KB (335104 bytes) Detections: 1 Type: Executable File Path: %ALLUSERSPROFILE%\Datos de programa Group: Malware file Last Updated: November 18, 2011
16.	lvvm.exe	15a6905c3aa65016611aba247bab6e3f	1
Name: lvvm.exe MD5: 15a6905c3aa65016611aba247bab6e3f Size: 190.46 KB (190464 bytes) Detections: 1 Type: Executable File Path: %APPDATA%\01272 Group: Malware file Last Updated: November 23, 2011
17.	IoWwDnqsYPU.exe	c8dc95c461e259ac7d8c6a6299c05bea	1
Name: IoWwDnqsYPU.exe MD5: c8dc95c461e259ac7d8c6a6299c05bea Size: 488.44 KB (488448 bytes) Detections: 1 Type: Executable File Path: %ALLUSERSPROFILE%\Application Data Group: Malware file Last Updated: November 21, 2011
18.	2492.exe	99f98b2d53930c287c58f410110a260f	1
Name: 2492.exe MD5: 99f98b2d53930c287c58f410110a260f Size: 2 MB (2006528 bytes) Detections: 1 Type: Executable File Path: %TEMP% Group: Malware file Last Updated: November 21, 2011
19.	ABrSmUWHNf.exe	2a2d3bfc5c0b76ad0ccd7afafc7c4769	1
Name: ABrSmUWHNf.exe MD5: 2a2d3bfc5c0b76ad0ccd7afafc7c4769 Size: 433.4 KB (433408 bytes) Detections: 1 Type: Executable File Path: %ALLUSERSPROFILE%\Application Data Group: Malware file Last Updated: November 28, 2011
20.	87B.exe	81bbd7daa950826d94b1a5f19f41e432	1
Name: 87B.exe MD5: 81bbd7daa950826d94b1a5f19f41e432 Size: 275.96 KB (275968 bytes) Detections: 1 Type: Executable File Path: %PROGRAMFILES%\LP\F6BA Group: Malware file Last Updated: November 23, 2011
21.	AnxAWyvzgmN5fQ.exe	bb262d54a6fa8b89d3f30b2e37edd247	1
Name: AnxAWyvzgmN5fQ.exe MD5: bb262d54a6fa8b89d3f30b2e37edd247 Size: 352.51 KB (352512 bytes) Detections: 1 Type: Executable File Path: %ALLUSERSPROFILE%\Application Data Group: Malware file Last Updated: December 1, 2011
22.	%AllUsersProfile%\[RANDOM CHARACTERS].exe
Name: %AllUsersProfile%\[RANDOM CHARACTERS].exe Type: Executable File Group: Malware file
23.	6DSS92c31Apgjk.exe
Name: 6DSS92c31Apgjk.exe Type: Executable File Group: Malware file
24.	%Temp%\smtmp\1
Name: %Temp%\smtmp\1 Group: Malware file
25.	%Temp%\smtmp\4
Name: %Temp%\smtmp\4 Group: Malware file
26.	%StartMenu%\Programs\System Fix\Uninstall System Fix.lnk
Name: %StartMenu%\Programs\System Fix\Uninstall System Fix.lnk Type: Shortcut Group: Malware file
27.	%Temp%\smtmp\
Name: %Temp%\smtmp\ Group: Malware file
28.	%Temp%\smtmp\3
Name: %Temp%\smtmp\3 Group: Malware file
29.	%StartMenu%\Programs\System Fix\System Fix.lnk
Name: %StartMenu%\Programs\System Fix\System Fix.lnk Type: Shortcut Group: Malware file
30.	%Desktop%\System Fix.lnk
Name: %Desktop%\System Fix.lnk Type: Shortcut Group: Malware file
31.	%Temp%\smtmp\2
Name: %Temp%\smtmp\2 Group: Malware file
32.	%StartMenu%\Programs\System Fix\
Name: %StartMenu%\Programs\System Fix\ Group: Malware file
33.	%AppData%\Microsoft\Internet Explorer\Quick Launch\System Fix.lnk
Name: %AppData%\Microsoft\Internet Explorer\Quick Launch\System Fix.lnk Type: Shortcut Group: Malware file
34.	RhsEkxxjfUhuhw.exe	cd3c642eaacd86c7893e1608d8c57dc7	0
Name: RhsEkxxjfUhuhw.exe MD5: cd3c642eaacd86c7893e1608d8c57dc7 Size: 420.09 KB (420096 bytes) Detections: 0 Type: Executable File Path: %ALLUSERSPROFILE%\Application Data Group: Malware file Last Updated: November 15, 2011
35.	Wx7FHng4rJ4QFn.exe	8d2327e5ff0ebabfab262b7c146b8b60	0
Name: Wx7FHng4rJ4QFn.exe MD5: 8d2327e5ff0ebabfab262b7c146b8b60 Size: 335.61 KB (335616 bytes) Detections: 0 Type: Executable File Path: %ALLUSERSPROFILE%\Application Data Group: Malware file Last Updated: November 15, 2011

Registry Details

System Fix may create the following registry entry or registry entries:

HKEY..\..\..\..{RegistryKeys}

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "CertificateRevocation" = '0'

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop "NoChangingWallPaper" = '1'

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System "DisableTaskMgr" = '1'

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "ShowSuperHidden" = '0'

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "WarnonBadCertRecving" = '0'

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments "SaveZoneInformation" = '1'

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System "DisableTaskMgr" = '1'

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "Hidden" = '0'

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main "Use FormSuggest" = 'Yes'

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Associations "LowRiskFileTypes" = '.zip;.rar;.nfo;.txt;.exe;.bat;.com;.cmd;.reg;.msi;.htm;.html;.gif;.bmp;.jpg;.avi;.mpg;.mpeg;.mov;.mp3;.m3u;.wav;.scr;'

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer "NoDesktop" = '1'

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download "CheckExeSignatures" = 'no'

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "[RANDOM CHARACTERS].exe"

Messages

The following messages associated with System Fix were found:

Activation Reminder
Data Restore Activation
Advanced module activation required to fix detected errors and performance issues. Please purchase Advanced Module license to activate this software and enable all features.

Critical Error
Hard drive critical error. Run a system diagnostic utility to check your hard disk drive for errors. Windows can’t find hard disk space. Hard drive error.

Critical Error
RAM memory usage is critically high. RAM memory failure.

Critical Error!
Damaged hard drive clusters detected. Private data is at risk.

Hard Drive Failure
The system has detected a problem with one or more installed IDE/SATA hard disks. It is recommended that you restart the system.

System Error
An error occurred while reading system files. Run a system diagnostic utility to check your hard disk drive for errors.

3 Comments

AZ Ranger 12 years ago Reply

Purchased Spy Hunter this week to clean up the virus "SYSTEM FIX"
What a nightmare, it completely masked my "C" drive to appear that it had wiped it clean. But when checking the properties of the drive thru My Computer, i could see it was still 3/4 full. It took an online session with the developers overseas, but I was amazed how fast the gentleman cleaned and restored my drive. Thank God for online support! And best of all, no additional cost.

John Reid 9 years ago Reply

Can't send messages or pictures.

Chris trapuzzano 9 years ago Reply

Trying too reboot phone to get rid of unwanted apps

Enigma Software Group Prevails Over Malwarebytes at the Ninth Circuit

Search

Change Region

System Fix

Threat Scorecard

EnigmaSoft Threat Scorecard

Problems Associated with System Fix

Aliases

SpyHunter Detects & Remove System Fix

System Fix Video

File System Details

Registry Details

Messages

3 Comments

Submit Comment

Trending

Rzfu Ransomware

'YouPorn' Email Scam

Rzkd Ransomware

Most Viewed

Is Lookmovie.io Safe?

How To Fix 'Printer Driver is Unavailable' Error

Discord Shows Black Screen when Sharing Screen