System Fix

System Fix Description

ScreenshotDespite its name, System Fix is not designed to fix your computer system. Rather, System Fix is a rogue hard disk defragmentation program, which pretends to be a legitimate security program in order to steal your money. System Fix is part of a large number of fake defragmenters which include HDD Fix, HDD Repair, and System Restore. ESG PC security researchers strongly recommend against downloading or installing System Fix. If System Fix is already on your computer, this is a definite sign that your computer has become infected with dangerous Trojans. A System Fix infection is quite an obvious event since, as soon as the rogue defragmenter is installed, it will display a huge number of alarming error messages and fake security alerts. Do not fall for the System Fix scam; these fake notifications are all designed to alarm the victim, in order to convince the infected computer's owner to acquire a "full version" of this bogus security application.

Problems Associated with System Fix

A System Fix infection is highly visible. Unlike other Trojan infections which depend on being undetectable, System Fix wants you to know that System Fix is present, and deliberately cause a large number of problems to ensure that you buy this fake security program. Some problems associated with System Fix include the following.

  • In the event of a System Fix infection, many of your files, folders and applications may appear to disappear suddenly. Do not worry, your files are not gone; System Fix changes their settings to "hidden" so that it will appear that they have been deleted.
  • One of the main symptoms of a System Fix infection is a flood of constant alarming error messages, claiming catastrophic problems in your operating system.
  • A computer infected with System Fix will launch this fake security program at start-up without the user's authorization. This means that every time you start up Windows you will be greeted by the System Fix splash screen, followed by a fake system scan and a plea for you to acquire a "full version" of this malicious security application.
  • A System Fix infection does not play nice with your system. Computers infected with System Fix will become slow and prone to frequent crashes and the dreaded "blue screen of death."

Aliases: Trojan.Win32.Vilsel.bfhb [Kaspersky], Win32:Jorik-DR [Trj] [Avast], Trojan.Win32.Vilsel [Ikarus], Trojan.Fakealert.27030 [DrWeb], Trojan.Win32.Vilsel!IK, Trojan.Generic.KDV.436378 [BitDefender], Trojan.Win32.Vilsel.bfdz [Kaspersky], Trojan.Win32.Jorik.Fraud.iyg [Kaspersky], Trojan.Win32.Vilsel.bfgw [Kaspersky], a variant of Win32/Kryptik.WEN [NOD32], Downloader.Zlob.BDYF [AVG], Trojan/Win32.Vilsel [AhnLab-V3], Trojan.Fakealert.27037 [DrWeb], Trojan.Win32.Vilsel.bfdv.AMN!A2 and Trojan.Generic.KDV.437189 [BitDefender].

Technical Information

Screenshots & Other Imagery

Tip: Turn your sound ON and watch the video in Full Screen mode to fully experience how System Fix infects a computer.

System Fix Video

System Fix Image 1 System Fix Image 2 System Fix Image 3 System Fix Image 4 System Fix Image 5 System Fix Image 6 System Fix Image 7 System Fix Image 8 System Fix Image 9 System Fix Image 10 System Fix Image 11

File System Details

System Fix creates the following file(s):
# File Name Size MD5 Detection Count
1 %ALLUSERSPROFILE%\Dati applicazioni\ovLtSvlXCxH.exe 434,944 5775d6d45730566c4ad1a08f69396799 35
2 %ALLUSERSPROFILE%\Application Data\IoWwDnqsYPU.exe 491,520 9979ba49d3bc0db9e237b1986e319987 8
3 %APPDATA%\6831C\5EE61.exe 166,400 d962c1c3149b4f99f3ab339137ae8921 4
4 %PROGRAMFILES(x86)%\LP\F53F\186.exe 275,456 bcd0e7764edf6cb3119990826fb70662 4
5 %APPDATA%\B423E\lvvm.exe 189,952 01ddb1f6d60ee53a5f27746a622e4365 3
6 %ALLUSERSPROFILE%\Application Data\dSPEfJqNGav.exe 444,672 b8b4d7fd7f49141f2a2459cdf18b975a 3
7 %APPDATA%\80359\B2C9A.exe 174,592 66ad60d42754559638d94554f999b563 2
8 %APPDATA%java.exe 2,918,912 64eaa4d0f5feb73c65174a25f2d9942f 2
9 %APPDATA%\Microsoft\D5EA\97E.exe 289,792 3a132d79ff5b577c8ea00bad8da6304d 2
10 %ALLUSERSPROFILE%\Application Data\POrAEHHCNGan.exe 422,656 1cd587b82c91914d9a3de874a5362437 1
11 %ALLUSERSPROFILE%\Datos de programa\gcM4SGa6XY2qLk.exe 335,104 e3de193284cc955efc5fb4b0e4b348de 1
12 %TEMP%2492.exe 2,006,528 99f98b2d53930c287c58f410110a260f 1
13 %ALLUSERSPROFILE%\Application Data\ABrSmUWHNf.exe 433,408 2a2d3bfc5c0b76ad0ccd7afafc7c4769 1
14 %PROGRAMFILES%\LP\F6BA\87B.exe 275,968 81bbd7daa950826d94b1a5f19f41e432 1
15 %ALLUSERSPROFILE%\Application Data\AnxAWyvzgmN5fQ.exe 352,512 bb262d54a6fa8b89d3f30b2e37edd247 1
16 %AllUsersProfile%\[RANDOM CHARACTERS].exe N/A
17 6DSS92c31Apgjk.exe N/A
18 %Temp%\smtmp\1 N/A
19 %Temp%\smtmp\4 N/A
20 %StartMenu%\Programs\System Fix\Uninstall System Fix.lnk N/A
21 %Temp%\smtmp\ N/A
22 %Temp%\smtmp\3 N/A
23 %StartMenu%\Programs\System Fix\System Fix.lnk N/A
24 %Desktop%\System Fix.lnk N/A
25 %Temp%\smtmp\2 N/A
26 %StartMenu%\Programs\System Fix\ N/A
27 %AppData%\Microsoft\Internet Explorer\Quick Launch\System Fix.lnk N/A
28 %ALLUSERSPROFILE%\Application Data\RhsEkxxjfUhuhw.exe 420,096 cd3c642eaacd86c7893e1608d8c57dc7 0
29 %ALLUSERSPROFILE%\Application Data\Wx7FHng4rJ4QFn.exe 335,616 8d2327e5ff0ebabfab262b7c146b8b60 0
More files

Registry Details

System Fix creates the following registry entry or registry entries:
RegistryKey
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "CertificateRevocation" = '0'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop "NoChangingWallPaper" = '1'
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System "DisableTaskMgr" = '1'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "ShowSuperHidden" = '0'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "WarnonBadCertRecving" = '0'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments "SaveZoneInformation" = '1'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System "DisableTaskMgr" = '1'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "Hidden" = '0'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main "Use FormSuggest" = 'Yes'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Associations "LowRiskFileTypes" = '.zip;.rar;.nfo;.txt;.exe;.bat;.com;.cmd;.reg;.msi;.htm;.html;.gif;.bmp;.jpg;.avi;.mpg;.mpeg;.mov;.mp3;.m3u;.wav;.scr;'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer "NoDesktop" = '1'
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download "CheckExeSignatures" = 'no'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "[RANDOM CHARACTERS].exe"

More Details on System Fix

The following messages associated with System Fix were found:
Activation Reminder
Data Restore Activation
Advanced module activation required to fix detected errors and performance issues. Please purchase Advanced Module license to activate this software and enable all features.
Critical Error
Hard drive critical error. Run a system diagnostic utility to check your hard disk drive for errors. Windows can’t find hard disk space. Hard drive error.
Critical Error
RAM memory usage is critically high. RAM memory failure.
Critical Error!
Damaged hard drive clusters detected. Private data is at risk.
Hard Drive Failure
The system has detected a problem with one or more installed IDE/SATA hard disks. It is recommended that you restart the system.
System Error
An error occurred while reading system files. Run a system diagnostic utility to check your hard disk drive for errors.

Site Disclaimer

Enigmasoftware.com is not associated, affiliated, sponsored or owned by the malware creators or distributors mentioned on this article. This article should NOT be mistaken or confused in being associated in any way with the promotion or endorsement of malware. Our intent is to provide information that will educate computer users on how to detect, and ultimately remove, malware from their computer with the help of SpyHunter and/or manual removal instructions provided on this article.

This article is provided "as is" and to be used for educational information purposes only. By following any instructions on this article, you agree to be bound by the disclaimer. We make no guarantees that this article will help you completely remove the malware threats on your computer. Spyware changes regularly; therefore, it is difficult to fully clean an infected machine through manual means.

3 Comments

  • AZ Ranger:

    Purchased Spy Hunter this week to clean up the virus "SYSTEM FIX"
    What a nightmare, it completely masked my "C" drive to appear that it had wiped it clean. But when checking the properties of the drive thru My Computer, i could see it was still 3/4 full. It took an online session with the developers overseas, but I was amazed how fast the gentleman cleaned and restored my drive. Thank God for online support! And best of all, no additional cost.

  • John Reid:

    Can't send messages or pictures.

  • Chris trapuzzano:

    Trying too reboot phone to get rid of unwanted apps

Leave a Reply

Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.