System Fix

System Fix Description

ScreenshotDespite its name, System Fix is not designed to fix your computer system. Rather, System Fix is a rogue hard disk defragmentation program, which pretends to be a legitimate security program in order to steal your money. System Fix is part of a large number of fake defragmenters which include HDD Fix, HDD Repair, and System Restore. ESG PC security researchers strongly recommend against downloading or installing System Fix. If System Fix is already on your computer, this is a definite sign that your computer has become infected with dangerous Trojans. A System Fix infection is quite an obvious event since, as soon as the rogue defragmenter is installed, it will display a huge number of alarming error messages and fake security alerts. Do not fall for the System Fix scam; these fake notifications are all designed to alarm the victim, in order to convince the infected computer's owner to acquire a "full version" of this bogus security application.

Problems Associated with System Fix

A System Fix infection is highly visible. Unlike other Trojan infections which depend on being undetectable, System Fix wants you to know that System Fix is present, and deliberately cause a large number of problems to ensure that you buy this fake security program. Some problems associated with System Fix include the following.

  • In the event of a System Fix infection, many of your files, folders and applications may appear to disappear suddenly. Do not worry, your files are not gone; System Fix changes their settings to "hidden" so that it will appear that they have been deleted.
  • One of the main symptoms of a System Fix infection is a flood of constant alarming error messages, claiming catastrophic problems in your operating system.
  • A computer infected with System Fix will launch this fake security program at start-up without the user's authorization. This means that every time you start up Windows you will be greeted by the System Fix splash screen, followed by a fake system scan and a plea for you to acquire a "full version" of this malicious security application.
  • A System Fix infection does not play nice with your system. Computers infected with System Fix will become slow and prone to frequent crashes and the dreaded "blue screen of death."

Aliases: Win32:Jorik-DR [Trj] [Avast], Trojan.Win32.Vilsel.bfhb [Kaspersky], Trojan.Generic.KDV.436378 [BitDefender], Trojan.Win32.Vilsel [Ikarus], Trojan.Fakealert.27030 [DrWeb], Trojan.Win32.Vilsel!IK [Emsisoft], Trojan.Win32.Vilsel.bfdz [Kaspersky], a variant of Win32/Kryptik.WEN [NOD32], Trojan.Win32.Vilsel.bfgw [Kaspersky], Trojan.Win32.Jorik.Fraud.iyg [Kaspersky], Win32:FakeAlert-BMO [Trj] [Avast], Trojan.Win32.Vilsel.bfgg [Kaspersky], Trojan.FakeAlert [VIPRE], Win32:FakeAlert-BMO [GData] and Downloader.Zlob.BDZC [AVG].

Infected with System Fix? Scan Your PC

Download SpyHunter's Spyware Scanner
to Detect System Fix
* SpyHunter's scanner is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware removal tool to remove the malware threats. Read more on SpyHunter. If you no longer wish to have SpyHunter installed on your computer, follow these steps to uninstall SpyHunter.

Security Doesn't Let You Download SpyHunter or Access the Internet?


Solutions: Your computer may have malware hiding in memory that prevents any program, including SpyHunter, from executing on your computer. Follow to download SpyHunter and gain access to the Internet:
  • Use an alternative browser. Malware may disable your browser. If you're using IE, for example, and having problems downloading SpyHunter, you should open Firefox, Chrome or Safari browser instead.
  • Use a removable media. Download SpyHunter on another clean computer, burn it to a USB flash drive, DVD/CD, or any preferred removable media, then install it on your infected computer and run SpyHunter's malware scanner.
  • Start Windows in Safe Mode. If you can not access your Window's desktop, reboot your computer in "Safe Mode with Networking" and install SpyHunter in Safe Mode.
  • IE Users: Disable proxy server for Internet Explorer to browse the web with Internet Explorer or update your anti-spyware program. Malware modifies your Windows settings to use a proxy server to prevent you from browsing the web with IE.

If you still can't install SpyHunter? View other possible causes of installation issues.

Technical Information

Screenshots & Other Imagery

Tip: Turn your sound ON and watch the video in Full Screen mode to fully experience how System Fix infects a computer.

How to Find and Remove System Fix

System Fix Image 1 System Fix Image 2 System Fix Image 3 System Fix Image 4 System Fix Image 5 System Fix Image 6 System Fix Image 7 System Fix Image 8 System Fix Image 9 System Fix Image 10 System Fix Image 11

File System Details

System Fix creates the following file(s):
# File Name Size MD5 Detection Count
1 %ALLUSERSPROFILE%\Application Data\Wx7FHng4rJ4QFn.exe 335,616 8d2327e5ff0ebabfab262b7c146b8b60 52
2 %ALLUSERSPROFILE%\Application Data\RhsEkxxjfUhuhw.exe 420,096 cd3c642eaacd86c7893e1608d8c57dc7 51
3 %ALLUSERSPROFILE%\Application Data\AnxAWyvzgmN5fQ.exe 352,512 bb262d54a6fa8b89d3f30b2e37edd247 43
4 %ALLUSERSPROFILE%\Dati applicazioni\ovLtSvlXCxH.exe 434,944 5775d6d45730566c4ad1a08f69396799 35
5 %PROGRAMFILES%\LP\F6BA\87B.exe 275,968 81bbd7daa950826d94b1a5f19f41e432 20
6 %ALLUSERSPROFILE%\Application Data\POrAEHHCNGan.exe 422,656 1cd587b82c91914d9a3de874a5362437 12
7 %ALLUSERSPROFILE%\Application Data\IoWwDnqsYPU.exe 491,520 9979ba49d3bc0db9e237b1986e319987 8
8 %PROGRAMFILES(x86)%\LP\F53F\186.exe 275,456 bcd0e7764edf6cb3119990826fb70662 4
9 %APPDATA%\6831C\5EE61.exe 166,400 d962c1c3149b4f99f3ab339137ae8921 4
10 %ALLUSERSPROFILE%\Application Data\dSPEfJqNGav.exe 444,672 b8b4d7fd7f49141f2a2459cdf18b975a 3
11 %APPDATA%\B423E\lvvm.exe 189,952 01ddb1f6d60ee53a5f27746a622e4365 3
12 %APPDATA%\Microsoft\D5EA\97E.exe 289,792 3a132d79ff5b577c8ea00bad8da6304d 2
13 %APPDATA%\80359\B2C9A.exe 174,592 66ad60d42754559638d94554f999b563 2
14 %APPDATA%java.exe 2,918,912 64eaa4d0f5feb73c65174a25f2d9942f 2
15 %AllUsersProfile%\[RANDOM CHARACTERS].exe N/A
16 6DSS92c31Apgjk.exe N/A
17 %Temp%\smtmp\1 N/A
18 %Temp%\smtmp\4 N/A
19 %StartMenu%\Programs\System Fix\Uninstall System Fix.lnk N/A
20 %Temp%\smtmp\ N/A
21 %Temp%\smtmp\3 N/A
22 %StartMenu%\Programs\System Fix\System Fix.lnk N/A
23 %Desktop%\System Fix.lnk N/A
24 %Temp%\smtmp\2 N/A
25 %StartMenu%\Programs\System Fix\ N/A
26 %AppData%\Microsoft\Internet Explorer\Quick Launch\System Fix.lnk N/A

Registry Details

System Fix creates the following registry entry or registry entries:
HKEY..\..\..\..{RegistryKeys}
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "CertificateRevocation" = '0'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop "NoChangingWallPaper" = '1'
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System "DisableTaskMgr" = '1'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "ShowSuperHidden" = '0'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "WarnonBadCertRecving" = '0'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments "SaveZoneInformation" = '1'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System "DisableTaskMgr" = '1'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "Hidden" = '0'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main "Use FormSuggest" = 'Yes'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Associations "LowRiskFileTypes" = '.zip;.rar;.nfo;.txt;.exe;.bat;.com;.cmd;.reg;.msi;.htm;.html;.gif;.bmp;.jpg;.avi;.mpg;.mpeg;.mov;.mp3;.m3u;.wav;.scr;'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer "NoDesktop" = '1'
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download "CheckExeSignatures" = 'no'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "[RANDOM CHARACTERS].exe"

More Details on System Fix

The following messages associated with System Fix were found:
Activation Reminder
Data Restore Activation
Advanced module activation required to fix detected errors and performance issues. Please purchase Advanced Module license to activate this software and enable all features.
Critical Error
Hard drive critical error. Run a system diagnostic utility to check your hard disk drive for errors. Windows can’t find hard disk space. Hard drive error.
Critical Error
RAM memory usage is critically high. RAM memory failure.
Critical Error!
Damaged hard drive clusters detected. Private data is at risk.
Hard Drive Failure
The system has detected a problem with one or more installed IDE/SATA hard disks. It is recommended that you restart the system.
System Error
An error occurred while reading system files. Run a system diagnostic utility to check your hard disk drive for errors.

Site Disclaimer

3 Comments

  • Chris trapuzzano:

    Trying too reboot phone to get rid of unwanted apps

  • John Reid:

    Can’t send messages or pictures.

  • AZ Ranger:

    Purchased Spy Hunter this week to clean up the virus “SYSTEM FIX”
    What a nightmare, it completely masked my “C” drive to appear that it had wiped it clean. But when checking the properties of the drive thru My Computer, i could see it was still 3/4 full. It took an online session with the developers overseas, but I was amazed how fast the gentleman cleaned and restored my drive. Thank God for online support! And best of all, no additional cost.

Leave a Reply

Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.

IMPORTANT! To be able to proceed, you need to solve the following simple math.
Please leave these two fields as is:
What is 14 + 12 ?