System Fix

System Fix Description

Type: Rogue Defragmenter Program

ScreenshotDespite its name, System Fix is not designed to fix your computer system. Rather, System Fix is a rogue hard disk defragmentation program, which pretends to be a legitimate security program in order to steal your money. System Fix is part of a large number of fake defragmenters which include HDD Fix, HDD Repair, and System Restore. ESG PC security researchers strongly recommend against downloading or installing System Fix. If System Fix is already on your computer, this is a definite sign that your computer has become infected with dangerous Trojans. A System Fix infection is quite an obvious event since, as soon as the rogue defragmenter is installed, it will display a huge number of alarming error messages and fake security alerts. Do not fall for the System Fix scam; these fake notifications are all designed to alarm the victim, in order to convince the infected computer's owner to acquire a "full version" of this bogus security application.

Problems Associated with System Fix

A System Fix infection is highly visible. Unlike other Trojan infections which depend on being undetectable, System Fix wants you to know that System Fix is present, and deliberately cause a large number of problems to ensure that you buy this fake security program. Some problems associated with System Fix include the following.

  • In the event of a System Fix infection, many of your files, folders and applications may appear to disappear suddenly. Do not worry, your files are not gone; System Fix changes their settings to "hidden" so that it will appear that they have been deleted.
  • One of the main symptoms of a System Fix infection is a flood of constant alarming error messages, claiming catastrophic problems in your operating system.
  • A computer infected with System Fix will launch this fake security program at start-up without the user's authorization. This means that every time you start up Windows you will be greeted by the System Fix splash screen, followed by a fake system scan and a plea for you to acquire a "full version" of this malicious security application.
  • A System Fix infection does not play nice with your system. Computers infected with System Fix will become slow and prone to frequent crashes and the dreaded "blue screen of death."

Aliases

15 security vendors flagged this file as malicious.

Anti-Virus Software Detection
Kaspersky Trojan.Win32.Vilsel.bfhb
Avast Win32:Jorik-DR [Trj]
Ikarus Trojan.Win32.Vilsel
DrWeb Trojan.Fakealert.27030
BitDefender Trojan.Generic.KDV.436378
Kaspersky Trojan.Win32.Vilsel.bfdz
Kaspersky Trojan.Win32.Jorik.Fraud.iyg
Kaspersky Trojan.Win32.Vilsel.bfgw
NOD32 a variant of Win32/Kryptik.WEN
AVG Downloader.Zlob.BDYF
AhnLab-V3 Trojan/Win32.Vilsel
DrWeb Trojan.Fakealert.27037
BitDefender Trojan.Generic.KDV.437189
Kaspersky Trojan.Win32.Vilsel.bfdv
eSafe Win32.FakeAV.Oz

Technical Information

Screenshots & Other Imagery

System Fix Video

Tip: Turn your sound ON and watch the video in Full Screen mode.

System Fix Screenshots

File System Details

System Fix creates the following file(s):
# File Name MD5 Detection Count
1 ovLtSvlXCxH.exe 5775d6d45730566c4ad1a08f69396799 35
2 IoWwDnqsYPU.exe 9979ba49d3bc0db9e237b1986e319987 8
3 5EE61.exe d962c1c3149b4f99f3ab339137ae8921 4
4 186.exe bcd0e7764edf6cb3119990826fb70662 4
5 lvvm.exe 01ddb1f6d60ee53a5f27746a622e4365 3
6 dSPEfJqNGav.exe b8b4d7fd7f49141f2a2459cdf18b975a 3
7 B2C9A.exe 66ad60d42754559638d94554f999b563 2
8 java.exe 64eaa4d0f5feb73c65174a25f2d9942f 2
9 97E.exe 3a132d79ff5b577c8ea00bad8da6304d 2
10 POrAEHHCNGan.exe 1cd587b82c91914d9a3de874a5362437 1
11 gcM4SGa6XY2qLk.exe e3de193284cc955efc5fb4b0e4b348de 1
12 2492.exe 99f98b2d53930c287c58f410110a260f 1
13 ABrSmUWHNf.exe 2a2d3bfc5c0b76ad0ccd7afafc7c4769 1
14 87B.exe 81bbd7daa950826d94b1a5f19f41e432 1
15 AnxAWyvzgmN5fQ.exe bb262d54a6fa8b89d3f30b2e37edd247 1
16 %AllUsersProfile%\[RANDOM CHARACTERS].exe N/A
17 6DSS92c31Apgjk.exe N/A
18 %Temp%\smtmp\1 N/A
19 %Temp%\smtmp\4 N/A
20 %StartMenu%\Programs\System Fix\Uninstall System Fix.lnk N/A
21 %Temp%\smtmp\ N/A
22 %Temp%\smtmp\3 N/A
23 %StartMenu%\Programs\System Fix\System Fix.lnk N/A
24 %Desktop%\System Fix.lnk N/A
25 %Temp%\smtmp\2 N/A
26 %StartMenu%\Programs\System Fix\ N/A
27 %AppData%\Microsoft\Internet Explorer\Quick Launch\System Fix.lnk N/A
28 RhsEkxxjfUhuhw.exe cd3c642eaacd86c7893e1608d8c57dc7 0
29 Wx7FHng4rJ4QFn.exe 8d2327e5ff0ebabfab262b7c146b8b60 0
More files

Registry Details

System Fix creates the following registry entry or registry entries:
RegistryKey
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "CertificateRevocation" = '0'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop "NoChangingWallPaper" = '1'
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System "DisableTaskMgr" = '1'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "ShowSuperHidden" = '0'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "WarnonBadCertRecving" = '0'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments "SaveZoneInformation" = '1'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System "DisableTaskMgr" = '1'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "Hidden" = '0'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main "Use FormSuggest" = 'Yes'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Associations "LowRiskFileTypes" = '.zip;.rar;.nfo;.txt;.exe;.bat;.com;.cmd;.reg;.msi;.htm;.html;.gif;.bmp;.jpg;.avi;.mpg;.mpeg;.mov;.mp3;.m3u;.wav;.scr;'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer "NoDesktop" = '1'
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download "CheckExeSignatures" = 'no'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "[RANDOM CHARACTERS].exe"

More Details on System Fix

The following messages associated with System Fix were found:
Activation Reminder
Data Restore Activation
Advanced module activation required to fix detected errors and performance issues. Please purchase Advanced Module license to activate this software and enable all features.
Critical Error
Hard drive critical error. Run a system diagnostic utility to check your hard disk drive for errors. Windows can’t find hard disk space. Hard drive error.
Critical Error
RAM memory usage is critically high. RAM memory failure.
Critical Error!
Damaged hard drive clusters detected. Private data is at risk.
Hard Drive Failure
The system has detected a problem with one or more installed IDE/SATA hard disks. It is recommended that you restart the system.
System Error
An error occurred while reading system files. Run a system diagnostic utility to check your hard disk drive for errors.

Site Disclaimer

Enigmasoftware.com is not associated, affiliated, sponsored or owned by the malware creators or distributors mentioned on this article. This article should NOT be mistaken or confused in being associated in any way with the promotion or endorsement of malware. Our intent is to provide information that will educate computer users on how to detect, and ultimately remove, malware from their computer with the help of SpyHunter and/or manual removal instructions provided on this article.

This article is provided "as is" and to be used for educational information purposes only. By following any instructions on this article, you agree to be bound by the disclaimer. We make no guarantees that this article will help you completely remove the malware threats on your computer. Spyware changes regularly; therefore, it is difficult to fully clean an infected machine through manual means.

3 Comments

  • AZ Ranger:

    Purchased Spy Hunter this week to clean up the virus "SYSTEM FIX"
    What a nightmare, it completely masked my "C" drive to appear that it had wiped it clean. But when checking the properties of the drive thru My Computer, i could see it was still 3/4 full. It took an online session with the developers overseas, but I was amazed how fast the gentleman cleaned and restored my drive. Thank God for online support! And best of all, no additional cost.

  • John Reid:

    Can't send messages or pictures.

  • Chris trapuzzano:

    Trying too reboot phone to get rid of unwanted apps