System Fix malware – how to remove
System Fix is one of the nastiest fake PC diagnostics utility security analysts have seen during the last month or so. The name of a very similar rogueware that apparently belongs to the same group is Data Restore – this sample was described in a standalone article on this blog in early October. The basic template of this newcomer’s activity is the same: to infect, deceive and get some money in case the victim turns out credulous. This badware came live yesterday and has managed to contaminate thousands of workstations overnight, which can be proven by a lot of new messages for help on security forums. What System Fix looks like can be seen on the image attached to this entry (just click to enlarge it and view it in detail). Just like any random fake software sample, this one looks Ok and even kind of works accordingly. But behind this superficial attraction there’s a lot of bad stuff lurking. The program mimics a scan of your machine after it gets inside the OS. It’s not at all surprising that the scanner returns results that make you muse. It says you have something like 14 critical errors, all representing Operating System malfunctions. The scamware lists hard drive rotational speed decrease, Drive C initializing error, damage program files, RAM memory lack etc. For a gullible prey, all of these claimed issues may be an unambiguous stimulus for action prompted by System Fix itself. It says you need to activate the full-functional version to get protected. In other words, the virus asks you for a payment. You must under no circumstances buy this product as it is counterfeit. A much better way out is to get rid of System Fix fraud.
How to detect and remove System Fix rogue HDD fix tool
To ensure System Fix accurate detection and efficient removal, we strongly recommend using the trusted remover with free scanner.
Download free System Fix virus scanner
Save the installer to your hard drive and launch now.
If you intend to perform manual malware removal, you need to possess some computer troubleshooting skills. This will require stopping the malignant processes, deleting malware files and registry keys.
Terminate System Fix processes:
Delete these files and folders:
%LocalAppData%\~{random}
%StartMenu%\Programs\System Fix\
%StartMenu%\Programs\System Fix\System Fix.lnk
%StartMenu%\Programs\System Fix\Uninstall System Fix.lnk
%Temp%\smtmp\1
%Temp%\smtmp\2
%Temp%\smtmp\3
%Temp%\smtmp\4
%UserProfile%\Desktop\System Fix.lnk
Remove System Fix registry keys:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings “CertificateRevocation” = ’0′
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings “WarnonBadCertRecving” = ’0′
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop “NoChangingWallPaper” = ’1′
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Associations “LowRiskFileTypes” = ‘/{hq:/s`s:/ogn:/uyu:/dyd:/c`u:/bnl:/ble:/sdf:/lrh:/iul:/iulm:/fhg:/clq:/kqf:/`wh:/lqf:/lqdf:/lnw:/lq2:/l2t:/v`w:/rbs:’
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments “SaveZoneInformation” = ’1′
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer “NoDesktop” = ’1′
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System “DisableTaskMgr” = ’1′
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “{random}.exe”
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system “DisableTaskMgr” = ’1′
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download “CheckExeSignatures” = ‘no’
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced “Hidden” = ’0′
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced “ShowSuperHidden” = ’0′
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\LastVisitedMRU “MRUList”
In order to avoid system damage, we advise using the automatic tool which will do the removal job for you.
Download System Fix Removal Tool
Important Notice
This site is not related to System Fix virus in any way, nor is it affiliated with or owned by its creators. Any information available on antivirustech.com is not to be in any way associated with distribution of this infection.
Our primary and sole mission is to instruct our visitors in the issues of System Fix detection and manual/automated removal methods.
Please bear in mind that manual removal of this malware is not ultimately effective because the corrupted file names can get repeatedly modified or be hidden. Therefore it’s recommended to use the automatic solution to ensure the removal of this scam and eliminate possible risks that may arise due to improper registry and file system manipulations.
The free virus scanner provided on our website is meant for detection only. If you choose to use the tool for malware removal, you will need to buy its full version.
Computer acting up?
