Monday, December 26, 2011

System Fix Spyware Removal Tricks


System Fix is a rogue system security software designed to display fake alerts to the user and forcing him/her in paying money for purchasing the fake malicious software. It is nothing but a fraud over the internet where the user is wasting money for no benefit to himself.
The System Fix Spyware shows fake errors in the target machine and asks the user to buy a copy of the software to clean them immediately. Practically, there is no need to purchase that software since no errors exist in the infected machine. The errors shown are completely fake. They belong to operating system errors, registry errors, hard disk failures and RAM related issues.
If your machine is infected by System Fix Spyware, be careful and do not pay your hard earned money. This article will show you the exact steps required to remove it and disinfect your machine.

All the steps given below are mandatory. Do all of them one by one to completely get rid of this spyware.
  1. Restart the machine in Safe Mode with Networking
  2. Delete Malicious Registry Entries
  3. Restore Original System Settings
  4. Delete Malicious Files
  5. Perform Full System Scan
Restart the Machine in Safe Mode with Networking
During the installation of System Fix Spyware, a startup entry is added so that it runs automatically when your computer is started.
By restarting the machine in the Safe Mode with Networking option, the malicious tool will not run. Do the steps given below:
  1. Restart your computer.
  2. Press F8 key of your key board, select Safe Mode with Networking and press ENTER.
Delete Malicious Registry Entries
The System Fix  has created several registry entries including start-ups and relevant information. Delete them using Registry Editor as below:
  1. Click Start, select Run. Type RegEdit and press ENTER.
  2. Locate the following registry path:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
  1. You’ll find some random strings on the right hand side. For instance, 01.exe and 02.exe.
  2. Right click them and select Delete option. Confirm it.
  3. Locate the following registry path:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
  1. Repeat the Steps 3 and 4 again.
  2. Close Registry Editor.
Restore Original System Settings
The rogue tool changes the system settings relating to Task Manager, Hidden Files, and so on. Restore the original changes by making the following registry changes:
  1. Click Start. Select Run option, type RegEdit and press ENTER.
  2. Replaces the values of following registry entries with the given data:
    1. HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System
Double click Disable TaskMgr and change its value to 0.
    1. HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System
Again, double click Disable TaskMgr and change its value to 0.
    1. HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced
Double click Hidden and change its value to 1. Then, double click ShowSuperHidden and change it to 1.
Delete Malicious Files
Now, it’s time to permanently delete the System Fix Spyware files from your hard disk. Since you have disabled it from running and cleaned all the registry entries made by it, there should not be any interruption in deleting these files.
  1. Open My Computer.
  2. Open the following directory:
C:\Users\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch
(Every time, please replace “VikasM” with your actual User Name)
  1. Permanently delete the shortcut file SystemFix.lnk by pressing Shift + Delete.
  2. Open the following directory:
C:\Users\AppData\Local\Temp
  1. Select all files and delete them permanently. Press Ctrl + A and then Shift + Delete key of your key board.
  2. Open the following directory:
C:\Windows\Temp
  1. Repeat Step 5 given above.
  2. Click Start, point to All Programs. Right click System Fix folder and delete it. Be sure to delete it from the Recycle Bin as well.
Perform Full System Scan
The final step is to scan your computer. Download a powerful antivirus such as SpamFighter, start a full system scan and if infected files are still left, then remove them immediately.

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.