Remove System Check
Removal instructions

Severity scale:  
  (64/100)
System Check is also known as SystemCheck | Type: Rogue Antispyware | Tags: FakeHDD

System Check is a fake defragmenter that shouldn't be left on your computer although you have never actually installed it on it. Its infiltration methods are based on trojans that come inside the system without any permission of a user asked. However, you can avoid finding this scam installed on your PC out of nowhere – just install registered version of anti-virus and anti-spyware and they will help you to catch it while infiltrating. System Check belongs to FakeSysDef family of fake defragmenters where the newest its member was System Fix. Just like this scam, System Check will also bombard you with annoying hard drive scanners and alerts claiming that there are numerous hard drive or RAM errors detected. However, all these messages are fake and you should simply ignore them. To save your machine, remove System Check from your computer which additionally tends to cause more problems for its victims.

System Check fake defragmenter is created for the only purpose – to rip you off. It does not require any user actions to get inside the system and then mess it up and all this is done unnoticeably for the victim. The most common way to let this malware to come is by downloading fake updates or visiting insecure websites that are compromised. When running inside your machine, System Check will be launched as soon as you reboot your PC and log into Windows. In addition, its victims usually report about continuous hard drive scanners and alerts that all report numerous issues detected, such as hard drive or ram problems:

Critical Error!
Damaged hard drive clusters detected. Private data is at risk.

Critical Error
RAM memory usage is critically high. RAM memory failure.

System Error
An error occurred while reading system files. Run a system diagnostic utility to check your hard disk drive for errors.

If not removed from the system, System Check will generate numerous pop-ups and scanners informing about system problems that can be fixed only with a help of its license. However, purchasing System Check is the same as throwing your money away. In addition, it will keep displaying the same fake pop up ads based on fabricated results. It’s natural that some users may fall into purchasing this scam. If you have also purchased System Check, make sure you contact your credit card company to dispute the charges. In addition, remove System Check before it downloads more malware on your computer. Download a reputable anti-spyware program or automatic removal tool given below and get rid of System Check for good. Note that this malware can cause annoying redirections of your browser, so follow this guide 'What to do when Google/Yahoo/Bing results are redirecting?' if you are also facing this trouble.

The latest parasite names used by FakeHDD:
S.M.A.R.T. Repair, File Rescue virus, File Restore virus, File Recovery, Smart Data Recovery

Automatic System Check removal:

It might be that we are affiliated with any of our recommended products. Full disclosure can be found in our Agreement of Use.
By downloading any of provided Anti-spyware software to remove System Check you agree with our Privacy Policy and Agreement of Use.
Do it now!
Download
remover for System Check Happiness
Guarantee
Compatible with Microsoft
SpyHunter is recommended remover to uninstall System Check. You should confirm using free trial that it detects current version of parasite.
more than 40.000.000 downloads!
What to do if you failed to remove the infection?
If you failed to remove System Check using SpyHunter, read here how to submit a support ticket or submit a question to our support team and provide as much details as possible.

Alternate Software

STOPzilla
We are testing STOPzilla's efficiency at removing System Check (2011-12-30 07:51:06)
Malwarebytes Anti Malware
We are testing Malwarebytes Anti Malware's efficiency at removing System Check (2011-12-30 07:51:06)
XoftSpySE Anti Spyware
We are testing XoftSpySE Anti Spyware's efficiency at removing System Check (2011-12-30 07:51:06)
Defender Pro Ultimate
We are testing Defender Pro Ultimate's efficiency at removing System Check (2011-12-30 07:51:06)
Virus Removal Phone Support
1-877-657-9614
Help Line to remove System Check

System Check screenshot

System Check snapshot

System Check manual removal

Kill processes:
[random].exe
Delete registry values:
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main "Use FormSuggest" = 'Yes'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "CertificateRevocation" = '0'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "WarnonBadCertRecving" = '0'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop "NoChangingWallPaper" = '1'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Associations "LowRiskFileTypes" = '.zip;.rar;.nfo;.txt;.exe;.bat;.com;.cmd;.reg;.msi;.htm;.html;.gif;.bmp;.jpg;.avi;.mpg;.mpeg;.mov;.mp3;.m3u;.wav;.scr;'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments "SaveZoneInformation" = '1'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer "NoDesktop" = '1'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System "DisableTaskMgr" = '1'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run ".exe"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run ""
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system "DisableTaskMgr" = '1'
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download "CheckExeSignatures" = 'no'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "Hidden" = '0'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "ShowSuperHidden" = '0'


Delete files:
%CommonAppData%\[random].exe
%AppData%\Microsoft\Internet Explorer\Quick Launch\System Check.lnk
%Desktop%\System Check.lnk
%StartMenu%\Programs\System Check\
%StartMenu%\Programs\System Check\System Check.lnk
%StartMenu%\Programs\System Check\Uninstall System Check.lnk
%Temp%\smtmp\
%Temp%\smtmp\1
%Temp%\smtmp\1
%Temp%\smtmp\2
%Temp%\smtmp\3
%Temp%\smtmp\4

Geolocation of System Check

This map reveals the prevalence of System Check. Countries and regions that have been affected the most are: India, Singapore, Pakistan, Sri Lanka and Hong Kong.

QR code for System Check removal instructions

System Check qrcode QR is short for Quick Response. They can be read quickly by the mobile phones. QR codes can store more data than standard barcodes, including url links, geo coordinates, and text.
The reason we add QR code to the website is that parasites like System Check are really hard to remove on infected computer. you can quicly scan the QR code with your mobile device and have manual removal instructions to uninstall System Check right in your pocket.
Simply use the QR scanner and read removal instructions from mobile device.

Removal guides in other languages

Information added: 2011-12-30 07:51
Information updated: 2012-04-26 04:26

Additional resources

Attention: If you know know a reputable website reated to security threats, please add a link here: add url

Users comments about System Check:

0
0
tom
i caught system check a while back. i got rid of it then, it came back in january and my computer was unusable for a while. after i calmed down i set it to not boot when windows loaded. after an hour or so of fidling my computer resumed usable status, except for some bidvisor browser hijacker that just randomly redirects me when it likes. theres some PC cd site and www.premiumtarot.com site it redirects me to. also get pop up advertising on some sites.
0
0
tom
thats secure.bivertiser.com sorry. forgot to add theres a link to xiti.com on the tarot site, some web traffic company. maybe its all a scam i dunno.
0
0
Jane
I removed this from my husbands computer a couple of weeks ago so I recognized it when it popped up on my computer today. I know that it writes the files to the hard drive when the fake scan reboots so I havent done anything.

Is there a way to prevent it from installing? The system check files havent been written to the hard drive so I suppose the registry hasnt been changed yet.I dont see anything suspicious in Task Manager.

If I turn off the power without going through shut down is it possible it will go away?

Any ideas would be helpful.

Thanks!
1
0
Tom
I have got most features to work on Windos 7, but I still dont have sound? Does the System Check Virus remove sound from the speakers and the headphone jacks?
0
0
Jason
The latest versions of this virus as of 2012/03/16 cannot be removed this way. They prevent access to all start menu contents and reboot the PC to allow a root kit to be installed that prevents even safe mode startup.
0
0
Mike A
The only foolproof method for the version that came out as of 3/16/12 is to slave the infected HDD in another system and scan with a tool like malwarebites or similar. The infected system still must be recovered by running "unhide.exe" and rebuilding some other features manualy. Not a good bet for any but very experienced techs.
2
0
John
Those SMTMP folders in the Temp folder contain the backups of the Start Menu shortcuts that this virus deletes from the main Start Menu. Dont delete those (the System Check one in the SMTMP folder can be tossed, though).
0
0
Stan
Hitmanpro will also get rid of ALL redirects for internet...
0
0
Stan
Do not delete any files just relax and take deep breaths,DONT FREAK OUT.If you can get into safemode with internet connection download Hitmanpro 3.6. Trust me ,it will fix it........
0
0
hi
HI
1
0
Red
Thanks, the registry-entries and the location of the files were very useful to check, if the software is really not on the system anymore!
0
0
vanessa
Hi!

thank you very much for the post, it´s really helpfull!!! i would like to ask a question. I think I have deleted system check from my computer but on the process i clicked by mistake "buy now" on the page. Automatically a message of "congratulations for your purchase" came up but i hadn´t given any credit card details or any information. Now i am wondering if I have really purchased the program, if they could have taken my details from my hard drive or something to do the purchase????
0
0
steve keta
Hey, guy thank you very much to help me!
Now my PC is working properly.

God Bless You
0
0
MLM Software Company
Thank you
Your blog is very informative.
MLM Software Company
0
0
pasquale
Please can you help me..this virus dosent go really away after run the antspyware and antivirus.i can see my files back but i cant open it..of not download..my email:
0
0
Rafael
pasquale have youve gotten around this issue? Im in the same situation. edited the registry to eliminate several entries created by this but still unable to use the contents of my pc.

thanks
More comments...

Post Comment

Attention: Use this form only if you have additional information about System Check parasite, its removal instructions, additional resources or behavior. By clicking "post comment" button you agree not to post any copyrighted, unlawful, harmful, threatening, abusive, harassing, defamatory, vulgar, obscene, profane, hateful, racially, ethnically or otherwise objectionable material of any kind.

Home page Name



«

(All fields are required)
Like us on Facebook
News
Subscribe
Ask us
Parasites
Tags
Files
What's your antispyware?
Compare
I failed to remove System Check using SpyHunter.

Email


Close
add text box
rss feed
help other
Spreading the knowledge: It is very hard to fight against computer parasites on the Internet alone. If you have a website, we would be more than happy if you would like to cooperate and help us spread the information about latest threats. Remember, knowledge is the most powerful weapon. Help your visitors protect their computers!