System Check is a fake defragmenter that shouldn't be left on your computer although you have never actually installed it on it. Its infiltration methods are based on trojans that come inside the system without any permission of a user asked. However, you can avoid finding this scam installed on your PC out of nowhere – just install registered version of anti-virus and anti-spyware and they will help you to catch it while infiltrating. System Check belongs to FakeSysDef family of fake defragmenters where the newest its member was System Fix. Just like this scam, System Check will also bombard you with annoying hard drive scanners and alerts claiming that there are numerous hard drive or RAM errors detected. However, all these messages are fake and you should simply ignore them. To save your machine, remove System Check from your computer which additionally tends to cause more problems for its victims.
System Check fake defragmenter is created for the only purpose – to rip you off. It does not require any user actions to get inside the system and then mess it up and all this is done unnoticeably for the victim. The most common way to let this malware to come is by downloading fake updates or visiting insecure websites that are compromised. When running inside your machine, System Check will be launched as soon as you reboot your PC and log into Windows. In addition, its victims usually report about continuous hard drive scanners and alerts that all report numerous issues detected, such as hard drive or ram problems:
Damaged hard drive clusters detected. Private data is at risk.
RAM memory usage is critically high. RAM memory failure.
An error occurred while reading system files. Run a system diagnostic utility to check your hard disk drive for errors.
If not removed from the system, System Check will generate numerous pop-ups and scanners informing about system problems that can be fixed only with a help of its license. However, purchasing System Check is the same as throwing your money away. In addition, it will keep displaying the same fake pop up ads based on fabricated results. It’s natural that some users may fall into purchasing this scam. If you have also purchased System Check, make sure you contact your credit card company to dispute the charges. In addition, remove System Check before it downloads more malware on your computer. Download a reputable anti-spyware program or automatic removal tool given below and get rid of System Check for good. Note that this malware can cause annoying redirections of your browser, so follow this guide 'What to do when Google/Yahoo/Bing results are redirecting?' if you are also facing this trouble.
The latest parasite names used by FakeHDD:
File Restore virus, File Rescue virus, S.M.A.R.T. Repair, File Recovery, Smart Data Recovery
We might be affiliated with any product we recommend on the site. Full disclosure in our Agreement of Use.
and agreement of use
System Check manual removal:
Delete registry values:
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main "Use FormSuggest" = 'Yes'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "CertificateRevocation" = '0'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "WarnonBadCertRecving" = '0'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop "NoChangingWallPaper" = '1'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Associations "LowRiskFileTypes" = '.zip;.rar;.nfo;.txt;.exe;.bat;.com;.cmd;.reg;.msi;.htm;.html;.gif;.bmp;.jpg;.avi;.mpg;.mpeg;.mov;.mp3;.m3u;.wav;.scr;'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments "SaveZoneInformation" = '1'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer "NoDesktop" = '1'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System "DisableTaskMgr" = '1'
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system "DisableTaskMgr" = '1'
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download "CheckExeSignatures" = 'no'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "Hidden" = '0'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "ShowSuperHidden" = '0'
%AppData%\Microsoft\Internet Explorer\Quick Launch\System Check.lnk
%StartMenu%\Programs\System Check\System Check.lnk
%StartMenu%\Programs\System Check\Uninstall System Check.lnk