Title: System Check
Also known as: SystemCheck

Remove System Check
Removal instructions

 
Severity scale:System Check severity is 64  (64 / 100)
 

System Check is a fake defragmenter that shouldn't be left on your computer although you have never actually installed it on it. Its infiltration methods are based on trojans that come inside the system without any permission of a user asked. However, you can avoid finding this scam installed on your PC out of nowhere – just install registered version of anti-virus and anti-spyware and they will help you to catch it while infiltrating. System Check belongs to FakeSysDef family of fake defragmenters where the newest its member was System Fix. Just like this scam, System Check will also bombard you with annoying hard drive scanners and alerts claiming that there are numerous hard drive or RAM errors detected. However, all these messages are fake and you should simply ignore them. To save your machine, remove System Check from your computer which additionally tends to cause more problems for its victims.

System Check fake defragmenter is created for the only purpose – to rip you off. It does not require any user actions to get inside the system and then mess it up and all this is done unnoticeably for the victim. The most common way to let this malware to come is by downloading fake updates or visiting insecure websites that are compromised. When running inside your machine, System Check will be launched as soon as you reboot your PC and log into Windows. In addition, its victims usually report about continuous hard drive scanners and alerts that all report numerous issues detected, such as hard drive or ram problems:

Critical Error!
Damaged hard drive clusters detected. Private data is at risk.

Critical Error
RAM memory usage is critically high. RAM memory failure.

System Error
An error occurred while reading system files. Run a system diagnostic utility to check your hard disk drive for errors.

If not removed from the system, System Check will generate numerous pop-ups and scanners informing about system problems that can be fixed only with a help of its license. However, purchasing System Check is the same as throwing your money away. In addition, it will keep displaying the same fake pop up ads based on fabricated results. It’s natural that some users may fall into purchasing this scam. If you have also purchased System Check, make sure you contact your credit card company to dispute the charges. In addition, remove System Check before it downloads more malware on your computer. Download a reputable anti-spyware program or automatic removal tool given below and get rid of System Check for good. Note that this malware can cause annoying redirections of your browser, so follow this guide 'What to do when Google/Yahoo/Bing results are redirecting?' if you are also facing this trouble.

The latest parasite names used by FakeHDD:
S.M.A.R.T. Repair, File Rescue virus, File Restore virus, File Recovery, Smart Data Recovery

Automatic System Check removal:

It might be that we are affiliated with any of our recommended products. Full disclosure can be found in our Agreement of Use.
By downloading any of provided Anti-spyware software to remove System Check you agree with our Privacy Policy and Agreement of Use.
SpyHunter is recommended remover to uninstall System Check. You should confirm using free trial that it detects current version of parasite.

Note: Manual assistance required means that one or all of removers were unable to remove parasite without some manual intervention, please read manual removal instructions below.

If you failed to remove System Check using SpyHunter, submit question to our support team and provide as much details as possible.
dot
STOPzilla
download
manual required
We are testing STOPzilla's efficiency at removing System Check (2011-12-30 07:51:06)
dot
Malwarebytes Anti Malware
download
manual required
We are testing Malwarebytes Anti Malware's efficiency at removing System Check (2011-12-30 07:51:06)
dot
XoftSpySE Anti Spyware
download
manual required
We are testing XoftSpySE Anti Spyware's efficiency at removing System Check (2011-12-30 07:51:06)
dot
Defender Pro Ultimate
download
manual required
We are testing Defender Pro Ultimate's efficiency at removing System Check (2011-12-30 07:51:06)

what to do if you failed to remove the infection?
Virus Removal
Phone Support
Help Line to remove System Check
System Check snapshot:
System Check snapshot

System Check manual removal:

Kill processes:
[random].exe
Delete registry values:
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main "Use FormSuggest" = 'Yes'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "CertificateRevocation" = '0'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "WarnonBadCertRecving" = '0'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop "NoChangingWallPaper" = '1'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Associations "LowRiskFileTypes" = '.zip;.rar;.nfo;.txt;.exe;.bat;.com;.cmd;.reg;.msi;.htm;.html;.gif;.bmp;.jpg;.avi;.mpg;.mpeg;.mov;.mp3;.m3u;.wav;.scr;'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments "SaveZoneInformation" = '1'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer "NoDesktop" = '1'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System "DisableTaskMgr" = '1'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run ".exe"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run ""
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system "DisableTaskMgr" = '1'
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download "CheckExeSignatures" = 'no'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "Hidden" = '0'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "ShowSuperHidden" = '0'


Delete files:
%CommonAppData%\[random].exe
%AppData%\Microsoft\Internet Explorer\Quick Launch\System Check.lnk
%Desktop%\System Check.lnk
%StartMenu%\Programs\System Check\
%StartMenu%\Programs\System Check\System Check.lnk
%StartMenu%\Programs\System Check\Uninstall System Check.lnk
%Temp%\smtmp\
%Temp%\smtmp\1
%Temp%\smtmp\1
%Temp%\smtmp\2
%Temp%\smtmp\3
%Temp%\smtmp\4

Geolocation of System Check:

This map reveals the prevalence of System Check. Countries and regions that have been affected the most are: India, Singapore, Pakistan, Sri Lanka and Hong Kong.

QR code for System Check removal instructions:

System Check qrcode
QR is short for Quick Response. They can be read quickly by the mobile phones. QR codes can store more data than standard barcodes, including url links, geo coordinates, and text.

The reason we add QR code to the website is that parasites like System Check are really hard to remove on infected computer. you can quicly scan the QR code with your mobile device and have manual removal instructions to uninstall System Check right in your pocket.

Simply use the QR scanner and read removal instructions from mobile device.

Removal guides in other languages

Information added: 2011-12-30 07:51:06
Information updated: 2012-04-26 04:26:28

Additional resources:

Attention: If you know know a reputable website reated to security threats, please add a link here: add url

0
0
pasquale
Please can you help me..this virus dosent go really away after run the antspyware and antivirus.i can see my files back but i cant open it..of not download..my email:
0
0
Rafael
pasquale have youve gotten around this issue? Im in the same situation. edited the registry to eliminate several entries created by this but still unable to use the contents of my pc.

thanks
0
0
MLM Software Company
Thank you
Your blog is very informative.
MLM Software Company
0
0
steve keta
Hey, guy thank you very much to help me!
Now my PC is working properly.

God Bless You
0
0
vanessa
Hi!

thank you very much for the post, it´s really helpfull!!! i would like to ask a question. I think I have deleted system check from my computer but on the process i clicked by mistake "buy now" on the page. Automatically a message of "congratulations for your purchase" came up but i hadn´t given any credit card details or any information. Now i am wondering if I have really purchased the program, if they could have taken my details from my hard drive or something to do the purchase????
1
0
Red
Thanks, the registry-entries and the location of the files were very useful to check, if the software is really not on the system anymore!
0
0
hi
HI
0
0
Stan
Do not delete any files just relax and take deep breaths,DONT FREAK OUT.If you can get into safemode with internet connection download Hitmanpro 3.6. Trust me ,it will fix it........
0
0
Stan
Hitmanpro will also get rid of ALL redirects for internet...
2
0
John
Those SMTMP folders in the Temp folder contain the backups of the Start Menu shortcuts that this virus deletes from the main Start Menu. Dont delete those (the System Check one in the SMTMP folder can be tossed, though).
0
0
Jason
The latest versions of this virus as of 2012/03/16 cannot be removed this way. They prevent access to all start menu contents and reboot the PC to allow a root kit to be installed that prevents even safe mode startup.
0
0
Mike A
The only foolproof method for the version that came out as of 3/16/12 is to slave the infected HDD in another system and scan with a tool like malwarebites or similar. The infected system still must be recovered by running "unhide.exe" and rebuilding some other features manualy. Not a good bet for any but very experienced techs.
1
0
Tom
I have got most features to work on Windos 7, but I still dont have sound? Does the System Check Virus remove sound from the speakers and the headphone jacks?
0
0
Jane
I removed this from my husbands computer a couple of weeks ago so I recognized it when it popped up on my computer today. I know that it writes the files to the hard drive when the fake scan reboots so I havent done anything.

Is there a way to prevent it from installing? The system check files havent been written to the hard drive so I suppose the registry hasnt been changed yet.I dont see anything suspicious in Task Manager.

If I turn off the power without going through shut down is it possible it will go away?

Any ideas would be helpful.

Thanks!
0
0
tom
i caught system check a while back. i got rid of it then, it came back in january and my computer was unusable for a while. after i calmed down i set it to not boot when windows loaded. after an hour or so of fidling my computer resumed usable status, except for some bidvisor browser hijacker that just randomly redirects me when it likes. theres some PC cd site and www.premiumtarot.com site it redirects me to. also get pop up advertising on some sites.
0
0
tom
thats secure.bivertiser.com sorry. forgot to add theres a link to xiti.com on the tarot site, some web traffic company. maybe its all a scam i dunno.

Post Comment:

Attention: Use this form only if you have additional information about System Check parasite, its removal instructions, additional resources or behavior. By clicking "post comment" button you agree not to post any copyrighted, unlawful, harmful, threatening, abusive, harassing, defamatory, vulgar, obscene, profane, hateful, racially, ethnically or otherwise objectionable material of any kind.
Home page Name



«


* All field required
Like us on Facebook
Latest spyware news:
Subscribe to spyware news
Please enter your e-mail address:
If you do not want to receive our spyware
newsletter please unsubscribe here
48643 Subscribers
Ask us
I failed to remove System Check using SpyHunter.

Email


Close

Spreading the knowledge:

It is very hard to fight against computer parasites on the Internet alone. If you have a website, we would be more than happy if you would like to cooperate and help us spread the information about latest threats. Remember, knowledge is the most powerful weapon. Help your visitors protect their computers!
add text box
rss feed
help other