System Check is a fake defragmenter that shouldn't be left on your computer although you have never actually installed it on it. Its infiltration methods are based on trojans that come inside the system without any permission of a user asked. However, you can avoid finding this scam installed on your PC out of nowhere – just install registered version of anti-virus and anti-spyware and they will help you to catch it while infiltrating. System Check belongs to FakeSysDef family of fake defragmenters where the newest its member was System Fix. Just like this scam, System Check will also bombard you with annoying hard drive scanners and alerts claiming that there are numerous hard drive or RAM errors detected. However, all these messages are fake and you should simply ignore them. To save your machine, remove System Check from your computer which additionally tends to cause more problems for its victims.
System Check fake defragmenter is created for the only purpose – to rip you off. It does not require any user actions to get inside the system and then mess it up and all this is done unnoticeably for the victim. The most common way to let this malware to come is by downloading fake updates or visiting insecure websites that are compromised. When running inside your machine, System Check will be launched as soon as you reboot your PC and log into Windows. In addition, its victims usually report about continuous hard drive scanners and alerts that all report numerous issues detected, such as hard drive or ram problems:
Critical Error!
Damaged hard drive clusters detected. Private data is at risk.
Critical Error
RAM memory usage is critically high. RAM memory failure.
System Error
An error occurred while reading system files. Run a system diagnostic utility to check your hard disk drive for errors.
If not removed from the system, System Check will generate numerous pop-ups and scanners informing about system problems that can be fixed only with a help of its license. However, purchasing System Check is the same as throwing your money away. In addition, it will keep displaying the same fake pop up ads based on fabricated results. It’s natural that some users may fall into purchasing this scam. If you have also purchased System Check, make sure you contact your credit card company to dispute the charges. In addition, remove System Check before it downloads more malware on your computer. Download a reputable anti-spyware program or automatic removal tool given below and get rid of System Check for good. Note that this malware can cause annoying redirections of your browser, so follow this guide 'What to do when Google/Yahoo/Bing results are redirecting?' if you are also facing this trouble.
The latest parasite names used by FakeHDD:
File Restore virus, File Rescue virus, S.M.A.R.T. Repair, File Recovery, Smart Data Recovery
We might be affiliated with any product we recommend on the site. Full disclosure in our Agreement of Use.
By Downloading any provided Anti-spyware software to remove System Check you agree to our
privacy policy and
agreement of use.
System Check manual removal:
Kill processes:
[random].exe
Delete registry values:HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main "Use FormSuggest" = 'Yes'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "CertificateRevocation" = '0'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "WarnonBadCertRecving" = '0'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop "NoChangingWallPaper" = '1'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Associations "LowRiskFileTypes" = '.zip;.rar;.nfo;.txt;.exe;.bat;.com;.cmd;.reg;.msi;.htm;.html;.gif;.bmp;.jpg;.avi;.mpg;.mpeg;.mov;.mp3;.m3u;.wav;.scr;'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments "SaveZoneInformation" = '1'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer "NoDesktop" = '1'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System "DisableTaskMgr" = '1'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "
.exe"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run ""
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system "DisableTaskMgr" = '1'
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download "CheckExeSignatures" = 'no'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "Hidden" = '0'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "ShowSuperHidden" = '0'
Delete files:
%CommonAppData%\[random].exe
%AppData%\Microsoft\Internet Explorer\Quick Launch\System Check.lnk
%Desktop%\System Check.lnk
%StartMenu%\Programs\System Check\
%StartMenu%\Programs\System Check\System Check.lnk
%StartMenu%\Programs\System Check\Uninstall System Check.lnk
%Temp%\smtmp\
%Temp%\smtmp\1
%Temp%\smtmp\1
%Temp%\smtmp\2
%Temp%\smtmp\3
%Temp%\smtmp\4
(64 / 100)
ASK US:
HELP:
|
Follow us 
|
Like us 
thanks
Your blog is very informative.
MLM Software Company
Now my PC is working properly.
God Bless You
thank you very much for the post, it´s really helpfull!!! i would like to ask a question. I think I have deleted system check from my computer but on the process i clicked by mistake "buy now" on the page. Automatically a message of "congratulations for your purchase" came up but i hadn´t given any credit card details or any information. Now i am wondering if I have really purchased the program, if they could have taken my details from my hard drive or something to do the purchase????
Is there a way to prevent it from installing? The system check files havent been written to the hard drive so I suppose the registry hasnt been changed yet.I dont see anything suspicious in Task Manager.
If I turn off the power without going through shut down is it possible it will go away?
Any ideas would be helpful.
Thanks!
Post Comment: