Severity scale  

System Check. How to Remove? (Uninstall Guide)

removal by - -   Also known as SystemCheck | Type: Rogue Antispyware

System Check is a fake defragmenter that shouldn't be left on your computer although you have never actually installed it on it. Its infiltration methods are based on trojans that come inside the system without any permission of a user asked. However, you can avoid finding this scam installed on your PC out of nowhere – just install registered version of anti-virus and anti-spyware and they will help you to catch it while infiltrating. System Check belongs to FakeSysDef family of fake defragmenters where the newest its member was System Fix. Just like this scam, System Check will also bombard you with annoying hard drive scanners and alerts claiming that there are numerous hard drive or RAM errors detected. However, all these messages are fake and you should simply ignore them. To save your machine, remove System Check from your computer which additionally tends to cause more problems for its victims.

System Check fake defragmenter is created for the only purpose – to rip you off. It does not require any user actions to get inside the system and then mess it up and all this is done unnoticeably for the victim. The most common way to let this malware to come is by downloading fake updates or visiting insecure websites that are compromised. When running inside your machine, System Check will be launched as soon as you reboot your PC and log into Windows. In addition, its victims usually report about continuous hard drive scanners and alerts that all report numerous issues detected, such as hard drive or ram problems:

Critical Error!
Damaged hard drive clusters detected. Private data is at risk.

Critical Error
RAM memory usage is critically high. RAM memory failure.

System Error
An error occurred while reading system files. Run a system diagnostic utility to check your hard disk drive for errors.

If not removed from the system, System Check will generate numerous pop-ups and scanners informing about system problems that can be fixed only with a help of its license. However, purchasing System Check is the same as throwing your money away. In addition, it will keep displaying the same fake pop up ads based on fabricated results. It’s natural that some users may fall into purchasing this scam. If you have also purchased System Check, make sure you contact your credit card company to dispute the charges. In addition, remove System Check before it downloads more malware on your computer. Download a reputable anti-spyware program or automatic removal tool given below and get rid of System Check for good. Note that this malware can cause annoying redirections of your browser, so follow this guide 'What to do when Google/Yahoo/Bing results are redirecting?' if you are also facing this trouble.

The latest parasite names used by FakeHDD:
S.M.A.R.T. Repair, File Rescue virus, File Restore virus, File Recovery, Smart Data Recovery

It might be that we are affiliated with any of our recommended products. Full disclosure can be found in our Agreement of Use. By downloading any of provided Anti-spyware software you agree with our Privacy Policy and Agreement of Use.
Do it now!
Reimage - remover Happiness
Compatible with Microsoft Windows
What to do if failed?
If you failed to remove infection using Reimage Reimage, submit a question to our support team and provide as much details as possible.
Reimage is recommended to uninstall System Check. Free scanner allows you to check whether your PC is infected or not. If you need to remove malware, you have to purchase the licensed version of Reimage malware removal tool.

More information about this program can be found in Reimage review.
Reimage is recommended to uninstall System Check. Free scanner allows you to check whether your PC is infected or not. If you need to remove malware, you have to purchase the licensed version of Reimage malware removal tool.

More information about this program can be found in Reimage review.
Not using OS X? Download a remover for Windows.
Press Mentions on Reimage
Alternate Software
Alternate Software
We are testing Plumbytes's efficiency (2012-04-26 04:26)
Malwarebytes Anti Malware
We are testing Malwarebytes Anti Malware's efficiency (2012-04-26 04:26)
Hitman Pro
Webroot SecureAnywhere AntiVirus
System Check screenshot
System Check snapshot

System Check manual removal

Kill processes:
Delete registry values:
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main "Use FormSuggest" = 'Yes'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "CertificateRevocation" = '0'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "WarnonBadCertRecving" = '0'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop "NoChangingWallPaper" = '1'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Associations "LowRiskFileTypes" = '.zip;.rar;.nfo;.txt;.exe;.bat;.com;.cmd;.reg;.msi;.htm;.html;.gif;.bmp;.jpg;.avi;.mpg;.mpeg;.mov;.mp3;.m3u;.wav;.scr;'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments "SaveZoneInformation" = '1'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer "NoDesktop" = '1'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System "DisableTaskMgr" = '1'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run ".exe"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run ""
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system "DisableTaskMgr" = '1'
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download "CheckExeSignatures" = 'no'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "Hidden" = '0'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "ShowSuperHidden" = '0'

Delete files:
%AppData%\Microsoft\Internet Explorer\Quick Launch\System Check.lnk
%Desktop%\System Check.lnk
%StartMenu%\Programs\System Check\
%StartMenu%\Programs\System Check\System Check.lnk
%StartMenu%\Programs\System Check\Uninstall System Check.lnk

Geolocation of System Check

Map reveals the prevalence of System Check. Countries and regions that have been affected the most are: India, Singapore, Pakistan, Sri Lanka and Hong Kong.

Removal guides in other languages

Information updated:

Comments on System Check

i caught system check a while back. i got rid of it then, it came back in january and my computer was unusable for a while. after i calmed down i set it to not boot when windows loaded. after an hour or so of fidling my computer resumed usable status, except for some bidvisor browser hijacker that just randomly redirects me when it likes. theres some PC cd site and site it redirects me to. also get pop up advertising on some sites.
thats sorry. forgot to add theres a link to on the tarot site, some web traffic company. maybe its all a scam i dunno.
I removed this from my husbands computer a couple of weeks ago so I recognized it when it popped up on my computer today. I know that it writes the files to the hard drive when the fake scan reboots so I havent done anything.

Is there a way to prevent it from installing? The system check files havent been written to the hard drive so I suppose the registry hasnt been changed yet.I dont see anything suspicious in Task Manager.

If I turn off the power without going through shut down is it possible it will go away?

Any ideas would be helpful.

I have got most features to work on Windos 7, but I still dont have sound? Does the System Check Virus remove sound from the speakers and the headphone jacks?
The latest versions of this virus as of 2012/03/16 cannot be removed this way. They prevent access to all start menu contents and reboot the PC to allow a root kit to be installed that prevents even safe mode startup.
Mike A
The only foolproof method for the version that came out as of 3/16/12 is to slave the infected HDD in another system and scan with a tool like malwarebites or similar. The infected system still must be recovered by running "unhide.exe" and rebuilding some other features manualy. Not a good bet for any but very experienced techs.
Those SMTMP folders in the Temp folder contain the backups of the Start Menu shortcuts that this virus deletes from the main Start Menu. Dont delete those (the System Check one in the SMTMP folder can be tossed, though).
Hitmanpro will also get rid of ALL redirects for internet...
Do not delete any files just relax and take deep breaths,DONT FREAK OUT.If you can get into safemode with internet connection download Hitmanpro 3.6. Trust me ,it will fix it........
More comments »

Post a comment

Attention: Use this form only if you have additional information about a parasite, its removal instructions, additional resources or behavior. By clicking "post comment" button you agree not to post any copyrighted, unlawful, harmful, threatening, abusive, harassing, defamatory, vulgar, obscene, profane, hateful, racially, ethnically or otherwise objectionable material of any kind.

Home page Name


(All fields are required)