Home / Parasites / Rogue Anti-Spyware / System Check
1 of 4
Danger level 9
Type: Rogue Anti-Spyware
Common infection symptoms:
  • Block exe files from running
  • Installs itself without permissions
  • Connects to the internet without permission
  • Normal system programs crash immediatelly
  • Slow internet connection
  • System crashes
  • Annoying Pop-up's
  • Slow Computer
Other mutations known as:
Infection Video System Check

System Check

FakeHDD family of rogues is notorious for its onslaught of fake security warnings and ability to turn the user’s computer experience into hell. System Check is the newest spawn from this nest, and it is a new version of the infamous System Fix fake computer optimization application. Just like its forerunner System Check pretends that it can fix various errors your computer is experiencing, but it is more than obvious that as a rogue antispyware it is very far from being a legitimate program.

System Check will enter your computer via fake online scanner. For example, when you browse the web, you might notice a flashing advertisement that informs you about possible system vulnerabilities and urges you to perform a quick system scan online. If you go to the infected page, you automatically initiate the download of System Check, and then this rogue will install itself into your system without your knowledge or consent. Once that happens, you will sure notice when this computer threat springs into action, because your files will disappear.

Download Spyware Removal Tool to Remove* System Check
  • Quick & tested solution for System Check removal.
  • 100% Free Scan for Windows

The thing you mustn’t do in this kind of situation is panic. Even though it seems like your files have gone for good and System Check is the only one that can bring them back, it is not true. Your files are not removed. They are only hidden. Just like some of the system files that are hidden by default. System Check only performed certain changes in the registry that hid your files, as this rogue has no ability to forcefully delete various files. You also mustn’t delete the Temp folder files, because System Check removes your shortcuts, and they are backed up in the Temp folder. Thus it means that you can get your files back, but before you do that, you need to terminate System Check.

The rogue will surely keep on claiming that there are multiple errors in your computer, and its claims will be accompanied by various fake security notifications, for example:

Critical Error
Hard drive critical error. Start a system diagnostics application to scan your hard disk for errors and performance problems.

Windows - Delayed Write Failed
Failed to save all the components for the file \System32\00004823. The file is corrupted or unreadable. This error may be caused by a PC hardware problem.

Windows detected a hard disk problem
A potential disk failure may cause loss of files, applications and documents stored on the hard disk. Please try not to use this computer until the hard disk is fixed or replaced.

Windows detected a hard disk problem
A potential disk failure may cause loss of files, applications and documents store on the hard disk. It's highly recommended to scan and solve HDD problems before continue using this PC.

Critical Error
Hard drive critical error. Run a system diagnostic utility to check your hard disk drive for errors. Windows can't find hard disk space. Hard drive error.
Critical Error
Hard drive clusters are partly damaged. Segment load failure.

These fake error messages are not the only thing that you receive from System Check. It also performs a fake system scan after which it announces that your Computer, System Registry, System Drive and RAM Memory are all full of errors. After the scan it finds various problems such as:

Requested registry access is not allowed. Registry defragmentation required

Hard Drive rotational speed decreased by 20%

Disk drive C:\ is unreadable.

System files are damaged. System is unstable.

The problem may cause errors while loading operating system.

Ram memory speed decreased significantly and may cause system failure.

Read time of hard drive clusters less than 500 ms

32% of HDD space is unreadable

Bad sectors on hard drive or damaged file allocation table

GPU RAM temperature is critically high. Urgent RAM memory optimization is required to prevent system crash

Drive C initializing error

Ram Temperature is 83 C. Optimization is required for normal operation.

Of course, System Check promises to fix these problems if you pay for its license, but that is the only reason why this rogue is in your computer. System Check only wants your money, and it will continue to bombard you with these fake and absolutely senseless (if most of the notifications were true, you would not be able to operate your computer AT ALL) messages, slowing down your computer. Thus, you have to remove System Check from your machine immediately.

Since this rogue hides your files it makes the manual removal harder especially if you are not experienced in dealing with computer issues. Thus, it is recommended to acquire a legitimate security tool that will delete System Check for you automatically, and your computer will be restored to its previous state.

Note

The removal of the rogue will be a lot easier if you trick it by "activating" System Check with this activation code:

1203978628012489708290478989147

With System Check "registered", you will avoid pop-up messages, and removing the rogue will not cause any problem.

UPDATE

If you have used the activation key, you should be able to remove System Check with ease, but sometimes it is not as simple as it seems. Especially when you have to remove it automatically and you cannot acquire a reliable computer safeguard program. It happens, because System Check hides all shortcuts and desktop icons, as well as the Start Menu, which renders you unable to access the Internet. In such case, you can either download a security program from a clean computer and transfer it to your machine via USB flash drive, or run Internet Explorer without using the Start Menu. In order to do that, press the Windows Key together with R key and the Run prompt will show up. There type in “iexplore.exe” and hit Enter – Internet Explorer will load immediately.

From there you can get yourself a powerful security tool and remove System Check for good.

UPDATE 2012.03.28

If you decide to register with System Check, which is highly recommended for easier infection’s removal, together with the activation code, you will be asked to disclose an email address. It is important not to type in a legitimate email address, because you are likely to be bombarded with various spam emails! To avoid such occurrence, simply use a fictitious email address like rogue@rogue.com, or 1234@abcd.com.

Also, see a few newly discovered System Check notifications:

Critical Error
A critical error has occurred while indexing data stored on hard drive. System restart required.

Activation Reminder
System Check Activation
Advanced module activation required to fix detected errors and performance issues. Please purchase Advanced Module license to activate this software and enable all features.

Critical Error
Windows can't find hard disk space. Hard drive error

Critical Error
Windows OS can't detect a free hard drive space. hard drive error.

Critical Error!
Windows was unable to save all the data for the file \System32\496A8300. The data has been lost. This error may be caused by a failure of your computer hardware.

System Check
The system has been restored after a critical error. Data integrity and hard drive integrity verification required.

Download Spyware Removal Tool to Remove* System Check
  • Quick & tested solution for System Check removal.
  • 100% Free Scan for Windows
disclaimer

How to manually remove System Check

Files associated with System Check infection:

zayz0qorhnhyGn.exe
yhyz0qorihyGn.exe
cDdouyYokr9NKbE.exe
%UserProfile%\Desktop\System Check.lnk
%Temp%\smtmp\4
%Temp%\smtmp\3
%Temp%\smtmp\2
%Temp%\smtmp\1
%Temp%\smtmp\
%StartMenu%\Programs\System Check\Uninstall System Check.lnk
%StartMenu%\Programs\System Check\System Check.lnk
%StartMenu%\Programs\System Check\
%LocalAppData%\[Random].exe

System Check processes to kill:

zayz0qorhnhyGn.exe
yhyz0qorihyGn.exe
cDdouyYokr9NKbE.exe
%LocalAppData%\[Random].exe

Remove System Check registry entries:

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download "CheckExeSignatures" = 'no'
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main "Use FormSuggest" = 'Yes'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "Hidden" = '0'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "ShowSuperHidden" = '0'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "CertificateRevocation" = '0'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "WarnonBadCertRecving" = '0'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop "NoChangingWallPaper" = '1'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Associations "LowRiskFileTypes" = '.zip;.rar;.nfo;.txt;.exe;.bat;.com;.cmd;.reg;.msi;.htm;.html;.gif;.bmp;.jpg;.avi;.mpg;.mpeg;.mov;.mp3;.m3u;.wav;.scr;'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments "SaveZoneInformation" = '1'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer "NoDesktop" = '1'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System "DisableTaskMgr" = '1'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "[Random]"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "[Random].exe"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system "DisableTaskMgr" = '1'
Disclaimer

Comments

  1. Jewel Jubic Jan 4, 2012

    FakeHDD family of rogues really does a notorious stuff to our system!!!

  2. Jerry Jan 4, 2012

    Good point Jewel. I really hate people that create these....

  3. Eddy Jan 5, 2012

    Thxs so much!!!! that activation key work perfect. Thxs for all info pcthreat

  4. Pcthreat Jan 6, 2012

    Good to know we can help in removing System Check !

  5. evan Jan 19, 2012

    fake activation key worked..........thank god

  6. Steve Jan 27, 2012

    Thanks for the help , cant believe so few people have shown gratitude. Here i am with my laptop working again , least i can do is say thankyou.

  7. Pcthreat Jan 30, 2012

    Hey Steve,

    We are really happy that we helped you out. Thank you for your comment

  8. sam Jan 31, 2012

    Downloaded the file and all it did was scan, followed by telling me I had to purchase it in order to remove files! Sorry, but I just wasted an hour of my time scanning followed by nothing!

  9. Pcthreat Feb 1, 2012

    Sam,

    If you cant afford to pay for the software, it shows all found infected files and where they are. You can Delete them manually.

  10. TIm Feb 19, 2012

    Thanks a million guys! This saved me ...

  11. Pcthreat Feb 20, 2012

    Tim,

    glad to hear!

  12. Billie Mar 1, 2012

    I would love to buy the removal tool but System Check has disabled the keyboard on my notebook and all the usb ports. I can't get to BIOS or to boot selection screen. It doesn't fully boot, but hangs at the Windows repair screen. Any suggestions?

  13. Pcthreat Mar 4, 2012

    Billie,

    It is the first time we hear something like this. It is impossible that a malware was able to block Your keyboard and USB ports. I'd suggest resetting the BIOS by removing the small battery, and if You're not able to do this - contact Your notebooks support service.

  14. bill Mar 19, 2012

    wow

Post comment — WE NEED YOUR OPINION!

Comment:
Name:
Please enter security code:
 This is a captcha-picture. It is used to prevent mass-access by robots.

 
© 2006-2024 pcthreat.com  |  Terms of use |  Privacy policy |  About us |  Link to US