Lately in the last couple of months I’ve seen this infection making the rounds, and it is a nasty one. The System Check virus/Trojan, part of the FakeHDD family of infections is a fake computer analysis and optimization program designed to look like your Windows system is failing and that you need to purchase their software in order to fix it. The method of infection varies but most likely came from a deceptive pop-up ad that may appear as regular a Windows notification with links which look like buttons reading Yes and No. (Maybe its time to get yourself off Internet Explorer and use Firefox or Chrome with a pop up blocker.) On top of that, this Trojan wreaks havoc on your hard drive by removing all program shortcuts, blanking your desktop and basically hiding all files on the hard drive, including on secondary drives installed in the machine (I’m not sure about external drives but I’m assuming so). You’ll know there’s a problem immediately with your machine. The window that pops up looks like this:
There’s a great write up on BleepingComputer.com on how to get rid of this bug. Frankly, its my opinion there’s no way to really be sure that the machine in question is ever truly going to be the same again. So I would recommend that a format and reinstall is the only way to ensure that this Trojan has been removed. Before doing so you should move any data off the machine you need to save. Don’t worry, the files are still there you just need to unhide them again. You can do so either manually via Folder Options or as this web site instructs download the unhide.exe program to do it for you. Yes I know this is going to be a pain, you did have a good backup didn’t you?
Beware Of The System Check Trojan
Archived in the category: Security, Windows
Article Tags:Windows, Windows 7, Windows Vista, Windows XP
Article Tags:Windows, Windows 7, Windows Vista, Windows XP
Posted by okorioth on 25 Jan 12 2 Comments
2 comments for “Beware Of The System Check Trojan”
1
Ben
“Frankly, its my opinion there’s no way to really be sure that the machine in question is ever truly going to be the same again. So I would recommend that a format and reinstall is the only way to ensure that this Trojan has been removed.”
Run MBAM, run Unhide, delete HideTaskMgr from registry, fixed.
2
Anonymous
My point is usually when there’s smoke there’s fire right. This is the obvious infection on a typical users machine. They don’t come to you until its obvious there’s a problem. When the machine is scanned there are also other types of infections not known before this one is what I’m saying. Especially rootkits.
January 26th, 2012 at 7:23 am