I am running Avast Free. My computer has been infected with “System Check.” Why did Avast tell me I had a problem and yet not stop it from entering? I am also having a horrible time removing the problem. I got the majority of it gone, but there must be some more code in the registry that is still misdirecting my web searches. Can anyone tell me what is going on and offer advice for a fix?
Virus problems are ususally posted in the virus and worms section…
Read it all before you start
Remove System Check (Uninstall Guide) - Bleeping Computer
http://www.bleepingcomputer.com/virus-removal/remove-system-check
if you have no success, then follow this guide, attach the logs and Essexboy will save you ;D
http://forum.avast.com/index.php?topic=53253.0
Sorry if I posted in the wrong area. I couldn’t find a specific virus section.
Thanks for the help, but I already followed the instructions from bleepingcomputer.com. I had to perform some additional steps, but I finally got rid of System Check.
I am still wondering why Avast let me down. I was hoping for some insight there or I will likely change to a different anti-virus program.
I am still wondering why Avast let me down. I was hoping for some insight there or I will likely change to a different anti-virus program.
Read the info here http://forum.avast.com/index.php?topic=91985.0 also click the links there and read
Thanks anyway. Guess you didn’t understand my question. I’ll look for help elsewhere.
maybe…what part of your question was not answered
I am still wondering why Avast let me down. I was hoping for some insight there or I will likely change to a different anti-virus program.Alas that will do no good - over the last three days I have cleared systems with the following AV's from this malware
AVG
Norton
McAfee
Trend
Panda Cloud
ESET
Kaspersky
MSE
Is there a reason that a lot of rogue antivirus programs get past the regular antivirus? I used nod32 before avast and it let a rogue through too. In particular, if things like malwarebytes can remove a lot of these things easily, why can’t the regular antivirus?
Err, not to sound like I’m complaining, I like the product. I’m just a tad curious here.
There is no security programs with 100% detection…
lots of Rogues are also not detected by malwarebytes…i know bc i find and upload some of them
Look here “razoreqx” is uploading a new Rogue.FakeRean sample to Malwarebytes…click the Virustotal link he have posted there…you see no one detect it
http://forums.malwarebytes.org/index.php?showtopic=104742&pid=517732&st=0&#entry517732
if we now 4 days later scan it, we get this result
VirusTotal- 21/43
https://www.virustotal.com/file/11cb777880e1abfd1a9285fb98b598e6e7d5b5c25b11ef4610d3ea695e6dcba2/analysis/1327133443/
Fake antivirus overwhelming scanners
http://www.networkworld.com/news/2009/100209-fake-antivirus-overwhelming.html
If you could not remove this System Check virus with Malwarebytes why don’t you try other anti-virus tools which are free? For example, Superantispyware? This a good malware remover and it is free. Try scanning with Superantispyware and see whether this will help you.
Do you see your icons at the desktop? Do you see the shortcuts? If not, then press “Win + R” and insert “iexplore.exe” Internet Explorer would open, this is where you may start downloading some anti-virus program like Superantispyware, for example. Here is what I mean:
http://www.deletevirus.net/system-check-virus-removal-tool/
Did you manage to recover your files? Actually, the site BleepingComputer gives good recommendations on how to restore your hidden data.
If you read JeanBFE’s posts correctly you will notice he/she mentions that System Check was removed, Reply 2
You say you performed other additional steps but didn’t specify them. Can you please let us all know as, I too, have now got this virus. Thanks.
Konfoozed welcome to Avast! forum
I do not think jeanbBFE is going to answer since this thread is two weeks old and he/she said was going for help elsewhere.
If you were not able to get rid of system check by following Bleepingcomputers instructions
http://www.bleepingcomputer.com/virus-removal/remove-system-check
You should follow this instructions to generates the logs to assist you in cleaning your comp:
http://forum.avast.com/index.php?topic=53253.0
and attach logs for MBAM, OTL, and aswMBR.exe here:
http://forum.avast.com/index.php?board=4.0
where Essexboy or Oldman will help you out.
Good luck.
Konfoozed.
The advice given to boot in safe mode with networking is only to download the programs they ask. This is if you do not have any other means to get at those programs, otherwise you can use another clean PC, and download the programs and transfer them to the infected PC.
Since I am not a certified malware removal tech, I can’t give you instructions on how to proceed; However, the fact that you have a dual boot system with two hard drives, It would be better to seek help in the Avast viruses and worms forum as I told you above.
BTW and this is important. Do not clean yor temps or use any program to do such jobs. This kind of infection will store ( hide ) some of your own files in your temp folder.
Regards.
boot to safe mode - download install malwarebytes run it if blocked run chameleon - download and run hitman pro - download and run combofix - do boot time scan - clean up remaining files with glary utilities - job done- cant connect internet? then use another computer from i dont know where and download the programs…into usb… dun care usb infected just clean it after computer cured
Ah if only it was that simple
@ Konfoozed.
Follow my advice and post in the viruses and worms forum. Essexboy is expecting you. The use of Combofix or Hitmanpro can render your comp inoperable if you do not know what you are doing. Besides, this scarewares or rogues some times comes with some rootkit variants making it difficult to clean.
Regards.
Just to say that I bit the bullet today and followed the advice proffered on this great forum and, fingers crossed, I succeeded in getting rid of the System Check virus. Even more pleased that the procedure only needed to be done once for my dual boot configuration which incidentally will now be quickly switched over to a cradle system so I hopefully won’t infect both at the same time!
Now for one more question…is it possible that my laptop (used wirelessly and fairly infrequently) is now carrying the same System Check virus?
Thanks for the help so far which is greatly appreciated.
Glad to hear you got rid of it, and I suppose the Bleepingcomputer instructions worked nicely for you.
Usually you will see System Check UI ( User Interface ) alerting you of something wrong with your comp. Anyways you could always install MBAM and do a quick scan just in case.
You are welcome.