How to Fix: Cannot Remove System Mechanic (Manual Uninstall)

Dennis Faas's picture

Infopackets Reader Gina F. writes:

" Dear Dennis,

Over the weekend my nephew visited me and I let him use my computer. Today I went to use the PC and now I have a program called System Mechanic alerting me of 2093 errors on my PC that need to be fixed. I've closed the warning window, but System Mechanic keeps popping up in my face. I've also tried to 'fix' the 'errors', but then it says I need to pay to do that. Smells like a scam to me! I have tried to uninstall system mechanic via control panel, but every time I try, I get an error that it cannot remove system mechanic. I have searched Google how to remove system mechanic but many websites are suggesting I need to download this, that or the other thing - many with false promises. I am leery about that because I don't want to get infected with something else. Can you PLEASE help? You are the only person I trust! "

My response:

I asked Gina if she would like me to connect to her machine using my remote desktop support service in order to have a closer look, and she agreed.

Below I will discuss my findings.

How to Fix: Cannot Remove System Mechanic (Manual Uninstall)

First and foremost, the System Mechanic program installed on Gina's machine isn't the same as "Iolo System Mechanic," though these two programs are similarly named. From the malware creators perspective, this was done on purpose to confuse the customer.

That said, like most "registry cleaners" and "make-my-computer-faster" utilities, these programs do little (or nothing at all) to improve the speed of the system. They only serve to convert you into a paid customer with false promises. This practice is nothing new and has been going on since the early 2000s when Windows XP was all the rage.

Most Cleaners, Optimizers, Registry Fixers are Scams

It is my opinion that 99.99% of all programs that promise to "fix," "protect," or "make-your-computer-faster" are completely bogus, even if it comes from a legitimate company (including Iolo).

IOBit Advanced System Care is another bogus suite of utilities that also fall into this category. Some users will disagree with these sentiments - and that's fine - but provide me with cold hard evidence that these programs actually do something useful other than informing you that it did something, just because it said so and you're none the wiser.

The fact is: if you really want to speed up your machine, keep it as nimble as possible and only install programs you really need. That's free advice that actually works and doesn't cost you anything to implement.

If you're still having issues, consider hiring a real professional to look at the machine - someone that truly knows hardware and software inside and out and can manually implement the necessary optimizations, while also providing practical advice. I provide such a service and you can contact me here if needed; here's my resume if you're interested.

Now that's out of the way, let's get on with how to remove System Mechanic (malware).

How to Remove System Mechanic Manually

The method below is done using the command prompt. It's a script I wrote that will automatically kill all executable processes in a directory recursively that are running on the machine; once the tasks are killed, the directory is deleted. This is especially useful if you've encountered malware that relaunches itself even after it's been terminated using task manager, for example.

Please keep in mind that there are similarly named malware called "System Mechanic", including "1 Click System Mechanic". If the instructions below don't work for you, it may be because you're infected with something else. In that case, you can contact me for additional support (also described at the end of the article).

Note: For good measurement I've also included commands to remove Iolo System Mechanic in case anyone reading this page is interested in removing that as well - because, as I said, these programs really don't do anything useful in my opinion.

To do so:

  1. Click Start, then type in "cmd" (no quotes); wait for "CMD.EXE" or "Command Prompt" to appear in the list, then right click and select "Run as Administrator".
     
  2. Next, highlight the text below using your mouse:

    @echo off
    C:
    cd \
    for /r "c:\program files\system mechanic" %G in (*.exe) do taskkill /F /IM %~nxG
    rmdir /q /s "c:\program files\system mechanic"
    for /r "c:\program files\iolo technologies\system mechanic" %G in (*.exe) do taskkill /F /IM %~nxG
    rmdir /q /s "c:\program files\iolo technologies\system mechanic"
    @echo on
    echo hi
     
  3. Right click the above highlighted text, then select "Copy" from the dialogue menu. Now, right click in the middle of the command prompt window you opened in Step #1 and select "Paste". The text you copied in Step #2 will be output the command line.

At this point, the System Mechanic process will be terminated, and the entire System Mechanic directory deleted. The next thing you should do is reboot the system to make sure it doesn't appear at startup. If it does, it may mean that your system is infected with other malware that is reinfecting you. In this case you are welcome to contact me for additional 1-on-1 support, described next.

Additional 1-on-1 Support: From Dennis

If all of this is over your head, or if you need help removing System Mechanic, I can help using my remote desktop support service. Simply contact me, briefly describing the issue and I will get back to you as soon as possible.

Got a Computer Question or Problem? Ask Dennis!

I need more computer questions. If you have a computer question - or even a computer problem that needs fixing - please email me with your question so that I can write more articles like this one. I can't promise I'll respond to all the messages I receive (depending on the volume), but I'll do my best.

About the author: Dennis Faas

is the owner and operator of Infopackets.com. With over 30 years of computing experience, Dennis' areas of expertise are a broad range and include PC hardware, Microsoft Windows, Linux, network administration, and virtualization. Dennis holds a Bachelors degree in Computer Science (1999) and has authored 6 books on the topics of MS Windows and PC Security. If you like the advice you received on this page, please up-vote / Like this page and share it with friends. For technical support inquiries, Dennis can be reached via Live chat online this site using the Zopim Chat service (currently located at the bottom left of the screen); optionally, you can contact Dennis through the website contact form.

Rate this article: 
Average: 4.6 (10 votes)

Comments

russoule's picture

two things, Dennis.

1. will the above instructions also remoive any registry entries made by these piles of bat-dung?

2. can the same set of instructions, changing merely the name of the software, kill other program/packages that refuse to be deleted?

Russ Soule'

Dennis Faas's picture

The command line instructions I have provided do not remove registry entries at all. The entries won't matter if the executables are deleted.

The script starts at a parent folder (example: c:\program files\abc) then recursively goes through all folders inside the parent (example: c:\program files\abc\123\def) and looks for executables (.exe files) that may be running in memory, then terminates them.

After exe's are terminated, the script deletes the parent folder and all subfolders inside the parent. This prevents the executables from executing again, whether it's at startup or immediately after killing the tasks (and thus preventing regeneration).

george.apostol_15354's picture

Applied yesterday after numerous attempts following other procedures involving registry. Congratulations!