System Care Antivirus

Threat Scorecard

Ranking: 12,115
Threat Level: 100 % (High)
Infected Computers: 656
First Seen: April 9, 2013
Last Seen: September 8, 2023
OS(es) Affected: Windows

ScreenshotFake anti-virus programs are still among the most common types of online scams. Criminals continue to create fake anti-virus programs like System Care Antivirus in order to fool unsuspecting computer users into buying useless security software. These fake anti-virus programs are renamed and repackaged every few weeks, a pattern that has repeated itself consistently since their first appearance nearly a decade ago. Despite its name, System Care Antivirus is not actually an anti-virus program. In fact, it is the complete opposite; System Care Antivirus is a kind of malware infection commonly known as a rogue security program. System Care Antivirus is designed to cause problems on a computer rather than to fix them. System Care Antivirus is part of a widespread wave of Trojan infections that have been associated with attack websites using the Black Hole Exploit Kit in order to distribute malware. If System Care Antivirus is installed on your computer, you should treat it as a malware infection that should be eliminated right away with the assistance of a reliable anti-malware program.

System Care Antivirus is a member of the WinWeb Security family that have among its members System Security, Antivirus Security, Total Security 2009, Security Tool, Trojan.RogueAV.a.gen, System Adware Scanner 2010, FakeAlert-KW.e, Advanced Security Tool 2010, System Tool 2011, Security Shield, MS Removal Tool, Total Security, System Security 2011, Essential Cleaner, Security Shield Pro 2011, Personal Shield Pro, Security Shield 2011, Security Sphere 2012, Advanced PC Shield 2012, Futurro Antivirus.

Once System Care Antivirus enters your computer, System Care Antivirus installs its files and injects its code into running memory processes. This makes removal of System Care Antivirus difficult, especially since there is no uninstaller associated with this program. System Care Antivirus makes changes to the infected computer's settings, which cause System Care Antivirus to run automatically as soon as the infected computer starts up. In the moment that the computer user logs into Windows, System Care Antivirus runs a fake scan of the infected computer. This scan will always indicate that the victim's computer is severely infected with malware. It is important to note that these scans are not trustworthy and that they are actually outright lies meant to alarm you so that you will 'upgrade' System Care Antivirus.

ESG security researchers strongly advise against buying or upgrading System Care Antivirus. To bypass the changes it makes to your computer, ESG security researchers advise starting up the infected computer in Safe Mode. Once this is done, it is recommended to use a reliable anti-malware application to detect and remove System Care Antivirus from the infected computer. Starting in Safe Mode or from an alternate boot source is necessary because System Care Antivirus contains components that interfere with legitimate security software or when trying to connect to a website associated with PC security.ScreenshotScreenshotScreenshotScreenshotScreenshotScreenshotScreenshotScreenshotScreenshot

SpyHunter Detects & Remove System Care Antivirus

File System Details

System Care Antivirus may create the following file(s):
# File Name Detections
3. %CommonAppData%\[RANDOM CHARACTERS]
4. %Desktopdir%\System Care Antivirus.lnk
6. %Programs%\System Care Antivirus\System Care Antivirus.lnk

Registry Details

System Care Antivirus may create the following registry entry or registry entries:
File name without path
System Care Antivirus.lnk
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\System Care Antivirus\DisplayIcon %AppData%\[RANDOM CHARACTERS]\[RANDOM CHARACTERS].exe,0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\System Care Antivirus
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\System Care Antivirus\UninstallString "%AppData%[RANDOM CHARACTERS][RANDOM CHARACTERS].exe" -u
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\System Care Antivirus\ShortcutPath "%AppData%\[RANDOM CHARACTERS]\[RANDOM CHARACTERS].exe" -u
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\System Care Antivirus\DisplayName System Care Antivirus


System Care Antivirus may create the following directory or directories:

%AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\System Care Antivirus
%Appdata%\Microsoft\Windows\Start Menu\Programs\System Care Antivirus
%UserProfile%\Desktop\System care.exe
%UserProfile%\Start Menu\Programs\System Care Antivirus


System Care Antivirus may call the following URLs:


The following messages associated with System Care Antivirus were found:

Security Monitor: WARNING!
Attention! System detected a potential hazard (TrojanSPM/LX) on your computer that may infect executable files. Your private information and PC safety is at risk.
To get rid of unwanted spyware and keep your computer safe your need to update your current security software.
Click Yes to download official intrusion detection system (IDS software).
Spyware.IEMonster activity detected. This is spyware that attempts to steal passwords from Internet Explorer, Mozilla Firefox, Outlook and other programs.
Click here to remove it immediately with System Care Antivirus.
System Care Antivirus Firewall Alert
System Care Antivirus Firewall has blocked a program from accessing the Internet.
Internet Explorer Internet Browser is infected with worm SVCHOST.Stealth.Keyloger. This worm is trying to send your credit card details using Internet Explorer Internet Browser to connect to remote host.
System Care Antivirus Warning
Intercepting programs that may compromise your privacy and harm your system have been detected on your PC.
Click here to remove them immediately with System Care Antivirus.
System Care Antivirus Warning
Your PC is still infected with dangerous viruses. Activate antivirus protection to prevent data loss and avoid the theft of your credit card details.
System Care Antivirus Warning
Your PC is still infected with dangerous viruses. Activate antivirus protection to prevent data loss and avoid the theft of your credit card details. Click here to activate protection.
Application cannot be executed. The file GoogleUpdate.exe is infected.Please activate your antivirus software.
The site you are trying visit may harm your computer!
Your security setting level puts your computer at risk!
Activate System Care Antivirus, and enable safe web surfing (recommended). Ignore warnings and visit that site in the current state (not recommended).
Warning: Your computer is infected
Detected spyware infection!
Click this message to install the last update of security software…

Related Posts


Most Viewed