System Care Antivirus

System Care Antivirus Description

ScreenshotFake anti-virus programs are still among the most common types of online scams. Criminals continue to create fake anti-virus programs like System Care Antivirus in order to fool unsuspecting computer users into buying useless security software. These fake anti-virus programs are renamed and repackaged every few weeks, a pattern that has repeated itself consistently since their first appearance nearly a decade ago. Despite its name, System Care Antivirus is not actually an anti-virus program. In fact, it is the complete opposite; System Care Antivirus is a kind of malware infection commonly known as a rogue security program. System Care Antivirus is designed to cause problems on a computer rather than to fix them. System Care Antivirus is part of a widespread wave of Trojan infections that have been associated with attack websites using the Black Hole Exploit Kit in order to distribute malware. If System Care Antivirus is installed on your computer, you should treat it as a malware infection that should be eliminated right away with the assistance of a reliable anti-malware program.

System Care Antivirus is a member of the WinWeb Security family that have among its members System Security, Total Security, Antivirus Security, Total Security 2009, Security Tool, Trojan.RogueAV.a.gen, System Adware Scanner 2010, FakeAlert-KW.e, Advanced Security Tool 2010, System Tool 2011, Security Shield, MS Removal Tool, Antivirus Center, Antivirus Center, Essential Cleaner, Security Shield Pro 2011, Personal Shield Pro, Security Shield 2011, Advanced PC Shield 2012, Security Sphere 2012.

Once System Care Antivirus enters your computer, System Care Antivirus installs its files and injects its code into running memory processes. This makes removal of System Care Antivirus difficult, especially since there is no uninstaller associated with this program. System Care Antivirus makes changes to the infected computer's settings, which cause System Care Antivirus to run automatically as soon as the infected computer starts up. In the moment that the computer user logs into Windows, System Care Antivirus runs a fake scan of the infected computer. This scan will always indicate that the victim's computer is severely infected with malware. It is important to note that these scans are not trustworthy and that they are actually outright lies meant to alarm you so that you will 'upgrade' System Care Antivirus.

ESG security researchers strongly advise against buying or upgrading System Care Antivirus. To bypass the changes it makes to your computer, ESG security researchers advise starting up the infected computer in Safe Mode. Once this is done, it is recommended to use a reliable anti-malware application to detect and remove System Care Antivirus from the infected computer. Starting in Safe Mode or from an alternate boot source is necessary because System Care Antivirus contains components that interfere with legitimate security software or when trying to connect to a website associated with PC security.

Technical Information

Screenshots & Other Imagery

System Care Antivirus Image 1 System Care Antivirus Image 2 System Care Antivirus Image 3 System Care Antivirus Image 4 System Care Antivirus Image 5 System Care Antivirus Image 6 System Care Antivirus Image 7 System Care Antivirus Image 8

Registry Details

System Care Antivirus creates the following registry entry or registry entries:
%AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\System Care Antivirus
%Appdata%\Microsoft\Windows\Start Menu\Programs\System Care Antivirus
%UserProfile%\Desktop\System care.exe
%UserProfile%\Start Menu\Programs\System Care Antivirus
File name without path
System Care Antivirus.lnk
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\System Care Antivirus\DisplayIcon %AppData%\[RANDOM CHARACTERS]\[RANDOM CHARACTERS].exe,0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\System Care Antivirus
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\System Care Antivirus\UninstallString "%AppData%[RANDOM CHARACTERS][RANDOM CHARACTERS].exe" -u
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\System Care Antivirus\ShortcutPath "%AppData%\[RANDOM CHARACTERS]\[RANDOM CHARACTERS].exe" -u
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\System Care Antivirus\DisplayName System Care Antivirus

More Details on System Care Antivirus

The following URL's were found:
Tip: We recommend blocking the domain names as well as the IP addresses associated with them.
The following messages associated with System Care Antivirus were found:
Security Monitor: WARNING!
Attention! System detected a potential hazard (TrojanSPM/LX) on your computer that may infect executable files. Your private information and PC safety is at risk.
To get rid of unwanted spyware and keep your computer safe your need to update your current security software.
Click Yes to download official intrusion detection system (IDS software).
Spyware.IEMonster activity detected. This is spyware that attempts to steal passwords from Internet Explorer, Mozilla Firefox, Outlook and other programs.
Click here to remove it immediately with System Care Antivirus.
System Care Antivirus Firewall Alert
System Care Antivirus Firewall has blocked a program from accessing the Internet.
Internet Explorer Internet Browser is infected with worm SVCHOST.Stealth.Keyloger. This worm is trying to send your credit card details using Internet Explorer Internet Browser to connect to remote host.
System Care Antivirus Warning
Intercepting programs that may compromise your privacy and harm your system have been detected on your PC.
Click here to remove them immediately with System Care Antivirus.
System Care Antivirus Warning
Your PC is still infected with dangerous viruses. Activate antivirus protection to prevent data loss and avoid the theft of your credit card details.
System Care Antivirus Warning
Your PC is still infected with dangerous viruses. Activate antivirus protection to prevent data loss and avoid the theft of your credit card details. Click here to activate protection.
Application cannot be executed. The file GoogleUpdate.exe is infected.Please activate your antivirus software.
The site you are trying visit may harm your computer!
Your security setting level puts your computer at risk!
Activate System Care Antivirus, and enable safe web surfing (recommended). Ignore warnings and visit that site in the current state (not recommended).
Warning: Your computer is infected
Detected spyware infection!
Click this message to install the last update of security software…

Related Posts

Site Disclaimer is not associated, affiliated, sponsored or owned by the malware creators or distributors mentioned on this article. This article should NOT be mistaken or confused in being associated in any way with the promotion or endorsement of malware. Our intent is to provide information that will educate computer users on how to detect, and ultimately remove, malware from their computer with the help of SpyHunter and/or manual removal instructions provided on this article.

This article is provided "as is" and to be used for educational information purposes only. By following any instructions on this article, you agree to be bound by the disclaimer. We make no guarantees that this article will help you completely remove the malware threats on your computer. Spyware changes regularly; therefore, it is difficult to fully clean an infected machine through manual means.

Leave a Reply

Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.

HTML is not allowed.