Internet is full of threats and new malware threats are emerging everyday. Rogue antivirus programs are nothing new and System Care Antivirus is such a bogus malware application specially designed to scam unsuspecting computer users. This program looks like a genuine antivirus application but It is a fake replica of genuine antivirus programs. In other words, this program is not genuine and It can not scan your computer for threats.
Cyber criminals are looking for easy money and this is why they have created fake products like System Care Antivirus. Once this bogus malware enters in your computer, It will literally take over everything. It will block your genuine programs and won’t let you do anything until you buy full version of System Care Antivirus. As soon as your computer is infected with this malware, this rogue antivirus will run itself and start scanning your computer without your consent. Before you understand what is happening, it will show numerous infections and ask you to buy full version of System Care Antivirus to get rid of those infections. Here is a screenshot of System Care Antivirus doing a fake scan :
This rogue program will show you fake alerts like :
System Care Antivirus Firewall Alert
System Care Antivirus Firewall has blocked a program from accessing the Internet.
Internet Explorer Internet Browser is infected with worm SVCHOST.Stealth.Keyloger. This worm is trying to send your credit card details using Internet Explorer Internet Browser to connect to remote host.
Security Monitor: WARNING!
Attention! System detected a potential hazard (TrojanSPM/LX) on your computer that may infect executable files. Your private information and PC safety is at risk.
System Care Antivirus Warning
Your PC is still infected with dangerous viruses. Activate antivirus protection to prevent data loss and avoid the theft of your credit card details. Click here to activate protection.
System Care Antivirus Warning
Your PC is still infected with dangerous viruses. Activate antivirus protection to prevent data loss and avoid the theft of your credit card details.
System Care Antivirus is a false program and It does everything for its own benefit. This fake software gets distributed via malware websites, compromised downloads, fake flash player updates and other similar methods. As your computer is infected with this malware, you can be sure that you’ve either downloaded something malicious off the Internet or a website your browsed exploited security settings on your computer and infected your machine. It also indicates that Security on your computer is not strong and you need to use a more powerful anti-malware program. Here is what System Care Antivirus does when It is running in your computer :
1. Block all legitimate programs on your computer including notepad and all other day-to-day applications.
2. It won’t let you run Windows Utilities like Task Manager, Registry Editor and other similar utilities which you might use against it.
3. It will show fake security alerts every now and then. False alerts pop-ups will show on the screen as well as from the System Tray. This program will make those security alerts look really genuine but you shouldn’t get afraid.
4. Your computer will slow down to a greater extent and nothing will help as It will also block you from visiting websites and make your job much harder.
5. Don’t let it run on your computer for long time as your computer may automatically reboot your computer several times and thus you might lost some data or Windows may get corrupted.
6. It will also close down your antivirus program as well as all other startup programs forcefully without any notice. If you’ll try to run those programs, It will tell you that It is infected and you need to buy full version of System Care Antivirus and such programs are called Rogue Security Software
This rogue antivirus software is designed by software professional who are using their knowledge in wrong direction. It all boils down to purchasing full version of System Care Antivirus and as soon as you buy this software and enter the registration key, It will stop showing any infections and tell you that your computer is free from infections. There is actually no difference in the paid or trial version but when you enter the key in the software, It believes that you’ve paid and stops showing any infections. This is just a shallow gimmick and nothing else. If you’ve paid for this software in good faith thinking It is genuine, call your credit card company right now and dispute the charge.
How To Remove System Care Antivirus
System Care Antivirus can be removed from your computer easily provided you follow the right path and don’t confuse yourself in employing various removal methods. We suggest that you opt for one removal method and actually stick to it. If you try to follow several removal methods, you’ll mess up things for sure. We’ve installed this malware on our test machines and found two methods to get rid of it completely. One method is extremely easy while other method requires you to use your own mind to remove the malware. These two removal methods are :
A. Automatic Removal Method
B. Manual Removal Method
A. Automatic Removal Method
As the name implies, this method is all about removing the malware using the automated tools. Security companies are researching on such rogue scams and developing software products to combat the malware. If you take help of those products, you can not only get rid of the malware but also protect your computer from such future attacks. To learn how to remove System Care Antivirus automatically using a genuine anti-malware tool, follow these steps :
1. When System Care Antivirus is running in your computer, click on Start—>Run, type “http://www.systemcareantivirushelp.com/download.php” and click OK button. Alternatively, you can also click on below button to start the download :
2. This will start downloading removal tool from our server. Once the download starts, save the file as “explorer.exe” on desktop. Please note that you must save the file as “explorer.exe” so that malware can’t block this file from running. Just for your information, Explorer.exe is the name of a genuine Windows Process and this malware can’t block files having this name.
3. After downloading the removal tool, double click over it on Desktop and this will forcefully close System Care Antivirus on your computer. The malware is still in your computer but not running temporarily so that It can’t interfere with removal process.
4. Now follow the instructions shown on screen to install the removal tool in your computer. After installing removal tool, please do a full scan of your computer and you’ll find that lots of malware are hiding in your computer. This removal tool will automatically find System Care Antivirus as well as all its copies in your computer.
5. Once the scan is done, click on “Fix Threats” button and you can get rid of all the malware inside your computer. This removal tool will also fix computer’s registry, unblock all the programs which were blocked by malware and do additional cleanup.
That’s it. Now reboot your computer and everything should be perfectly fine. You can use your computer same as before.
More Screenshots of System Care Antivirus :
B. Manual Removal Method
Manual Removal method is risky and at times, It may not work. Therefore, Manual Removal method is recommended only for expert computer users. This method requires you to edit the registry and delete files from your computer by finding infected files manually. If you don’t know what you are doing, deleting this malware can be tough for you and you could end up doing more damage to your computer. Follow these manual removal steps at your own risk :
1. First Step, you need to stop System Care Antivirus from running in your computer. For accomplish this, , you need to download Process Explorer and save it as “explorer.exe”. on your computer. Process Explorer is a powerful utility from Microsoft which works exactly same as Task Manager.
After downloading Process Explorer, run it in your computer and close down System Care Antivirus forcefully.
2. After closing down its process, you need to find and delete these malicious files from your computer :
%CommonAppData%\<random numbers and chars>\
%CommonAppData%\<random numbers and chars>\<random numbers and chars>
%CommonAppData%\<random numbers and chars>\<random numbers and chars>.exe
%CommonAppData%\<random numbers and chars>\<random numbers and chars>.ico
3. Now you need to edit the registry and unblock Task Manager and other programs. Please note that registry is a core part of your computer and If you don’t know what you’re doing, we suggest that you don’t mess up with registry.
If you are sure about your expertise with registry, click on “Start—>Run” type, “regedit” and click OK button. Now check the registry and unblock Task Manager and other programs. To learn what is Registry Editor and how it works, you can check this Wikipedia Entry.
After following above steps, reboot your computer and see If everything is fine. Manual removal steps may not work If you leave a backup copy of System Care Antivirus on your computer and this way It can easily restore itself.