Removal Guide “System Care Antivirus” virus

“System Care Antivirus” is a computer virus, which pretends to be a legitimate antivirus program and claims that malware has been detected on your computer, then it will state that you need to pay money to register the software to remove these non-existent threats.

“System Care Antivirus” is distributed through hacked or infected websites, which will prompt you with a fake pop-up window indicate that your computer is infected or your computer requires a software update. Alternatively, your computer may be infected with “System Care Antivirus” from an infected email attachment or drive-by-downloads which will exploit a vulnerability in older versions of Java or Adobe software.
Once installed, “System Care Antivirus” will be drop a random file name in a random folder underC:\Documents and Settings\All Users\Application Data\, in XP, or C:\ProgramData, in Windows Vista, Windows 7, and Windows 8. System Care Antivirus will then be configured to start automatically when you login to your computer.

“System Care Antivirus” will display fake security alerts that are designed to think that your data is at risk or that your computer is severely infected.These messages include:

Security Monitor: WARNING!
Attention! System detected a potential hazard (TrojanSPM/LX) on your computer that may infect executable files. Your private information and PC safety is at risk.
To get rid of unwanted spyware and keep your computer safe your need to update your current security software.
Click Yes to download official intrusion detection system (IDS software).

Spyware.IEMonster activity detected. This is spyware that attempts to steal passwords from Internet Explorer, Mozilla Firefox, Outlook and other programs.
Click here to remove it immediately with System Care Antivirus.

System Care Antivirus Firewall Alert
System Care Antivirus Firewall has blocked a program from accessing the Internet.
Internet Explorer Internet Browser is infected with worm SVCHOST.Stealth.Keyloger. This worm is trying to send your credit card details using Internet Explorer Internet Browser to connect to remote host.

System Care Antivirus Warning
Some critical system files of your computer were modified by malicious program. It may cause system instability and data loss.
Click here to block unauthorised modification by removing threats (Recommended)

System Care Antivirus Warning
Your PC is still infected with dangerous viruses. Activate antivirus protection to prevent data loss and avoid the theft of your credit card details.

System Care Antivirus Warning
Intercepting programs that may compromise your privacy and harm your system have been detected on your PC.
Click here to remove them immediately with System Care Antivirus.

If your computer is infected with System Care Antivirus virus, then you are seeing the following screens:

System Care Antivirus is a scam, and you should ignore any alerts that this malicious software might generate.
Under no circumstance should you buy System Care Antivirus as this could lead to identity theft, and if you have, you should contact your bank and dispute the charge stating that the program is a scam and a computer virus.
Registration codes for System Care Antivirus 
As an optional step,you can use any of the following license keys to register System Care Antivirus and stop the fake alerts.

System Care Antivirus activation code: AA39754E-715219CE
Please keep in mind that entering the above registration code will NOT remove System Care Antivirus from your computer , instead it will just stop the fake alerts so that you’ll be able to complete our removal guide more easily.

System Care Antivirus – Virus Removal Guide

STEP 1 : Start your computer in Safe Mode with Networking

1. Remove all floppy disks, CDs, and DVDs from your computer, and then restart your computer.
2. Press and hold the F8 key as your computer restarts.Please keep in mind that you need to press the F8 key before the Windows start-up logo appears.
   Note: With some computers, if you press and hold a key as the computer is booting you will get a stuck key message. If this occurs, instead of pressing and holding the “F8 key”, tap the “F8 key” continuously until you get the Advanced Boot Options screen.
3. On the Advanced Boot Options screen, use the arrow keys to highlight Safe Mode with Networking , and then press ENTER.
   

---

STEP 2: Run RKill to terminate the malicous processes associated with System Care Antivirus.

RKill is a program that will attempt to terminate all malicious processes associated with System Care Antivirus, so that we will be able to perform the next step without being interrupted by this malicious software.
Because this utility will only stop System Care Antivirus running process, and does not delete any files, after running it you should not reboot your computer as any malware processes that are configured to start automatically will just be started again.

1. While your computer is in Safe Mode with Networking ,please download the latest official version of RKill.Please note that we will use a renamed version of RKILL so that System Care Antivirus won’t block this utility from running.
   RKILL DOWNLOAD LINK (This link will automatically download RKILL renamed as iExplore.exe)
2. Double click on iExplore.exe to start RKill and stop any processes associated with System Care Antivirus.
   
3. RKill will now start working in the background, please be patient while the program looks for various malware programs and tries to terminate them.
   
   IF you are having problems starting or running RKill, you can download any other renamed versions of RKill from here.
4. When Rkill has completed its task, it will generate a log. You can then proceed with the rest of the guide.
   

WARNING: Do not reboot your computer after running RKill as the malware process will start again , preventing you from properly performing the next step.

---

STEP 3: Remove System Care Antivirus malicious files