6.07.2013

Malwaretips.com saved me!

It was very alarming when a security notice alerted in my office computer yesterday. I was afraid about all the files stored in the computer; teachers schedule, classroom plotting, class schedule for the first semester, reports and other pertinent documents saved for the operation of the school. The first computer I used since the start of my appointment is already down due to unexplainable reason where foundation documents are stored, and to this moment are still burried. How come that the second one is damaged again, and who would believe that I am capable of issuing another one for the third time?

First thing in the morning research took my time. I gatecrashed the computer room to server room of the school to switch on computer for help. Amazingly, I found that the I thought legitimate anti-virus popping up my screen is a fake and the one destroying my files and the system. By the simple steps tutored by Malwaretips virus was eliminated in just 2 minutes.

For the purpose of helping other computer users who possible suffering with the System Care Antivirus, I am very pleased to share the website and it's content. 

How to remove System Care Antivirus virus (Removal Guide)

System Care Antivirus 3.7.32 is a computer virus (Rogue.WinWebSec), which pretends to be a legitimate security program and claims that malware has been detected on your computer. If you try to remove these infections, System Care Antivirus will state that you need to buy its full versionbefore being able to do so.
[Image: System Care Antivirus virus]
System Care Antivirus targets users browsing Internet websites, and rely on social engineering to deliver its payload. This infection is promoted through web sites that have been hacked with scripts that try to install the software by exploiting vulnerabilities on your computer. It is also promoted through Trojans that pretend to be legitimate programs that are required to view an online video, but instead install the infection.
Once installed, System Care Antivirus will display fake security alerts that are designed to think that your data is at risk or that your computer is severely infected.These messages may include:
Security Monitor: WARNING!
Attention! System detected a potential hazard (TrojanSPM/LX) on your computer that may infect executable files. Your private information and PC safety is at risk.
To get rid of unwanted spyware and keep your computer safe your need to update your current security software.
Click Yes to download official intrusion detection system (IDS software).
Spyware.IEMonster activity detected. This is spyware that attempts to steal passwords from Internet Explorer, Mozilla Firefox, Outlook and other programs.
Click here to remove it immediately with System Care Antivirus.
System Care Antivirus Firewall Alert
System Care Antivirus Firewall has blocked a program from accessing the Internet.
Internet Explorer Internet Browser is infected with worm SVCHOST.Stealth.Keyloger. This worm is trying to send your credit card details using Internet Explorer Internet Browser to connect to remote host.
System Care Antivirus Warning
Your PC is still infected with dangerous viruses. Activate antivirus protection to prevent data loss and avoid the theft of your credit card details.
Click here to activate protection.
System Care Antivirus Warning
Your PC is still infected with dangerous viruses. Activate antivirus protection to prevent data loss and avoid the theft of your credit card details.
Warning: Your computer is infected
Detected spyware infection!
Click this message to install the last update of security software…
System Care Antivirus Warning
Intercepting programs that may compromise your privacy and harm your system have been detected on your PC.
Click here to remove them immediately with System Care Antivirus.
In reality, none of the reported issues are real, and are only used to scare you into buying System Care Antivirus and stealing your personal financial information.
As part of its self-defense mechanism, System Care Antivirus has disabled the Windows system utilities, including the Windows  Task Manager and Registry Editor, and will block you from running certain programs that could lead to its removal.
This rogue antivirus has also modified your Windows files associations, and now whenever you are trying to open a program, System Care Antivirus will block this operation and display a bogus notification in which will report that the file is infected.
Warning!
Application cannot be executed. The file taskmgr.exe infected.
Please activate your antivirus software.
If your computer is infected with System Care Antivirus virus, then you are seeing the following screens:
[Image: System Care Antivirus 3.7.32 virus]
[Image: System Care Antivirus Firewall Alert]
[Image: System Care Antivirus Warning]
System Care Antivirus is a scam, and you should ignore any alerts that this malicious software might generate.
Under no circumstance should you buy System Care Antivirus as this could lead to identity theft, and if you have, you should contact your bank and dispute the charge stating that the program is a scam and a computer virus.
Registration codes for System Care Antivirus
As an optional step,you can use any of the following license keys to register System Care Antivirus and stop the fake alerts.
System Care Antivirus Activation code: AA39754E-715219CE
Please keep in mind that entering the above registration code will NOT remove System Care Antivirus from your computer , instead it will just stop the fake alerts so that you’ll be able to complete our removal guide more easily.

System Care Antivirus – Virus Removal Guide

STEP 1: Remove System Care Antivirus malicious files with Malwarebytes Anti-Malware

Malwarebytes Chameleon technologies will allow us to install and run a Malwarebytes Anti-Malware scan without being blocked by System Care Antivirus.
  1. Right click on your browser icon, and select Run As or Run as Administrator. This should allow your browser to open so that we can then download Malwarebytes Chameleon.
    [Image: Starting web browse on infected computer]
    If you’ll see a “Warning! The site you are trying visit may harm your computer!” message in your web browser window, you can safely click on the Ignore warnings and visit that site in the current state (not recommended) link, because this a bogus alert from System Care Antivirus.
  2. Download Malwarebytes Chameleon  from the below link, and extract it to a folder in a convenient location.
    MALWAREBYTES CHAMELEON DOWNLOAD LINK  (This link will open a new web page from where you can download Malwarebytes Chameleon)
    [Image: Extract Malwarebytes Chameleon utility]
  3. Make certain that your infected computer is connected to the internet and then open the Malwarebytes Chameleon folder, and double-click on the svchost.exe file.
    [Image: Double click  on svchost.exe]
    IF Malwarebytes Anti-Malware will not start, double-click on the other renamed files until you find one will work, which will be indicated by a black DOS/command prompt window.
  4. Follow the onscreen instructions to press a key to continue and Chameleon will proceed to download and install Malwarebytes Anti-Malware for you.
    Malwarebytes Chameleon press key
  5. Once it has done this, it will update Malwarebytes Anti-Malware, and you’ll need to click OK when it says that the database was updated successfully.
    Malwarebytes Chameleon updating its database
  6. Malwarebytes Anti-Malware will now attempt to kill all the malicious processassociated with System Care Antivirus.Please keep in mind that this process can take up to 10 minutes, so please be patient.
    Malwarebytes Chameleon killing malware
  7. Next, Malwarebytes Anti-Malware will automatically open and perform a Quick scan for System Care Antivirus malicious files as shown below.
    [Image: Malwarebytes Anti-Malware scanning for System Care Antivirus]
  8. Upon completion of the scan, click on Show Result
    [Image: Malwarebytes Anti-Malware scan results]
  9. You will now be presented with a screen showing you the malware infections that Malwarebytes Anti-Malware has detected.
    Make sure that everything is Checked (ticked),then click on the Remove Selected button.
    [Image:Malwarebytes removing virus]
  10. After your computer restarts, open Malwarebytes Anti-Malware and perform a Full System scan to verify that there are no remaining threats

STEP 2: Remove System Care Antivirus rootkit with HitmanPro

In some cases,System Care Antivirus will also install a rootkit on victims computer.To remove this rootkit we will use HitmanPro.
  1. Download HitmanPro from the below link,then double-click on it to start this program.
    HITMANPRO DOWNLOAD LINK (This link will open a new web page from where you can download HitmanPro)
    IF you are experiencing problems while trying to start HitmanPro, you can use the Force Breach mode.To start HitmanPro in Force Breach mode, hold down the left CTRL key when you start HitmanPro and all non-essential processes are terminated, including the malware process. (How to start HitmanPro in Force Breach mode – Video)
  2. HitmanPro will start and you’ll need to follow the prompts (by clicking on the Next button) to start a system scan with this program.
    HitmanPro scanner
    HitmanPro installation
  3. HitmanPro will start scanning your computer for System Care Antivirus malicious files as seen in the image below.
    HitmanPro scan after
  4. Once the scan is complete,you’ll see a screen which will display all the infected files that this utility has detected, and you’ll need to click on Next to remove this malicious files.
    HitmanPro scan results
  5. Click Activate free license to start the free 30 days trial and remove all the malicious files from your computer.
    HitmanPro 30 days activation button

STEP 3: Double check for any left over infections with Emsisoft Emergency Kit

  1. You can download Emsisoft Emergency Kit from the below link,then extract it to a folder in a convenient location.
    EMSISOFT EMERGENCY KIT DOWNLOAD LINK (This link will open a new web page from where you can download Emsisoft Emergency Kit)
  2. Open the Emsisoft Emergency Kit folder and double click EmergencyKitScanner.bat, then allow this program to update itself.
    EmergencyKitScanner.bat file
  3. After the Emsisoft Emergency Kit has update has completed,click on the Menu tab,then selectScan PC.
    Emsisoft Emergency Kit scan tab
  4. Select Quick scan and click on the SCAN button to search for System Care Antivirus malicious files.
    Emsisoft Emergency Kit smart scan
  5. When the scan will be completed,you will be presented with a screen reporting which malicious files has Emsisoft detected on your computer, and you’ll need to click onQuarantine selected objects to remove them.
    Emsisoft Emergency Kit removing malware

If you are still experiencing problems while trying to remove System Care Antivirus from your machine, please start a new thread in ourMalware Removal Assistance forum.

IT’S YOUR TURN TO HELP!

If we have managed to help you with your computer issues, then it's your duty to let other people know that this article will help them!
You can share this article on Facebook,Twitter or Google Plus by using the below buttons.

THE 411 ON ME

stelian pilici image
FC Barcelona Fan,starbucks addicted and Geek.
I run my own local computer repair shop.I repair both hardware and other operating systems related issues, however most of my business is malware related problems.

SUPPORT MALWARETIPS! (OPTIONAL)

All our malware removal guides and utilities are completely free of charge.
We do not request any kind of money in exchange for our services, however if you like to support us with our hardware maintenance costs, you can make a small donation. Any amount is appreciated, and will support our fight against malware.
 

No comments: