FacebookTwitterLinkedIn

Systemcare-antivirus.org Malicious Website

Also Known As: System Care Antivirus Website
Type: Fake Antivirus
Damage level: Moderate

Tomas Meskauskas Written by on (updated)

What is Systemcare-antivirus.org?

Systemcare-antivirus.org is a malicious website created by cyber criminals also responsible for releasing a rogue antivirus program called System Care Antivirus. Whilst this website may appear legitimate, in fact it was created to clone a previous deceptive business model.

This model infected Internet users' computers with a fake security program, which attempted to scare them into purchasing a useless 'full version'. System Care Antivirus originates from a family of fake antivirus programs called WinWebSec. This program reports non existent security infections in the hope that unsuspecting PC users fall for the deception and buy the license key.

systemcare-antivirus.org - website promoting fake antivirus programs

The Systemcare-antivirus.org website was developed to add support for this rogue antivirus software.

Cyber criminals hope that PC users will visit this site and believe they are dealing with a legitimate security suite. Another possible reason for creating this website could be to deceive payment processing companies into believing that System Care Antivirus is a legitimate security program.

Note that there are several programs promoted under the name, 'System Care Antivirus': one with a green user interface and available to download at systemcare-antivirus.org; the other with a red interface and installing on users' computers using various exploit kits and Trojans.

A screenshot of the systemcare-antivirus.org malicious website:

Visiting this website is not recommended. Internet users often visit this site when seeking support for the System Care Antivirus program. Internet users should be aware that this program is fake - it mimics the detection of various security threats (which do not actually exist on users' PCs) in the hope that PC users purchase the licence key.

Furthermore, cyber criminals have created two variants of System Care Antivirus. Note that the version with a green interface is semi-rogue, uses the virus definition database of ClamAV (a legitimate, free open-source antivirus program), and it does not run the process of 'detecting' non-existent security infections - it is merely used to clone the rogue business model or to distribute fake antivirus software.

A screenshot of System Care Antivirus (green interface, semi-rogue) used to clone the business of fake antivirus program distribution:

System Care Antivirus - rogue antivirus software using ClamAV virus definition database

Note that this variant of System Care Antivirus does not 'detect' non existent security threats, and does not attempt to coerce users into purchasing the license key.

This variant is likely to have been created to trick payment processing companies - in this way, cyber criminals are able to manage money transactions. The real purpose of this semi-rogue software is to clone the real rogue business model of distributing System Care Antivirus (WinWebSec).

The payment page of System Care Antivirus:

System Care Antivirus fake antivirus payment page

Computer users are redirected to this website after clicking the 'Registration' button in System Care Antivirus (both variants). Internet users are encouraged to pay $99 for the 12-Month license. Paying this amount is equivalent to sending your money to cyber criminals.

Do not enter your banking information when requested by System Care Antivirus - it is a scam. If you have already paid for this rogue software, contact your credit card company and dispute the charges, explaining that you have been tricked into buying a fake antivirus program. Also, consult your credit card company regarding the security of your banking information.

A screenshot of System Care Antivirus (red interface, 'detects' non existent security infections and coerces users into buying the license key):

System Care Antivirus - fake antivirus program

If you see any variant of System Care Antivirus on your computer, you are dealing with fake antivirus software. Do not trust any information displayed by these programs. Follow this information to remove System Care Antivirus from your PC.

Summary:

The fake antivirus programs (also known as "rogue antivirus programs" or "scareware") are applications that tries to lure computer users into paying for their non-existent full versions to remove the supposedly detected security infections (although the computer is actually clean). These bogus programs are created by cyber criminals who design them to look as legitimate antivirus software. Most commonly rogue antivirus programs infiltrate user's computer using poop-up windows or alerts which appear when users surf the Internet. These deceptive messages trick users into downloading a rogue antivirus program on their computers. Other known tactics used to spread scareware include exploit kits, infected email messages, online ad networks, drive-by downloads, or even direct calls to user's offering free support.

A computer that is infected with a fake antivirus program might also have other malware installed on it as rogue antivirus programs often are bundled with Trojans and exploit kits. Noteworthy that additional malware that infiltrates user's operating system remains on victim's computer regardless of whether a payment for a non-existent full version of a fake antivirus program is made. Here are some examples of fake security warning messages that are used in fake antivirus distribution:

Fake pop-up used in rogue antivirus distribution example 1

Fake pop-up used in rogue antivirus distribution example 2

Computer users who are dealing with a rogue security software shouldn't buy it's full version. By paying for a license key of a fake antivirus program users would send their money and banking information to cyber criminals. Users who have already entered their credit card number (or other sensitive information) when asked by such bogus software should inform their credit card company that they have been tricked into buying a rogue security software. Screenshot of a web page used to lure computer users into paying for a non-existent full version of system care antivirus website and other rogue antivirus programs:

example of a webpage used to collect payments for fake antivirus programs

To protect your computer from system care antivirus website and other rogue antivirus programs users should:

  • Keep their operating system and all of the installed programs up-to-date.
  • Use legitimate antivirus and anti-spyware programs.
  • Use caution when clicking on links in social networking websites and email messages.
  • Don't trust online pop-up messages which state that your computer is infected and offers you to download security software.

Symptoms indicating that your operating system is infected with a fake antivirus program:

  • Intrusive security warning pop-up messages.
  • Alerts asking to upgrade to a paid version of a program to remove the supposedly detected malware.
  • Slow computer performance.
  • Disabled Windows updates.
  • Blocked Task Manager.
  • Blocked Internet browsers or inability to visit legitimate antivirus vendor websites.

If you have additional information on system care antivirus website or it's removal please share your knowledge in the comments section below.

▼ Show Discussion

About the author:

Tomas Meskauskas

Tomas Meskauskas - expert security researcher, professional malware analyst.

I am passionate about computer security and technology. I have an experience of over 10 years working in various companies related to computer technical issue solving and Internet security. I have been working as an author and editor for pcrisk.com since 2010. Follow me on Twitter and LinkedIn to stay informed about the latest online security threats. Contact Tomas Meskauskas.

PCrisk security portal is brought by a company RCS LT. Joined forces of security researchers help educate computer users about the latest online security threats. More information about the company RCS LT.

Our malware removal guides are free. However, if you want to support us you can send us a donation.

About PCrisk

PCrisk is a cyber security portal, informing Internet users about the latest digital threats. Our content is provided by security experts and professional malware researchers. Read more about us.

New Removal Guides
Malware activity

Global malware activity level today:

Medium threat activity

Increased attack rate of infections detected within the last 24 hours.

Top Removal Guides
QR Code
System Care Antivirus Website QR code
Scan this QR code to have an easy access removal guide of System Care Antivirus Website on your mobile device.
We Recommend:

Get rid of Windows malware infections today:

▼ REMOVE IT NOW
Download Combo Cleaner

Platform: Windows

Editors' Rating for Combo Cleaner:
Editors ratingOutstanding!

[Back to Top]

To use full-featured product, you have to purchase a license for Combo Cleaner. 7 days free trial available. Combo Cleaner is owned and operated by Rcs Lt, the parent company of PCRisk.com read more.