Infected with SVCHOST.Stealth.Keylogger – fake alert

1 Star2 Stars3 Stars4 Stars5 Stars (97 votes, average: 5.00 out of 5)
loadingLoading...

In this article we will explain to you the details about one of several fake alerts associated with System Care Antivirus. This is an annoying popup that comes up each time you turn the computer on, and suddenly the rogue called System Care Antivirus appears in front of you. Then, whenever you attempt to run any file (which is an executable by its nature) the fake alert will come up, which will report this file as being infected with SVCHOST.Stealth.Keylogger. This is a typical fake alert, because if you look at the grammar of this message you will see the serious mistake in this very alert – where there will be “keyloger” instead of “keylogger”.

Obviously, System Care Antivirus rogue plans to scare users with many of such bogus alerts. For this reason each executable file that users attempts to launch will be reported as the one supposedly infected with SVCHOST.Stealth.Keylogger. For example, if you download Google Chrome, the following message comes up:

Antivirus Protection fake alert

Without a doubt, Google Chrome is a clean application and it can’t be infected with any sort of malware. It is peculiar that even when automatic updates of Google Chrome are initiated, the similar message appears:

Antivirus Protection warning about Google Chrome update

The rogue called System Care Antivirus is simply afraid that user will attempt to download certain antivirus program that will help users remove the hoax. The same message will eventually appear when you attempt to run GridinSoft Trojan Killer (provided that you already have it installed on your computer):

Fake Antivirus Protection alert

As the solution to bypass such blockage on the part of System Care Antivirus rogue, we recommend you to follow the removal guidelines set forth below.

Milestones to kill System Care Antivirus

  • Use “Win + E” hotkey command on your keyboard. This will open Windows Explorer.
  • In the address field insert the following link: http://gridinsoft.com/downloads/KillProc.zip
  • Save this KillProc.zip file onto your Desktop.
  • Hold “Shift” key on your keyboard and right-click KillProc.zip
  • Select “Open with…
  • Open with...

  • In the windows that comes up select “Browse
  • Browse

  • Find the program called Windows Explorer as the one that will open this KillProc.zip archive. The location for this program is C:\WINDOWS\explorer.exe
  • explorer.exe

  • Click “Open“.
  • In the “Open with…” window select “Windows Explorer” and click “OK“.
  • Windows Explorer

  • Open KillProc archive and copy 2 files onto your Desktop – autoscan.dat and iExPlOrE.exe
  • KillProc folder contents

  • Run iExPlOrE.exe
  • Click “Automatic Scan
  • Automatic scan

  • The message should come up with the name of threat called System Care Antivirus, you need to click “Yes” to stop its process.
  • The process of System Care Antivirus should be killed.
  • Now it’s time to download and run GridinSoft Trojan Killer to remove System Care Antivirus malware.
  • System Care Antivirus removal video guide:

    System Care Antivirus manual removal:

    System Care Antivirus files to be removed:
    %Desktopdir%\System Care Antivirus.lnk
    %Programs%\System Care Antivirus\System Care Antivirus.lnk
    %AppData%\[random]\[random].exe
    System Care Antivirus virus registry entries to be removed:
    HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce\[random] %AppData%\[random]\[random].exe
    HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\System Care Antivirus
    HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\System Care Antivirus\DisplayIcon %AppData%\[random]\[random].exe,0
    HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\System Care Antivirus\DisplayName System Care Antivirus
    HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\System Care Antivirus\ShortcutPath “%AppData%\[random]\[random].exe” -u
    HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\System Care Antivirus\UninstallString “%AppData%\[random]\[random].exe” -u

    Leave a Comment

    *