AdCare
AdCare (or Ad Care) is a rogue security program which spreads via the Internet by using Trojans and fake online security websites. Ad Care is installed on victim computers without the user's approval. It will secretly enter the system before modifying settings and registry entries to have itself run whenever Windows is operating. Once active, computer users may experience constant security alert pop-ups advertising AdCare. Ad Care runs its own virus scan which detects false threats on the computer to mislead users into getting the licensed version of this useless program. AdCare poses a huge security threat to PC safety and should be terminated immediately.
File System Modifications
- The following files were created in the system:
# File Name 1 C:\Documents and Settings\{username}\Start Menu\Programs\adcare\[random characters].lnk 2 C:\Documents and Settings\{username}\Start Menu\Programs\adcare\adcare [random characters].lnk 3 C:\Program Files\adcare\adcare.exe 4 C:\Program Files\adcare\adcareup.exe 5 C:\Program Files\adcare\config.ini 6 C:\Program Files\adcare\filecheck.ini 7 C:\Program Files\adcare\img\+++n.gif 8 C:\Program Files\adcare\img\1.jpg 9 C:\Program Files\adcare\img\10.jpg 10 C:\Program Files\adcare\img\10_over.jpg 11 C:\Program Files\adcare\img\13.jpg 12 C:\Program Files\adcare\img\13_over.jpg 13 C:\Program Files\adcare\img\14.jpg 14 C:\Program Files\adcare\img\14_over.jpg 15 C:\Program Files\adcare\img\15.jpg 16 C:\Program Files\adcare\img\15_over.jpg 17 C:\Program Files\adcare\img\16.jpg 18 C:\Program Files\adcare\img\16_over.jpg 19 C:\Program Files\adcare\img\1_over.jpg 20 C:\Program Files\adcare\img\2.jpg 21 C:\Program Files\adcare\img\256_1.ico 22 C:\Program Files\adcare\img\256_2.ico 23 C:\Program Files\adcare\img\2_over.jpg 24 C:\Program Files\adcare\img\3.jpg 25 C:\Program Files\adcare\img\3_over.jpg 26 C:\Program Files\adcare\img\4.jpg 27 C:\Program Files\adcare\img\4_over.jpg 28 C:\Program Files\adcare\img\5.jpg 29 C:\Program Files\adcare\img\5_over.jpg 30 C:\Program Files\adcare\img\6.jpg 31 C:\Program Files\adcare\img\6_over.jpg 32 C:\Program Files\adcare\img\7.jpg 33 C:\Program Files\adcare\img\7_over.jpg 34 C:\Program Files\adcare\img\8.jpg 35 C:\Program Files\adcare\img\8_over.jpg 36 C:\Program Files\adcare\img\9.jpg 37 C:\Program Files\adcare\img\9_over.jpg 38 C:\Program Files\adcare\img\alram.gif 39 C:\Program Files\adcare\img\ber.gif 40 C:\Program Files\adcare\img\del.gif 41 C:\Program Files\adcare\img\dotline_loading.gif 42 C:\Program Files\adcare\img\download.gif 43 C:\Program Files\adcare\img\end_popup01.gif 44 C:\Program Files\adcare\img\end_popup02.gif 45 C:\Program Files\adcare\img\end_popup03.gif 46 C:\Program Files\adcare\img\end_popup04.gif 47 C:\Program Files\adcare\img\icn_dell.ico 48 C:\Program Files\adcare\img\install01.gif 49 C:\Program Files\adcare\img\install02.gif 50 C:\Program Files\adcare\img\left_btn_01.gif 51 C:\Program Files\adcare\img\left_btn_02.gif 52 C:\Program Files\adcare\img\left_btn_03.gif 53 C:\Program Files\adcare\img\left_btn_04.gif 54 C:\Program Files\adcare\img\left_btn_05.gif 55 C:\Program Files\adcare\img\left_btn_06.gif 56 C:\Program Files\adcare\img\left_btn_click_01.gif 57 C:\Program Files\adcare\img\left_btn_click_02.gif 58 C:\Program Files\adcare\img\left_btn_click_03.gif 59 C:\Program Files\adcare\img\left_btn_click_04.gif 60 C:\Program Files\adcare\img\left_btn_click_05.gif 61 C:\Program Files\adcare\img\left_btn_click_06.gif 62 C:\Program Files\adcare\img\left_btn_on_01.gif 63 C:\Program Files\adcare\img\left_btn_on_02.gif 64 C:\Program Files\adcare\img\left_btn_on_03.gif 65 C:\Program Files\adcare\img\left_btn_on_04.gif 66 C:\Program Files\adcare\img\left_btn_on_05.gif 67 C:\Program Files\adcare\img\left_btn_on_06.gif 68 C:\Program Files\adcare\img\loading.gif 69 C:\Program Files\adcare\img\main.jpg 70 C:\Program Files\adcare\img\main1.jpg 71 C:\Program Files\adcare\img\main2.jpg 72 C:\Program Files\adcare\img\messageok.gif 73 C:\Program Files\adcare\img\messageyes_or_no.gif 74 C:\Program Files\adcare\img\pass.gif 75 C:\Program Files\adcare\img\pass_change.gif 76 C:\Program Files\adcare\img\sysdown.gif 77 C:\Program Files\adcare\img\Thumbs.db 78 C:\Program Files\adcare\img\title1.gif 79 C:\Program Files\adcare\img\title2.gif 80 C:\Program Files\adcare\img\title3.gif 81 C:\Program Files\adcare\img\title4-1.gif 82 C:\Program Files\adcare\img\title4-1_.gif 83 C:\Program Files\adcare\img\title4.gif 84 C:\Program Files\adcare\img\title5.gif 85 C:\Program Files\adcare\img\title6-1.gif 86 C:\Program Files\adcare\img\title6.gif 87 C:\Program Files\adcare\img\title7.gif 88 C:\Program Files\adcare\img\tmp.gif 89 C:\Program Files\adcare\img\tmp2.gif 90 C:\Program Files\adcare\img\view_button.gif 91 C:\Program Files\adcare\img\win.gif 92 C:\Program Files\adcare\img\ws.gif 93 C:\Program Files\adcare\ntfile.ini 94 C:\Program Files\adcare\report\2010-08.ale 95 C:\Program Files\adcare\uninstall.exe 96 C:\Program Files\adcare\value\b_ac.da2 97 C:\Program Files\adcare\value\chdir.da 98 C:\Program Files\adcare\value\pattern.da 99 C:\Program Files\adcare\value\skey.da 100 C:\Program Files\adcare\value\wac.da 101 C:\Program Files\adcare\value\wcode.da 102 C:\Program Files\adcare\value\wcode1.da 103 C:\Program Files\adcare\value\wcode2.da 104 C:\Program Files\adcare\value\wcode3.da 105 C:\Program Files\adcare\value\wcode4.da 106 C:\Program Files\adcare\value\wcode5.da 107 C:\Program Files\adcare\value\wcode6.da 108 C:\Program Files\adcare\value\wcode7.da 109 C:\Program Files\adcare\value\wcode8.da 110 C:\Program Files\adcare\value\wurl.da
Registry Modifications
- The following newly produced Registry Values are:
HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\Software\adcareHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\..{RunKeys}HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\adcareupHKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}adcare
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.