BootCare
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Ranking: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
| Ranking: | 3,801 |
| Threat Level: | 10 % (Normal) |
| Infected Computers: | 3,394 |
| First Seen: | January 13, 2012 |
| Last Seen: | September 19, 2023 |
| OS(es) Affected: | Windows |
BootCare is a fake system optimizer that, in 2011, leaked beyond Korean borders and started infecting computers from all around the world. BootCare is quite similar to fake defragmenters that have been around since 2009. The main difference between BootCare and traditional rogue security programs is the fact that all of the text in BootCare's error messages, interface and notifications are entirely in Korean – except for the program's name itself. Rogue security programs belonging to the family of Korean rogue security programs which BootCare is a part of are also characterized by having very showy interfaces with an attractive, modern design. However, do not be fooled by BootCare's appearance. The criminals behind this fake system optimizer care only about one thing: to steal your money.
Table of Contents
How Criminals Attempt to Steal Your Money Using BootCare
BootCare is part of a well-known online scam which main goal is to take advantage of inexperienced computer users. Basically, BootCare will infect the victim's computer system with the help of a Trojan infection. In fact, BootCare is caused by a Trojan itself. The BootCare has two main components: one that is tasked with taking over the victim's computer, making changes to the Windows Registry and attempting to block legitimate security software on the victim's hard drive, and the other which contains the BootCare interface itself. While BootCare's scam may not be particularly effective on computer users that do not understand Korean, a simple glance at BootCare is enough to understand that BootCare is impersonating a security program and that it is attempting to charge the victim for its anti-malware services. This is what a rogue security program does, it takes over the victim's computer, detect a number of non-existent malware infections and then attempts to convince its victim to pay for a useless 'full version' of the rogue security program on the victim's computer.
Do Not Become a Victim of BootCare
You can remove BootCare with a legitimate anti-malware application. However, there may be some problems during removal due to BootCare's self defense components. Basically, you will want to prevent BootCare from starting up automatically whenever you launch Windows. To do this, Windows allows you to start up in Safe Mode by simply pressing F8 when you see the Windows logo during start-up. BootCare also overwrites portions of your security programs' files, effectively disabling them. Because of this, ESG security researchers recommend downloading or reinstalling your security software before attempting removal of BootCare.
File System Details
| # | File Name |
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
|
|---|---|---|
| 1. | C:\Program Files\bootcare\bootcare.exe | |
| 2. | C:\WINDOWS\system32\uninst_bootcare.exe |
