HealthCareGovTool

By GoldSparrow in Adware

Threat Scorecard

Ranking:	9,248
Threat Level:	20 % (Normal)
Infected Computers:	6,027

First Seen:	February 26, 2015
Last Seen:	January 20, 2025
OS(es) Affected:	Windows

The HealthCareGovTool browser tool is promoted to allow you to browse more efficiently the reputable HealthCare.gov website, but you might want to know that it's classified by security analysts as adware. The HealthCareGovTool adware may not fulfill your expectations, and it may use its browser integration to display banners, ad boxes and in-text hyperlinks to sponsored products. The HealthCareGovTool adware may use a Browser Helper Object, a browser extension, and an add-on to perform its operations. You may automatically install the HealthCareGovTool adware on your system when you handle freeware bundles via the 'Express' or 'Typical' option. The HealthCareGovTool adware may not feature safe online resources and web surfers may be directed to visit suspicious online stores and low-quality search engines. Also, the HealthCareGovTool adware may decrease the performance of your web browser and read your browsing history to determine what type of ads may interest you. Computer users might wish to consider using a trusted anti-spyware solution to remove all components of the HealthCareGovTool adware from their OS.

Table of Contents

Aliases

6 security vendors flagged this file as malicious.

Anti-Virus Software	Detection
Symantec	WS.Reputation.1
DrWeb	Adware.Superfish.227
AVG	Generic.C68
DrWeb	Adware.Superfish.217
Avast	Win32:Adware-gen [Adw]
DrWeb	Adware.Superfish.96

SpyHunter Detects & Remove HealthCareGovTool

File System Details

HealthCareGovTool may create the following file(s):

Expand All | Collapse All

#	File Name	MD5	Detections Detections: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
1.	WWatcherLSP.dll	fe7b3418e539cfa3de469f1d9d08e60c	19
Name: WWatcherLSP.dll MD5: fe7b3418e539cfa3de469f1d9d08e60c Size: 305.79 KB (305792 bytes) Detections: 19 Type: Dynamic link library Path: %WINDIR%\SysWOW64\WWatcherLSP.dll Group: Malware file Last Updated: January 20, 2025
2.	8B43B8EB051F8E6ED8E8CC08ECE3A54A97848936.dll	9cdf7be2a7b67960935561dbcc5ec47f	5
Name: 8B43B8EB051F8E6ED8E8CC08ECE3A54A97848936.dll MD5: 9cdf7be2a7b67960935561dbcc5ec47f Size: 305.62 KB (305624 bytes) Detections: 5 Type: Dynamic link library Path: %SYSTEMDRIVE%\System Recovery\Repair\Backup\8B43B8EB051F8E6ED8E8CC08ECE3A54A97848936.dll Group: Malware file Last Updated: August 9, 2020
3.	WebWatcherProxy.exe	853fb8ba9854674f28592fb3776e2c4b	1
Name: WebWatcherProxy.exe MD5: 853fb8ba9854674f28592fb3776e2c4b Size: 1.85 MB (1856832 bytes) Detections: 1 Type: Executable File Path: %PROGRAMFILES(x86)%\SysFiles Group: Malware file Last Updated: August 18, 2017
4.	WeWatcherLSP.dll	cf048fcce7d0afe2f3d032f6ce23a8fa	1
Name: WeWatcherLSP.dll MD5: cf048fcce7d0afe2f3d032f6ce23a8fa Size: 305.96 KB (305960 bytes) Detections: 1 Type: Dynamic link library Path: %WINDIR%\system32 Group: Malware file Last Updated: October 9, 2015
5.	WeWatcherProxy.exe	45acb025340734b9bef1f8d31f6d2a38	1
Name: WeWatcherProxy.exe MD5: 45acb025340734b9bef1f8d31f6d2a38 Size: 1.73 MB (1739808 bytes) Detections: 1 Type: Executable File Path: %PROGRAMFILES%\SysFiles Group: Malware file Last Updated: August 18, 2017

More files

Registry Details

HealthCareGovTool may create the following registry entry or registry entries:

CLSID

{00D9F0F4-07BB-46A9-9993-C8F7EA2A21F3}

{07FD117E-BAC6-4F75-8570-B4FCE1084A67}

{1B9C5796-93EC-4BD1-B78B-7CA9CC41CBF4}

{2811C0FA-9761-43EA-9AD5-A0421A0B7F39}

{3A9C223B-F390-430D-A334-990BC5E729AB}

{41CB0A85-E6F1-4870-A57C-26B9A4621E48}

{48FA6A2A-A39E-4E08-A210-57D7E485F9C2}

{4AA35302-BF9B-4094-9CDF-BE94BF46E3C1}

{5534719D-3FBF-4B02-9EB1-460277DBE138}

{562B9316-C08A-444A-9482-62080DD851AE}

{61A32176-4B99-4D75-BFCB-5CB2B3B7E42E}

{85F3ED44-E37B-46D1-8BF8-6E49D4F34EC8}

{BB5E0EB5-8A8C-441E-B6B0-D8A5614571C7}

{BF0D7E34-16EC-4682-8144-34007DD3A8C7}

{CB096813-49C6-4D28-A48A-3911F7A2F629}

{D3339B22-715E-4A50-A27D-248949E43CF7}

{DC3AB55D-3513-40CB-8A9B-7ABEF8CA30F2}

{DED2C126-AACF-4F4C-B916-8A220ACCC234}

{EC67C245-F357-4687-A695-B96A7DACF38D}

{F1C51A2C-95E6-4BE8-8323-4ACDA99F68B3}

{F76C5FE5-5CAA-4B3B-8A94-126BC3F47475}

{F81EFBCB-6699-497D-9744-99206A6A88EB}

{FA80FB09-4BE0-4796-AF67-FE5858BC301D}

{FF392F00-BDC2-468B-9255-00F8E8EBD017}

Regexp file mask

%PROGRAMFILES(x86)%\Mozilla Firefox\extensions\healthcare@healthcaregovtool.com.xpi

%temp%\WWatcher[RANDOM CHARACTERS].log

%WINDIR%\SysFilesController\SysFiles_backup.exe

%WINDIR%\SysHealthController\SysFiles_backup.exe

%WINDIR%\System32\Tasks\SysHealth_Controller_Mon

%WINDIR%\System32\Tasks\SysProgs_Controller_Mon

%WINDIR%\System32\WeWatcherLSP64.dll

%WINDIR%\System32\WWatcherLSP64.dll

%WINDIR%\System32\WWatcherProxyOff.ini

%WINDIR%\SysWOW64\WeWatcherLSP.dll

%WINDIR%\SysWOW64\WWatcherLSP.dll

%WINDIR%\SysWOW64\WWatcherProxyOff.ini

HKEY..\..\..\..{RegistryKeys}

SOFTWARE\Classes\AppID\WWatcherProxy.EXE

SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SysHealth_Controller_Mon

SOFTWARE\WeWatcherProxy

SOFTWARE\Wow6432Node\Classes\AppID\WWatcherProxy.EXE

SOFTWARE\Wow6432Node\WeWatcherProxy

SOFTWARE\Wow6432Node\WWatcherProxy

SYSTEM\ControlSet001\Control\SafeBoot\Network\WeWatcherProxy

SYSTEM\ControlSet001\Control\SafeBoot\Network\WWatcherProxy

SYSTEM\ControlSet001\services\WWatcherProxy

SYSTEM\ControlSet002\Control\SafeBoot\Network\WeWatcherProxy

SYSTEM\ControlSet002\Control\SafeBoot\Network\WWatcherProxy

SYSTEM\ControlSet002\services\WWatcherProxy

SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WeWatcherProxy

SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WWatcherProxy

SYSTEM\CurrentControlSet\services\WWatcherProxy

HKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}

HealthcareGovTool

utilPrograms

WebWatcherInstall

WinWiki

Directories

HealthCareGovTool may create the following directory or directories:

%PROGRAMFILES%\HealthcareGovTool

%PROGRAMFILES%\ServiceUpdater

%PROGRAMFILES%\SysPrograms

%PROGRAMFILES%\WebWatcher

%PROGRAMFILES(x86)%\HealthcareGovTool

%PROGRAMFILES(x86)%\ServiceUpdater

%PROGRAMFILES(x86)%\SysPrograms

%PROGRAMFILES(x86)%\WebWatcher

%WinDir%\SysWOW64\config\systemprofile\AppData\Local\WWatcherProxy

EnigmaSoft's SpyHunter for Windows Has Achieved AV-TEST Certification

Search

Change Region

HealthCareGovTool

Threat Scorecard

EnigmaSoft Threat Scorecard

Aliases

SpyHunter Detects & Remove HealthCareGovTool

File System Details

Registry Details

Directories

Submit Comment

Trending

Weisx App

Yourwebarmorsolutions.com

LinkedIn Request To Buy From You Scam

Most Viewed

Discord Is Stuck on Gray Screen

Discord Shows Black Screen when Sharing Screen

How To Fix 'Printer Driver is Unavailable' Error