Windows Care Taker
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Ranking: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
Ranking: | 3,145 |
Threat Level: | 20 % (Normal) |
Infected Computers: | 6,299 |
First Seen: | April 5, 2012 |
Last Seen: | September 17, 2023 |
OS(es) Affected: | Windows |
ESG malware analysts have been dealing with a large outbreak of FakeVimes rogue security applications since the beginning of 2012. This family of malware has been active since 2009, with new versions of its fake security programs released periodically. ESG security researchers reported a large batch of FakeVimes rogue security programs that were released in 2012. Windows Care Taker belongs to this group of clones of FakeVimes malicious software. Like most rogue security programs, Windows Care Taker pretends to be a legitimate security program in order to extort money from its victims.
There are dozens (or even hundreds) of versions of malware identical to Windows Care Taker, including FakeVimes rogue security programs named Virus Melt, Presto TuneUp, Fast Antivirus 2009, Extra Antivirus, Windows Security Suite, Smart Virus Eliminator, Packed.Generic.245, Volcano Security Suite, Windows Enterprise Suite, Enterprise Suite, Additional Guard, PC Live Guard, Live PC Care, Live Enterprise Suite, Security Antivirus, My Security Wall, CleanUp Antivirus, Smart Security, Windows Protection Suite, Windows Work Catalyst. Despite their different names, the only real difference between one version of Windows Care Taker and another is in the file names, which are generated randomly. Windows Care Taker will use an executable file with the prefix "inspector-" and a short string of three random letters. These three random letters have been used by FakeVimes rogue security programs to name their files since the very first versions of these fake security programs.
Table of Contents
Taking a Closer Look at the Windows Care Taker Scam
The Windows Care Taker scam is identical to the one used by most fake security programs. These malicious applications infiltrate victim's computer through various means, usually with the help of a dropper Trojan or via social engineering methods. Once inside the victim's computer, they will deliberately cause a number of problems, such as making the victim's computer run slowly or become more unstable. These problems are accompanied with numerous fake security alerts, error messages and a fake system scan, all claiming that the victim's computer is severely infected with malware (despite the fact that the real malware infection is Windows Care Taker itself). The victim is then prompted to purchase a "full version" of the Windows Care Taker "anti-virus" in order to fix these imaginary problems. Of course, since Windows Care Taker has no real anti-virus capabilities, paying for this fake security program is a waste of your money. Do not fall for the Windows Care Taker scam! Instead, use a real, reliable anti-malware application to detect Windows Care Taker and its associated malware and to remove them from your computer system permanently.
Windows Care Taker Video
Tip: Turn your sound ON and watch the video in Full Screen mode.
File System Details
# | File Name |
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
|
---|---|---|
1. | %AppData%\Inspector-[RANDOM CHARACTERS].exe | |
2. | %AppData%\npswf32.dll | |
3. | %CommonPrograms%\Windows Care Taker.lnk | |
4. | %DesktopDir%\Windows Care Taker.lnk |
Registry Details
URLs
Windows Care Taker may call the following URLs:
mp3vizor.com |