March 22, 2011

Windows Care Tool.

Windows Care Tool is a malicious program that was designed for the one big purpose which is to rip users off.
As any other representative from this family, Windows Care Tool may look completely legitimate security program because it displays trustworthy looking alerts reporting about various errors and viruses detected. The fact is that these cyber threats are usually created by the same Windows Care Tool creators with a reason to make you scared into updating the ‘license’. This requirement means nothing else but support for scammers because you will simply be made to share your money with them. So, stop this money-making machine and remove Windows Care Tool as soon as you notice its activity.

When trying to uninstall Windows CareTool virus, you may find some problems when launching your anti-spyware program. This virus may be disabled by going into safe mode with networking and stopping its randomly named processes running in the background. Because of these executables, Windows Care Tool has ability to launch after you reboot your computer and try to go on the Internet. Instead of reaching your expected website, this fake anti-virus starts displaying fake system scanners and alerts that all will announce viruses. 


Kill malicious Processes from Task Manager:
  • [random].exe
 Location of the infection:
  1.  %UserProfile%\Application Data\[random].exe 
Registry Entries to be removed. (Take a backup of registry, before editing it)
  1. HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Winlogon "Shell" = '%UserProfile%\Application Data\<random>.exe'
  2. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\egui.exe "Debugger" = 'svchost.exe'
  3. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ekrn.exe "Debugger" = 'svchost.exe'
  4. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msascui.exe "Debugger" = 'svchost.exe'

Although it is possible to manually remove Windows Care Tool, such activity can permanently damage your system if any mistakes are made in the process, as advanced spyware parasites are able to automatically repair themselves if not completely removed. Thus, manual spyware removal is recommended for experienced users only, such as IT specialists or highly qualified system administrators. For other users, we recommend  malware and spyware removal applications.

After removing all these files, restart your computer and the issue will be fixed. And don’t forget to do update your Security Software, check the Firewall Settings and the Operating System and finally do a full system scan with the Security Software.


Post a Comment

Related Posts Plugin for WordPress, Blogger...

Search This Blog



There was an error in this gadget
Twitter Delicious Facebook Digg Stumbleupon Favorites More