Windows Care Taker

Posted in: Malware

Call Toll Free in the US and Canada!

Title: Windows Care Taker
Type: Rogue Antispyware

Remove Windows Care Taker. Removal instructions

 
Also known as: WindowsCareTaker
Severity scale:  (73 / 100)


 

Windows Care Taker is a rogue anti-spyware program that should be removed from the infected computer as soon as possible. This rogue anti-spyware program pretends to scan your computer for dangerous viruses and all sorts of malware. Once the scan is finished, Windows Care Taker states that it has found some serious malware infections on your computer that should be removed immediately; otherwise your computer might be infected with additional malware as well. What you should know is that this rogue anti-spyware program reports the same malware infections on every infected computer, so obviously you shouldn’t trust it. The rogue program then prompts to pay for a full version of the program to remove supposedly found malware infections. Don’t fall victim to to this scam and remove it from your computer as soon as possible. Please use the removal instructions outlined below. We strongly recommend you to use an automatic removal tool to remove Windows Care Taker but you can choose to remove the rogue manually as well. 

While Windows Care Taker is running, it will display numerous fake security alerts about serious security problems and infections. It will also display fake notifications from your Windows taskbar and even change your Desktop background. However, the biggest problem is that it may actually bock legitimate antivirus programs and some antivirus related websites. Windows task manager and registry editor may be blocked as well to make the removal process a lot more complicated for end user. In such case, you should restart your computer in safe mode with networking and download an automatic removal tool. Some of the fake alerts read:

System Security Warning
Attempt to modify register key entries is detected. Register entries analysis is recommended.
Warning!
Location: c:\windows\system32\taskmgr.exe
Viruses: Backdoor.Win32.Rbot

As you can see, Windows Care Taker is a scam that tries to make you buy the rogue program. If you find that your computer is infected then please follow Windows Care Taker removal instructions below to remove the rogue program and any related malware from your computer. 

Windows Care Taker snapshot:

Automatic Windows Care Taker removal:

remover for Windows Care Taker

Spyware Doctor is recommended remover to uninstall Windows Care Taker.
You should confirm using free trial that it detects current version of parasite.


Note:
Manual assistance required means that one or all of removers were unable to remove parasite without some manual intervention,
please read manul removal instructions below.

If you failed to remove Windows Care Taker using Spyware Doctor please report this to us.

We might be affiliated with any product we recommend on the site. Full disclosure in our Agreement of Use.

SpyHunter
download | review | tutorial

We are testing SpyHunter’s efficiency at removing Windows Care Taker
(2012-04-05 04:33:13)

STOPzilla
download | review

We are testing STOPzilla’s efficiency at removing Windows Care Taker
(2012-04-05 04:33:13)

Malwarebytes Anti Malware
download | review

We are testing Malwarebytes Anti Malware’s efficiency at removing Windows Care Taker
(2012-04-05 04:33:13)

XoftSpySE Anti Spyware
download | review

Windows Care Taker manual removal:

Kill processes:
Protector-[rnd].exe

HELP:
how to kill malicious processes

Delete registry values:
HKEY_CURRENT_USER\\Software\Microsoft\\Windows\\CurrentVersion\\Internet Settings “WarnOnHTTPSToHTTPRedirect” = 0
HKEY_CURRENT_USER\\Software\Microsoft\\Windows\\CurrentVersion\\Policies\\System “DisableRegedit” = 0
HKEY_CURRENT_USER\\Software\Microsoft\\Windows\\CurrentVersion\\Policies\\System “DisableRegistryTools” = 0
HKEY_CURRENT_USER\\Software\Microsoft\\Windows\\CurrentVersion\\Policies\\System “DisableTaskMgr” = 0
HKEY_CURRENT_USER\\Software\Microsoft\\Windows\\CurrentVersion\\Run “Inspector”
HKEY_CURRENT_USER\\Software\Microsoft\\Windows\\CurrentVersion\\Settings “net” = “2012-3-11_2?
HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Settings “UID” = “origkboryd”
HKEY_LOCAL_MACHINE\\SOFTWARE\Microsoft\\Windows NT\\CurrentVersion\\Image File Execution Options\\atcon.exe
HKEY_LOCAL_MACHINE\\SOFTWARE\Microsoft\\Windows NT\\CurrentVersion\\Image File Execution Options\\bipcp.exe
HKEY_LOCAL_MACHINE\\SOFTWARE\Microsoft\\Windows NT\\CurrentVersion\\Image File Execution Options\\ecengine.exe
HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Image File Execution Options\\infwin.exe
HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Image File Execution Options\\msconfig
HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Image File Execution Options\\PavFnSvr.exe
HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Image File Execution Options\\sahagent.exe
HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Image File Execution Options\\titaninxp.exe
HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Image File Execution Options\\wsbgate.exe

HELP:
how to remove registry entries

Delete files:
%AppData%\NPSWF32.dll %AppData%\Protector-3 characters.exe %AppData%\result.db %CommonStartMenu%\Programs\Windows Care Taker.lnk %Desktop%\Windows Care Taker.lnk

HELP:
how to remove harmful files
Information added: 2012-04-05 04:33:13
Information updated: 2012-04-06 08:54:43
Tags: , ,