Antimalware Doctor
From Wiki-Security, the free encyclopedia of computer security
|
||||||||||||||||
Antimalware Doctor, also called Antimalware Doctor Protection Center, is a rogue anti-virus program. Antimalware Doctor is part of a scam, to try to trick you into paying money for nonexistent anti-virus software. Antimalware Doctor will try very hard to drive you to think you have to pay for the bogus software, but you should not fall for its tricks. Antimalware Doctor is incapable of performing any useful system functions, and it is nothing more than an infection.
Like most rogue anti-virus applications, Antimalware Doctor typically infects a computer as the payload of a Trojan, and the whole scam originated in Russia. Infections of Antimalware Doctor started to show up in February 2010, but since then it has not disappeared. Antimalware Doctor continues to exist as a scam, along with other rogue anti-virus programs that are based on it or copy it. Antimalware Doctor may be significantly more dangerous than other rogue anti-virus infections, so quick action is generally recommended when dealing with a suspected Antimalware Doctor infection.
Antimalware Doctor is typical in that it causes a bunch of bogus security warnings to pop up, may redirect your web browser or slow down your computer, and will prevent other programs from opening. Antimalware Doctor will set itself up to run a fake system scan after Windows starts, and then it will give you a list of "threats," which is entirely made-up and is there just to scare you. It will constantly prompt you to buy the "full" version of its software, in order to remove the bogus threats. All of this is pretty run-of-the-mill for a rogue anti-virus, but Antimalware Doctor gets worse than that.
First of all, the fake security warnings that Antimalware Doctor generates include claims that are over the top, for example, that someone is trying to hack your computer to steal your information, transfer your private data over the Internet, or "block" your computer (whatever that is supposed to mean). So Antimalware Doctor creates this heavy emphasis on needing to buy the software so that someone doesn't steal your files or your identity, rather than just claiming that your system is under attack from a virus. Ironically, there have been claims that some of the behind-the-scenes portions of the Antimalware Doctor infection are there in order to monitor the user's activities and manipulate their data, for reasons unknown. Antimalware Doctor can also change your desktop settings and redirect your browser when you attempt to access the Internet.
Antimalware Doctor goes to great lengths to make itself look like real anti-malware, including generating pop-ups from the task bar. It will often use Windows fonts and logos, including the four-colored shield associated with legitimate Windows security features. It may look quite realistic and polished, so it is important to pay attention to what is going on before deciding that an unusually scary or outlandish warning message is real.
As of December 2010 or January 2011, Antimalware Doctor may be associated with the Tazinga Redirect virus, which is a browser hijacker. Remember that no matter how you wind up getting a warning that you need to buy Antimalware Doctor, it is malware and cannot be trusted.
To check your computer for Antimalware Doctor, download
SpyHunter Spyware Detection Tool.
SpyHunter spyware detection tool is only a scanner meant to assist you in detecting Antimalware Doctor and other threats. If you detect the presence of Antimalware Doctor on your PC, you have the opportunity to purchase the SpyHunter removal tool to remove any traces of Antimalware Doctor.
Contents |
Detection of Antimalware Doctor (Recommended)
Antimalware Doctor is difficult to detect and remove. Antimalware Doctor is not likely to be removed through a convenient "uninstall" feature. Antimalware Doctor, as well as other spyware, can re-install itself even after it appears to have been removed.
You also run the risk of damaging your computer since you're required to find and delete sensitive files in your system such as DLL files and registry keys. It is recommended you use a good spyware remover to remove Antimalware Doctor and other spyware, adware, trojans and viruses on your computer.
Run a Antimalware Doctor scan/check to successfully detect all Antimalware Doctor files with the SpyHunter Spyware Detection Tool. If you wish to remove Antimalware Doctor, you can either purchase the SpyHunter spyware removal tool to remove Antimalware Doctor or follow the Antimalware Doctor manual removal method provided in the "Remedies and Prevention" section.
Method of Infection
There are many ways your computer could get infected with Antimalware Doctor. Antimalware Doctor can come bundled with shareware or other downloadable software.
Another method of distributing Antimalware Doctor involves tricking you by displaying deceptive pop-up ads that may appear as regular Windows notifications with links which look like buttons reading Yes and No. No matter which "button" that you click on, a download starts, installing Antimalware Doctor on your system. Antimalware Doctor installs on your computer through a trojan and may infect your system without your knowledge or consent.
If you think you may already be infected with Antimalware Doctor, use this SpyHunter Spyware dectection tool to detect Antimalware Doctor and other common Spyware infections. After detection of Antimalware Doctor, the next advised step is to remove Antimalware Doctor with the purchase of the SpyHunter Spyware removal tool.
Symptoms
Antimalware Doctor may attempt to change your computer's desktop, hijack your browser, monitor your Internet browsing activities, change system files, and can do this without your knowledge or permission. Therefore, it is strongly recommended to remove all traces of Antimalware Doctor from your computer.
Remedies and Prevention
Antimalware Doctor, as well as other Spyware, are constantly evolving and becoming more advanced to avoid detection. Antimalware Doctor along with its variants can install in different locations and even when you try to uninstall it you find they reappear when you reboot your computer.
Install a good anti-spyware software
When there's a large number of traces of Spyware, for example Antimalware Doctor, that have infected a computer, the only remedy may be to automatically run a Spyware scan from a good anti-spyware software designed to detect Antimalware Doctor and other types of spyware.
Remove Antimalware Doctor manually
Another method to remove Antimalware Doctor is to manually delete Antimalware Doctor files in your system. Detect and remove the following Antimalware Doctor files:
Processes
- C:\Windows\System32\Antimalware Doctor.exe
- newsecureapp70700.exe
- 070700Setup.exe
- [RANDOM]70700.exe
- setupapp7070010000.exe
- C:\Documents and Settings\[USERNAME]\My Documents\New Folder\setupapp7070010000.exe
DLLs
- C:\Documents and Settings\[USERNAME]\My Documents\New Folder\hookdll.dll
Other Files
- C:\Windows\System32\enemies-names.txt
- C:\Documents and Settings\[USERNAME]\My Documents\New Folder\enemies-names.txt
Registry Keys
- HKEY_CURRENT_USER\Software\Antimalware Doctor Inc\Antimalware Doctor\affid=7070010000
- HKEY_CURRENT_USER\Software\Antimalware Doctor Inc\Antimalware Doctor\datarl2=KRoAGVdOQwQVExE3BAYNQRsl
- HKEY_CURRENT_USER\Software\Antimalware Doctor Inc\Antimalware Doctor\datarl1=KRoAGVdOQwQVExEoAAIQQRsl
- HKEY_CURRENT_USER\Software\Antimalware Doctor Inc\Antimalware Doctor\datarlA=KRoAGVdOQwQVExEoAAIQQRsl
- HKEY_CURRENT_USER\Software\Antimalware Doctor Inc\Antimalware Doctor
- HKEY_CURRENT_USER\Software\Antimalware Doctor Inc
- HKEY_CURRENT_USER\Software\Antimalware Doctor Inc\Antimalware Doctor\virus_signatures=62171
- HKEY_CURRENT_USER\Software\Antimalware Doctor Inc\Antimalware Doctor\database_version=256
- HKEY_CURRENT_USER\Software\Antimalware Doctor Inc\Antimalware Doctor\install_time=5/16/2010 2:56:25 AM
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Antimalware Doctor
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Antimalware Doctor\NoModify=1
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Antimalware Doctor\NoRepair=1
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\setupapp7070010000.exe=C:\Documents and Settings\[USERNAME]\My Documents\New Folder\setupapp7070010000.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Antimalware Doctor\DisplayIcon=C:\Documents and Settings\[USERNAME]\My Documents\New Folder\setupapp7070010000.exe,0
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Antimalware Doctor\DisplayName=Antimalware Doctor
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Antimalware Doctor\InstallLocation=C:\Documents and Settings\[USERNAME]\My Documents\New Folder\
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Antimalware Doctor\UninstallString=C:\Documents and Settings\[USERNAME]\My Documents\New Folder\setupapp7070010000.exe /uninstall
- HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache\C:\Documents and Settings\[USERNAME]\My Documents\New Folder\setupapp7070010000.exe=
External links
|
- Remove Antimalware Doctor - Easy Antimalware Doctor removal steps. Parasite database on how to remove spyware and rogue anti-spyware programs.
- McAfee Threat Center - Library of detailed information on viruses.
- How Spyware And The Weapons Against It Are Evolving
- Crimeware: Trojans & Spyware
- Windows System Update - Latest bug fixes for Microsoft Windows
|