How to Remove Virus Doctor (or Remove VirusDoctor) | Virus Doctor Removal



It looks as though that Virus Doctor (or Virusdoctor) is an older rogue antivirus application, but since it seems related to the search I was seeing lot’s of last night about rootscan.info I thought I would devote an article to the removal instructions for virus doctor. Since it may be related to Windows PC Defender, you may see an article on that coming up this evening. But, first to the matter at hand: How to carry out a virus doctor removal.


First of VIrus Doctor is a rogue antivirus application that claims to find problems on your system and then it claims to be able to fix them if and only if you pay for the software. It usually finds its way on your system through a popup ad that claims your system is infected and then closing the popup redirects you to another web page with an animation of a scan of your pc claiming that it’s finding problems.

You may see messages such as this:

Malicious applications which can contain trojans found on your PC need to be immediately removed. Click here to remove these potentially harmful items immediately with Virus Doctor.

An unauthorized program has been prevented from accessing your PC.#Port:433 from 92.11.127.10

It should be possible to remove virus doctor by downloading malwarebytes antimalware, updating it to the latest version and running a full scan of the system. (You can find a link to malwarebytes antimalware on my virus removal toolkit page.

You may want to try running malwarebytes antimalware in safe mode if the first attempt is unsuccessful. I would try this before a manual removal.

If you need to do a manual removal you can use the following information to help:

The following sites should be blocked (using the hosts file):

virusdoctor-online.com
av1-scanner.info
av1-download.info
virusdoctoronline.com
best-click-scanner.info
av-best.info
scanner.av-best.info
download.av-best.info

You may make use of Task manager to kill of the following processes:
VirusDoctor.exe
VDocf360.exe
unins000.exe
VDo[RANDOM].exe

The following dll files will need to be unregistered:

mozcrt19.dll
sqlite3.dll

And the following files and their folders should be removed:

%UserProf%Application DataMicrosoftInternet ExplorerQuick LaunchVirus Doctor.lnk
%UserProf%Application DataVirus Doctorsettings.ini
%UserProf%Application DataVirus Doctoruill.ini
%UserProf%DesktopVirus Doctor.lnk
%UserProf%Start MenuProgramsVirus Doctor.lnk
%UserProf%Start MenuVirus Doctor.lnk
%Docs%All UsersApplication Data[RANDOM]LanguagesVDDe.lng
%Docs%All UsersApplication Data[RANDOM]LanguagesVDFr.lng
%Docs%All UsersApplication Data[RANDOM]LanguagesVDIt.lng
%Docs%All UsersApplication Data[RANDOM]System Data ConfigurationDBInfo.ver
%Docs%All UsersApplication Data[RANDOM]System Data Configurationvd[RANDOM].bd
%Docs%All UsersApplication Data[RANDOM]unins000.dat
%Docs%All UsersApplication DataSystem Data Configurationconfig.cfg
%Docs%All UsersApplication DataSystem Data ConfigurationDB.ini
l5yM1JLo.exe.part
I_iHBi4m.exe.part
4nRqp5nw.exe.part

Some of the above may be created using random strings so be suspicious of files or folders that don’t seem to be naturally named.

Even after a manual removal, I suggest running a tool such as malwarebytes antimalware for a more thorough cleaning. Update and run it again after it cleans out the things it finds. (I like to run such utilities until it comes clean.)

Virus Doctor may be relate to the newer rogue Windows Additional Guard.

Related Posts

Blog Traffic Exchange Related Posts
  • How to Remove Additional Guard | Additional Guard Removal Guide Additional Guard is a rogue antivirus application and like many of these it can either be installed with or without the users permission. Even without a person actually wanting it, but simply visiting the wrong web page users may find this program on their system. Once on their system this......
  • How to Remove PC Live Guard | PC Live Guard Removal Guide PC Live Guard is a Rogue antivirus application that typically installs on a system through aggressive advertising and fake scan sites. You will see things that pop up appearing to be a scan of your computer, but it's really just an ad pushing this product. Once the software is on......
  • How to Remove Antivir | Antivir Removal Guide Antivir is a rogue antivirus application that is pushed through web site popup ads on unsuspecting users. Basically in web browsing you may see a popup claiming that your computer is infected and you should run a malware scan. Clicking to proceed will probably show an animation of a scan......
Blog Traffic Exchange Related Websites
  • Security Innovation Introduces Software Security Summer Series WILMINGTON, Mass. – July 12, 2011 -- Security Innovation today introduced its inaugural Software Security Summer Series, where the company will offer six free eLearning courses from its industry-leading curriculum over the next six weeks. The courses are part of TeamProfessorTM, the company’s computer-based training library with an emphasis on......
  • How to Remove Antivirus 2009, Spyware Guard 2008 and Other Malware My wife, kids, and I spent this past Christmas at my parents' house. It wasn't long after we arrived before I gravitated to their computer to check my email, read the news, check the stock market, etc. Much to my dismay, I found a barrage of malware, spyware, and......
  • World Wide Web Security Essentials Is Not A Real Spyware Remover. It Resembles The Functions And Looks World wide web Security Essentials is not a real spyware remover. It resembles the functions and looks of genuine spyware removal software but has no capacity to eliminate any virus, trojan or malware. Web Security Essentials is the newest addition to the growing list of rogue Antivirus programs. Internet Security......
PDF24    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site