How to Remove Virus Doctor (or Remove VirusDoctor) | Virus Doctor Removal
It looks as though that Virus Doctor (or Virusdoctor) is an older rogue antivirus application, but since it seems related to the search I was seeing lot’s of last night about rootscan.info I thought I would devote an article to the removal instructions for virus doctor. Since it may be related to Windows PC Defender, you may see an article on that coming up this evening. But, first to the matter at hand: How to carry out a virus doctor removal.
First of VIrus Doctor is a rogue antivirus application that claims to find problems on your system and then it claims to be able to fix them if and only if you pay for the software. It usually finds its way on your system through a popup ad that claims your system is infected and then closing the popup redirects you to another web page with an animation of a scan of your pc claiming that it’s finding problems.
You may see messages such as this:
Malicious applications which can contain trojans found on your PC need to be immediately removed. Click here to remove these potentially harmful items immediately with Virus Doctor.
An unauthorized program has been prevented from accessing your PC.#Port:433 from 92.11.127.10
It should be possible to remove virus doctor by downloading malwarebytes antimalware, updating it to the latest version and running a full scan of the system. (You can find a link to malwarebytes antimalware on my virus removal toolkit page.
You may want to try running malwarebytes antimalware in safe mode if the first attempt is unsuccessful. I would try this before a manual removal.
If you need to do a manual removal you can use the following information to help:
The following sites should be blocked (using the hosts file):
virusdoctor-online.com
av1-scanner.info
av1-download.info
virusdoctoronline.com
best-click-scanner.info
av-best.info
scanner.av-best.info
download.av-best.info
You may make use of Task manager to kill of the following processes:
VirusDoctor.exe
VDocf360.exe
unins000.exe
VDo[RANDOM].exe
The following dll files will need to be unregistered:
mozcrt19.dll
sqlite3.dll
And the following files and their folders should be removed:
%UserProf%Application DataMicrosoftInternet ExplorerQuick LaunchVirus Doctor.lnk
%UserProf%Application DataVirus Doctorsettings.ini
%UserProf%Application DataVirus Doctoruill.ini
%UserProf%DesktopVirus Doctor.lnk
%UserProf%Start MenuProgramsVirus Doctor.lnk
%UserProf%Start MenuVirus Doctor.lnk
%Docs%All UsersApplication Data[RANDOM]LanguagesVDDe.lng
%Docs%All UsersApplication Data[RANDOM]LanguagesVDFr.lng
%Docs%All UsersApplication Data[RANDOM]LanguagesVDIt.lng
%Docs%All UsersApplication Data[RANDOM]System Data ConfigurationDBInfo.ver
%Docs%All UsersApplication Data[RANDOM]System Data Configurationvd[RANDOM].bd
%Docs%All UsersApplication Data[RANDOM]unins000.dat
%Docs%All UsersApplication DataSystem Data Configurationconfig.cfg
%Docs%All UsersApplication DataSystem Data ConfigurationDB.ini
l5yM1JLo.exe.part
I_iHBi4m.exe.part
4nRqp5nw.exe.part
Some of the above may be created using random strings so be suspicious of files or folders that don’t seem to be naturally named.
Even after a manual removal, I suggest running a tool such as malwarebytes antimalware for a more thorough cleaning. Update and run it again after it cleans out the things it finds. (I like to run such utilities until it comes clean.)
Virus Doctor may be relate to the newer rogue Windows Additional Guard.
Popularity: 1% [?]
Related Posts - How to Remove Malware Professional 2010 | Malware Professional 2010 Removal Guide Malware Professional 2010 is a rogue security application. It is not a trusted malware removal utility and I hope users won't be fooled by their claims of problem on their system that it claims only can be removed if you pay for their software. Unfortunately many users may be tricked......
- How to Remove AntiSpyware Shield Pro | AntiSpyware Shield Pro Removal AntiSpyware Shield Pro is a rogue antivirus that typically is installed via trojans or other malware. Once it's invited itself onto the system it will do all sorts of things. It will popup warnings about the computers security. It will scan the computer for viruses and find many files that......
- How to Remove Additional Guard | Additional Guard Removal Guide Additional Guard is a rogue antivirus application and like many of these it can either be installed with or without the users permission. Even without a person actually wanting it, but simply visiting the wrong web page users may find this program on their system. Once on their system this......
Related Websites - How to Remove Antivirus 2009, Spyware Guard 2008 and Other Malware My wife, kids, and I spent this past Christmas at my parents' house. It wasn't long after we arrived before I gravitated to their computer to check my email, read the news, check the stock market, etc. Much to my dismay, I found a barrage of malware, spyware, and......
- World Wide Web Security Essentials Is Not A Real Spyware Remover. It Resembles The Functions And Looks World wide web Security Essentials is not a real spyware remover. It resembles the functions and looks of genuine spyware removal software but has no capacity to eliminate any virus, trojan or malware. Web Security Essentials is the newest addition to the growing list of rogue Antivirus programs. Internet Security......
- Security Innovation Introduces Software Security Summer Series WILMINGTON, Mass. – July 12, 2011 -- Security Innovation today introduced its inaugural Software Security Summer Series, where the company will offer six free eLearning courses from its industry-leading curriculum over the next six weeks. The courses are part of TeamProfessorTM, the company’s computer-based training library with an emphasis on......
Similar Posts
- How to Remove Windows System Defender | Removal Guide
- Remove Total Security 2009 | TotalSecurity 2009 Removal
- How to Remove Windows Smart Security (Removal Guide)
- How to Remove Windows PC Defender | Windows PC Defender Removal
- How to Remove Windows Enterprise Defender (Removal Guide)