TrustDoctor
TrustDoctor (Trust Doctor) is a rogue antivirus program from the WiniGuard family. These rogues are installed through a browser security hole or from a malicious website that advertises the WiniGuard program. After Trust Doctor is installed it starts displaying numerous popups and notifications that are all bogus. TrustDoctor wants you to purchase a full version of the WiniGuard rogue. TrustDoctor is also associated with the Zlob Trojan and may be difficult to manually remove.
File System Modifications
- The following files were created in the system:
# File Name 1 %Documents and Settings%\All Users\Desktop\TrustDoctor.lnk 2 %Documents and Settings%\All Users\Start Menu\Programs\TrustDoctor 3 %Documents and Settings%\All Users\Start Menu\Programs\TrustDoctor\1 TrustDoctor.lnk 4 %Documents and Settings%\All Users\Start Menu\Programs\TrustDoctor\2 Homepage.lnk 5 %Documents and Settings%\All Users\Start Menu\Programs\TrustDoctor\3 Uninstall.lnk 6 %Program Files%\TrustDoctor Software 7 %Program Files%\TrustDoctor Software\TrustDoctor 8 %Program Files%\TrustDoctor Software\TrustDoctor\TrustDoctor.exe 9 %Program Files%\TrustDoctor Software\TrustDoctor\uninstall.exe 10 %Temp%\{random}.exe 11 %WINDOWS%\101213zo9m49d5.cpl 12 %WINDOWS%\10566wormz5e.dll 13 %WINDOWS%\system32\15274hzcktool3d59.bin 14 %WINDOWS%\system32\2325viruz9.dll 15 %WINDOWS%\system32\77481tzoj56fc.bin 16 %WINDOWS%\system32\{random}.exe
Registry Modifications
- The following newly produced Registry Values are:
HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "{random}.exe"HKEY_CURRENT_USER\Software\TrustDoctorHKEY_LOCAL_MACHINE\SOFTWARE\TrustDoctorHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\..{RunKeys}HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "TrustDoctor"HKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}TrustDoctor
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.