VDoctor
VDoctor is a rogue security program which spreads via the Internet by using Trojans and fake online security websites. VDoctor is installed on victim computers without the user's approval. It will secretly enter the system before modifying settings and registry entries to have itself run whenever Windows is operating. Once active, computer users may experience constant security alert pop-ups advertising VDoctor. VDoctor runs its own virus scan which detects false threats on the computer to mislead users into getting the licensed version of this useless program. VDoctor poses a huge security threat to PC safety and should be terminated immediately.
File System Modifications
- The following files were created in the system:
# File Name 1 C:\Documents and Settings\All Users\Application Data3245\VDoced06.exe 2 C:\Documents and Settings\All Users\Application Data\3245 3 C:\Documents and Settings\All Users\Application Data\3245\Languages 4 C:\Documents and Settings\All Users\Application Data\3245\Languages\VDDe.lng 5 C:\Documents and Settings\All Users\Application Data\3245\Languages\VDFr.lng 6 C:\Documents and Settings\All Users\Application Data\3245\Languages\VDIt.lng 7 C:\Documents and Settings\All Users\Application Data\3245\System Data Configuration 8 C:\Documents and Settings\All Users\Application Data\3245\System Data Configuration\DBInfo.ver 9 C:\Documents and Settings\All Users\Application Data\3245\System Data Configuration\vd952342.bd 10 C:\Documents and Settings\All Users\Application Data\3245\unins000.exe 11 C:\Documents and Settings\All Users\Application Data\3245\VDoctor.exe 12 C:\Documents and Settings\All Users\Application Data\System Data Configuration 13 C:\Documents and Settings\All Users\Application Data\System Data Configuration\config.cfg 14 C:\Documents and Settings\All Users\Application Data\System Data Configuration\DB.ini 15 C:\Documents and Settings\All Users\Application Data\System Data Configuration\fsvd6398.db 16 C:\Documents and Settings\user\Application Data\Microsoft\Internet Explorer\Quick Launch\Virus Doctor.lnk 17 C:\Documents and Settings\user\Application Data\Virus Doctor 18 C:\Documents and Settings\user\Application Data\Virus Doctor\settings.ini 19 C:\Documents and Settings\user\Application Data\Virus Doctor\uill.ini 20 C:\Documents and Settings\user\Desktop\Virus Doctor.lnk 21 C:\Documents and Settings\user\Start Menu\Programs\Virus Doctor.lnk 22 C:\Documents and Settings\user\Start Menu\Virus Doctor.lnk
Registry Modifications
- The following newly produced Registry Values are:
HKEY..\..\..\..{Subkeys}HKCU\Software\Microsoft\Windows\CurrentVersion\Run\Virus DoctorHKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}Virus Doctor_is1
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.