Antimalware Doctor
Posted: February 22, 2010
Threat Metric
The Threat Meter is a malware assessment that SpywareRemove.com's research team is able to
give every identifiable malware threat. Our Threat Meter includes several criteria based off of
specific malware threats to value their severity, reach and volume. The Threat Meter is able to give
you a numerical breakdown of each threat's initial Threat Level, Detection Count, Volume Count,
Trend Path and Percentage Impact. The overall ranking of each threat in the Threat Meter is a basic
breakdown of how all threats are ranked within our own extensive malware database. The scoring for
each specific malware threat can be easily compared to other emerging threats to draw a contrast in
its particular severity. The Threat Meter is a useful tool in the endeavor of seeking a solution to
remove a threat or pursue additional analytical research for all types of computer users.
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
| Ranking: | 14,583 |
|---|---|
| Threat Level: | 10/10 |
| Infected PCs: | 33,157 |
| First Seen: | March 19, 2010 |
|---|---|
| Last Seen: | July 25, 2023 |
| OS(es) Affected: | Windows |
Antimalware Doctor is a rogue anti-malware scanner that imitates Microsoft products to gain the user's trust. However, Antimalware Doctor's actual functions are entirely malevolent. Antimalware Doctor will generate inaccurate error messages and scan results in an attempt to encourage the user to buy Antimalware Doctor's full version, which is just as undesirable. Antimalware Doctor may spread by Trojans and other dishonest means as well as through direct downloads. The rogue product Antimalware Doctor has absolutely no positive traits associated with it and should be deleted as an infection no better for your computer than a Trojan.
Details of the Unsavory 'Doctor'
Antimalware Doctor joins many other rogue anti-malware products in having a likely origin in Russia, which necessitates an extra layer of caution when dealing with Russian file sources. The rogue product Antimalware Doctor is a bit less new than some, being a 2010 infection, but Antimalware Doctor remains new enough that updates may be required if you want your security software to catch Antimalware Doctor before it infects your computer. Signs of Antimalware Doctor may include, but aren't restricted to some of the common rogue anti-malware product behaviors listed here:
- The alteration of your registry to allow Antimalware Doctor to run prior to Windows displaying your desktop. In addition to being , regardless of whether you wish it to be or not, Antimalware Doctor may take precedence over your desktop and insist on a scanning activity before normal computer use can resume.
- Falsified scan results. Antimalware Doctor has no anti-malware functions, since all of its results are determined independently of your system's actual condition. This makes sitting through Antimalware Doctor's scanning an utter waste of your time.
- Even after the scan is finished, Antimalware Doctor is likely to continue to bother you with error messages after error messages. These hold no more validity than the scanning results, and attempts by Antimalware Doctor to frighten you with serious-sounding infection reports should be treated with contempt.
- Antimalware Doctor may also redirect your browser to its own website or other malicious ones. Using your browser while Antimalware Doctor or other rogue anti-spyware software is installed is likely to be challenging at best and dangerous at worst.
Treat Antimalware Doctor Like Any Other Malware
Under no circumstances is paying for Antimalware Doctor justified, since the infection will continue to harm your computer and registry will not make deleting Antimalware Doctor any easier. Antimalware Doctor has been reported to be bundled with other kinds of malware, so one should be ready to scan one's entire system for all possible infections as well as close any newly-opened security holes. Popular brands of anti-malware scanners will usually be able to counteract infections like Antimalware Doctor, but deleting Antimalware Doctor isn't something to put off even if you're sure you can handle its negative effects on your system.
Aliases
SHeur3.ABVK [AVG]Dropper/Fraudrop.1051136.D [AhnLab-V3]Trojan/Win32.FrauDrop.gen [Antiy-AVL]Artemis!E4C053ED084A [McAfee-GW-Edition]Trojan-Dropper.Win32.FrauDrop.atf [Kaspersky]Win32.GenVariant.Tds [eSafe]W32/Trojan2.DMR [F-Prot]Artemis!DF4DC4435480 [McAfee]Generic18.CHP [AVG]a variant of Win32/Kryptik.EUA [NOD32]Artemis!36AA2D70D002 [McAfee-GW-Edition]Trojan-Dropper.Win32.FrauDrop.ask [Kaspersky]Generic18.BYQ [AVG]Artemis!CFE7282C6DB3 [McAfee-GW-Edition]Trojan-Dropper.Win32.FrauDrop.asd [Kaspersky]
More aliases (334)
More aliases (334)
Technical Details
File System Modifications
Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.
The following files were created in the system:%APPDATA%\E06FFF1668B833174DB7958BC05AD647\badoversion707001000lux.exe
File name: badoversion707001000lux.exeSize: 1.04 MB (1040896 bytes)
MD5: cea0493a4b5fafb27dca7b181c1527fa
Detection count: 433
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\E06FFF1668B833174DB7958BC05AD647
Group: Malware file
Last Updated: October 22, 2010
%APPDATA%\0DAA4913C7F48A483A93669FCCBA9DF0\terrapoint700x0main.exe
File name: terrapoint700x0main.exeSize: 1.05 MB (1057792 bytes)
MD5: c339f9bb47083dc3fa7c1993cb8dff0b
Detection count: 368
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\0DAA4913C7F48A483A93669FCCBA9DF0
Group: Malware file
Last Updated: October 19, 2010
%APPDATA%\545807ABA7BDBD5E0D0A18B0C7E5DED6\truefix70700duo.exe
File name: truefix70700duo.exeSize: 1.05 MB (1057792 bytes)
MD5: 78b9531192cc8ebf5dcbda5273e5d798
Detection count: 363
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\545807ABA7BDBD5E0D0A18B0C7E5DED6
Group: Malware file
Last Updated: October 25, 2010
%APPDATA%\1FC0C8F4AEA4D6D16C04A2A65A8389D8\ultradimiso70700xr.exe
File name: ultradimiso70700xr.exeSize: 1.04 MB (1040896 bytes)
MD5: 5df31bb7800d6fe6ba7d057d9038d03c
Detection count: 326
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\1FC0C8F4AEA4D6D16C04A2A65A8389D8
Group: Malware file
Last Updated: November 22, 2010
%APPDATA%\9DB9179A494635524E489E98F7B8EF9C\techupdate700x00ver.exe
File name: techupdate700x00ver.exeSize: 1.04 MB (1041920 bytes)
MD5: 31701dd97c8a7a34563a81a255bf8662
Detection count: 316
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\9DB9179A494635524E489E98F7B8EF9C
Group: Malware file
Last Updated: November 12, 2010
%APPDATA%\140BB89B663F70F8FD772A10E87534FF\mediarealease70x700hh.exe
File name: mediarealease70x700hh.exeSize: 1.04 MB (1041408 bytes)
MD5: 948032e01587a8fdea8e94f100e26680
Detection count: 204
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\140BB89B663F70F8FD772A10E87534FF
Group: Malware file
Last Updated: October 21, 2010
%APPDATA%\8855E72C65960AD9CCCC20F5AE8D54BF\signsetup70700v0.exe
File name: signsetup70700v0.exeSize: 1.04 MB (1041920 bytes)
MD5: f31356aaa50f2bf92e3bd1079c5fba0c
Detection count: 192
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\8855E72C65960AD9CCCC20F5AE8D54BF
Group: Malware file
Last Updated: November 22, 2010
%APPDATA%\9E410B52E6A3B2648AA2E61211031FF0\mediarealease70x700hh.exe
File name: mediarealease70x700hh.exeSize: 1.03 MB (1039872 bytes)
MD5: 67200d9d3da797efe98a1c0e51383b8e
Detection count: 159
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\9E410B52E6A3B2648AA2E61211031FF0
Group: Malware file
Last Updated: October 19, 2010
%APPDATA%\828B13BCCE70711123B1248A94087135\setadvance700t0md.exe
File name: setadvance700t0md.exeSize: 1.32 MB (1322496 bytes)
MD5: cbd8ae8831d02498383c4c738f718a77
Detection count: 150
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\828B13BCCE70711123B1248A94087135
Group: Malware file
Last Updated: November 19, 2010
%APPDATA%\7C2547CC4984A8FA7D696DB4F922F28C\aerovisionsetup70700.exe
File name: aerovisionsetup70700.exeSize: 1.04 MB (1041408 bytes)
MD5: 2613f5c0b90a0ea1c6aa8899fa5c760d
Detection count: 110
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\7C2547CC4984A8FA7D696DB4F922F28C
Group: Malware file
Last Updated: October 21, 2010
%APPDATA%\47A88536B5DB1828203CABC2463865B1\smartcore70700bin.exe
File name: smartcore70700bin.exeSize: 1.04 MB (1048064 bytes)
MD5: f1e0ffd464681ade9af3aa50e09daea6
Detection count: 96
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\47A88536B5DB1828203CABC2463865B1
Group: Malware file
Last Updated: November 22, 2010
%APPDATA%\5FABD690DEB40CF3EB88200461F93A6F\iso70700ultrabox.exe
File name: iso70700ultrabox.exeSize: 1.04 MB (1041408 bytes)
MD5: 8a2beffc88f5bc6bde5aa6f1c4fd043a
Detection count: 89
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\5FABD690DEB40CF3EB88200461F93A6F
Group: Malware file
Last Updated: October 25, 2010
%APPDATA%\8E38F4603F1866514C3F7626166EC171\gotnewupdate005000.exe
File name: gotnewupdate005000.exeSize: 1.05 MB (1051136 bytes)
MD5: e4c053ed084a51ffbf1ff9683e877f7a
Detection count: 86
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\8E38F4603F1866514C3F7626166EC171
Group: Malware file
Last Updated: December 11, 2012
%APPDATA%\948A55ECD5B10103C9B218EAF5DD13BC\packwww7070010000setup.exe
File name: packwww7070010000setup.exeSize: 126.97 KB (126976 bytes)
MD5: bfe68fe6e735254cce202f2655684ce1
Detection count: 85
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\948A55ECD5B10103C9B218EAF5DD13BC
Group: Malware file
Last Updated: November 19, 2010
%APPDATA%\1A914658A0A69FFCA44B3891EF7F2CF2\core700extrasetup.exe
File name: core700extrasetup.exeSize: 1.31 MB (1313792 bytes)
MD5: babb2bc103eecb8141a535391dafe490
Detection count: 75
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\1A914658A0A69FFCA44B3891EF7F2CF2
Group: Malware file
Last Updated: November 19, 2010
%APPDATA%\948A55ECD5B10103C9B218EAF5DD13BC\packwww7070010000setup.exe
File name: packwww7070010000setup.exeSize: 422.3 KB (422309 bytes)
MD5: 91d92f9e6f006219e3d33555d000d868
Detection count: 53
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\948A55ECD5B10103C9B218EAF5DD13BC
Group: Malware file
Last Updated: November 19, 2010
%APPDATA%\E40F76568890F9FC75885A50DF09CEB7\getmedia70700vers.exe
File name: getmedia70700vers.exeSize: 1.04 MB (1041920 bytes)
MD5: 204f6eac4a4f40c50b36624b3475b31d
Detection count: 47
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\E40F76568890F9FC75885A50DF09CEB7
Group: Malware file
Last Updated: November 22, 2010
%APPDATA%\8BE968F9C1B717DFB2F7FE52E711D9DB\fixcore70700bin.exe
File name: fixcore70700bin.exeSize: 1.05 MB (1055232 bytes)
MD5: 28921e1ef94bd0e0498bc14dfa6b7d12
Detection count: 40
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\8BE968F9C1B717DFB2F7FE52E711D9DB
Group: Malware file
Last Updated: November 22, 2010
%APPDATA%\715C9B5A4F68B34205A91DBE1716EA3A\duosmart700mod0en.exe
File name: duosmart700mod0en.exeSize: 1.05 MB (1057792 bytes)
MD5: 01ace78986aead77de26cfeb3370f89e
Detection count: 28
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\715C9B5A4F68B34205A91DBE1716EA3A
Group: Malware file
Last Updated: November 22, 2010
%APPDATA%\4CDF0A57C214C2DC162AD983841FB80E\fixmediaset70700en00.exe
File name: fixmediaset70700en00.exeSize: 1.1 MB (1100288 bytes)
MD5: 3a98aca0eecd5795e7e776eca283a63b
Detection count: 20
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\4CDF0A57C214C2DC162AD983841FB80E
Group: Malware file
Last Updated: October 25, 2010
More files
Registry Modifications
The following newly produced Registry Values are:
File name without pathAntimalware Doctor.lnkHKEY..\..\..\..{RegistryKeys}Software\Antimalware Doctor IncHKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}Antimalware Doctor
File name without pathAntimalware Doctor.lnkHKEY..\..\..\..{RegistryKeys}Software\Antimalware Doctor IncHKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}Antimalware Doctor
Additional Information
The following URL's were detected:
alicantedirectorio.com/css/114.exe
alicantedirectorio.com/css/softina.exe
The following messages's were detected:| # | Message |
|---|---|
| 1 | Desktop Spy threat has been detected. This threat module advertises websites with explicit content. Be advised of such content being possibly illegal. |
| 2 | Infections on your PC can cause: system slowdown and crash, unwanted advertising displaying, loss of internet connections, lost documents and settings, major data loss. |
| 3 | Warning! Hidden file transfer to remote host was detected. Antimalware Doctor has detected that somebody is trying to transfer your private data via internet. |
| 4 | Warning! Removed attack detected! Antimalware Doctor has detected that somebody is trying to block your computer remotely via Trojan.win32.Agent.azsy. Transfer for your private data via internet will start in 10. |
| 5 | Warning! Your system is infected! 34 dangerous objects have been found during last system scan. You need registered version of Antimalware Doctor to remove these infections. |
i can not delete antimalware doctor i dont like this program
Is there a easy way to get rid of Antimalware doctor, I am not that good with computers.
Hi all,
I have this infection on my computer and trying to use your removal guide.
I am using Windows XP and cannot find the registry entries shown.
Is the guide ok with XP please ?
best regards
Chris James
The executable name has been changed to: secureapp70700.exe
This way works XD
My computer won't open the Internet so I can't download the spyhunter thing. Can anyone help?
i want this antimal deleted but cannot do it,i try all my best possible.i dont like it on my system.
i cant find animalware on the processes page
I found it, but only because I know what processes belong on my PC and which don't.
It was called hd70something, I don't remember exactly.
You can also find out the executable name to kill, by checking your Documents and settings \ username \ Application Data folder for gibberish-named subfolders. On my machine it had installed itself there.
I went on the registry editor but the file waa not on there. I simply went to my start and deleted it, and it was sent to my recycle bin, then i went to my recycle bin and deleted them there as well. It has gone now, but is it permanent? Does anyone know if it will come back?
i cant find Antimalware Doctor.exe in my task manager, how do i find it?
I TOO HAVE THIS CURSE ON MY COMPUTER..I HAVE TRIED TO REMOVE IT FROM MY COMPUTER BUT IT POPS UP ALL OVER MY SCREEN...I DON'T LIKE IT..DO NOT WANT IT..AM EXTREMELY ANNOYED BY IT BUT IT WON'T GO AWAY...HELP....
i have tried to remove the antimalwear doctor but i cant even in registry i right click on it and it and delete is not highlighted i cant delete it please help
I can not bring up my task manager with this on my laptop. it is in my control panel but it will not remove. what else can i try?
Same problems here, even had my dad take a look and hes a computer whiz and he had no idea ... this sucks not even rebooting or uninstalling ... looked everywhere ... no luck ....might just have to wipe harddrive and start over .... might get a new computer while im at it ... too much money and hassle if you ask me ... not fair guys!!! Seriously though ... someone has too much time on their hands to make this shit up!
i hate this stupid program its a virus and it took all my data so [REMOVED WORD]in annoying
What this virus does (if you find that you cant open the Internet or programs) is it sets the fake scan as the default program to run each executable file. So instead of opening Internet Explorer using iexplorer.exe, it sets the default as (virus).exe and runs the scan
Me and my friend learned this messing around in the registry editor. This particular virus was able to affect my system in safe mode. And the actual file (mine was called sex.exe, obviously a virus) was hidden even when we learned where it was located. Eventually we battled it until we got rid of it. Very difficult not being able to open cmd or regedit.
Hope this provides some useful info to anyone in need.
I want to get rid of Antimal Doctor and as far as I am concerned it should be free as I pay telstra to protect my computer
Really good site thank you so much for your time in publishing the posts for all of us to learn about.