Virus Doctor
Posted: February 3, 2009
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
| Threat Level: | 10/10 |
|---|---|
| Infected PCs: | 91 |
| First Seen: | July 24, 2009 |
|---|---|
| Last Seen: | January 24, 2023 |
| OS(es) Affected: | Windows |
Virus Doctor is a rogue anti-virus program that prefers to give out inaccurate information during its checkups, with a methodology that involves randomly-created fake alerts and fraudulent system scans in an attempt to make you drop a little money at Virus Doctor's website (last known to be virus-doctor.com). Virus Doctor belongs to a a family, the FakeVimes family, that's receiving new additions up to the current day. Virus Doctor should be easily removable by any type of reasonably competent anti-malware product, although you may be forced to deal with browser redirect attacks and attacks against unrelated programs until you've completely deleted Virus Doctor.
Why a Check-In with Virus Doctor Will Leave Your PC Four Times as Sickly as the Norm
Virus Doctor expertly imitates the appearance of an anti-virus and general security product and claims to offer automatic updates, firewall monitoring, general malware protection and all the other features that you could want from a good anti-malware application. However, Virus Doctor can easily afford to offer all of these features, since each of them is fraudulent, and Virus Doctor itself has no detectable ability to scan your PC for threats or remove any form of malicious software. As far as Virus Doctor's criminal developers are concerned, the finish line for this arrangement is your bank account, as Virus Doctor is dedicated to convincing you to spend money on its software for the removal of hallucinatory viruses and other PC threats.
SpywareRemove.com malware researchers recommend that you do exactly the opposite of whatever Virus Doctor recommends until you're able to remove Virus Doctor with a real anti-malware application. Attempting to cure the fake infections that Virus Doctor can report may damage your PC and is, at best, a wild goose chase that will not solve the symptoms of a Virus Doctor infection (such as browser redirects). Examples of some of the fake error messages that have been earmarked for Virus Doctor's use include:
Malicious applications which can contain Trojans found on your PC need to be immediately removed. Click here to remove these potentially harmful items immediately with Virus Doctor.
An unauthorized program has been prevented from accessing your PC.#Port:433 from 92.11.127.10
An unidentified program-potentially: %ThreatPath% #malicious and able to modify system files- has been prevented from getting installed on your PC.s
(Port scan detected at port %portnumber%.
9Process %Process%# attempted to change the address space.
An unidentified program tries to access your computer
Giving Virus Doctor a Taste of Its Own Medicine
Virus Doctor has been found to use Hosts file changes that allow Virus Doctor to redirect you to other sites, with a distinctive preference for using Google-based redirects. Virus Doctor-promoted websites, such as 4-open-davinci.com and getantivirusplusnow.com, should also be considered just as harmful to your PC as Virus Doctor's own site. SpywareRemove.com malware analysts have also noticed Virus Doctor using Windows Registry changes to attack other programs, especially security and anti-malware products that could remove Virus Doctor. Accordingly, complete removal of Virus Doctor may be impossible until you disable Virus Doctor via a removable drive-based boot, a boot into Safe Mode or other methods that are commonly used to shut down PC threats.
Virus Doctor is well-aged and should be detectable and deletable by any reasonably competent brand of anti-malware product. However, related PC threats that can install Virus Doctor may also install other rogue anti-virus programs from its family, such as Privacy Guard Pro, PrivacyGuard Pro 2.0, Extra Antivirus, Fast Antivirus 2009, Presto TuneUp, Windows Security Suite, Smart Virus Eliminator, Packed.Generic.245, Volcano Security Suite, Windows Enterprise Suite, Enterprise Suite, Additional Guard, Live PC Care, PC Live Guard, Live Enterprise Suite, Security Antivirus, My Security Wall, CleanUp Antivirus and Smart Security. Due to this risk, you should always make sure that your entire PC is disinfected while you deal with a Virus Doctor attack instead of just trying to target and delete Virus Doctor without going through an in-depth scan of your PC.
Aliases
More aliases (19)
Technical Details
File System Modifications
Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.
The following files were created in the system:VDoctor.exe
File name: VDoctor.exeSize: 1.71 MB (1718272 bytes)
MD5: d4f8184b0a576e8fae8380b82bc5b129
Detection count: 94
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: December 11, 2009
VDoctor.exe
File name: VDoctor.exeSize: 1.76 MB (1767936 bytes)
MD5: b4aee27229aced06f4aebca7f1c2ca32
Detection count: 92
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: December 11, 2009
VDocd201.exe
File name: VDocd201.exeSize: 1.38 MB (1388544 bytes)
MD5: 635ab761d6e8a486a7cc431271013222
Detection count: 85
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: December 11, 2009
VirusDoctor[1].exe
File name: VirusDoctor[1].exeSize: 1.71 MB (1710074 bytes)
MD5: 92f0b996b7a93751448856931b8d7e68
Detection count: 4
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: December 11, 2009
VDoctor.exe
File name: VDoctor.exeSize: 1.76 MB (1767936 bytes)
MD5: ec62a31eecb1c0bcc9ff3fe54c60f652
Detection count: 0
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: December 11, 2009
Registry Modifications
File name without pathVirus Doctor.lnk
Additional Information
Related Posts
- PUP.Kerish Doctor
- Advanced Registry Doctor Lite
- PUP.Falco Registry Doctor
- ‘Doctor@freelinuxmail.org’ Ransomware
- Doctor Antivirus
I am using Avira and Malwarebytes Anti-Malware but could not remove Virus Doctor. Some how It would not detect it. I used the malware download called spyhunter from your link. It detected it right away. Will be registering it and have it remove. thank you guys for the good works and help removing this annoying virus Doctor.