Antimalware Doctor
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Ranking: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
Ranking: | 14,276 |
Threat Level: | 100 % (High) |
Infected Computers: | 14,157 |
First Seen: | March 19, 2010 |
Last Seen: | July 25, 2023 |
OS(es) Affected: | Windows |
Antimalware Doctor is a great example of why you should never let your guard down when it comes to malware. Although Antimalware Doctor is relatively old in malware terms, having caused periods of high infection rates in 2010, as of March 2011 Antimalware Doctor is back with a vengeance. Obviously, Antimalware Doctor needs to be treated with caution and removed as quickly as possible, because Antimalware Doctor can severely impair your ability to use your PC.
Table of Contents
History of Antimalware Doctor
Most sources will report that Antimalware Doctor had Antimalware Doctor's heyday in the spring and summer of 2010, and some people even claim that Antimalware Doctor did not appear on the Internet until February 2010. However, the fact of the matter is that February 2010 was when the English-speaking world began to see infections with Antimalware Doctor. Beginning in the fall of 2008, Antimalware Doctor was causing problems for French PC users, and Antimalware Doctor infected a large number of PCs in French-speaking parts of the world throughout 2009. Regardless of Antimalware Doctor's long history, Antimalware Doctor does not seem to be any different now than it was then, and Antimalware Doctor causes symptoms that are standard for a fake security program.
Symptoms of Antimalware Doctor Infection
Antimalware Doctor uses scare tactics and ransoming in order to try to force the users of infected PCs to pay money for worthless software licenses. Usually, the first sign you'll see is that something is wrong when Antimalware Doctor takes over your computer in order to run a fake scan of the system. Antimalware Doctor will run one of these bogus scans every time you start Windows, from an interface that is labeled "Antimalware Doctor Protection Center," and which is similar in appearance to Microsoft Security Center, a legitimate component of Windows. Antimalware Doctor's scans will always turn up long, fake lists of results, and then Antimalware Doctor will tell you that the only way to remove all of these different threats is for you to "unlock" Antimalware Doctor by paying for a registration. Also, the Antimalware Doctor Protection Center interface will tell you – falsely – that your firewall and Windows updates are turned off. Don't let that trick you into paying to register Antimalware Doctor, since Antimalware Doctor has no legitimate affiliation with Windows.
Once the fake scan is complete, assuming you haven't believed Antimalware Doctor's lies and paid to register the malware, Antimalware Doctor will pester you with error messages and security alerts. Most of these alerts will say, in one way or another, that your computer is under attack from someone or something that is remotely stealing your personal information. The alerts will urge you to scan your computer using Antimalware Doctor or to "block the attack" by unlocking the full, registered version of Antimalware Doctor. Eventually, Antimalware Doctor will even show error messages when you try to run other programs, and when you try to visit any websites other than Antimalware Doctor's own. As a result, Antimalware Doctor can make all of your other programs – and the Internet – completely inaccessible. Antimalware Doctor stands to reason that not everything else on your computer or on the Internet is malicious; Antimalware Doctor is simply trying to prevent you from uninstalling Antimalware Doctor's fake security software.
Where Does Antimalware Doctor Come From?
It is common for Antimalware Doctor to seem to appear out of nowhere. Many users of infected PCs report that they did not download anything to cause the Antimalware Doctor infection. This reflects the fact that Antimalware Doctor relies on Trojans in order to find a way into victim PCs, and the entire point of using Trojans is that you download them without knowing it. It is highly likely that Antimalware Doctor is currently being spread via Trojans installed through drive-by-downloads, which occur when a Trojan is downloaded to your computer automatically, unnoticed, when you click on an advertisement or visit a site that exploits vulnerabilities in your computer's settings. Antimalware Doctor's Trojan is also known to be bundled with freeware downloads, and Antimalware Doctor may be disguised as a video codec or program update. When the Trojan is downloaded, it sets up Antimalware Doctor. Antimalware Doctor will become active the next time you start Windows. Therefore, in addition to using real, legitimate anti-virus software, you can protect yourself by using safe web browsing practices.
Aliases
15 security vendors flagged this file as malicious.
Anti-Virus Software | Detection |
---|---|
AVG | SHeur3.ABVK |
AhnLab-V3 | Dropper/Fraudrop.1051136.D |
Antiy-AVL | Trojan/Win32.FrauDrop.gen |
McAfee-GW-Edition | Artemis!E4C053ED084A |
Kaspersky | Trojan-Dropper.Win32.FrauDrop.atf |
eSafe | Win32.GenVariant.Tds |
F-Prot | W32/Trojan2.DMR |
McAfee | Artemis!DF4DC4435480 |
AVG | Generic18.CHP |
NOD32 | a variant of Win32/Kryptik.EUA |
McAfee-GW-Edition | Artemis!36AA2D70D002 |
Kaspersky | Trojan-Dropper.Win32.FrauDrop.ask |
AVG | Generic18.BYQ |
McAfee-GW-Edition | Artemis!CFE7282C6DB3 |
Kaspersky | Trojan-Dropper.Win32.FrauDrop.asd |
SpyHunter Detects & Remove Antimalware Doctor
File System Details
# | File Name | MD5 |
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
|
---|---|---|---|
1. | formtell70700loadraw.exe | b756b592069d0d9f8dd605c2a4a07fcf | 275 |
2. | badoversion707001000lux.exe | cea0493a4b5fafb27dca7b181c1527fa | 185 |
3. | terrapoint700x0main.exe | c339f9bb47083dc3fa7c1993cb8dff0b | 157 |
4. | truefix70700duo.exe | 78b9531192cc8ebf5dcbda5273e5d798 | 155 |
5. | ultradimiso70700xr.exe | 5df31bb7800d6fe6ba7d057d9038d03c | 139 |
6. | techupdate700x00ver.exe | 31701dd97c8a7a34563a81a255bf8662 | 135 |
7. | fixcore70700bin.exe | bc3cde884d40d5c133df6b9d49aa0631 | 100 |
8. | mediarealease70x700hh.exe | 948032e01587a8fdea8e94f100e26680 | 87 |
9. | corlight70700mode.exe | e160a7de7bde40a5117c04df33533ccb | 83 |
10. | signsetup70700v0.exe | f31356aaa50f2bf92e3bd1079c5fba0c | 82 |
11. | fixmediaset70700en00.exe | db2621bd2722cfa7235800af799ae31c | 71 |
12. | mediarealease70x700hh.exe | 67200d9d3da797efe98a1c0e51383b8e | 68 |
13. | setadvance700t0md.exe | cbd8ae8831d02498383c4c738f718a77 | 64 |
14. | libcore707en0setup.exe | ae4d38fabd89c21569fcad7168a6756c | 53 |
15. | aerovisionsetup70700.exe | 2613f5c0b90a0ea1c6aa8899fa5c760d | 47 |
16. | packwww7070010000setup.exe | 510bcd4e99c31b0dacabe9547da10863 | 42 |
17. | smartcore70700bin.exe | f1e0ffd464681ade9af3aa50e09daea6 | 41 |
18. | iso70700ultrabox.exe | 8a2beffc88f5bc6bde5aa6f1c4fd043a | 38 |
19. | core700extrasetup.exe | babb2bc103eecb8141a535391dafe490 | 32 |
20. | xtokupd708dlgur.exe | f6516e42f7df3db017a581465fb69fbc | 26 |
21. | getmedia70700vers.exe | 204f6eac4a4f40c50b36624b3475b31d | 20 |
22. | fixcore70700bin.exe | 28921e1ef94bd0e0498bc14dfa6b7d12 | 17 |
23. | duosmart700mod0en.exe | 01ace78986aead77de26cfeb3370f89e | 12 |
24. | aerovisionsetup70700.exe | 39a7ad164096469ee256cb99043d3059 | 11 |
25. | setup710binfile.exe | 9a06e4f4b53f4b6fff85077f23f1481b | 10 |
26. | fixmediaset70700en00.exe | 3a98aca0eecd5795e7e776eca283a63b | 1 |
27. | packwww7070010000setup.exe | bfe68fe6e735254cce202f2655684ce1 | 1 |
28. | packwww7070010000setup.exe | 91d92f9e6f006219e3d33555d000d868 | 1 |
29. | gotnewupdate005000.exe | e4c053ed084a51ffbf1ff9683e877f7a | 1 |
Registry Details
URLs
Antimalware Doctor may call the following URLs:
alicantedirectorio.com/css/114.exe |
alicantedirectorio.com/css/softina.exe |