Antimalware Doctor. Help!

Colette1712 · 2010-07-27 19:43:21

I have a virus on my laptop called Antomalware doctor. It's one that keeps popping + telling me I'm not secure and I cannot get rid of it. I have McAffee running a full scan but isn't picking it up. I can't uninstall it with disk cleanup,when I try that it just opens it not uninstalls it. Anyone know how I can get rid of…

#32 27-08-2010 01:52PM

jpl888

Closed Accounts Posts: 407 ✭✭

Join Date: February 2009

Posts: 398

Aminah Blue Cube wrote: »

Just because you have a higher "Thank You" percentage does not mean you know more than everybody else. I have a higher percentage than you, So does this mean I know more than you?

No you're right but then how else are we supposed to tell. It's not perfect but it's as good a way as any without putting an awful lot of effort in.

And .whatever of a percent is negligible after 100 posts. The thing that says I know more than *a lot* of people is I have been working in the industry nearly 15 years looking after businesses running Windows/Netware/Linux, etc, etc. But you will have to take my word on that.

Aminah Blue Cube wrote: »

Personally I have been helped out many times on here by different people but I rarely hit the thank you button. Some people help out just to be nice and don't want anything in return and some are just looking for praise for the "efforts". Its like people that have 600 friends on facebook, it doesn't mean there are cooler than someone that has a fraction of that. They just want to look cooler.

I agree but I also pointed out earlier that I haven't be soliciting thank you's, so I think it is a fairly genuine reflection of ability. I am assuming that neither of ye have been soliciting either.

Looking for friends I am not, did I mention that earlier?

I think the boards also count "thanks" written in posts? Which would be a lot more natural.

0

#33 27-08-2010 02:06PM

jpl888

Closed Accounts Posts: 407 ✭✭

Join Date: February 2009

Posts: 398

Ahhhhhhh ASJ has thanked you for sticking up for him.

In that case your rate definitely isn't representative LOL

0

#34 04-09-2010 12:51PM

Peter03

Registered Users, Registered Users 2 Posts: 80 ✭✭

Join Date: June 2010

Posts: 62

I got this problem on my computer except it won't even let me run any files or programs at all. Can't even open Chrome to try and DL a fix. Any help would be great.

Cheers.

0

#35 04-09-2010 12:56PM

aidan_walsh

Closed Accounts Posts: 17,208 ✭✭✭✭

Join Date: February 2003

Posts: 15589

I am not going to tolerate any further clash of egos in this board. It's not about who you are, it's about helping people get muck off their systems.

I simply do not care who you are. If you deviate from this you will be taking a week's holiday from the forum for a first offense, and an additional week for any repeat.

0

#36 04-09-2010 03:26PM

bhickey

Registered Users, Registered Users 2 Posts: 1,340 ✭✭✭

Join Date: May 2005

Posts: 1332

Peter03 wrote: »

I got this problem on my computer except it won't even let me run any files or programs at all. Can't even open Chrome to try and DL a fix. Any help would be great.

If you can't download anything, even in safe mode, then you'll have to download everything onto another computer and transfer it over on a USB key or whatever else you have available.

0

#37 04-09-2010 04:36PM

Sean Quagmire

Registered Users, Registered Users 2 Posts: 1,354 ✭✭✭

Join Date: April 2008

Posts: 1273

Lads from what I can gather antimalware bytes is the best thing to use to remove it but my this virus has blocked out my internet!

I can download it onto my laptop but how could I transfer it to my PC? By usb?

Also if i need to re-boot the PC in order remove the virus, does it also remove my software, photos etc too?

0

#38 04-09-2010 07:11PM

bhickey

Registered Users, Registered Users 2 Posts: 1,340 ✭✭✭

Join Date: May 2005

Posts: 1332

Sean Quagmire wrote: »

I can download it onto my laptop but how could I transfer it to my PC? By usb?

Yes that'd work fine.

Also if i need to re-boot the PC in order remove the virus, does it also remove my software, photos etc too?

No, it'll only target bad things.

0

#39 04-09-2010 07:20PM

RandolphEsq

Closed Accounts Posts: 6,296 ✭✭✭

Join Date: June 2005

Posts: 6014

I have this pesky malware on my PC. Could anyone tell me if I just delete the user account where the antimalware doctor is rampant, will that be enough to sort the problem out? It isn't active in the other accounts

0

#40 04-09-2010 08:04PM

bhickey

Registered Users, Registered Users 2 Posts: 1,340 ✭✭✭

Join Date: May 2005

Posts: 1332

RandolphEsq wrote: »

....if I just delete the user account where the antimalware doctor is rampant, will that be enough to sort the problem out?

Probably not. You should really try and remove the malware.

0

#41 10-09-2010 12:39AM

Piste

Registered Users, Registered Users 2 Posts: 11,440 ✭✭✭✭

Join Date: July 2004

Posts: 11083

Did any of the techniques recommended earleir in the thread work? I downloaded Microsoft Security Essentials which didn't even detect it. Then I downloaed Malwarebytes which detected and removed it or so I thought until I restarted my laptop and lo and behold, Antivirusdoctor was still there. Very Bad Buzz. It's been recommended to me to just reformat my entire laptop, but that would require backing everything up and I don't have a harddrive big enough to do it all. Besides it would take forever. Is there any way of getting it off my computer and knowing it's gone for good?

Also, I know it's trying to con me into thinking it's genuine so I'll buy it, but is there anything more sinister to it? I've been told my laptop could now be part of a botnet, is this true?

0

#42 10-09-2010 04:14AM

IvySlayer

Registered Users, Registered Users 2 Posts: 17,194 ✭✭✭✭

Join Date: November 2007

Posts: 17085

Piste wrote: »

Did any of the techniques recommended earleir in the thread work? I downloaded Microsoft Security Essentials which didn't even detect it. Then I downloaed Malwarebytes which detected and removed it or so I thought until I restarted my laptop and lo and behold, Antivirusdoctor was still there. Very Bad Buzz. It's been recommended to me to just reformat my entire laptop, but that would require backing everything up and I don't have a harddrive big enough to do it all. Besides it would take forever. Is there any way of getting it off my computer and knowing it's gone for good?

Also, I know it's trying to con me into thinking it's genuine so I'll buy it, but is there anything more sinister to it? I've been told my laptop could now be part of a botnet, is this true?

Did you do a System Restore? What antivirus do you have?

0

#43 10-09-2010 04:32AM

u140acro3xs7dm

Closed Accounts Posts: 1,508 ✭✭✭

Join Date: April 2009

Posts: 1478

Piste wrote: »

Did any of the techniques recommended earleir in the thread work? I downloaded Microsoft Security Essentials which didn't even detect it. Then I downloaed Malwarebytes which detected and removed it or so I thought until I restarted my laptop and lo and behold, Antivirusdoctor was still there. Very Bad Buzz. It's been recommended to me to just reformat my entire laptop, but that would require backing everything up and I don't have a harddrive big enough to do it all. Besides it would take forever. Is there any way of getting it off my computer and knowing it's gone for good?

Also, I know it's trying to con me into thinking it's genuine so I'll buy it, but is there anything more sinister to it? I've been told my laptop could now be part of a botnet, is this true?

I would follow asj's recommendation to run DDS then post the logs here

0

#44 10-09-2010 09:32AM

bhickey

Registered Users, Registered Users 2 Posts: 1,340 ✭✭✭

Join Date: May 2005

Posts: 1332

Piste wrote: »

..... Antivirusdoctor was still there.

Could you post exactly what is that you're seeing (a screenshot even?)?

Also, as ET_phone_home says. please download and run DDS (as per the instructions here) and attach the results.

It could be that you have something in your startup items that's loading something that looks like Antivirusdoctor but is not actually in itself mailcious. Anyway the files generated by DDS would tell a lot.

0

#45 10-09-2010 10:22AM

ronkmonster

Registered Users, Registered Users 2 Posts: 1,181 ✭✭✭

Join Date: December 2008

Posts: 1150

Clear your system restore points too. Some stuff could be backed up in there.

0

#46 10-09-2010 10:43AM

dpmurray

Closed Accounts Posts: 11 ✭

Join Date: October 2008

Posts: 11

Hi,

i've removed this from a few machines already - i used this website http://www.bleepingcomputer.com/virus-removal/remove-antimalware-doctor

if you can't get a browser working on your machine - use another to download the required files and follow the instructions exactly. Just running malwarebytes will not remove this crap - you have to disable the actual malware program first!

Hope this helps

0

#47 10-09-2010 10:51AM

bhickey

Registered Users, Registered Users 2 Posts: 1,340 ✭✭✭

Join Date: May 2005

Posts: 1332

As far as I can remember, an up-to-date Malwarebytes will remove this in Safe Mode. Also use 'msconfig' to remove it from the startup processes while in Safe Mode.

0

#48 10-09-2010 10:06PM

Piste

Registered Users, Registered Users 2 Posts: 11,440 ✭✭✭✭

Join Date: July 2004

Posts: 11083

I managed to get rid of it in the end by running this scanner: http://www.eset.com/online-scanner/run it picked it up and got rid of it, when i restarted it wasn't there, so happy days!

0

#49 11-09-2010 01:02AM

bhickey

Registered Users, Registered Users 2 Posts: 1,340 ✭✭✭

Join Date: May 2005

Posts: 1332

Piste wrote: »

I managed to get rid of it in the end by running this scanner: http://www.eset.com/online-scanner/run it picked it up and got rid of it, when i restarted it wasn't there, so happy days!

Good stuff. So was it that you tried the other suggestions and they failed or did you just happen to sort it out yourself with the Eset online scanner? I'm just curious whether or not other methods might also have been effective.

0

#50 11-09-2010 02:51AM

Piste

Registered Users, Registered Users 2 Posts: 11,440 ✭✭✭✭

Join Date: July 2004

Posts: 11083

Well after posting on this thread I posted on the general moaning/whinging thrad on Clearasil and Hormones and somebody there recommended I try ESET, it was before my post on this thread had any replies so I didn't have the chance to try out any of the other suggestions.

0

#51 11-09-2010 10:50AM

bhickey

Registered Users, Registered Users 2 Posts: 1,340 ✭✭✭

Join Date: May 2005

Posts: 1332

Piste wrote: »

Well after posting on this thread I posted on the general moaning/whinging thrad on Clearasil and Hormones .....

Tsk tsk! As a moderator might say, please keep updates on the same issue to the same thread.

0

#52 11-09-2010 02:36PM

Peter03

Registered Users, Registered Users 2 Posts: 80 ✭✭

Join Date: June 2010

Posts: 62

dpmurray wrote: »

Hi,

i've removed this from a few machines already - i used this website http://www.bleepingcomputer.com/virus-removal/remove-antimalware-doctor

if you can't get a browser working on your machine - use another to download the required files and follow the instructions exactly. Just running malwarebytes will not remove this crap - you have to disable the actual malware program first!

Hope this helps

Hi, I followed the steps on the website. I downloaded rkill on this laptop put it on a cd and tried it in my computer that's infected. I don't think it worked as the black box would disappear very quickly, I also tried to open malware bytes from a cd but it also wouldn't open properly. Any suggestions?

0

#53 11-09-2010 02:42PM

bhickey

Registered Users, Registered Users 2 Posts: 1,340 ✭✭✭

Join Date: May 2005

Posts: 1332

Peter03 wrote: »

Hi, I followed the steps on the website. I downloaded rkill on this laptop put it on a cd and tried it in my computer that's infected. I don't think it worked as the black box would disappear very quickly, I also tried to open malware bytes from a cd but it also wouldn't open properly. Any suggestions?

Did you copy the files onto the infected computer and then try to run them or did you try to run them from the CD? Are you doing this in Safe Mode?

0

#54 11-09-2010 02:46PM

Peter03

Registered Users, Registered Users 2 Posts: 80 ✭✭

Join Date: June 2010

Posts: 62

bhickey wrote: »

Did you copy the files onto the infected computer and then try to run them or did you try to run them from the CD? Are you doing this in Safe Mode?

I tried to run them from the cd. Safe mode won't work for some reason. I press enter on the option but it boots normally for some reason.

0

#55 11-09-2010 02:52PM

bhickey

Registered Users, Registered Users 2 Posts: 1,340 ✭✭✭

Join Date: May 2005

Posts: 1332

Peter03 wrote: »

I tried to run them from the cd. Safe mode won't work for some reason. I press enter on the option but it boots normally for some reason.

You should copy them from the CD to the computer first and then run them.

About Safe Mode, you're pressing F8 to get the menu, using the cursor arrows to highlight Safe Mode, pressing <Enter> and you say it still boots normally?

0

#56 11-09-2010 03:07PM

Peter03

Registered Users, Registered Users 2 Posts: 80 ✭✭

Join Date: June 2010

Posts: 62

bhickey wrote: »

You should copy them from the CD to the computer first and then run them.

About Safe Mode, you're pressing F8 to get the menu, using the cursor arrows to highlight Safe Mode, pressing <Enter> and you say it still boots normally?

Yeah, I press f8 then I get 3 boot options.

PS-_NEC
SM-MAXTOR
Realtek boot agent.

I got into safe mode before using the SM option but now it won't work. Does it have to be in safe mode for all this to work?

0

#57 11-09-2010 03:18PM

bhickey

Registered Users, Registered Users 2 Posts: 1,340 ✭✭✭

Join Date: May 2005

Posts: 1332

Peter03 wrote: »

Yeah, I press f8 then I get 3 boot options.

PS-_NEC
SM-MAXTOR
Realtek boot agent.

It looks like F8 is also used as some kind of BIOS boot option on your computer. What you're trying to catch by pressing F8 is the moment just before windows starts to load. Let the initial BIOS screen finish and then tap F8 until you get the safe mode menu or maybe hyst go ahead and Select SM but start tapping the F8 key as soon as you do select it.

I got into safe mode before using the SM option but now it won't work. Does it have to be in safe mode for all this to work?

Not necessarily but Safe Mode is just that bit safer in that a lot of stuff isn't loaded so some viruses don't get a chance to fire up.

0

#58 11-09-2010 03:29PM

Peter03

Registered Users, Registered Users 2 Posts: 80 ✭✭

Join Date: June 2010

Posts: 62

bhickey wrote: »

It looks like F8 is also used as some kind of BIOS boot option on your computer. What you're trying to catch by pressing F8 is the moment just before windows starts to load. Let the initial BIOS screen finish and then tap F8 until you get the safe mode menu or maybe hyst go ahead and Select SM but start tapping the F8 key as soon as you do select it.

Not necessarily but Safe Mode is just that bit safer in that a lot of stuff isn't loaded so some viruses don't get a chance to fire up.

Cheers man got into safe mode by doing that. rkill didn't work I don't think but malwarebytes is doing a scan now and it's already found a few infections.

0

Comments