RegistryDoctor2008

Description:	Rogue Security Program
Risk Level:	High
Date of First Occurence:	Thursday, October 30, 2008
Software Developer:	(unknown)
Brief Info:	Rogue/Suspect Anti-Spyware Product "Rogue/Suspect" means that these products are of unknown, questionable, or dubious value as anti-spyware protection.
Removal:	This threat can be removed using "Spyware Terminator"

SCAN & REMOVE NOW »

Geographical Distribution of Threat "RegistryDoctor2008"

Threat Info

View All

Detected Items

Detected Files: %PROGRAMFILES%\RegistryDoctor2008\registrydoctor.exe MD5: BA0E5057ED316E8310CBED1D9F253BCA Size:4662784 MD5: F20965A67888D2BA7EBD928947CEC1A2 Size:5115904 MD5: 6E2DC6566FEB7E2E3FE2ABC678B853AE Size:5091328 MD5: D7CAC9A192FC1B181BDD5E7FCD9EB94B Size:829914 %PROGRAMFILES%\RegistryDoctor2008\PP.exe MD5: D1114D98A876BCF882E03B41A82061DE Size:251978 MD5: 7CE126F3B5B5E583BBB2EDE9454414D1 Size:434176 %PROGRAMFILES%\RegistryDoctor2008\FreeApp.exe MD5: 68DFBD39E86C65E6448AC0572FBD8AC1 Size:366080 MD5: 87B2F6A9FBC988314AD09A3E79C2C9D9 Size:369152 MD5: 4676C0D6A72D5A7C11E895EE9844E094 Size:180
Detected Files with variable Filenames: MD5: CC4F492328A33418AED508294BD2A84E Size: 652240 %SystemDiskRoot%\Documents and Settings\Ivan\Local Settings\Temp\RGD_FreeInstaller.exe %USERPROFILE%\Local Settings\Temporary Internet Files\Content.IE5\PW19RIVR\RGD_FreeInstaller[1].exe %TEMP%\RGD_FreeInstaller.exe %PROGRAMFILES%\RegistryDoctor2008\registrydoctor.exe %SystemDiskRoot%\Documents and Settings\Others_2\Local Settings\Temp\RGD_FreeInstaller.exe %SystemDiskRoot%\Users\~Midget~\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIDPHR4W\RGD_FreeInstaller[1].exe %SystemDiskRoot%\Users\~Midget~\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1PB2FGZ8\RGD_FreeInstaller[2].exe %SystemDiskRoot%\Users\~Midget~\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1PB2FGZ8\RGD_FreeInstaller[1].exe %SystemDiskRoot%\My Downloads\RGD_FreeInstaller.exe %SystemDiskRoot%\System Volume Information\_restore{8AEB2247-8163-4A3E-8912-821F95B85C3A}\RP1008\A0158822.exe %TEMP%\rUR1ZSuS.lnk.part and next 18 variations. MD5: 87B2F6A9FBC988314AD09A3E79C2C9D9 Size: 369152 %PROGRAMFILES%\RegistryDoctor2008\FreeApp.exe %PROGRAMFILES%\RegistryDoctor2008\freeapp.exe.ren

Detecting items list:

Files by Name %PROGRAMFILES%\RegistryDoctor2008\registrydoctor.exe
Files by MD5 MD5: CC4F492328A33418AED508294BD2A84E Size: 652240
Files by Directories %START_PROGRAMSALL%\RegistryDoctor2008 %PROGRAMFILES%\RegistryDoctor2008
Registry Keys HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RegistryDoctor2008

« Go to Software Database

Search in Our Software Database

Browse Software Database

Latest Malware News

September 23, 2011

Among one of the most active spywares currently is without a doubt Trojan.MicroFake.ba. It attacks in conjunction with Rogue antispyware applications and forces users to purchase these fake applications. Using rootkit techniques is very typical of this Trojan to help it hide from users and the system, making it hard to trace. We recommend regular updating of our database and an active real-time protection with antivirus.

Older malware news »