HDD Diagnostic is from the same family as HDD Scan, Hard Drive Diagnostic and some other rogues. It is promoted through the use of trojans, fake online scanners and misleading advertisements. The rogue program can be distributed on social networks too. Be advised, that HDD Diagnostic may come bundled with TDSS rootkit and other malware. You can choose to remove the rogue program manually but we strongly recommend you to scan your computer with at least two anti-malware programs and TDSSKiller utility from Kaspersky Lab. For more information, please follow the removal instructions below.
The fake warning that you will see when you attempt run a program are:
Windows detected a hard drive problem.
A hard drive error occurred while starting the application.
Windows cannot find notepad. Make sure you typed the name correctly, and then try again. To search for a file, click the Start button, and then click Search.The fake errors and problems it detects on the computer are:
Critical Error
Hard Drive not found. Missing hard drive.
Critical Error
RAM memory usage is critically high. RAM memory failure.
Critical ErrorHDD Diagnostic supposedly detects 111 errors no matter if it's a new computer or an old laptop. Some of the fake errors are:
A critical error has occurred while indexing data stored on hard drive. System restart required.
- Drive C initializing error
- Ram Temperature is 83 C. Optimization is required for normal operation.
- Hard drive doesn't respond to system commands
- Data Safety Problem. System integrity is at risk.
- Registry Error - Critical Error
HDD Diagnostic removal instructions:
1. Open Task Manager (Ctrl+Alt+Delete).
2. Click on the Processes tab.
3. Click to highlight [SET OF RANDOM NUMBERS].exe, e.g. 1324567543.exe, aSfdreFdfr.exe and click End Task. If it asks you "Are you sure you want to terminate the process?" click yes. This will stop HDD Diagnostic.
4. Click to highlight explorer.exe and end it too. Then click the File -> "New Task (Run...)" from the menu on the bottom right. Type in explorer.exe and click OK.
5. Open directory:
C:\Documents and Settings\[UserName]\Local Settings\Temp (in Windows 2000/XP)
C:\Users\[UserName]\AppData\Local\Temp (in Windows Vista & Windows 7)
Delete all files from this directory.
NOTE: Local Settings folder is hidden by default so you will have to change folder options to see hidden files.
6. Download free anti-malware software from the list below and run a full system scan.
NOTE: in some cases the rogue program may block anti-malware software. Before saving the selected program onto your computer, you may have to rename the installer to iexplore.exe or winlogon.exe With all of these tools, if running Windows 7 or Vista they MUST be run as administrator. Launch the program and follow the prompts. Don't forget to update the installed program before scanning.
7. Follow this removal guide: TDSS, Alureon, Tidserv, TDL3 removal instructions using TDSSKiller utility
8. New threats appear every day. In order to protect your PC from such (new) infections we strongly recommend you to use ESET Smart Security.
HDD Diagnostic removal instructions (in Safe Mode with Networking):
1. Reboot your computer is "Safe Mode with Networking". As the computer is booting tap the "F8 key" continuously which should bring up the "Windows Advanced Options Menu" as shown below. Use your arrow keys to move to "Safe Mode with Networking" and press Enter key. Read more detailed instructions here: http://www.computerhope.com/issues/chsafe.htm
NOTE: Login as the same user you were previously logged in with in the normal Windows mode.
2. Download free anti-malware software from the list below and run a full system scan.
NOTE: in some cases the rogue program may block anti-malware software. Before saving the selected program onto your computer, you may have to rename the installer to iexplore.exe or winlogon.exe With all of these tools, if running Windows 7 or Vista they MUST be run as administrator. Launch the program and follow the prompts. Don't forget to update the installed program before scanning.
3. New threats appear every day. In order to protect your PC from such (new) infections we strongly recommend you to use ESET Smart Security.
HDD Diagnostic associated files and registry values:
Files:
- %Temp%\[SET OF RANDOM NUMBERS]
- %Temp%\[SET OF RANDOM NUMBERS].exe
- %Temp%\dfrg
- %Temp%\dfrgr
- %Temp%\[SET OF RANDOM CHARACTERS].dll
- %UserProfile%\[SET OF RANDOM CHARACTERS].DAT
- %UserProfile%\Desktop\Hard Drive Diagnostic.lnk
- %UserProfile%\Start Menu\Programs\HDD Diagnostic\
- %UserProfile%\Start Menu\Programs\HDD Diagnostic\HDD Diagnostic.lnk
- %UserProfile%\Start Menu\Programs\HDD Diagnostic\Uninstall HDD Diagnostic.lnk
C:\Documents and Settings\[UserName]\Local Settings\Temp (in Windows 2000/XP)
C:\Users\[UserName]\AppData\Local\Temp (in Windows Vista & Windows 7)
%UserProfile% refers to:
C:\Documents and Settings\[UserName]\ (in Windows 2000/XP)
C:\Users\[UserName]\ (in Windows Vista & Windows 7)
Registry values:
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "[SET OF RANDOM NUMBERS]"
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "[SET OF RANDOM NUMBERS].exe"
No comments:
Post a Comment