Wednesday, 22 December 2010

How to Remove HDD Doctor (Uninstall Guide)

HDD Doctor is a piece of malware that displays fake hard drive error messages and blocks other programs on the computer. This rogue program may report a large number of non-existent critical errors that cannot be fixes unless you have a full version of HDD Doctor with a low-level access module. As you might guess, you won't get this fake low-level access module for free. You have to buy it. And if you have already purchased this rogue program then I'm afraid you did a mistake. If so, please contact your credit card provider and dispute the charges. Then, please follow the removal instructions below to remove HDD Doctor from your computer for free using legitimate anti-malware software.



HDDoctor is promoted mainly through the use of trojans and other similar malware. Once you have a trojan downloaded on your computer, it will display numerous fake warnings about disk errors and other system problems. It may state some of the programs could not be accessed because your hard drive contains a lot of critical errors.
Disk Error
Can not find file: C:\Program Files\Internet Explorer\iexplore.exe
File may be deleted or corrupt.
It is strongly recommended to check the disk for errors.

Confirmation
The system disk contains a large number of critical errors.
Windows could not fix most of them.
You can install install trial version of the third party software "HDD doctor" to fix found bugs.
Install "HDD doctor" now?


Then you will see another fake warning that may force your computer to restart.



And finally, you will see this fake HDD Doctor program on your computer screen. In order to remove this rogue program you will have to restart your computer. Once the HDD Doctor window comes up, press Ctrl+Alt+Delete or Ctrl+Shift+Escape. Click on the Processes tab. Then click to highlight hdddoctor.exe and click End Task. If you can't see your desktop and icons, click the File -> "New Task (Run...)" in Task Manager. Type in explorer.exe and click OK. Your desktop and icons should start up as normal. Then install anti-malware software and run a full system scan. For more information, please follow the removal guide below. Please leave a comment if you have any problems removing HDD Doctor from your computer. Good luck and be safe online!


HDD Doctor removal instructions:

1. Open Command prompt (cmd).

In Windows XP: Click StartRun (or WinKey+R). Type in: cmd and click OK.
In Windows Vista/7:  Type cmd, in the Start Search dialog box. Run a command prompt as Administrator.

2. Type in: taskkill /f /im hdddoctor.exe and press Enter. This will stop HDD Doctor scanner. Close the Command prompt window.



3. Download free anti-malware software from the list below and run a full system scan.
NOTE: in some cases the rogue program may block anti-malware software. Before saving the selected program onto your computer, you may have to rename the installer to iexplore.exe or winlogon.exe With all of these tools, if running Windows 7 or Vista they MUST be run as administrator. Launch the program and follow the prompts. Don't forget to update the installed program before scanning.

4. New threats appear every day. In order to protect your PC from such (new) infections we strongly recommend you to use ESET Smart Security.


HDD Doctor removal instructions (in Safe Mode with Networking):

1. Reboot your computer is "Safe Mode with Networking". As the computer is booting tap the "F8 key" continuously which should bring up the "Windows Advanced Options Menu" as shown below. Use your arrow keys to move to "Safe Mode with Networking" and press Enter key. Read more detailed instructions here: http://www.computerhope.com/issues/chsafe.htm


NOTE: Login as the same user you were previously logged in with in the normal Windows mode.

2. Download free anti-malware software from the list below and run a full system scan.
NOTE: in some cases the rogue program may block anti-malware software. Before saving the selected program onto your computer, you may have to rename the installer to iexplore.exe or winlogon.exe With all of these tools, if running Windows 7 or Vista they MUST be run as administrator. Launch the program and follow the prompts. Don't forget to update the installed program before scanning.

3. New threats appear every day. In order to protect your PC from such (new) infections we strongly recommend you to use ESET Smart Security.


HDD Doctor associated files and registry values:

Files:

In Windows XP:
  • C:\Documents and Settings\[User Name]\Application Data\hdddoctor.exe
  • C:\Documents and Settings\[User Name]\Application Data\install_hdd
  • C:\Documents and Settings\[User Name]\Desktop\HDD Doctor.lnk
  • C:\Documents and Settings\[User Name]\Start Menu\Programs\HDD Doctor.lnk
  • C:\WINDOWS\Tasks\At1.job
In Windows Vista & Windows 7
  • C:\Users\[User Name]\AppData\hdddoctor.exe
  • C:\Users\[User Name]\AppData\install_hdd
  • C:\Users\[User Name]\Desktop\HDD Doctor.lnk
  • C:\Users\[User Name]\Start Menu\Programs\HDD Doctor.lnk
  • C:\WINDOWS\Tasks\At1.job
Registry values:
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "WarnonBadCertRecving" = '0'
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "WarnOnPostRedirect" = '0'
  • HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Winlogon "Shell" = '%UserProfile%\Application Data\hdddoctor.exe'
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "WarnOnPost"='0'
  • HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon /V "Shell" = '%UserProfile%\Application Data\hdddoctor.exe'
Share this information with other people:

No comments:

Post a Comment