Do you have pop-ups or your computer infected with trojan or spyware ? Learn how to ask us for help, click here!
Hard Drive Diagnostic is a new malicious program from the same family of malware as HDD Scan, Disk Doctor, etc. The program pretends to be a legitimate software that is used to check and repair file systems and bad clusters on the hard drive but, in reality, it is a totally scam. The rogue detects numerous false problems and displays various critical errors alerts on the computer in order to trick you into thinking your computer has a lot of serious problems. HardDrive Diagnostic will state that all you have to do in order to fix these problems and errors is purchase the full version of the software. However, do not get trapped because it won’t resolve any problems on your PC.
Hard Drive Diagnostic is promoted and distributed with the help of trojans or other malicious software. Moreover, cyber criminals may also distribute it on social networks (Twitter, My Space, Facebook, etc) and spam emails. Please be careful when opening attachments and downloading files or otherwise you can end up with a rogue program on your computer. Remember that the rogue is a highly dangerous application and you need remove HardDrive Diagnostic as soon as possible!
Immediately after launch, Hard Drive Diagnostic will configure itself to run automatically when your computer loads. Next, this malware will perform a scan of your computer`s hard disks, memory, etc and detect 11 critical problems, e.g. “Read time of hard drive clusters less than 500 ms”, “32% of HDD space is unreadable”, “Bad sectors on hard drive or damaged file allocation table”, etc. Next, HardDrive Diagnostic will prompt you to pay for its full version before it “repairs” your machine of the problems. Important to note, the scan might look legitimate but, in reality, it is just simulated and is unable to detect any problems! Thus, don`t pay for the Hard Drive Diagnostic and just ignore the false scan results.
While running, Hard Drive Diagnostic will block all Windows legitimate applications from running. Important to note, if you attempt to run a program enough times it will eventually work. The following warning will be shown when you attempt to run a program:
Windows detected a hard drive problem.
A hard drive error occurred while starting the application
What is more, the fake defragmenter will display various fake warnings and notifications from your Windows taskbar. The text of some of the alerts are:
System Restore
The system has been restored after a critical error. Data integrity and hard drive integrity verification required.
Windows – No Disk
Exception Processing Message 0×0000013
Critical Error
A critical error has occurred while indexing data stored on hard drive. System restart required.
Just like false scan results above, all of these alerts are a fake and supposed to scare you into thinking your computer is in danger. You should ignore all of them!
As you can see, all HardDrive Diagnostic does is fake! Be sure you keep away from this fake software and never install it on your computers. If your PC has been infected with the rogue, then ignore all it gives you and follow the removal instructions below in order to remove Hard Drive Diagnostic and any associated malware from your computer for free.
Step 1. Reboot your computer in Safe mode with networking
Restart your computer.
After hearing your computer beep once during startup, start pressing the F8 key on your keyboard. On a computer that is configured for booting to multiple operating systems, you can press the F8 key when the Boot Menu appears.
Instead of Windows loading as normal, Windows Advanced Options menu appears similar to the one below.
Windows Advanced Options menu
When the Windows Advanced Options menu appears, select Safe mode with networking and then press ENTER.
Step 2. Stop Hard Drive Diagnostic from running
Download HijackThis from here. Run HijackThis and click Scan button to perform a system scan. Place a checkmark against each of lines:
O4 – HKCU\..\Run: [{RANDOM}.exe] {PATH}\Temp\{RANDOM}.exe
O4 – HKCU\..\Run: [{RANDOM}] {PATH}\Temp\{RANDOM}.exe
Example:
O4 – HKCU\..\Run: [saAlAiSHfe.exe] C:\Users\User\AppData\Local\Temp\saAlAiSHfe.exe
O4 – HKCU\..\Run: [258794] C:\Users\User\AppData\Local\Temp\258794.exe
Note: list of infected items may be different. Template of the malicious entries:
Variant 1: [{random string}] {PATH}\Temp\{random string}.exe;
Variant 2: [{set of random numbers}] {PATH}\Temp\{set of random numbers}.exe;
If you unsure, then check it in Google. Skip this step, if you does not find any malicious lines.
Place a checkmark against each of them. Once you have selected all entries, close all running programs then click once on the “fix checked” button. Close HijackThis.
Step 3. Clean temp folder
HardDrive Diagnostic stores its files in Windows temp foder. You need to clean it.
Please download ATF Cleaner by Atribune from here, saving it to your desktop. It is used to cleanout temporary files & temp areas used by internet browsers.
Start ATF-Cleaner.exe to run the program. Under Main choose: Select All and click the Empty Selected button.
Step 4. Remove Hard Drive Diagnostic and associated malware
Download MalwareBytes Anti-malware (MBAM). Close all programs and Windows on your computer.
Double Click mbam-setup.exe to install the application. When the installation begins, keep following the prompts in order to continue with the installation process. Do not make any changes to default settings and when the program has finished installing, make sure a checkmark is placed next to Update Malwarebytes’ Anti-Malware and Launch Malwarebytes’ Anti-Malware, then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded you will see window similar to the one below.
Malwarebytes Anti-Malware Window
Select Perform Quick Scan, then click Scan, it will start scanning your computer for Hard Drive Diagnostic infection. This procedure can take some time, so please be patient.
When the scan is complete, click OK, then Show Results to view the results. You will see a list of infected items similar as shown below. Note: list of infected items may be different than what is shown in the image below.
Malwarebytes Anti-malware, list of infected items
Make sure all entries have a checkmark at their far left and click “Remove Selected” button to remove Hard Drive Diagnostic. MalwareBytes Anti-malware will now remove all of associated Hard Drive Diagnostic files and registry keys and add them to the programs’ quarantine. When MalwareBytes Anti-malware has finished removing the infection, a log will open in Notepad and you may be prompted to Restart.
Note 1: if you can not download, install, run or update Malwarebytes Anti-malware, then follow the steps: Malwarebytes won`t install, run or update – How to fix it.
Note 2: if you need help with the instructions, then post your questions in our Spyware Removal forum.
Note 3: your current antispyware and antivirus software let the infection through ? Then you may want to consider purchasing the FULL version of MalwareBytes Anti-malware to protect your computer in the future.
%UserProfile%\Desktop\Hard Drive Diagnostic.lnk
%UserProfile%\Start Menu\Programs\Hard Drive Diagnostic\Hard Drive Diagnostic.lnk
%UserProfile%\Start Menu\Programs\Hard Drive Diagnostic\Uninstall Hard Drive Diagnostic.lnk
%Temp%\{RANDOM}.exe
%Temp%\{RANDOM}
%Temp%\{RANDOM}.dat
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | {RANDOM}
December 5, 2010 on 9:14 am | In Malware, Malware removal | No Comments |
No comments:
Post a Comment