Win HDD

Joined
Feb 9, 2010
Messages
748
Reaction score
126
Be very, very careful with this trojan/virus. The wife just got this on her laptop yesterday....it took all night and part of this morning to get rid of it. Steps that worked for me.

1. startup in safe mode w/networking.
2. Run every piece of software for virus and malware/spyware you have (full scans). If need be download/install and run extra spyware software.
3. let software remove it for you.
4. reboot.

Note:
running software in normal mode didn't work at all. MSE and Malwarebytes didn't catch it and both were completely updated. Running in safe mode, then using MSE and Malwarebytes still didn't catch it either. The only one that did catch it was Spybot S&D. Be very careful. I got lucky.

Now the wifes laptop is OK....thankfully.
 

Nibiru2012

Quick Scotty, beam me up!
Joined
Oct 27, 2009
Messages
4,955
Reaction score
1,302
Thanks for the heads up on this one BF! It's appreciated!

From: www.trojan-killer.net:

Win HDD removal. How to get rid of WinHDD scam.

November 26, 2010 — admin Win HDD (aka WinHDD) – new name in the family of fake system optimizers. There is no doubt that it is not capable at all of providing decent services on system optimization, even though it bears the name of such a reputable software indeed. It is not a secret that it is a successor of HDD Control, Check Disk, Ultra Defragger, HDD Defragmenter – malwares already discussed in several of our earlier posts. Its activity is not different from the above-mentioned fake programs. The outcome can be really devastating…

Win HDD virus comes to users’ systems via some deceptive corrupted downloads. Afterwards you will obtain some messages telling that your PC is seriously infected with lots of problems and threats that can only be dealt with by obtaining the full version of this junkware. In addition, Win HDD will keep presenting various popup alerts to persuade you to finally buy it. At the same time, even if you make the decision to follow this trick you will not benefit at all from its fake optimizing work.

Win HDD manual removal guide:
Delete Win HDD files:
%TempDir%\[random].dll
%TempDir%\[random].exe
%TempDir%\[random]
%TempDir%\dfrg
%TempDir%\dfrgr
%StartMenu%\Programs\Win HDD
%StartMenu%\Programs\Win HDD\Win HDD.lnk
%StartMenu%\Programs\Win HDD\Uninstall Win HDD.lnk
Delete Win HDD registry entries:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run “[random]”
HKCU\Software\Microsoft\Windows\CurrentVersion\Run “[random].exe”
 
Joined
Mar 8, 2009
Messages
5,063
Reaction score
1,185
Do you not have restore points you can use?

The sequence I would prefer using is:
  • boot to safe mode (gives you control of the PC again)
  • fall back on a restore points (reverts to a point before the infection)
  • after a Reboot
  • run CCleaner (removes all files that don't need scanning)
  • then use Malware/AV scans (scans for any remnants of the virus)

Thanks for the warning about MSE and Malewarebytes not finding it though.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Top