Devirusare HDD Diagnostic – Program Fals de Optimizare

In cadrul programelor rogue, nu exista doar antivirusi sau antispyware falsi. HDD Diagnostic este un program fals de optimizare si analiza a computerului, ce va afisa informatii eronate pentru a speria utilizatorul. Acesta va considera ca PC-ul sau are ceva in neregula.

La incercarea de a rula orice executabil, veti primi eroarea:

Windows detected a hard drive problem.
A hard drive error occurred while starting the application.

Windows cannot find notepad. Make sure you typed the name correctly, and then try again. To search for a file, click the Start button, and then click Search.

Dupa ce inchideti aceasta fereastra, veti primi o alta, care aparent are solutia pentru eroare:

Fix Disk
Windows Disk Diagnostics will scan the system to identify performance problems.
Start or Cancel

Programul va afisa apoi diverse “probleme” identificate:

Requested registry access is not allowed. Registry defragmentation required
Read time of hard drive clusters less than 500 ms
32% of HDD space is unreadable
Bad sectors on hard drive or damaged file allocation table
GPU RAM temperature is critically high. Urgent RAM memory optimization is required to prevent system crash
Drive C initializing error
Ram Temperature is 83 C. Optimization is required for normal operation.
Hard drive doesn’t respond to system commands
Data Safety Problem. System integrity is at risk.
Registry Error – Critical Error

hdd diagnostic devirusare



Dupa incercari repetate de a rula un program, acesta va fi lansat. System Defragmenter va afisa diverse mesaje:

Read time of hard drive clusters less than 500 ms
32% of HDD space is unreadable
Hard drive does not respond to system commands
GPU RAM temperature is critically high. Urgent RAM memory optimization is required to prevent system crash
Bad sectors on hard drive or damaged file allocation table
Ram Temperature is 83 C. Optimization is required for normal operation.
Data Safety Problem. System integrity is at risk.
Drive C initializing error
Requested registry access is not allowed. Registry defragmentation required
Registry Error – Critical Error

Programul creeaza urmatoarele fisiere\foldere:

  • %Temp%\<random>.bin
  • %Temp%\<random>
  • %Temp%\<random>.exe
  • %Temp%\dfrg
  • %Temp%\dfrgr
  • %Temp%\<random>.dll
  • %Temp%\<random>.exe
  • %UserProfile%\Start Menu\Programs\HDD Diagnostic\
  • %UserProfile%\Start Menu\Programs\HDD Diagnostic\HDD Diagnostic.lnk
  • %UserProfile%\Start Menu\Programs\HDD Diagnostic\Uninstall HDD Diagnostic.lnk

Ii sunt asociate cheile registry:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “<random>”
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “<random>.exe”

In log-ul HijackThis apar urmatoarele intrari:

O4 – HKCU\..\Run: [<random>] %Temp%\<random>.exe
O4 – HKCU\..\Run: [<random>.exe] %Temp%\<random>.exe

DEVIRUSARE:

1. Descarcati si rulati rkill.com. Acest lucru este ncesar pentru a opri procesul activ folosit de virus. Veti primi probabil o atentionare ca rkill.com este infectat. Ignorati-l, este doar o alarma falsa generata de System Tool.


2. Descarcati si instalati Malwarebytes Anti-Malware. Scanati PC-ul complet si stergeti la final infectiile gasite apasandRemove selected.

Daca ai reusit sa cureti aceasta infectie, iti recomand sa cumperi versiunea PRO a Malwarebytes Anti-Malwarepentru a te proteja si pe viitor de astfel de amenintari, avand in vedere ca nu au fost detectate\eliminate de antivirusul tau actual.

Administrator FaraVirusi.com
voluntar al Comodo Malware Research Team, expert Malwarebytes Anti-Malware

Leave a Reply