Archive for the 'Threats' Category

What is HardDrive Diagnostic, How to remove Hard Drive Diagnostic

Tuesday, December 7th, 2010

Hard Drive Diagnostic is a harmful program.

remove It is a malicious program, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Hard Drive Diagnostic associated files and folders:

%Temp%\{RANDOM}.exe
%Temp%\{RANDOM}
%Temp%\{RANDOM}.dat
%UserProfile%\Desktop\Hard Drive Diagnostic.lnk
%UserProfile%\Start Menu\Programs\Hard Drive Diagnostic
%UserProfile%\Start Menu\Programs\Hard Drive Diagnostic\Hard Drive Diagnostic.lnk
%UserProfile%\Start Menu\Programs\Hard Drive Diagnostic\Uninstall Hard Drive Diagnostic.lnk

Hard Drive Diagnostic associated registry keys and values:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | {RANDOM}

Core filename: {RANDOM}.exe
Command: %Temp%\{RANDOM}.exe
HijackThis shows Hard Drive Diagnostic:

O4 – HKCU\..\Run: [{RANDOM}] %Temp%\{RANDOM}.exe

Description: Hard Drive Diagnostic is a fake computer optimization software that installed via trojans without user knowledge and permission. When is started, it will report false information and display fake alerts on the computer. The rogue will perform a fake scan and state that your computer has some serious problems such critical errors in Windows registry, hard drive is missing or unreadable. Moreover, HardDrive Diagnostic will blocks all the legitimate and trustful applications used on your PC. In order to repair the entire system, the program will suggest you to purchase its full version. Most important, do not purchase this fake program! If your computer is infected with this malware then follow the removal guide below to remove Hard Drive Diagnostic from your computer for free using legitimate free antimalware software.

How to remove: use the Hard Drive Diagnostic removal instructions or the steps below.

1. Reboot your computer in Safe mode with networking.

2. Download OTM by OldTimer from here and save to your desktop. Run OTM, copy,then paste the following text in “Paste Instructions for Items to be Moved” window (under the yellow bar):

:Commands
[emptytemp]
[Reboot]

Click the red Moveit! button. If you are asked to reboot the machine choose Yes. When the tool is finished, it will produce a report for you.

3. Download Malwarebytes Anti-malware. Install, perform a scan and let it remove what it found. Reboot afterwards (important).

What is HDDScan, How to remove HDD Scan

Saturday, December 4th, 2010

HDD Scan is a harmful program.

remove It is a malicious program, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

HDD Scan associated files and folders:

%Temp%\{RANDOM}.exe
%Temp%\{RANDOM}
%Temp%\{RANDOM}.dat
%UserProfile%\Desktop\HDD Scan.lnk
%UserProfile%\Start Menu\Programs\HDD Scan
%UserProfile%\Start Menu\Programs\HDD Scan\HDD Scan.lnk
%UserProfile%\Start Menu\Programs\HDD Scan\Uninstall HDD Scan.lnk

HDD Scan associated registry keys and values:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | {RANDOM}

Core filename: {RANDOM}.exe
Command: %Temp%\{RANDOM}.exe
HijackThis shows HDD Scan:

O4 – HKCU\..\Run: [{RANDOM}] %Temp%\{RANDOM}.exe

Description: HDD Scan is a fake optimization tool. Once installed, it reports false information and displays fake alerts on the computer. The rogue will imitate a system scan and report that your computer has some serious problems such critical errors in Windows registry, hard drive is missing or unreadable. Moreover, HDDScan will blocks all the legitimate and trustful applications used on your PC. In order to repair the entire system, the program will suggest you to purchase its full version. Most important, do not purchase this fake program! If your computer is infected with this malware then follow the removal guide below to remove HDD Scan from your computer for free using legitimate free antimalware software.

How to remove: use the HDD Scan removal instructions or the steps below.

1. Reboot your computer in Safe mode with networking.

2. Download OTM by OldTimer from here and save to your desktop. Run OTM, copy,then paste the following text in “Paste Instructions for Items to be Moved” window (under the yellow bar):

:Commands
[emptytemp]
[Reboot]

Click the red Moveit! button. If you are asked to reboot the machine choose Yes. When the tool is finished, it will produce a report for you.

3. Download Malwarebytes Anti-malware. Install, perform a scan and let it remove what it found. Reboot afterwards (important).

What is DiskDoctor, How to remove Disk Doctor

Friday, December 3rd, 2010

Disk Doctor is a harmful program.

remove It is a malicious program, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Disk Doctor associated files and folders:

%Temp%\{RANDOM}.exe
%Temp%\{RANDOM}
%Temp%\{RANDOM}.dat
%UserProfile%\Desktop\Disk Doctor.lnk
%UserProfile%\Start Menu\Programs\Disk Doctor
%UserProfile%\Start Menu\Programs\Disk Doctor\Disk Doctor.lnk
%UserProfile%\Start Menu\Programs\Disk Doctor\Uninstall Disk Doctor.lnk

Disk Doctor associated registry keys and values:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | {RANDOM}

Core filename: {RANDOM}.exe
Command: %Temp%\{RANDOM}.exe
HijackThis shows Disk Doctor:

O4 – HKCU\..\Run: [{RANDOM}] %Temp%\{RANDOM}.exe

Description: Disk Doctor is a fake optimization tool. Once installed, it reports false information and displays fake alerts on the computer. The rogue program will imitate a system scan and report that your computer has some serious problems such critical errors in Windows registry, hard drive is missing or unreadable. Moreover, Disk Doctor will blocks all the legitimate and trustful applications used on your PC. In order to repair the entire system, Disk Doctor will suggest you to purchase its full version. Most important, do not purchase this fake program! If your computer is infected with DiskDoctor then follow the removal guide below to remove Disk Doctor from your computer for free using legitimate free antimalware software.

How to remove: use the Disk Doctor removal instructions or the steps below.

1. Reboot your computer in Safe mode with networking.

2. Download OTM by OldTimer from here and save to your desktop. Run OTM, copy,then paste the following text in “Paste Instructions for Items to be Moved” window (under the yellow bar):

:Commands
[emptytemp]
[Reboot]

Click the red Moveit! button. If you are asked to reboot the machine choose Yes. When the tool is finished, it will produce a report for you.

3. Download Malwarebytes Anti-malware. Install, perform a scan and let it remove what it found. Reboot afterwards (important).

What is WinDefragmenter, How to remove Win Defragmenter

Thursday, December 2nd, 2010

Win Defragmenter is a harmful program.

remove It is a malicious program, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Win Defragmenter associated files and folders:

%Temp%\{RANDOM}.exe
%Temp%\{RANDOM}
%Temp%\{RANDOM}.dat
%UserProfile%\Desktop\Win Defragmenter.lnk
%UserProfile%\Start Menu\Programs\Win Defragmenter
%UserProfile%\Start Menu\Programs\Win Defragmenter\Win Defragmenter.lnk
%UserProfile%\Start Menu\Programs\Win Defragmenter\Uninstall Win Defragmenter.lnk

Win Defragmenter associated registry keys and values:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | {RANDOM}

Core filename: {RANDOM}.exe
Command: %Temp%\{RANDOM}.exe
HijackThis shows Win Defragmenter:

O4 – HKCU\..\Run: [{RANDOM}] %Temp%\{RANDOM}.exe

Description: Win Defragmenter is a fake computer defragmenter and diagnostics program. Once installed, it reports false information and displays fake alerts on the computer. The rogue program will imitate a system scan and report that your computer has some serious problems such critical errors in Windows registry, hard drive is missing or unreadable. Moreover, Win Defragmenter will block all Windows applications from running. The rogue will prompt you to buy its full version to fix these system errors. Most important, do not purchase this fake program! If your computer is infected with WinDefragmenter then follow the removal guide below to remove Win Defragmenter from your computer for free using legitimate free antimalware software.

How to remove: use the Win Defragmenter removal instructions or the steps below.

1. Reboot your computer in Safe mode with networking.

2. Download OTM by OldTimer from here and save to your desktop. Run OTM, copy,then paste the following text in “Paste Instructions for Items to be Moved” window (under the yellow bar):

:Commands
[emptytemp]
[Reboot]

Click the red Moveit! button. If you are asked to reboot the machine choose Yes. When the tool is finished, it will produce a report for you.

3. Download Malwarebytes Anti-malware. Install, perform a scan and let it remove what it found. Reboot afterwards (important).

What is Win Defrag, How to remove Win Defrag

Tuesday, November 30th, 2010

Win Defrag is a harmful program.

remove It is a malicious program, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Win Defrag associated files and folders:

%Temp%\{RANDOM}.exe
%Temp%\{RANDOM}
%Temp%\{RANDOM}.dat
%UserProfile%\Desktop\Win Defrag.lnk
%UserProfile%\Start Menu\Programs\Win Defrag
%UserProfile%\Start Menu\Programs\Win Defrag\Win Defrag.lnk
%UserProfile%\Start Menu\Programs\Win Defrag\Uninstall Win Defrag.lnk

Win Defrag associated registry keys and values:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | {RANDOM}

Core filename: {RANDOM}.exe
Command: %Temp%\{RANDOM}.exe
HijackThis shows Win Defrag:

O4 – HKCU\..\Run: [{RANDOM}] %Temp%\{RANDOM}.exe

Description: Win Defrag is a fake computer defragmenter and optimization program. When the rogue is installed, it reports false information and displays fake alerts on the computer. The program will simulate a system scan and state that your computer has some serious problems such critical errors in Windows registry, hard drive is missing or unreadable. Moreover, Win Defrag will block all Windows applications from running. The rogue will prompt you to buy its full version to fix these system errors. Most important, do not purchase this fake program! If your computer is infected with WinDefrag then follow the removal guide below to remove Win Defrag from your computer for free using legitimate free antimalware software.

How to remove: use the Win Defrag removal instructions or the steps below.

1. Reboot your computer in Safe mode with networking.

2. Download OTM by OldTimer from here and save to your desktop. Run OTM, copy,then paste the following text in “Paste Instructions for Items to be Moved” window (under the yellow bar):

:Commands
[emptytemp]
[Reboot]

Click the red Moveit! button. If you are asked to reboot the machine choose Yes. When the tool is finished, it will produce a report for you.

3. Download Malwarebytes Anti-malware. Install, perform a scan and let it remove what it found. Reboot afterwards (important).

What is WinHDD, How to remove Win HDD

Saturday, November 27th, 2010

Win HDD is a harmful program.

remove It is a malicious program, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Win HDD associated files and folders:

%Temp%\{RANDOM}.exe
%Temp%\{RANDOM}
%Temp%\{RANDOM}.dat
%UserProfile%\Desktop\Win HDD.lnk
%UserProfile%\Start Menu\Programs\Win HDD
%UserProfile%\Start Menu\Programs\Win HDD\Win HDD.lnk
%UserProfile%\Start Menu\Programs\Win HDD\Uninstall Win HDD.lnk

Win HDD associated registry keys and values:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | {RANDOM}

Core filename: {RANDOM}.exe
Command: %Temp%\{RANDOM}.exe
HijackThis shows Win HDD:

O4 – HKCU\..\Run: [{RANDOM}] %Temp%\{RANDOM}.exe

Description: Win HDD is a fake computer defragmenter and diagnostics program. Once installed, it reports false information and displays fake alerts on the computer. The rogue program will simulate a system scan and state that your computer has some serious problems such critical errors in Windows registry, hard drive is missing or unreadable. Moreover, Win HDD will block all Windows applications from running. The rogue will prompt you to buy its full version to fix these system errors. Most important, do not purchase this fake program! If your computer is infected with WinHDD then follow the removal guide below to remove Win HDD from your computer for free using legitimate free antimalware software.

How to remove: use the Win HDD removal instructions or the steps below.

1. Reboot your computer in Safe mode with networking.

2. Download OTM by OldTimer from here and save to your desktop. Run OTM, copy,then paste the following text in “Paste Instructions for Items to be Moved” window (under the yellow bar):

:Commands
[emptytemp]
[Reboot]

Click the red Moveit! button. If you are asked to reboot the machine choose Yes. When the tool is finished, it will produce a report for you.

3. Download Malwarebytes Anti-malware. Install, perform a scan and let it remove what it found. Reboot afterwards (important).

What is HDD Control, How to remove HDD Control

Thursday, November 25th, 2010

HDD Control is a harmful program.

remove It is a malicious program, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

HDD Control associated files and folders:

%Temp%\{RANDOM}.exe
%Temp%\{RANDOM}
%Temp%\{RANDOM}.dat
%UserProfile%\Desktop\HDD Control.lnk
%UserProfile%\Start Menu\Programs\HDD Control
%UserProfile%\Start Menu\Programs\HDD Control\HDD Control.lnk
%UserProfile%\Start Menu\Programs\HDD Control\Uninstall HDD Control.lnk

HDD Control associated registry keys and values:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | {RANDOM}

Core filename: {RANDOM}.exe
Command: %Temp%\{RANDOM}.exe
HijackThis shows HDD Control:

O4 – HKCU\..\Run: [{RANDOM}] %Temp%\{RANDOM}.exe

Description: HDD Control is a fake computer defragmenter and optimization application that uses false scan results and fake alerts in order to trick you into purchasing its paid version.

How to remove: use the HDD Control removal instructions.

What is vz.exe, How to remove vz.exe

Monday, November 22nd, 2010

vz.exe is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: vz
Filename: vz.exe
Registry key:

HKEY_CURRENT_USER\Software\Classes\.exe
HKEY_CURRENT_USER\Software\Classes\pezfile
HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command | @ = “”%AppData%\vz.exe” /START “%1″ %*”
HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command | IsolatedCommand = “”%1″ %*”
HKEY_CURRENT_USER\Software\Classes\.exe | @ = “pezfile”
HKEY_CURRENT_USER\Software\Classes\.exe | Content Type = “application/x-msdownload”
HKEY_CURRENT_USER\Software\Classes\pezfile\shell\open\command | @ = “”%AppData%\vz.exe” /START “%1″ %*”
HKEY_CURRENT_USER\Software\Classes\pezfile\shell\open\command | IsolatedCommand = “”%1″ %*”

Command: %Appdata%\vz.exe
Startup Type: File associations
Description: main executable file of XP Antispyware 2011, Vista Antispyware 2011, Win 7 Antispyware 2011, XP Security 2011, Vista Security 2011, Win 7 Security 2011, XP Internet Security 2011, Vista Internet Security 2011, Win 7 Internet Security 2011, XP Antimalware 2011, Vista Antimalware 2011, Win 7 Antimalware 2011, XP Guard Vista Guard, Win 7 Guard. All programs are rogue antispyware.

How to remove: use these vz.exe removal instructions.

What is Ultra Defragger, How to remove Ultra Defragger

Sunday, November 14th, 2010

Ultra Defragger is a harmful program.

remove It is a malicious program, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Ultra Defragger associated files and folders:

%Temp%\{RANDOM}.exe
%Temp%\{RANDOM}
%Temp%\{RANDOM}.dat
%UserProfile%\Desktop\Ultra Defragger.lnk
%UserProfile%\Start Menu\Programs\Ultra Defragger
%UserProfile%\Start Menu\Programs\Ultra Defragger\Ultra Defragger.lnk
%UserProfile%\Start Menu\Programs\Ultra Defragger\Uninstall Ultra Defragger.lnk

Ultra Defragger associated registry keys and values:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | {RANDOM}

Core filename: {RANDOM}.exe
Command: %Temp%\{RANDOM}.exe
HijackThis shows Ultra Defragger:

O4 – HKCU\..\Run: [{RANDOM}] %Temp%\{RANDOM}.exe

Description: Ultra Defragger is a fake computer defragmenter and optimization application that uses false scan results and fake alerts in order to trick you into purchasing its paid version.

How to remove: use the Ultra Defragger removal instructions.

What is Quick Defragmenter, How to remove Quick Defragmenter

Thursday, November 11th, 2010

Quick Defragmenter is a harmful program.

remove It is a malicious program, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Quick Defragmenter associated files and folders:

%Temp%\{RANDOM}.exe
%Temp%\{RANDOM}
%Temp%\{RANDOM}.dat
%UserProfile%\Desktop\Quick Defragmenter.lnk
%UserProfile%\Start Menu\Programs\Quick Defragmenter\Quick Defragmenter.lnk
%UserProfile%\Start Menu\Programs\Quick Defragmenter\Uninstall Quick Defragmenter.lnk

Quick Defragmenter associated registry keys and values:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | {RANDOM}

Core filename: {RANDOM}.exe
Command: %Temp%\{RANDOM}.exe
HijackThis shows Quick Defragmenter:

O4 – HKCU\..\Run: [{RANDOM}] %Temp%\{RANDOM}.exe

Description: Quick Defragmenter is a fake computer defragmenter and optimization application that uses false scan results and fake alerts in order to trick you into purchasing its paid version.

How to remove: use the Quick Defragmenter removal instructions.