Posts Comments

HDD Rescue Removal Instructions

By admin on December 11, 2010 3 Comments

HDD Rescue is a false security client.  This malicious software will prevent legit programs like the Task Manager and other real security software from running.  Security Tool is a clone of Security Tool, Smart Security, System Tool and Total Security 2009.

If HDD Rescue becomes as prevalent as Security Tool than this virus will infect tens of millions of people if not hundreds of millions of people.  In 2010 Security Tool was the most common rogue security client to hit the market.  It looks like this clone may just be the replacement of that fake security client.

Some of the FAKE warning messages you may see:

Attention
Considerable System productivity decline is observed.
Total System scanning is recommended to remove all the reasons of productivity decline.

Attention
Potentially harmful software is detected.
To enable the security mode and remove harmful software it is recommended to perform a cleanup.

Attention
Suspicious software activity is detected.
Please start system files scanning for details.

C:\ is running out of room

HDD Rescue

HDD Rescue Removal

» Download HDD Rescue Removal Software

As soon as you find a copy of HDD Rescue on your computer, you should take steps to remove HDD Rescue. HDD Rescue removal is a process which involves stopping the main executable and after that you delete it as well as other traces in the registry and in temp file locations

HDD Rescue Removal Video

Coming soon. We are putting the final touches on it.

HDD Rescue Manual Removal Procedures

1.The first step you must take in order to remove HDD Rescue is to stop the following processes. Your traces will NOT be the same as bellow. They will be unique to your computer.

  • cxdcfvgbh.exe (Fake alert from system tray).
    sdfghj.exe (HDD Rescue Program)

To stop the above processes we recommend you do one of the following

1A. Just download Spyware Doctor with Antivirus and run a quick scan. It will find the above traces. Than manually browse to the directory those files are in and delete or re-name them.

1B. Right click on the HDD Rescue icon on the desktop and select properties. Now copy the file path into Explorer (Not Internet Explorer). Should look something like c:\Users\admin\AppData\Local\Temp\ or c:\Users\YOUR USER NAME\AppData\Local\Temp\ . Now rename the above executables or executables that look close

1C. Browse to c:\Users\admin\AppData\Local\Temp\ or c:\Users\YOUR USER NAME\AppData\Local\Temp\ and re-name the above executables or executables that look close

The next step in HDD Rescue removal is to delete the following file: KEEP IN MIND YOU TRACES ARE RANDOM AND WILL NOT BE THE SAME TRACES. Run a full virus scan using Spyware Doctor with Antivirus to learn the file names.

Windows XP:

  • C:>Documents and Settings>YOUR USER NAME>Local Settings>Application Data\adasd.dll

  • c:>Documents and Settings>YOUR USER NAME>Local Settings>Application Data\cxdcfvgbh.exe

  • C:>Documents and Settings>YOUR USER NAME>Local Settings>Application Data\tmp1D53.tmp

  • C:>Documents and Settings>YOUR USER NAME>Local Settings>Application Data\tmpBF0D.tmp

  • C:>Documents and Settings>YOUR USER NAME>Local Settings>Application Data\tmpf4f.tmp.exe

Windows Vista/7:

  • c:\Users\admin\AppData\Local\Temp\adasd.dll
    c:\Users\admin\AppData\Local\Temp\cxdcfvgbh.exe
    c:\Users\admin\AppData\Local\Temp\sdfghj.exe
    c:\Users\admin\AppData\Local\Temp\tmp1D53.tmp
    c:\Users\admin\AppData\Local\Temp\tmpb0fa.tmp.exe
    c:\Users\admin\AppData\Local\Temp\tmpBF0D.tmp
    c:\Users\admin\AppData\Local\Temp\tmpf4f.tmp.exe

Once the above steps have been completed, HDD Rescue should no longer be running. At this time you need to run a FULL VIRUS SCAN. Don't skip this step. We recommend you scan with Spyware Doctor with Antivirus because it is known to remove HDD Rescue and will also pick up other viruses.

HDD Rescue Registry Removal Proedures

Removing files and folders alone is not sufficient to completely remove HDD Rescue. The following keys and settings should also be removed from the Windows registry to complete HDD Rescue removal:

  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “[random]“
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “[random].exe”

HDD Rescue Directories:

Windows Vista/7:

  • C:\Users\admin\AppData\Local\Temp\

Just run a junk file cleaner.

Filed Under: Virus Removal Tagged With: , , , ,

Speak Your Mind

*

RemoveVirus.org cannot be held liable for any damages that may occur from using our community virus removal guides. Viruses cause damage and unless you know what you are doing you may loose your data. We strongly suggest you backup your data before you attempt to remove any virus. Each product or service is a trademark of their respective company. We do make a commission off of each product we recommend. This is how removevirus.org is able to keep writing our virus removal guides. All Free based antivirus scanners recommended on this site are limited. This means they may not be fully functional and limited in use. A free trial scan allows you to see if that security client can pick up the virus you are infected with.