Similar to my other posts about malware programs such as how to remove XP AntiVirus 2010 and how to remove XP Guardian 2010 another nasty malware program has cropped up. This one is called HDDDiagnostic.
HDDdiagnostic pretends to find problems with your hard drive and warns you that you have no free space, or there arew critical errors, it even goes so far as to warn you that you have no hard drive. That is funny actually, because unless you are running Windows off of a USB stick, or a CD\DVD installation, you have to have a hard drive to actually even be seeing these errors - but I can sympathize with those that are not computer savvy. This program may seem legitimate simply because it does not appear to do any harm....it is not claiming that there are virus on the pc etc. So many may believe it is a windows error.
Some typical HDDDiagnostic errors:
Windows detected a hard drive problem.HDDDiagnostic will display false error messages and system tray popup notifications such as these:
A hard drive error occurred while starting the application.
Critical Error
Hard Drive not found. Missing hard drive.
Critical Error
RAM memory usage is critically high. RAM memory failure.
Critical ErrorThere are several removal methods starting from simple to difficult.
Windows can't find hard disk space. Hard drive error
1) The first step is to identify the malware.
Download rkill to kill the rogue process
2) Delete HDDDiagnostic using Add or Remove Programs.
3) Empty your temp folders; such as:
c:\temp
c:\system32\temp
c:\documents and settings\current logged on user\local settings\temp
Note: Current logged on user is the folder name of your windows account.
Press CTRL + ALT + DEL to see the current logged on user (it will say logged on as:)
4) Empty the recycle bin
5) Restore the pc to an earlier time ( start\programs\accessories]system tools\system restore
Advanced HDDDiagnostic Removal Guide:
1. Open process explorer (CTRL-ALT-DEL)
2. End any process similar to a random numbers eg: (7969594392.exe) process.
3. Open your temp directory :
Windows XP: C:\Documents and Settings\[User Name]\Local Settings\Temp
Windows Vista\7: C:\Users\[User Name]\AppData\Local\Temp
4. Delete all files from that directory. Some files may be locked by the malware.
5. Open process explorer again and end explorer.exe process.
6. Create new task "explorer.exe"
7. Delete the files which were locked
8. Search for occurrence of "random number" (or whatever the process's number was)
9. Delete all the entries that refer to that program name
10. Scan your computer with anti-malware software.
Additional HDDDiasnostic removal tips can be found here