How to Remove the Win HDD Virus from a Windows 7 PC

Everyone knows that it is smart to have a good anti-virus program installed and running on every PC, but that doesn’t mean your computer is going to be 100% safe. The virus maker’s are constantly thinking of ways around the anti-virus programs, and sometimes people don’t update the virus lists frequently enough. With that in mind it is always important to know how to remove the most common virus’s once they get on your PC.

The Win HDD virus is one of the more common viruses, and while it is often blocked by anti-virus programs it is still good to have a way to get rid of it. This particular virus works by affecting the computer through a Trojan horse. In most cases the Trojan horse will act like a security application which is scanning your computer and alerts you to a ‘critical error’. If you follow the instructions it provides it will ask you to enter your credit card information in order to purchase the fix to this virus. Of course, this won’t actually work and you’ll have given your information to a scammer.

There are a few ways to remove the Win HDD virus from a Windows 7 PC. For most people the easiest option is to simply restore your PC to a date before the virus affected your computer. This is a fairly simple process which most people are able to follow. Follow these simple steps to restore your PC.

    1. Power off your computer and turn it back on.
    1. While the computer is booting up, press and hold the F8 key to bring up the system restore screen.
    2. Go to the ‘advanced boot options’ and select ‘repair your computer’ and press enter.
    3. Select US for the keyboard layout.
    4. Choose your username and enter your password. This will bring up a list of recovery options.
    5. Choose “System Restore”
    1. At this point you will most likely have several different dates to choose from. Select the most recent option that you know is clean.
  • The computer will restore to that date without the virus. It will take several minutes to complete.

 

The whole process should only take about 15-20 minutes in most cases. This is the ideal solution for most people, and is especially good for when you are walking someone through getting rid of this (or most any) virus over the phone because the instructions are so simple to follow. If, however, you don’t want to lose any data and you’d rather manually remove the virus there are some things you can try.

The Win Hdd virus is extremely persistent and won’t let you run programs or access the internet so you’ll need to have another uninfected computer as well as a thumb drive (flash drive). Once you’ve got your other computer ready simply follow these instructions:

    1. From the clean computer download the simple program called “RKill” (can be found here).
    2. Move the RKill programs to the thumb drive and then plug that thumb drive into the infected computer.
    3. You can either move the RKill program onto the infected computer’s desktop or run it from the thumb drive itself. The program takes just seconds to run. Once it is run attempt to connect to the internet, if it doesn’t work you’re still infected
        1. If you’re still infected that means the particular virus you have is likely attempting to stop the RKill program from running. To get around this you can ‘overload’ the virus by running the RKill program repeatedly. Simply click on the RKill program as quickly as possible for about a minute. This will cause your computer to attempt to launch dozens of copies of the program, and once one of them is able to run successfully it will disable the virus. This actually works better on slower computers than faster ones.

      4. Once the virus has been disabled you’ll need to download the latest copy of a free program called “Malwarebytes Anti-Malware”. This is one of the best programs for removing maleware (viruses) available today and does an excellent job with the Win HDD virus.

  • Once the program has been installed run it and follow the simple instructions. It may ask you to update the virus definitions, if it does, say yes.
  • Instruct the program to check all your drives and hit ‘start’.
  • Allow the program to run all the way through. This may take quite a while depending on the size of your hard drive and how many files you have.

 

Once Malwarebytes has finished running you can restart your computer and you should be virus free! At this point it would be smart to update the virus definitions of whatever your main anti-virus program is to attempt to prevent yourself from getting infected again.

The Win HDD virus’s is one that is extremely difficult to remove if you don’t have the right tools so make sure to keep the RKill program around even after you’ve successfully removed it. One last tip is that some versions of this virus recognize the name ‘rkill’ and won’t allow the program to run at all. If you find you can’t get it to run simply rename the program to anything you’d like and see if that allows it to run. As with all virus’s, the best way to fix them is to avoid them all together and always have an updated anti-virus program on your windows 7 PC.