HDD Defragmenter is a misleading application that is a clone of Smart Defragmenter. The program is a scam that uses misleading methods such as false scan results and fake error messages in order to trick you into purchasing its full version. Important to know, HDD Defragmenter is not able to detect and fix any system problems. It's only purpose is to harvest credit card numbers. Remove this malware from your computer as soon as possible.
HDD Defragmenter is distributed through the use of malware that pretends to be an Adobe Reader update. When the fake update is started, it will download and install the malicious program onto your computer. On first start, HDD Defragmenter will configure itself to run automatically when Windows loads. Further, the program starts the process of scanning computer's disks, memory and other components whose result is the discovery of serious system problems. Of course, the scan results are all fake, and will not "fix" these problems unless you buy the full version (which of course does not exist).
HDD Defragmenter will display a lot of fake alerts that warn about critical system errors, hardware failure, etc. Some of the alerts are:
Critical Error!
Windows was unable to save all the data for the file \System32\496A8300. The data has been lost. This error may be caused by a failure of your computer hardware.
Critical Error!
A critical error has occurred while indexing data stored on hard drive. System restart required.
System Restore:
The system has been restored after a critical error. Data integrity and hard drive integrity verification required.
Also, HDD Defragmenter will block the action to launch any executables. Instead it will generate the fake warning box:
System Error!
Exe file is corrupted and can't be run. Hard drive scan required.
All of these warnings are fake and should be ignored.
It is possible that HDD Defragmenter malware will not allow you to run malware removal software. If this is the case, then you will need to reboot your computer in Safe mode and reinstall your virus scan software or boot from a bootup or PE cd that has built-in command-line virus removal. System Restore, even in safe mode, is probably not an option. I believe it purges those restore points.
It may be necessary to run this version of RKill to kill these processes, then re-install and run MalwareBytes:
iExplore.exe
MALWAREBYTES
Associated HDD Defragmenter Files:
%Temp%\(random)
%Temp%\(random).exe
%Temp%\dfrg.dat
%Temp%\dfrgr.dat
%Temp%\winsp1up.exe
%Temp%\winsp1upd.dll
%UserProfile%\Desktop\HDD Defragmenter.lnk
%UserProfile%\Start Menu\Programs\HDD Defragmenter\
%UserProfile%\Start Menu\Programs\HDD Defragmenter\HDD Defragmenter.lnk
%UserProfile%\Start Menu\Programs\HDD Defragmenter\Uninstall HDD Defragmenter.lnk
File Location Notes:
%UserProfile% refers to the current user's profile folder. By default, this is C:\Documents and Settings\ for Windows 2000/XP, C:\Users\ for Windows Vista/7, and c:\winnt\profiles\ for Windows NT.
%Temp% refers to the Windows Temp folder. By default, this is C:\Windows\Temp for Windows 95/98/ME, C:\DOCUMENTS AND SETTINGS\ProfileName\LOCAL SETTINGS\Temp for Windows 2000/XP, and C:\Users\ProfileName\AppData\Local\Temp for Windows Vista and Windows 7.
Associated HDD Defragmenter Windows Registry Information:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "(random)"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "winsp1up.exe"