Home Malware Programs Rogue Anti-Spyware Programs HDD Repair

HDD Repair

Posted: December 10, 2010

Threat Metric

Threat Level: 10/10
Infected PCs: 80
First Seen: December 13, 2010
Last Seen: May 18, 2023
OS(es) Affected: Windows

ScreenshotHDD Repair is a rogue defragmenter that was cloned from the same template as HDD Defragmenter. Like its forebears, HDD Repair will pretend to scan your PC and find serious errors such as unreadable hard drive space or damaged system files. After that, HDD Repair will encourage you to spend money on HDD Repair to fix these problems. SpywareRemove.com malware research team has discovered nothing but false positives on HDD Repair's part, however, and any warning or error message from HDD Repair, including its supposed scan results, should be ignored. Other symptoms of HDD Repair infection can include locked desktop wallpaper, altered browser settings, disabled programs (especially security-related software) and spontaneous reboots. Despite the severity of these issues, circumventing HDD Repair's startup routine (by using Safe Mode or other methods) and then applying a powerful anti-malware program to the job will let you remove HDD Repair with ease.

The Gross Misnomer of HDD Repair

HDD Repair is a recent copy of such rogue defragmenters as HDD Doctor, HDD Doctor Recovery, HDD Plus, ThinkPoint, Disk Helper, Easy Scan, Win Defragmenter and Windows 7 Restore, among others. Although HDD Repair has a different name, its appearance and behavior are identical to these relatives in the rogue defragmenter industry and HDD Repair can be considered just as bad on your PC as a virus or Trojan.

Fake warning messages from system scan simulations and simply at random moments are HDD Repair's raison d'être, but HDD Repair doesn't create them as a part of actual defragmentation functions. In fact, SpywareRemove.com malware researchers have noted that HDD Repair's error messages stress the bounds of believability, since they have nothing to do with defragging files and everything to do with making your PC look like its nearing a complete breakdown:

Bad sectors on hard drive or damaged file allocation table – Critical Error

28% of HDD space is unreadable – Critical Error

Critical Error
A critical error has occurred while indexing data stored on hard drive. System restart required.

A problem detected while reading boot operation system files

System Restore
The system has been restored after a critical error. Data integrity and hard drive integrity verification required.

Boot sector of the hard drive disk is damaged – Critical Error – Limited Edition

Windows – No Disk
Exception Processing Message 0×0000013

Read time of hard drive cluster less than 500 ms – Critical Error

Serious system error
The system will reboot in 30 seconds
Windows can not continue operating due to fatal system error.
Windows was forced to restart.
All unsaved data will be lost.

HDD doctor detected an error on your hard drive when trying to access a file
C:\Program Files\Internet Explorer\iexplore.exe
Perform data recovery now?

Disk Error
Can not find file: C:\Program Files\Messenger\msmsgs.exe
File may be deleted or corrupt.
It is strongly recommended to check the disk for errors.

Your hard drive contains a lot of critical errors!
All your data including installed programs, documents, email, etc. are at risk of irreversible corrupt.
The trial version does not have low-level access module needed to fix the errors found.
It is strongly recommended to activate the full version software with necessary modules. Activate full version now?

HDD Repair creates these errors to fool you into purchasing a 'full' version of HDD Repair software, but since HDD Repair can neither defragment your hard drive nor fix any of the errors that HDD Repair pretends to find, you should avoid doing this.

Being Ready for the Rest of HDD Repair's Fraudulent System Repair

HDD Repair's payload may also involve several attacks that reduce your computer's security. Malicious behavior that SpywareRemove.com malware research team has linked to HDD Repair and other rogue defraggers from the same subgroup contains, but isn't restricted to the following:

  • A reduction of your web browser's security by altering several settings, such as the non-encrypted data submission setting, certificate-monitoring, shortcut displays, signature-checking and risk-categorizing for file types. These attacks can allow HDD Repair's website or Trojans that are related to HDD Repair to install other forms of harmful software onto your PC.
  • Blocked software usage. Although HDD Repair or a related infection may try to stop you from using security or anti-malware programs to delete HDD Repair, SpywareRemove.com malware researchers have found that standard anti-malware strategies can work around this blockade.
  • Browser hijacks that may redirect you to HDD Repair's website or block websites that provide anti-malware advice.

Since HDD Repair may use advanced methods to hide its components, up to and including concealing its memory processes, you should use an anti-malware program of good repute to remove HDD Repair, rather than trying to do so without assistance.

HDD Repair 2HDD Repair 3HDD Repair 4HDD Repair 5HDD Repair 6HDD Repair 9
HDD Repair 8
HDD Repair 9
HDD Repair 10
HDD Repair 11
HDD Repair 12

Technical Details

File System Modifications

Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.

The following files were created in the system:

%temp%\98b91f.exe File name: 98b91f.exe
Size: 355.84 KB (355840 bytes)
MD5: 7877ca6f259873773986748829ee2eb8
Detection count: 82
File type: Executable File
Mime Type: unknown/exe
Path: %temp%
Group: Malware file
Last Updated: December 13, 2010
%ALLUSERSPROFILE%\Application Data\qprTPMqThfCvd.exe File name: qprTPMqThfCvd.exe
Size: 395.26 KB (395264 bytes)
MD5: e551bb8145bec96ca0afe451b64392b5
Detection count: 2
File type: Executable File
Mime Type: unknown/exe
Path: %ALLUSERSPROFILE%\Application Data
Group: Malware file
Last Updated: August 17, 2022
%ALLUSERSPROFILE%\Application Data\P1kAlMiG2Kb7Fz.exe File name: P1kAlMiG2Kb7Fz.exe
Size: 314.88 KB (314880 bytes)
MD5: 1d7c2ce2fd7f3dd54fcb0039b1088c42
Detection count: 0
File type: Executable File
Mime Type: unknown/exe
Path: %ALLUSERSPROFILE%\Application Data
Group: Malware file
Last Updated: August 26, 2011

Registry Modifications

The following newly produced Registry Values are:

File name without pathHDD Repair.lnk