Data Repair

Data Repair Description

Data Repair is a rogue system optimization tool, which, at first sight, may look like a legitimation security application, but, in truth, it’s a virus program. Data Repair won’t protect and improve your PC. What Data Repair is able to do is cheat you and steal your money. Data Repair can access the targeted computer system via PC software exploits, rootkit techniques and Black Hat Search Engine Optimization. Once Data Repair is active on the infected machine, it imitates a computer scan and creates numerous imaginary hard drive and system errors and computer problems. Data Repair also generates some warning messages that report serious system issues.

You should ignore all notifications shown by Data Repair because all of them are falsified and displayed only in a try to scare your PC is compromised. This tricky method is used in an attempt to persuade you to purchase the “licensed version” of Data Repair to allegedly fix and remove detected errors and issues. Do not trust Data Repair because it’s a useless software program, which may only damage your PC and extort your money. SpywareRemove.com security researchers strongly recommend you to uninstall Data Repair, if infected, immediately after detection.

Data Repair belongs to the FakeSysDef family and has many clones which include Disk Recovery, Memory Optimizer, Rogue.Data Recovery, HDD Control, Fast Disk, Disk Optimizer, Rogue.File Recovery, Ultra Defragger, HDD Fix, Smart Defragmenter, PC Cleaner Pro 2012, Rogue.File Restore, HDD Low, Rogue.File Integrity Checker, Scanner, Rogue.PC Repair, System Restore, HDD Plus, Windows Diagnostic, Memory Fixer, Windows Safemode, Rogue.Windows Error Recovery, Disk OK, WindowsTool, Rogue.Windows Fix, System Defragmenter, Smart HDD, HDD Rescue, Rogue.System Recovery, Windows Recovery, Rogue.Windows XP System Repair, HDD Repair, Win Disk, Disk Repair, HDD Diagnostic, Windows Restore, Windows Disk, Computer Fix, Windows Repair, Windows Recovery Series, Win HDD, Good Memory, Windows XP Repair, HDD Tools, Rogue.System Check, Smart Data Recovery, Windows XP Fix, Windows Scan and Windows Fix Disk.

Data Repair Automatic Detection Tool (Recommended)

Is your PC infected with Data Repair? To safely & quickly detect Data Repair, we highly recommend you run the malware scanner listed below.

Download SpyHunter's* Malware Scanner to detect Data Repair What happens if Data Repair does not let you open SpyHunter or blocks the Internet?

Technical Details

File System Modifications

Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.

The following files were created in the system:

#	File Name
1	%Documents and Settings%\[User Name]\Local Settings\Temp\smtmp\1
2	%Documents and Settings%\[User Name]\Local Settings\Temp\smtmp\2
3	%Documents and Settings%\[User Name]\Local Settings\Temp\smtmp\3
4	%Documents and Settings%\[User Name]\Local Settings\Temp\smtmp\4
5	%Documents and Settings%\[User Name]\Local Settings\Application Data\~
6	%Documents and Settings%\[User Name]\Start Menu\\Programs\Data Repair\
7	%Documents and Settings%\[User Name]\Start Menu\\Programs\Data Repair\Data Repair.lnk
8	%Documents and Settings%\[User Name]\Start Menu\\Programs\Data Repair\Uninstall Data Repair.lnk
9	%Documents and Settings%\[User Name]\Desktop\Data Repair.lnk
10	%Documents and Settings%\[User Name]\Local Settings\Temp\smtmp\
11	%Documents and Settings%\[User Name]\Local Settings\Application Data\[RANDOM CHARACTERS]
12	%Documents and Settings%\[User Name]\Local Settings\Application Data\[RANDOM CHARACTERS].exe

Registry Modifications

Tutorial: To edit and delete registry entries manually, read the tutorial on how to remove malicious registry entries.

Tip & Warning: Editing and removing the wrong registry keys can severely damage your PC, so remember to backup your Windows Registry! To optimize your Windows Registry and speed up your PC, download RegHunter's registry cleaner.

The following newly produced Registry Values are:
HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download "CheckExeSignatures" = 'no'HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main "Use FormSuggest" = 'Yes'HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "Hidden" = '0'HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced “ShowSuperHidden” = ’0?HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\LastVisitedMRU "MRUList"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "CertificateRevocation" = '0'HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "WarnonBadCertRecving" = '0'HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop "NoChangingWallPaper" = '1'HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Associations "LowRiskFileTypes" = '/{hq:/s`s:/ogn:/uyu:/dyd:/c`u:/bnl:/ble:/sdf:/lrh:/iul:/iulm:/fhg:/clq:/kqf:/`wh:/lqf:/lqdf:/lnw:/lq2:/l2t:/v`w:/rbs:'HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments "SaveZoneInformation" = '1'HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer "NoDesktop" = '1'HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System "DisableTaskMgr" = '1'HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "[RANDOM CHARACTERS]"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "[RANDOM CHARACTERS].exe"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system "DisableTaskMgr" = '1'