File Restore
File Restore Description
File Restore is one of many members of Fakesysdef (also known as FakeHDD), a category of similar PC threats that pretend to be file repairers, defragmenters and/or system cleaners. Far from being able to restore your files from any sort of damage, File Restore harms your PC by disabling necessary security features, blocking programs and displaying alerts about fake system damage issues. File Restore can be recognized visually as a clone of other members of FakeSysdef and should be removed with anti-malware software if File Restore is found on any computer. While File Restore recommends spending money on its software to ‘fix’ your PC, SpywareRemove.com malware experts have confirmed that File Restore doesn’t have any features that you’d want to purchase.File Restore and the Security Software Hoax (as Expressed Through Alarmist Pop-Ups)
File Restore and related Fakesysdef scamware programs may superficially look like defragmenters or other system tools, but their defragging scans and other features are nonfunctional except in the ability to deliver fake system information. Members of File Restore’s family, including File Rescue, File Recovery, Hdd Fix, HDD Tools, SMART Repair, PC Repair and others are known for displaying frequent pop-up warnings that describe nonexistent system damage. These ‘problems’ that File Restore detects can range from simple HD formatting errors to severe temperature malfunctions with your hardware.
Between its fake scans and its fake pop-ups, File Restore would like you to spend money on File Restore’s registration just to get your PC functional again – even though none of the problems that File Restore detects are real.
- File Restore may change your desktop to a fake warning message and lock it to that image.
- File Restore may use code injection tactics to conceal some of its files in normal system processes.
- Your browser settings may be attacked in ways that make it vulnerable to malicious content or attempts to steal information.
- Many other programs can be blocked or disabled by File Restore, including Task Manager and other Windows tools.
Restoring Your PC from an Unasked for File Restore Downgrade
Because purchasing File Restore should be considered a plainly self-destructive waste of money, you should disregard any alerts or prompts from File Restore, which SpywareRemove.com malware analysts have verified never to include accurate system information. Anti-malware programs can be used to remove File Restore’s components and any PC threats (such as the ever-prolific Trojan downloaders) that often are complicit in scamware infections. Safe Mode or other safe system boot methods may be used for a safe scanning environment.
However, avoiding File Restore infections in the first place is preferable to knowing how to remove them. Infection vectors like fake updates for media software, hostile sites that use drive-by-download a la Blacole and spammed website links are all potential paths to a File Restore attack. Active anti-malware products should be able to detect such attacks before File Restore can infect your computer.
File Restore Automatic Detection Tool (Recommended)
Is your PC infected with File Restore? To safely & quickly detect File Restore, we highly recommend you run the malware scanner listed below.
Download SpyHunter's* Malware Scanner to detect File Restore
What happens if File Restore does not let you open SpyHunter or blocks the Internet?
Technical Details
File System Modifications
Tutorials: If you wish to learn how to remove malware components manually, you can read
the tutorials on how to find malware,
kill unwanted processes,
remove malicious DLLs and
delete other harmful files. Always be
sure to back up your PC before making any changes.
- The following files were created in the system:
# File Name Detection Count 1 %ALLUSERSPROFILE%\Application Data\[RANDOM CHARACTERS].exe 190 2 %ALLUSERSPROFILE%\ &yb_Zog%.exe 12 3 %Desktopdir%\File_Restore.lnk N/A 4 %AppData%\Microsoft\Internet Explorer\Quick Launch\File_Restore.lnk N/A 5 %Programs%\File Restore\File Restore.lnk N/A 6 %Programs%\File Restore\Uninstall File Restore.lnk N/A 7 %CommonAppData%\[RANDOM CHARACTERS_1] N/A 8 %CommonAppiData%\[RANDOM CHARACTERS_1].exe N/A 9 %CommonAppData%\[RANDOM CHARACTERS_0].exe N/A
Registry Modifications
Tutorial: To edit and delete registry entries manually, read the tutorial on
how to remove malicious registry entries.
Tip & Warning: Editing and removing the wrong registry keys can severely damage your PC, so remember to backup your Windows Registry! To optimize your Windows Registry and speed up your PC, download RegHunter's registry cleaner.
Tip & Warning: Editing and removing the wrong registry keys can severely damage your PC, so remember to backup your Windows Registry! To optimize your Windows Registry and speed up your PC, download RegHunter's registry cleaner.
- The following newly produced Registry Values are:
HKEY..\..\{Value}HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System "DisableTaskMgr" = "0"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\..{RunKeys}HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "[RANDOM_0].exe" = "%CommonAppData%\[RANDOM CHARACTERS_0].exe"
Additional Information
- The following messages's were detected:
# Message 1 Critical error. Drive sector not found error 2 Critical error. Drive sector not found error 3 Critical Error. Hard drive conroller failure 4 Critical Error. Hard drive conroller failure 5 Data error reading drive C:\ 6 Data error reading drive C:\ 7 Device initialization failed 8 Device initialization failed 9 Error 0 – DATA_BUS_ERROR 10 Error 0×00000050 – PAGE_FAULT_IN_NONPAGED_AREA 11 Error 0×00000078 – INACCESSIBLE_BOOT_DEVICE 12 Error while relocating TARE sectors 13 Hard drive boot sector reading error 14 Seek error. Sector not found 15 Seek error. Sector not found 16 SMART state is "Out of order" before the disk scan 17 System blocks were not found 18 System Error. Hard disk failure detected It’s highly recommended to run complete HDD scan to prevent loss of personal files. Scan and repair, Cancel and restart 19 System message – Write Fault Error A write command during the test has failed to complete. This may be due to a media or read/write error. The system generates an exception error when using a reference to an invalid system memory address. 20 The self-test procedure of the storage device has detected an irreparable errors. 21 The storage device has failed a self-test 22 This device cannot find enough free resources that it can use 23 This device cannot find enough free resources that it can use
Posted: October 16, 2012 | By SpywareRemove
MoreThreat Level: 10/10
(13 votes, average: 4.31 out of 5)
Loading ...Rate this article:
Detection Count: 5
