Smart Data Recovery Description
While a legitimate program named Smart Data Recovery exists, ESG security researchers have issued a warning about one of the many members of the FakeSysDef family of rogue defragmenters that goes by the same name. They are fairly easy to differentiate; while the Smart Data Recovery data recovery application helps computer users recover information from their hard drives, the Smart Data Recovery rogue defragmenter will enter a computer system without a computer user's authorization and cause all kinds of problems.
The main problem with Smart Data Recovery is the fact that this application does not have any real system optimization or disk repair capabilities. Smart Data Recovery is a kind of malware known as a rogue defragmenter. These are fake security programs that attempt to scare the victim into believing that their computer system is severely damaged in order to convince the victim to purchase a useless bogus system optimization product. While the Smart Data Recovery data recovery program behaves normally, the Smart Data Recovery rogue defragmenter displays constant pop-up notifications, alarming error messages and causes browser redirects.
The Smart Data Recovery Rogue Defragmenter Belongs to the FakeSysdef Family of Malware
The FakeSysdef family of rogue defragmenters is quite large and is on the loose for a long time. Examples of clones of Smart Data Recovery that also belong to the FakeSysdef family of malware include such fake defragmenters as Smart HDD, Data Restore, Windows Diagnostic and Disk Optimizer. All of these applications have no way of fixing your hard drive or file system. Rather, they are designed to alarm computer users. Because of this, PC security researchers often refer to these kinds of infections as scareware.
The Smart Data Recovery scam is not complicated. Smart Data Recovery will attempt to scare the victim with a large number of error messages. Smart Data Recovery has also been known to change the infected computer system's desktop image into another alarming error message (often similar to the Windows "Blue Screen of Death"), causing browser redirects, and disabling Windows components that are helpful in dealing with malware, such as the Windows Task Manager or System Restore. If your computer system is infected with Smart Data Recovery, you will find that you cannot remove this bogus defragmenter through normal means. To get rid of Smart Data Recovery it is necessary to use a reliable anti-malware program.
Type: Rogue AntiSpyware Programs
Infected with Smart Data Recovery? Scan Your PC for FreeDownload SpyHunter’s Spyware Scanner
to Detect Smart Data Recovery
Security Doesn't Let You Download SpyHunter or Access the Internet?
Solutions: Your computer may have malware hiding in memory that prevents any program, including SpyHunter, from executing on your computer. Follow to download SpyHunter and gain access to the Internet:
- Use an alternative browser. Malware may disable your browser. If you're using IE, for example, and having problems downloading SpyHunter, you should open Firefox, Chrome or Safari browser instead.
- Use a removable media. Download SpyHunter on another clean computer, burn it to a USB flash drive, DVD/CD, or any preferred removable media, then install it on your infected computer and run SpyHunter's malware scanner.
- Start Windows in Safe Mode. If you can not access your Window's desktop, reboot your computer in 'Safe Mode with Networking' and install SpyHunter in Safe Mode.
- IE Users: Disable proxy server for Internet Explorer to browse the web with Internet Explorer or update your anti-spyware program. Malware modifies your Windows settings to use a proxy server to prevent you from browsing the web with IE.
If you still can't install SpyHunter? View other possible causes of installation issues.
Smart Data Recovery Technical Report
As new Smart Data Recovery details are reported by our customers and findings from our Threat Research Center, we will update this section.
Screenshots & Other Imagery
How to Remove Smart Data Recovery Rogue AntiSpyware Program VideoTip: Turn your sound ON and watch the video in Full Screen mode to fully experience how Smart Data Recovery infects a computer.
Fake message for Smart Data Recovery:
The following fake error message(s) appears for Smart Data Recovery:
|Smart Data Recovery
Smart Data Recovery Firewall Alert
Smart Data Recovery has prevented a program from accessing the internet.
"iexplore.exe" is infected "Trojan-Dropper.Win32.Agent". This worm has to tried to use "iexplore.exe" to connect to remove host and send your credit card information.
|Smart Data Recovery Warning
Spyware.IEMonster activity detected. This form of spyware attempts to steal passwords from Internet Explorer, Mozilla Firefox, Outlook and other commonly used programs. Click here to immediately remove it with Smart Data Recovery.
|Hard Drive Boot Sector Reading Error
During I/O system initialization, the boot device driver might have failed to initialize the boot device. File system initialization might have failed because it did not recognize the data on boot device.
|System blocks were not found
This is most likely occurred because of hard disk failure.
This may also lead to a potential loss of data.
Damaged hard drive clusters detected. Private data is at risk.
RAM memory usage is critically high. RAM memory failure.
'How Smart Data Recovery Infects Your Computer' Video
Tip: Turn your sound ON and watch the video in Full Screen mode to fully experience how Smart Data Recovery infects a computer. The video contains clickable buttons.
Smart Data Recovery has typically the following processes in memory:
Smart Data Recovery creates the following files in the system:
|%Documents and Settings%\[User_Name]\Desktop\Smart HDD.lnk|
|%Documents and Settings%\[User_Name]\Start Menu\Programs\Smart HDD|
|%Documents and Settings%\[User_Name]\Start Menu\Programs\Smart HDD\Uninstall Smart HDD.lnk|
|%UserProfile%\Desktop\Smart Data Recovery.lnk|
Smart Data Recovery creates the following registry entries:
|HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "[RANDOM CHARACTERS].exe"|
|HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "[RANDOM CHARACTERS]"|