Data Recovery DescriptionType: Rogue Defragmenter Program
Data Recovery is a fake defragmenter and system optimization tool. Programs like Data Recovery are known as rogueware and are part of a well-known computer scam. Date Recovery, in particular, belongs to a large family of rogue defragmenter tools that include such programs as PC Recovery and System Recovery. Despite being marketed as legitimate computer optimization applications, ESG security researchers have classified Data Recovery and its clones as malware. Data Recovery belongs to a particular category of malware that many PC security researchers refer to as scareware. Data Recovery receives this name because its main goal is to scare a computer user into paying a specific amount of money. Do not fall for the Data Recovery scam. If your computer system is displaying symptoms of a Data Recovery infection, ESG security researchers recommend using fully-updated anti-virus applications to destroy Data Recovery and any of its associated malware infections.
Data Recovery has a new clone called Smart Data Recovery. The interface for Smart Data Recovery has been updated from Data Recovery's but remains to have virtually the same misleading actions and claims of removing malware from a PC.
Symptoms of a Data Recovery Infection
Data Recovery and Data Recovery's clones cause a number of specific problems on an infected computer system. Like all rogue defragmenters, these problems are meant to confuse and panic an inexperienced computer user. In a panicked state, a computer user is more likely to believe Data Recovery's claims that Data Recovery can fix the very problems Data Recovery is causing in the first place. ESG security researchers recommend being on the lookout for any of the following problems, and to take actions if your computer is displaying any of these symptoms:
- One of the main symptoms of a Data Recovery infection is Data Recovery's main screen, displayed upon start-up. A computer user cannot exit this screen until Data Recovery performs a fake computer scan. The results of this fake scan are always extremely negative. In fact, for experienced computer researchers, these results are laughable, often bordering on the impossible. For example, Data Recovery will often claim that the computer system cannot detect a hard drive, although the very fact that the computer system is working is proof to the contrary. These extremely negative results are not meant to be logical, but are actually meant to scare an inexperienced computer user into buying a useless "full version" of Data Recovery.
- Data Recovery displays a large number of error messages and fake security alerts insisting on the results of its fake scan, often blocking Data Recovery's victim from accessing files on the infected computer system.
- A computer infected with Data Recovery usually becomes extremely slow and unstable, often becoming "stuck" or crashing frequently.
3 security vendors flagged this file as malicious.
Screenshots & Other Imagery
Data Recovery Video
Tip: Turn your sound ON and watch the video in Full Screen mode.
File System Details
|#||File Name||MD5||Detection Count|
|2||%Documents and Settings%\[User Name]\Local Settings\Application Data\[RANDOM CHARACTERS].exe||N/A +|
|3||%Documents and Settings%\[User Name]\Local Settings\Temp\smtmp\3||N/A +|
|4||%Documents and Settings%\[User Name]\Local Settings\Application Data\~||N/A +|
|5||%Documents and Settings%\[User Name]\Start Menu\\Programs\Data Recovery\Uninstall Data Recovery.lnk||N/A +|
|6||%AppData%\Protector-[rnd].exe task||N/A +|
|8||%Documents and Settings%\[User Name]\Local Settings\Temp\smtmp\2||N/A +|
|9||%Documents and Settings%\[User Name]\Local Settings\Application Data\[RANDOM CHARACTERS]||N/A +|
|10||%Documents and Settings%\[User Name]\Start Menu\\Programs\Data Recovery\Data Recovery.lnk||N/A +|
|11||%Documents and Settings%\[User Name]\Local Settings\Temp\smtmp\||N/A +|
|12||%AppData%\Microsoft\Internet Explorer\Quick Launch\Data_Recovery.lnk||N/A +|
|13||%Programs%\Data Recovery\Uninstall Data Recovery.lnk||N/A +|
|14||%Documents and Settings%\[User Name]\Local Settings\Temp\smtmp\1||N/A +|
|15||%Documents and Settings%\[User Name]\Local Settings\Temp\smtmp\4||N/A +|
|16||%Documents and Settings%\[User Name]\Start Menu\\Programs\Data Recovery\||N/A +|
|17||%Documents and Settings%\[User Name]\Desktop\Data Recovery.lnk||N/A +|
|18||%AppData%\Protector-[rnd].exe reg||N/A +|
|19||%Programs%\Data Recovery\Data Recovery.lnk||N/A +|
This article is provided "as is" and to be used for educational information purposes only. By following any instructions on this article, you agree to be bound by the disclaimer. We make no guarantees that this article will help you completely remove the malware threats on your computer. Spyware changes regularly; therefore, it is difficult to fully clean an infected machine through manual means.