Data Restore Description
Data Restore, much like its clones Data Recovery and Data Repair, is a fake defragmenter. This malware infection is advertised as a system optimization tool, designed to defragment your hard disk, increase your computer's speed and performance and fix any system errors. However, Data Restore does the opposite of what Data Restore advertises. Instead of defragmenting your hard disk, Data Restore will actually fill it with malicious files, Trojans and scripts; instead of improving your computer's speed and performance, Data Restore causes an infected computer to run slowly, sluggishly and crash frequently; and instead of fixing system errors, Data Restore is designed to pester a user with constant fake system error messages, until a useless '"full version'" of Data Restore is purchased. Data Restore belongs to a category of malware known as rogue security applications, a long-running computer scam with an important presence on the Web. If you have fallen for the scam, and installed Data Restore on your computer system, ESG security researchers recommend removing Data Restore with a real security program that is fully up to date.
Problems and Symptoms Associated with Data Restore
The most obvious symptom of a Data Restore is the presence of constant, alarming error messages from your computer system and from Data Restore itself. These error messages will try to convince you that there is something severely wrong with your computer, ranging from the plausible (there are some disk errors on your hard drive) to the impossible (such as being unable to detect your C: drive, despite your operating system and Data Restore itself being located on this device). Clicking on any of these error messages or on the fix errors button on the Data Restore main interface, takes the victim to a page for entering one's credit card number. Data Restore claims that only its 'full version' can fix all of these nonexistent problems on the victim's computer. Despite its claims to speed up your computer system, a Data Restore infection actually slows down your computer tremendously. Data Restore consumes system resources and runs continually in the background. It is also not programmed very efficiently. Even worse, Data Restore does not play well with many Windows services and common applications. This means that a computer infected with Data Restore will crash frequently. However, this is actually advantageous to Data Restore since it reinforces the illusion that the victim's computer has a severe problem. The problem, in fact, is Data Restore itself.
Technical Information
Screenshots & Other Imagery
Data Restore Video
File System Details
| # | File Name | Size | MD5 | Detection Count |
|---|---|---|---|---|
| 1 | %USERPROFILE%\Mis documentos\Keygen de Win RaR 3.90 - 3.92 - 3.93 beta 3.exe | 223,744 | e03c57e497bd2e11136206f607c15c8c | 283 |
| 2 | %USERPROFILE%\My Documents\Downloads\VideoConverterSetup.exe | 546,304 | 9b0269781c9d357c00e3c668173a3fab | 35 |
| 3 | K:\Server Documenten\ConvertXToDVD\video_converter_setup.exe | 404,992 | f8c14ab127e63b475aa6a7d9d4200e1f | 22 |
| 4 | %USERPROFILE%\Desktop\ComboFix.exe | 4,240,182 | cc53e636516250d1de09f2d79d371170 | 4 |
| 5 | %LocalAppData%\[RANDOM CHARACTERS].exe | N/A | ||
| 6 | %Temp%\smtmp\2 | N/A | ||
| 7 | %LocalAppData%\[RANDOM CHARACTERS] | N/A | ||
| 8 | %StartMenu%\Programs\Data Restore\Uninstall Data Restore.lnk | N/A | ||
| 9 | %Temp%\smtmp\1 | N/A | ||
| 10 | %Temp%\smtmp\4 | N/A | ||
| 11 | %StartMenu%\Programs\Data Restore\Data Restore.lnk | N/A | ||
| 12 | %Temp%\smtmp\3 | N/A | ||
| 13 | %Temp%\smtmp\ | N/A | ||
| 14 | %StartMenu%\Programs\Data Restore\ | N/A | ||
| 15 | %UserProfile%\Desktop\Data Restore.lnk | N/A | ||
| 16 | %ALLUSERSPROFILE%\Application Data\ENtNsKwGvJhK.exe | 468,992 | 308771f50c0ad12aee141ad369244b8d | 0 |
Registry Details
More Details on Data Restore
| Activation Reminder Data Restore Activation Advanced module activation required to fix detected errors and performance issues. Please purchase Advanced Module license to activate this software and enable all features. |
| Critical Error! A critical error has occurred while indexing data stored on hard drive. System restart required. |
| Critical Error! Damaged hard drive clusters detected. Private data is at risk. |
| Critical Error! Hard Drive not found. Missing hard drive. |
| Critical Error! HDD clusters are partly damaged. Segment load failure |
| Critical Error! RAM memory usage is critically high. RAM memory failure. |
| Critical Error! Windows can’t find hard disk space. Hard drive error |
| Critical Error! Windows OS can’t detect a free hard disk space. HDD error |
| Critical Error! Windows was unable to save all the data for the file \System32\496A8300. The data has been lost. This error may be caused by a failure of your computer hardware. |
| Critical Hard Disk Drive Error Data Restore detected a bad sector on your hard disk drive. This error may cause the following problems: - Data corruption and loss - Hard drive inaccessibility - System errors and failures |
| Data Restore Diagnostics Windows detected a hard disk error. A problem with the hard drive sectors has been detected. It is recommended to download the following sertified software to fix the detected hard drive problems. Do you want to download recommended software? |
| Fix Disk Data Restore Diagnostics will scan the system to identify performance problems. Start or Cancel |
| Hard Drive Failure The system has detected a problem with one or more installed IDE/SATA hard disks. It is recommended that you restart the system. |
| Low Disk Space You are running very low disk space on Local Disk (C:). |
| System Error An error occurred while reading system files. Run a system diagnostic utility to check your hard disk drive for errors. |
| System Restore The system has been restored after a critical error. Data integrity and hard drive integrity verification required. |
| Windows - Delayed Write Failed Failed to save all the components for the file \System32\00004823. The file is corrupted or unreadable. This error may be caused by a PC hardware problem. |
| Windows detected a hard disk problem A potential disk failure may cause loss of files, applications and documents store on the hard disk. It's highly recommended to scan and solve HDD problems before continue using this PC. |
| Windows detected a hard disk problem A potential disk failure may cause loss of files, applications and documents stored on the hard disk. Please try not to use this computer until the hard disk is fixed or replaced. |
| Windows – No Disk Exception Processing Message 0×0000013 |
Site Disclaimer
This article is provided "as is" and to be used for educational information purposes only. By following any instructions on this article, you agree to be bound by the disclaimer. We make no guarantees that this article will help you completely remove the malware threats on your computer. Spyware changes regularly; therefore, it is difficult to fully clean an infected machine through manual means.
