File Restore

Threat Scorecard

Ranking: 7,270
Threat Level: 100 % (High)
Infected Computers: 1,121
First Seen: October 16, 2012
Last Seen: September 11, 2023
OS(es) Affected: Windows

File Restore Image

File Restore is a fake hard drive defragmentation tool from the FakeSysDef family, which is not able to repair system errors and other security issues. File Restore is distributed to the infected computer system by using a Trojan infection and invades your PC without your permission and knowledge. File Restore may create an impression of a reliable security program; however, it's a malware application, which only attempts to dupe you into thinking there were numerous registry errors detected on your computer system. Then, File Restore tries to convince you to purchase the bogus application to fix found system problems. Once installed, File Restore generates itself to start automatically every time you turn on your computer. Then, File Restore loads a fictitious scanner and pretends to be looking for computer threats and Windows Registry problems. File Restore creates some imaginary hard drive errors and security issues to scare you that your computer is seriously infected.

Known clones of File Restore include System Defragmenter, Ultra Defragger, HDD Control, Win HDD, Win Defrag, Win Defragmenter, Disk Doctor, Hard Drive Diagnostic, HDD Diagnostic, HDD Plus, HDD Repair, HDD Rescue, Smart HDD, Defragmenter, HDD Tools, Disk Repair, Windows Optimization Center, Scanner, HDD Low, Hdd Fix.

File Restore also displays numerous annoying security warning messages to inform you about hard disk drive errors. After that, File Restore will offer you to buy the imaginary registered license to repair PC problems. Never purchase and believe File Restore because it will destroy your machine and steal money. ESG's malware researchers strongly recommend you to uninstall File Restore immediately upon detection with a recognized and trustworthy anti-malware program.Screenshot

SpyHunter Detects & Remove File Restore

File System Details

File Restore may create the following file(s):
# File Name MD5 Detections
1. DUMP_04E70000-04F69000.exe dae81e01d143caaa70b126dc75971e58 12
2. %CommonAppData%\[RANDOM CHARACTERS_0].exe
3. %CommonAppiData%\[RANDOM CHARACTERS_1].exe
4. %Programs%\File Restore\File Restore.lnk
5. %AppData%\Microsoft\Internet Explorer\Quick Launch\File_Restore.lnk
6. %CommonAppData%\[RANDOM CHARACTERS_1]
7. %Desktopdir%\File_Restore.lnk
8. %Programs%\File Restore\Uninstall File Restore.lnk

Registry Details

File Restore may create the following registry entry or registry entries:
File name without path
File_Restore.lnk
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\DisableTaskMgr 0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\[RANDOM CHARACTERS_0].exe %CommonAppData%\[RANDOM CHARACTERS_0].exe

Messages

The following messages associated with File Restore were found:

Critical Error. Hard drive conroller failure
Critical error. Drive sector not found error
Device initialization failed
Hard drive boot sector reading error
System blocks were not found
Error while relocating TARE sectors
Error 0 – DATA_BUS_ERROR
Error 0×00000078 – INACCESSIBLE_BOOT_DEVICE
Error 0×00000050 – PAGE_FAULT_IN_NONPAGED_AREA
The storage device has failed a self-test
The self-test procedure of the storage device has detected an irreparable errors.
SMART state is "Out of order" before the disk scan
Seek error. Sector not found
System message – Write Fault Error
A write command during the test has failed to complete. This may be due to a media or read/write error. The system generates an exception error when using a reference to an invalid system memory address.
This device cannot find enough free resources that it can use

Trending

Most Viewed

Loading...