Windows 7 Restore
Windows 7 Restore is a harmful rogue security application that can cause severe damage to a computer system. This program is a scam that is designed to rob inexperienced computer users of their money. Windows 7 Restore and similar rogue security programs are known as scareware. This is because they are a kind of malicious security program that poses as an authentic anti-virus or computer security application and tries to scare users into thinking their computer is infected or not working properly.
Table of Contents
Windows 7 Restore Clones and Copies
The two main clones of Windows 7 Restore are Windows 7 Repair and Windows 7 Recovery. They are the same program, with the same design and layout. The only difference between the three clones is the name of the rogue security application. The main defining feature of Windows 7 Restore and Windows 7 Restore's clones is that they report system malfunctions and hard drive errors rather than restricting themselves into finding fake viruses and spyware like other rogue security applications.
The Windows 7 Restore Scam
The Windows 7 Restore scam has several steps:
- The user's system is attacked by a Trojan. A Trojan is a program that is used to deliver viruses, spyware, and other dangerous software. It exploits security vulnerabilities to get into a user's system and deliver its payload. The Trojan was probably acquired from an infected website or by downloading an infected file from an unreliable source.
- The Trojan installs Windows 7 Restore. The installation process can be done in several different ways and is usually done through an authentic-looking source such as a fake Windows Automatic Update or in the background. As part of the installation, Windows 7 Restore will alter the registry. This will cause the computer to start up Windows 7 Restore along with Windows, making Windows 7 Restore the first thing a user sees when he/her enters the system.
- Windows 7 Restore will greet the user with an authentic-looking fake system scan. This scan will show an exaggerated amount of hard drive errors. Typical supposed errors found by Windows 7 Restore are bad sectors, delayed read time, and a lack of response from the drive. If any drive containing the number of supposed errors Windows 7 Restore detects, then the machine would not be able to start up at all. These errors will be rated on the right-hand column either "critical" or "warning." The alarmist descriptions, red font, and techno-speak are enough to make most users panic about the state of their hard drive.
- Windows 7 Restore displays a "Fix errors" button. Since the hard drive errors are imaginary, this button does nothing but bring up the "Advanced Module" which, in order to activate, requires the user's credit card information. Needless to say, giving Windows 7 Restore your credit card information is not a good idea.
What to Do if You’ve Been Infected
If you find Windows 7 Restore on your system, use a legitimate anti-virus application to get rid of Windows 7 Restore. Windows 7 Restore can also be removed manually, but inexperienced users should not attempt this. Pay no attention to the hard drive warnings; your hard drive is most certainly fine. If you've already entered your credit card information, call your credit card company to block the charges. Once Windows 7 Restore is removed, run several scans on your system to catch any other spyware that may be lurking about.
File System Details
Detections: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
|1.||%AllUsersProfile%\Application Data\[RANDOM CHARACTERS].dll|
|2.||%AllUsersProfile%\Application Data\[RANDOM CHARACTERS].exe|
|3.||%UserProfile%\Start Menu\Programs\Windows 7 Restore\Uninstall Windows 7 Restore.lnk|
|4.||%UserProfile%\Start Menu\Programs\Windows 7 Restore\Windows 7 Restore.lnk|