Windows XP Restore

Windows XP Restore Description

Type: Rogue AntiSpyware Programs

ScreenshotWindows XP Restore is a malicious piece of software that belongs to the FakeSysDef family and knows how to become entrenched quickly in a user's system. Compared to other spyware applications, Windows XP Restore is actually quite a bit harder to dig out once Windows XP Restore has established itself in a computer. Like many other rogue anti-spyware programs, Windows XP Restore is designed to enter a computer, cause any number of problems, and then prompt the user to enter his credit card information to fix the very problems Windows XP Restore caused. Giving Windows XP Restore your credit card information is not a good idea, and does nothing to fix the problem. Windows XP Restore has two counterparts corresponding to other operating systems, Windows Vista Restore and Windows 7 Restore.

There are numerous clones of Windows XP Restore and its counterparts. These clones include System Defragmenter, Ultra Defragger, HDD Control, Win HDD, Win Defrag, Win Defragmenter, Disk Doctor, Hard Drive Diagnostic, HDD Diagnostic, HDD Plus, HDD Repair, HDD Rescue, Smart HDD, Defragmenter, HDD Tools, Disk Repair, Windows Optimization Center, Scanner, HDD Low, Hdd Fix.

How Does Windows XP Restore Damage Your Computer?

One can use an analogy to understand rogue anti-spyware applications like Windows XP Restore. This rogue security program is similar to a criminal that sets a house on fire and then, claiming to be a fireman, makes the people in the house pay for him to put out the very fire he set. Similarly, Windows XP Restore enters a computer, and due to Windows XP Restore's malicious scripts, makes it run slower, gradually decreasing performance. Then, during start-up, Windows XP Restore will tell the user that the computer is running slowly, because there are several fragmentation errors that need to be fixed. Masquerading as a legitimate defragmenting utility, Windows XP Restore will tell the user that to fix those problems the user will have to enter his credit card information. In fact, this is worse than extortion, because Windows XP Restore will not return a user's computer back to normal, but simply run away with the credit card information, and leave the computer completely infected. Because of this, do not give Windows XP Restore your credit card information and if you have, call your credit card company and block the charges.

Can You Use Your Computer Normally if It is Infected by Windows XP Restore?

Windows XP Restore will use a Trojan to block access to any legitimate anti-malware applications Windows XP Restore finds on a user's hard drive. Windows XP Restore will also blo's Trojanck certain programs, like the Task Manager. However, if you try to open a specific program repeatedly, most of the time Windows XP Restore will open normally after a couple of tries. Remember this when trying to remove Windows XP Restore manually. It is also important to note that the Trojan that installed Windows XP Restore may alter your browser's settings. Since having spyware like Windows XP Restore on your system is an important security risk, it is recommended to avoid accessing sensitive information or entering personal details into your web browser or applications, until you are sure that Windows XP Restore and the Trojan associated with it are completely removed. Windows XP Restore can make your computer more vulnerable to other infections, and can also relay your browsing habits and personal information to a third party.

What Can You Do to Protect Yourself?

Use common sense when browsing, Windows XP Restore probably got on your computer through a Trojan downloaded inadvertently from a suspicious website.

- Avoid downloading anything from adult websites or file sharing networks.

- Don't click on banner advertisements or pop-up windows in general, especially in suspicious websites.

- Don't fall for online "free computer scans". Use a legitimate application to scan your computer instead.ScreenshotScreenshotScreenshotScreenshotScreenshotScreenshotScreenshotScreenshotScreenshotScreenshot

Technical Information

Screenshots & Other Imagery

SpyHunter Detects & Remove Windows XP Restore

File System Details

Windows XP Restore creates the following file(s):
# File Name MD5 Detection Count
1 SwPGvtLdJxoV.exe dd6662e2de3534c4312239a95d258fee 2
2 14606116.exe dfaaafe446919c82c96761deeb27277e 1
4 %TempDir%\dfrg N/A
5 %Programs%\Windows XP Restore\Windows XP Restore.lnk N/A
6 %TempDir%\dfrgr N/A
7 %Programs%\Windows XP Restore N/A
9 %Desktop%\Windows XP Restore.lnk N/A

Registry Details

Windows XP Restore creates the following registry entry or registry entries:
Registry key
HKCU\Software\Microsoft\Windows\CurrentVersion\Run "[RANDOM CHARACTERS].exe"
HKCU\Software\Microsoft\Windows\CurrentVersion\Run "[RANDOM CHARACTERS]"

More Details on Windows XP Restore

The following messages associated with Windows XP Restore were found:
Critical Error
A critical error has occurred while indexing data stored on hard drive. System restart required.
Critical Error
Hard Drive not found. Missing hard drive.
Critical Error
RAM memory usage is critically high. RAM memory failure.
Critical Error
Windows can't find hard disk space. Hard drive error.
Critical Error!
Damaged hard drive clusters detected. Private data is at risk.
Critical Error!
Windows was unable to save all the data for the file System32496A8300. The data has been lost. This error may be caused by a failure of your computer hardware.
System Restore
The system has been restored after a critical error. Data integrity and hard drive integrity verification required.

Site Disclaimer is not associated, affiliated, sponsored or owned by the malware creators or distributors mentioned on this article. This article should NOT be mistaken or confused in being associated in any way with the promotion or endorsement of malware. Our intent is to provide information that will educate computer users on how to detect, and ultimately remove, malware from their computer with the help of SpyHunter and/or manual removal instructions provided on this article.

This article is provided "as is" and to be used for educational information purposes only. By following any instructions on this article, you agree to be bound by the disclaimer. We make no guarantees that this article will help you completely remove the malware threats on your computer. Spyware changes regularly; therefore, it is difficult to fully clean an infected machine through manual means.