Click on screenshot to zoom
Danger level 9
Type: Rogue Anti-Spyware
Common infection symptoms:
  • Installs itself without permissions
  • Connects to the internet without permission
  • Slow internet connection
  • Annoying Pop-up's
  • Slow Computer
Other mutations known as:

Fake System Restore

There are many fake system optimization tools out there claiming to keep your performing optimally but who are really only after your money, and Fake System Restore rogue defragmenter is no exception. This rogue was developed to completely mimic the real workings of a defragger, and derives from the same family of rogues as Windows Diagnostic and Windows Repair.

Fake System Restore is promoted via fake online malware scanners and seditious browser hijackers. These browser hijackers forcefully redirect the users’ browsing and search sessions to their compromised landing pages, where they make use of established drive-by download tactics to deliver the Fake System Restore infection into its host PCs. This rogue’s infiltration is done so surreptitiously that the user will remain completely unaware of its presence until Fake System Restore starts its attack.

This will usually be heralded by the user receiving immeasurable fake system alerts in the form of annoying popup messages. These bogus notification messages are falsely generated by Fake System Restore in an attempt to wrongly convince the user that his system is either compromised or not operating optimally. The rogue will also initiate unwarranted system scans and report on various fake errors crippling the system. Some of the more popular fake alerts to be on the lookout for include the following:

System Restore Diagnostics
Windows detected a hard disk error.
A problem with the hard drive sectors has been detected. It is recommended to download the following certified software to fix the detected hard drive problems. Do you want to download recommended software?

System Error
An error occurred while reading system files. Run a system diagnostic utility to check your hard disk drive for errors.

Hard Drive Failure
The system has detected a problem with one or more installed IDE - SATA hard disks. It is recommended that you restart the system.

Never act on any alert presented by Fake System Restore, as this type of user interaction will only make it easier for Fake System Restore to rip you off. Accept all correspondence received from this rogue as extremely suspect and never believe anything it has to say. Fake System Restore uses genuine looking Microsoft interfaces and logos in a further attempt to trick the user into thinking it is legitimate.

Symptoms associated with the Fake System Restore rogue include hijacked Internet browsers, creating backdoor access to the system for other malware and making it very difficult to successfully get rid of Fake System Restore.

In order to manually remove Fake System Restore, you will need to kill all its processes beforehand. However if you would like to download a security tool which will destroy Fake System Restore for good but cannot access the Internet, reboot the PC in Safe Mode with Networking mode. This will allow you to connect to the web and install an application which will not only obliterate Fake System Restore but also protect your system against similar future attacks.

Download Spyware Removal Tool to Remove* Fake System Restore
  • Quick & tested solution for Fake System Restore removal.
  • 100% Free Scan for Windows
disclaimer

How to manually remove Fake System Restore

Files associated with Fake System Restore infection:

%Programs%\System Restore\System Restore.lnk
%Programs%\System Restore
%Desktop%\System Restore.lnk
%Temp%\dfrgr
%Temp%\dfrg
%Temp%\[random].exe
%Temp%\[random]

Fake System Restore processes to kill:

%Temp%\[random].exe

Remove Fake System Restore registry entries:

HKCU\Software\Microsoft\Windows\CurrentVersion\Run “[random]”
HKCU\Software\Microsoft\Windows\CurrentVersion\Run “[random].exe”
Disclaimer

Post comment — WE NEED YOUR OPINION!

Comment:
Name:
Please enter security code:
This is a captcha-picture. It is used to prevent mass-access by robots.