System Recovery virus is must avoid application. It may sound like real computer utility software but the truth is, it is exists as nuisance to system. System Recovery happens to be bad software in disguise. Existence of rogue program such as this signifies that not all dreadful programs are able to restrain by prevalent anti-virus and anti-malware product.
System Recovery is modeled in exquisite graphical user interface to easily betray users. The fact that it mimics the look of legitimate system utility software the more believable it can be to susceptible victims. When it gains trust, very timely that pop-up messages are displayed serving as convincing factor to further trick a target.
Every now and then, System Recovery files redundant memory errors. It also states severe hard drive and system problems in form of fake alerts like the following:
Windows Recovery Diagnostics will scan the system to identify performance problems.
Start or Cancel
Hard drive critical error. Run a system diagnostic utility to check your hard disk drive for errors. Windows can’t find hard disk space. Hard drive error.
An error occurred while reading system files. Run a system diagnostic utility to check your hard disk drive for errors.
As mentioned, these warnings are fake. Extensive display of these alerts soon will be realized as nuisance rather than valid notification. For this reason, there is no reason to obtain the licensed version. Avoid System Recovery by any means.
|OS Affected||Windows XP, Windows Vista, Windows 7|
What are the Symptoms of System Recovery Infection?
In an attempt to further mislead computer users, System Recovery uninterruptedly issue fake alert messages such as these:
Damaged hard drive clusters detected. Private data is at risk.
Hard Drive not found. Missing hard drive.
RAM memory usage is critically high. RAM memory failure.
Windows can’t find hard disk space. Hard drive error
Windows was unable to save all the data for the file \System32\496A8300. The data has been lost. This error may be caused by a failure of your computer hardware.
It will modify Windows Registry and add the following entries:
HKEY_CURRENT_USER\Software\Microsoft\Windows\Current Version\Policies\ActiveDesktop “NoChangingWallPaper” = ‘1’
HKEY_CURRENT_USER\Software\Microsoft\Windows\Current Version\Policies\Explorer “NoDesktop” = ‘1’
HKEY_CURRENT_USER\Software\Microsoft\Windows\Current Version\Policies\System “DisableTaskMgr” = ‘1’
HKEY_CURRENT_USER\Software\Microsoft\Windows\Current Version\Run “(random).exe”
HKEY_CURRENT_USER\Software\Microsoft\Windows\Current Version\Run “(random)”
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Current Version\policies\system “DisableTaskMgr” = ‘1’
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download “CheckExeSignatures” = ‘no’
HKEY_CURRENT_USER\Software\Microsoft\Windows\Current Version\Explorer\Advanced “Hidden” = ‘0’
The threat will drop the following malicious files:
%StartMenu%\Programs\System Recovery\System Recovery.lnk
%StartMenu%\Programs\System Recovery\Uninstall System Recovery.lnk