Sep 14

Data Recovery rogue of the FakeSysDef Family

Data Recovery is a rogue of the FakeSysDef Family and uses fake analysis generating scareware fake alerts of having hard drive and system errors to scare those infected to buy the rogue.

Data Recovery GUI

These FakeSysDef rogues includes an MBR (Master Boot Record) Rootkit like TDSS,  TDL#, or  Sinowal created to profit from search engine results hijackings even after the user purchases the rogue.

Files and Locations:
%LOCAL_APPDATA%\<Random File Names>.exe

Note: %LOCAL_APPDATA% refers to:
<drive>:\Documents and Settings\<user>\Local Settings\Application Data

For Vista/Win 7 OS’s:

The Data Recovery Rogue can be removed with manually methods, however, as this rogue also includes Master Boot Record Rootkit infections, it is recommend to use our Malware Removaal removal tool, VIPRE Antivirus.

You can download a free trial to remove the rogues of the rogues of the FakeSysDef family from your PC for no cost by clicking on the link below:


If you are unable to download and install our malware removal tool because this has infected your computer and is not allowing you to install the program, you can use our VIPRE Rescue Disc here:


Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>