Contributed by: Daniel Stoyanov
Date: September 7, 2011
Computer fraud is becoming more and more common tool of misleading unsuspecting PC users. Fake analysis applications are used by hackers to deceive victims into thinking the fraudulent program will help them improve the performance of the machines. System Recovery is another tool that imitates legitimate analysis software but, in fact, is aimed only at making unaware users pay for its fake services.
This rogue, which is a member of the FakeSysDef Family, application uses malicious techniques to succeed in its plan. The intruder uses an MBR (Master Boot Record) Rootkit like TDSS, TDL#, or Sinowal and this is common for this kind of viruses. These rootkits were created only to hijack search engine results and use the gathered information for personal profit.What is even more striking is that even if the rogueware is purchased, the attacker continues taking unfair advantage of search results.
Once the application penetrates into the machine, it creates files which usually have the title .exe and are created in the %LOCAL_APPDATA% location. Depending on the OS the computer uses, the files are created in the following locations:
For Windows XP: :\Documents and Settings\\Local Settings\Application Data
No matter what scary alerts does this application display, they will always lead the user to the point of trying to persuading him into buying the full version of the software. Paying for the unreliable services of the program will not solve any problems with your computer. This application is only a creation of scammers made to convince people to transfer money to their bank accounts without providing real services in return.
To ensure the safety of your system, you have to remove the malicious software as soon as possible. You also have to make sure that you use reliable and effective anti-spyware software, which detects any real threats and provides accurate security scan results. Furthermore, it is recommended that you keep your antivirus program up-to-date.