Disk Recovery is a fake system optimization utility. It belongs to defragger family, that includes such malware as Memory fixer, HDD Low, System Defragmenter and many others. This family of malware advertises system repair tool by simulating system malfunction. Disk Recovery is not different as well, the single difference is the name program is using.
Typically, one starts seeing Disk Recovery popups and alerts after one visits infected websites. These websites might have been harmless, but someone had injected them with malicious advertisements. Once inside, Disk Recovery will insert itself in system startup and start scaring owner by various alerts.
Disk Recovery alerts state same problems as other fake defragmenters : 32% of hard disk is not accessible, GPU and Memory are overheating, system files are corrupted, and registry needs optimization. Some of these problems could not be fixed by software solutions even if they were real. In many cases PC would be unbootable with such problems. However, everything Disk Recovery states is fake and should be ignored. An example of alerts would look like this:
Disk Recovery Activation
Advanced module activation required to fix detected errors and performance issues. Please purchase Advanced Module license to activate this software and enable all features.
Additionally, Disk Recovery is likely to block execution of legitimate programas. The programs, that are started before Disk Recovery executable will work normally, however, other programs will be stopped from launch blaming faulty hard disk:
Windows detected a hard drive problem.
A hard drive error occurred while starting the application.
The good news are that there are no real problem with your hard drive or other hardware overall. You will always be able to recover your files by using UBUNTU CD or other PC. The bad news is that your PC is affected by malware and you should remove it before PC repair becomes too complex to do it yourself.
If you launch Disk Recovery, its scan will start and show about the same errors as in the alerts. They can be ignored. It will refuse to “repair” these errors except if you pay for it or enter registration code. Luckily, the makers of this malware do not change registration code in the creation, so if you enter 0973467457475070215340537432225 in Help and Support, you are likey to stop seeing its nasty alerts.
However, this would not remove Disk Recovery trojans. To fully remove this malware, you have to stop its processes using either task manager or process explorer ( alternate download location: https://www.2-viruses.com/wp-content/uploads/PE/eXplorer.exe ). The malware processes can be easily recognized. Disk Recovery processes are usually 2: one numerical, like 235235, another – from random letters and numbers, like ewoitweuotyw. Killing both these processes will result in Disk Recovery window disappearing.
The next Disk Recover removal step is renaming or deleting the files. Files will be installed in: %AllUsersProfile%\ on Windows Vista or 7 , and in %AllUsersProfile%\Application Data\ for windows XP.
You can access these folders by opening new windows explorer window and entering this path in the status bar. The files might be system or hidden though. In these folders, you can delete majority of files without bigger harm to the system, but it is recommended to just rename them.
Then you should launch regedit, and remove references to the malware executables from the registry. After that, reboot your system and check if Disk Recovery is gone.
The last and most important step is disabling proxy server in your browser and scanning your PC with anti-malware software. I recommend spyhunter, Malwarebytes Anti-Malware and Hitman Pro. Full versions of Spyhunter or Malwarebytes Anti-Malware protect from infections like Disk Recovery in most of the cases.
Comment bellow if you have problems with Disk Recovery uninstall or have questions about our guide.
Automatic Malware removal tools