What is the Windows Recovery virus ? & How To Remove it !
his is a guest post by Rajnish Kumar who writes at www.fillsout.blogspot.com. If you also want to contribute guest post on this blog, check out the guidelines now.
Now days no one is scare of computer viruses because most of people are using anti-virus program it can be genuine or pirated security software but there are some situations when we disable our security software by ourself for installing certain cracked softwares or for using keygen or patching any software and that is the time when we give open invitation to viruses like `Windows Recovery Virus` about which I am going to tell you in this article.
How Windows Recovery Virus looks?
Click To Enlarge
Windows Recovery Virus Dignostics Tab
So, What the heck is this “Windows Recovery Virus†?
Windows Recovery is a fake computer analysis and optimization program that displays fake alerts in order to scare you into believing that there is an issue with your computer. Windows Recovery is installed via Trojans that display false error messages and security warnings on the infected computer. These messages will state that there is something wrong with your computer’s hard drive it will say that you HDD has crashed with that it will also delete all the icons/files/folders on your desktop to make you believe that it is saying is correct and then suggests that you download and install a program that can fix the problem. But When you click on of these alerts, Windows Recovery will automatically be downloaded and installed onto your computer bypassing the User Account Control (UAC).
Once installed, Windows Recovery will automatically start with Windows. Once started, it will display numerous error messages when you attempt to launch programs or delete files. Windows Recovery will then prompt you to scan your computer, which will then find a variety of errors that it states it cannot fix until you purchase the program. When you use the so-called defragment tool it will state that it needs to run in Safe Mode and then show a fake Safe Mode background that pretends to defragment your computer. As this program is a scam do not be scared into purchasing the program when you see its alerts.
What problems Windows Recovery Virus can cause ?
- Multiple Warning/Error Pop-ups
- You Will be not able to delete files
- Access denied to many program including Task Manager
- Not able to start any program from start menu shortcut
- Make complete system unresponsive
- Shutdown you Computer when try to run Anti-Virus Scan
- Redirect your browser to affiliate or selling page or fake online scanning pages
What is the best way to remove this virus ?
There are 4 Ways I can Suggest:
1} First and best method according to me is format your system and reinstall the windows so it will remove all the footprints of this virus along with others if any. But Use this option only when you don’t have any important document and software in your primary partition (c:\).
2}Â Manual Removal:
- Press Ctrl+Alt+Del on keyboard to stop process associated to “Windows Recoveryâ€. When Windows Task Manager opens, go to Processes Tab and find and end the following process: (random characters).exe
- You need to update your installed antivirus application to have the latest database.
- Thoroughly scan the computer and any detected threats must be removed. If removal is prohibited, it is best to quarantine the infected item. Manually locating and deleting of malicious files should also be performed. Please see files below that are related to Windows Recovery Virus.
- Registry entries created by Windows Recovery must also be remove from the Windows system. Please refer to below link for entries associated to this virus program. [Click here to download a text file to know how to edit registry and which entries needs to be deleted {Size:4KB}]
- Exit registry editor.
- Get rid of Windows Recovery start-up entry by going to Start > Run, type msconfig on the “Open†dialog box. A windows containing System Configuration Utility will be launched. Go to Startup tab and uncheck the following Start-up item(s): (random characters).exe
- Click Apply and restart the computer.
3}Â Windows Recovery Removal Tool:
In order to completely remove the threat from a computer, it is best to download and run Malwarebytes Anti-Malware. Sometimes, Trojans will block the downloading and installation of MBAM. If this happens, download it from a clean computer and rename the executable file before executing on the infected computer.
4}Â Using Portable SuperAntiSpyware:
To thoroughly clean a computer, it is best to do a separate scan of another security program so that other infected files not detected by anti-virus application can be remove as well. Download and run SuperAntiSpyware Portable Scanner.
What is the Windows Recovery virus ? & How To Remove it !
No comments:
Post a Comment