This is a guest post by Rajnish Kumar who writes at www.fillsout.blogspot.com. If you also want to contribute guest post on this blog, check out the guidelines now.
Now days no one is scare of computer viruses because most of people are using anti-virus program it can be genuine or pirated security software but there are some situations when we disable our security software by ourself for installing certain cracked softwares or for using keygen or patching any software and that is the time when we give open invitation to viruses like `Windows Recovery Virus` about which I am going to tell you in this article.
How Windows Recovery Virus looks?
Click To Enlarge
Windows Recovery Virus Dignostics Tab
So, What the heck is this “Windows Recovery Virus” ?
Windows Recovery is a fake computer analysis and optimization program that displays fake alerts in order to scare you into believing that there is an issue with your computer. Windows Recovery is installed via Trojans that display false error messages and security warnings on the infected computer. These messages will state that there is something wrong with your computer’s hard drive it will say that you HDD has crashed with that it will also delete all the icons/files/folders on your desktop to make you believe that it is saying is correct and then suggests that you download and install a program that can fix the problem. But When you click on of these alerts, Windows Recovery will automatically be downloaded and installed onto your computer bypassing the User Account Control (UAC).
Once installed, Windows Recovery will automatically start with Windows. Once started, it will display numerous error messages when you attempt to launch programs or delete files. Windows Recovery will then prompt you to scan your computer, which will then find a variety of errors that it states it cannot fix until you purchase the program. When you use the so-called defragment tool it will state that it needs to run in Safe Mode and then show a fake Safe Mode background that pretends to defragment your computer. As this program is a scam do not be scared into purchasing the program when you see its alerts.
What problems Windows Recovery Virus can cause ?
- Multiple Warning/Error Pop-ups
- You Will be not able to delete files
- Access denied to many program including Task Manager
- Not able to start any program from start menu shortcut
- Make complete system unresponsive
- Shutdown you Computer when try to run Anti-Virus Scan
- Redirect your browser to affiliate or selling page or fake online scanning pages
What is the best way to remove this virus ?
There are 4 Ways I can Suggest:
1} First and best method according to me is format your system and reinstall the windows so it will remove all the footprints of this virus along with others if any. But Use this option only when you don’t have any important document and software in your primary partition (c:\).
2} Manual Removal:
- Press Ctrl+Alt+Del on keyboard to stop process associated to “Windows Recovery”. When Windows Task Manager opens, go to Processes Tab and find and end the following process: (random characters).exe
- You need to update your installed antivirus application to have the latest database.
- Thoroughly scan the computer and any detected threats must be removed. If removal is prohibited, it is best to quarantine the infected item. Manually locating and deleting of malicious files should also be performed. Please see files below that are related to Windows Recovery Virus.
- Registry entries created by Windows Recovery must also be remove from the Windows system. Please refer to below link for entries associated to this virus program. [Click here to download a text file to know how to edit registry and which entries needs to be deleted {Size:4KB}]
- Exit registry editor.
- Get rid of Windows Recovery start-up entry by going to Start > Run, type msconfig on the “Open” dialog box. A windows containing System Configuration Utility will be launched. Go to Startup tab and uncheck the following Start-up item(s): (random characters).exe
- Click Apply and restart the computer.
3} Windows Recovery Removal Tool:
In order to completely remove the threat from a computer, it is best to download and run Malwarebytes Anti-Malware. Sometimes, Trojans will block the downloading and installation of MBAM. If this happens, download it from a clean computer and rename the executable file before executing on the infected computer.
4} Using Portable SuperAntiSpyware:
To thoroughly clean a computer, it is best to do a separate scan of another security program so that other infected files not detected by anti-virus application can be remove as well. Download and run SuperAntiSpyware Portable Scanner.
I think this is a real great post.Really thank you! Keep writing.
Nice Post. It’s really a very good article. I noticed all your important points. Thanks.
Thank you for your blog.Really thank you! Awesome.
This actually answered my problem, thanks!
Very clear website , thanks for this post.
Howdy, I was browsing the web and I came across your site. Keep up the excellent work.
omg went through many sites but still couldn’t find an article that will answer my questions. glad i found your site. thank you very much. if you need me to update this info, i would like to share with you, just email me.
Very good suggestions, you just gained a brand new reader. Do you have any feedback on your most recent post though?
Attractive section of content. I just stumbled upon your weblog and in accession capital to assert that I get in fact enjoyed account your blog posts. Any way I’ll be subscribing to your feeds and even I achievement you access consistently quickly.
I was suggested this website by my cousin. I’m not sure whether this article is written by him as no one else know such detailed about my problem. You are incredible! Many thanks, Luigi Fulk
I’ll immediately grab your rss as I can’t find your email subscription link or e-newsletter service. Do you have any? Kindly let me know so that I could subscribe. Thanks.
Top most sidebar widget is a complete solution for the readers who are interested in getting RSS or Email updates, so just check it out again atleast once and hope you will find the same.
And yeah thanks for subscribing )):
brilliantly insightful post. If only it was as simple to implement some of the solutions as it was to read and nod my head at each of your points
This is exactly what I’ve been looking for all the time. Don’t stop updating this web site.
Hello, I absolutely dig your editor, and has the information, I am sure will tweet it. I have to say you do a special study is trully remarkable. No one knows, more research, now days? Bravo .. Another suggestion to you is that you canget for your global audience some of the translation! !
Thank you so much for this information. It is really quite frustrating sometimes on how to handle and how to delete files that unknowingly entered in my system.
Thank you so much for this post. It is really quite frustrating sometimes on how to manage and <a href=”http://longpathtool.com/”>how to delete file</a>
Thanks for such a nice blog post….i was searching for something like that.
nice article bro…
Great article! Before I found this I hadn’t even heard about the windows recovery virus.
humm..nice from onwards we can recover the data safely without any viruses..
Microsoft needs to be more secure..
Well said !!
I think so but it’s really a tough job for any online firm,
either it is for Microsoft or for Google.Inc
Current information on anti-virus system in the windows! Stalknulsya himself a huge challenge to clean your computer, now have an idea how to get rid of viruses.
This looks like the mac defender malware that infected lots of Mac users few weeks back. Most probably, by the same author also. The only solution is to never trust anyone on the Internet and not download software that you’re not 100% sure of.
Very nice information shared by you. I was just searching this type of information and luckily I got it from your blog.
I like your blog also. Keep it up.
Its a very good article..thanks
hey … great article , thanks for sharing this information with us , you are the best.
Win more for less on eBay by having goSnipe place your bid in the final seconds of the auction. Don’t bid… goSnipe!
I’m happy to Robinsh. Just seeing you with your shades is very inspiring.
I got this bogus anti-virus couple time and it is really annoying. Thanks for the information about how to remove it.
nice from onwards we can recover the data safely without any viruses.
Good stuff Robinsh! I look forward to your next article!
Happy to know that you are liking this article but credit goes to aur co-author Mr.Rajnish who writes at fillsout and a well known freelancer …………