Title: Windows XP Recovery
Also known as: Windows Vista Recovery, Windows 7 Recovery
Remove Windows XP Recovery
Removal instructions
Severity scale:  (73 / 100)
Windows 7 Recovery is a fake computer optimization program that attacks PC with a help of TDSS rootkit. Additionally, it will start reporting you about various hard drive problems detected and it will do its best while trying to create such impression. First of all, Widows 7 Recovery will say that you must start it in Safe Mode. To trick you, it will display fake Safe Mode and then will hide your files to make it look like there is really something wrong with your hard drive. However, all these problems presented by Windows 7 Recovery, Windows Vista Recovery or Windows XP Recovery are faked by their creators. All these clones will require you to pay for their defragmentation services what means giving your money for hackers. You should ignore all ‘problems’ found by these scams and use automatic removal tool or Spyware Doctor to remove Windows 7 Recovery.
To make you concerned about your machine, Windows Vista Recovery (you will see such name if you have Windows Vista OS running on your computer) will display numerous nagging alerts, such as these written below:
Critical Error Hard Drive not found.
Missing hard drive.
Critical Error!
Windows was unable to save all the data for the file \System32\496A8300. The data has been lost. This error may be caused by a failure of your computer hardware.
Requested registry access is not allowed. Registry defragmentation required
Read time of hard drive clusters less than 500 ms
32% of HDD space is unreadable
Bad sectors on hard drive or damaged file allocation table
GPU RAM temperature is critically high. Urgent RAM memory optimization is required to prevent system crash
Drive C initializing error
Ram Temperature is 83 C. Optimization is required for normal operation.
Hard drive doesn’t respond to system commands
Data Safety Problem. System integrity is at risk.
Registry Error – Critical Error
Windows XP Recovery Diagnostics
Windows detected a hard disk error.
A problem with the hard drive sectors has been detected. It is recommended to download the following sertified software to fix the detected hard drive problems. Do you want to download recommended software?
Fix Disk
Windows Vista Recovery Diagnostics will scan the system to identify performance problems.
Start or Cancel
Windows 7 Recovery attack is followed by certain Registry modifications and files manipulations, which in its turn results in getting your computer badly hacked. It means you will lose control of some essential system options like the Add/Remove Programs, Task Manager as well as using your antivirus software to remove the virus.
As you may have already realized, Windows XP Recovery and all its clones are fake defragmenters that won’t leave you alone until you purchase their ‘licensed’ version. However, that means that your money and credit card details will be given for scammers. You won’t be capable to notice Windows Vista Recovery intrusion because it closely relies on Trojans, so having a reputable anti-spyware seems to be the only good decision. We could recommend using Spyware Doctor licensed version if you want to remove Windows XP Recovery and protect it from unexpected intruders.
Windows XP Recovery snapshot:
Automatic Windows XP Recovery removal:
We might be affiliated with any product we recommend on the site. Full disclosure in our Agreement of Use.
By Downloading any provided Anti-spyware software to remove Windows XP Recovery you agree to our privacy policy and agreement of use.
Malwarebytes Anti Malware
Tested and Confirmed! Malwarebytes Anti Malware removes Windows XP Recovery (2011-05-13 16:15:02)
Tested and Confirmed! STOPzilla removes Windows XP Recovery (2011-05-13 16:15:02)
We are testing Spyware Doctor's efficiency at removing Windows XP Recovery
(2011-05-13 18:52:17)
Windows XP Recovery manual removal:
Kill processes: [random].exe
Delete registry values:HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run " .exe"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run ""
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "CertificateRevocation" = '0'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "WarnonBadCertRecving" = '0'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop "NoChangingWallPaper" = '1'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Associations "LowRiskFileTypes" = '/{hq:/s`s:/ogn:/uyu:/dyd:/c`u:/bnl:/ble:/sdf:/lrh:/iul:/iulm:/fhg:/clq:/kqf:/`wh:/lqf:/lqdf:/lnw:/lq2:/l2t:/v`w:/rbs:'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments "SaveZoneInformation" = '1'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System "DisableTaskMgr" = '1'
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system "DisableTaskMgr" = '1'
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download "CheckExeSignatures" = 'no'
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main "Use FormSuggest" = 'yes'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "Hidden" = '0'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "ShowSuperHidden" = 0'
Unregister DLLs:
[random].dll
Delete files:
%AllUsersProfile%\Application Data\~
%AllUsersProfile%\Application Data\~r
%AllUsersProfile%\Application Data\[random].dll
%AllUsersProfile%\Application Data\[random].exe
%AllUsersProfile%\Application Data\[random].exe
%UserProfile%\Desktop\Windows XP Recovery.lnk
%UserProfile%\Start Menu\Programs\Windows XP Recovery
%UserProfile%\Start Menu\Programs\Windows XP Recovery\Uninstall Windows XP Recovery.lnk
%UserProfile%\Start Menu\Programs\Windows XP Recovery\Windows XP Recovery.lnk
Delete directories:
%AllUsersProfile%\Application Data\[random]
Phone Support to remove Windows XP Recovery
QR code for Windows XP Recovery removal instructions:
QR is short for Quick Response. They can be read quickly by the mobile phones. QR codes can store more data than standard barcodes, including url links, geo coordinates, and text.
The reason we add QR code to the website is that parasites like Windows XP Recovery are really hard to remove on infected computer.
you can quicly scan the QR code with your mobile device and have manual removal instructions to uninstall Windows XP Recovery right in your pocket.
Simply use the QR scanner and read removal instructions from mobile device.
SYMPTOMS OF rogue antispyware INFECTION
Rogue AntiSpyware virus usually imitates the legal anti-spyware software or some essential system components. Typically virus gets inside the computer with a help of trojans, that use security vulnerabilities for that. After getting inside the system, it tries to make it look like your system is infected with the numerous parasites, so it starts ‘scanning’ and finds numerous threats.
All rogue Anti-spyware along with Windows XP Recovery have the same purpose: Get your money by using scare tactics. If you will believe that that fake threats are real and pay them money, you will not get them back even if you will ask to cancel the order in your Bank. All the infections are deceptive and you dont need to purchase their Paid version. You need to remove Rogue virus itself.
Information added: 2011-05-13 16:15:02
Information updated: 2011-05-13 16:15:02
Additional resources:
Attention: If you know know a reputable website reated to security threats, please add a link here: add
url
more resources
|
|
Follow us 
|
Like us 
FORUM:
HELP:
Post Comment: