You may have read our article posted earlier today where we told you about a Spotify ad which resulted in people becoming infected by the bogus Windows Recovery software, well now we have put together a simple guide which should help you to become infection free.
Once infected you will see lots of reports suggesting that your computer has major problems, fake messages include critical hard drive failure warnings one of which says “Damaged hard drive clusters detected”, try to ignore these messages and follow the following guide.
Step 1 – Firstly you must shutdown the infected computer, turn it back on and press F8 until you see a list of startup options, here you must choose “Safe Mode with Networking” and press enter, if you are struggling with this step check out our guide.
Step 2 – Now you must download the free apps which allow you to remove the infection, it is easier to do this on a different PC and burn them to disc, however if not you can access the net in Safe Mode with Networking. Here are the apps you will need (click on them to download them). CCleaner, MBAM and rKill.
Step 3 – Firstly run rKill, you may have to right click this and choose “Run as Administrator”, this should cancel any dodgy background processes. Now install CCleaner, this is not vital but it will speed up the process, finally install MBAM.
Step 4 – Run CCleaner, when you open the program you should see a button in the bottom right-hand corner saying “Run Cleaner” this will remove all unnecessary file build up, but please note that it will empty your recycle bin. Once complete open up MBAM and click on the “Update” tab, here you must check for and install any available updates.
Step 5 – Now we will scan for infections, with MBAM open click on the “Scanner” tab, tick the box “Full Scan” option and then click scan, choose your C drive and then the scan will run. The scan may take some time to complete, however once complete some infections should have been found, click “Show Results” and then select all of the infections and click “Remove Selected”, this will require your PC to restart, however upon boot you should notice that Windows Recovery has disappeared.
The process is now complete, however we strongly recommend that you install all available Windows Updates and make sure you have up-to-date antivirus protection.
If you have any problems getting rid of the the Windows Recovery Virus let us know in the comments section below and we will do our best to help you out.
*Identifying Monetised Links - outgoing links that we monetise are marked with an '*' symbol, or (AD). Also, prices and information correct at publish time and date.
