Home Malware Programs Rogue Defragmenter Programs Windows Error Recovery

Windows Error Recovery

Posted: September 26, 2011

Threat Metric

Threat Level: 8/10
Infected PCs: 16
First Seen: September 26, 2011
Last Seen: November 14, 2021
OS(es) Affected: Windows

Although the normal Windows Error Recovery screen is a feature of Windows, SpywareRemove.com malware research team has also noted a recent spate of fake Windows Error Recovery attacks that have occurred on Windows Vista computers. A PC that's been infected by this form of Windows Error Recovery will stay on Windows Error Recovery's fake error recovery screen no matter what options the computer user selects and will even redirect back towards this screen if you try to use Safe Mode. Advanced methods of circumventing Windows Error Recovery's system lock, such as usage of the Command Prompt or restoring to a previous system configuration, may be necessary. Once you've done this, SpywareRemove.com malware researchers recommend that you use the best anti-malware program that's available to delete Windows Error Recovery, since improper deletion of Windows Error Recovery can cause other harm to Windows and may even fail to get rid of all of Windows Error Recovery's components.

The Fake Windows Error Recovery That Looks Just Real Enough to You.. Until You Try to Use It!

Unlike typical Trojans that lock a computer's operating system to demand a ransom (such as Trojan.Ransomgerpo, Trojan-Ransom.Win32.Chameleon.mw, Windows заблокирован! Ransomware or Trojan.Ransomlock.H), Windows Error Recovery doesn't ask for anything from you after it infects your PC. In fact, all Windows Error Recovery does is the 'locking' part of a traditional system-lock ransom, by preventing you from using Windows or your programs, until you've found a way around Windows Error Recovery's system freeze.

Windows Error Recovery looks similar to a normal Windows error recovery screen and contains two options: 'Launch startup repair' and 'Launch Windows normally.' The first option will cause a short screen blink before you're returned to the same screen, while the latter option will reboot your PC... and, of course, take you right back to Windows Error Recovery again.

Although the total lockout that Windows Error Recovery places on Windows can be frustrating, the appropriate use of anti-malware techniques and application can help you to recover your PC from a Windows Error Recovery attack and SpywareRemove.com malware experts advise you to avoid panicking if you're in such a situation.

Even Safe Mode Isn't Safe from Windows Error Recovery

In most cases, SpywareRemove.com malware researchers would recommend that you use Safe Mode to avoid Windows Error Recovery. However, Windows Error Recovery has displayed advanced rootkit-like traits that allow Windows Error Recovery to reboot your computer even if you try to use Safe Mode! Nonetheless, a similar option is available to help you get rid of Windows Error Recovery.

While your PC reboots, press F8, until you see the Advanced boot menu display. Instead of selecting Safe Mode, select the 'Last Known Good Configuration.' Another method of disabling Windows Error Recovery is to access the Command Prompt, which Windows Error Recovery typically does not bother to block. Either method will allow you to access appropriate system tools and anti-malware programs to defeat a Windows Error Recovery infection and melt that freeze on Windows.

Windows Error Recovery belongs to a big family of rogue security programs, the FakeSysDef family. Windows Error Recovery family members include System Defragmenter, Ultra Defragger, HDD Control, Win HDD, Win Defrag, Win Defragmenter, Disk Doctor, Hard Drive Diagnostic, HDD Diagnostic, HDD Plus, HDD Repair, HDD Rescue, Smart HDD, Defragmenter, HDD Tools, Disk Repair, Windows Optimization Center, Scanner, HDD Low and Hdd Fix.

Technical Details

File System Modifications

Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.

The following files were created in the system:



%Documents and Settings%\[User Name]\Start Menu\Programs\Windows Error Recovery\Uninstall Windows Error Recovery.lnk File name: %Documents and Settings%\[User Name]\Start Menu\Programs\Windows Error Recovery\Uninstall Windows Error Recovery.lnk
File type: Shortcut
Mime Type: unknown/lnk
Group: Malware file
%Documents and Settings%\[User Name]\Desktop\Windows Error Recovery.lnk File name: %Documents and Settings%\[User Name]\Desktop\Windows Error Recovery.lnk
File type: Shortcut
Mime Type: unknown/lnk
Group: Malware file
%Documents and Settings%\[User Name]\Start Menu\Programs\Windows Error Recovery File name: %Documents and Settings%\[User Name]\Start Menu\Programs\Windows Error Recovery
Group: Malware file
%Documents and Settings%\[User Name]\Start Menu\Programs\Windows Error Recovery\Windows Error Recovery.lnk File name: %Documents and Settings%\[User Name]\Start Menu\Programs\Windows Error Recovery\Windows Error Recovery.lnk
File type: Shortcut
Mime Type: unknown/lnk
Group: Malware file
Loading...