Windows XP Recovery Malware – How To Remove This Malicious Software From Your PC

If you have Windows XP recovery on your computer it can be very difficult to remove. It alters your desktop, stops task manager from running so you can not stop it and will then load other malware and even Trojans onto your computer.

The first time became aware of this malware at all is when they see a pop up message about hard drive failure. This usually appears to come from Windows and appears to be a genuine message. All it will say is your hard drive is failing or has failed and you need to restart your computer to scan it.

A good indication that this error message is not what it looks is to immediately try to run task manager. If you get an error saying task manager can not run or that the system administrator has disabled it you can be sure this error is not real and once you restart your computer this malware will start to cause real problems.

How can you remove the Windows XP recovery malware quickly?

If you are lucky enough to see this error and know what it is you can do the following.

# 1 Restart your computer in safe mode straight away. Do not go into normal mode or it will change your desk and hide all your shortcuts and desktop programs and prevent you from running anything.

When your computer starts up press the f8 key before you see the Windows start screen.

# 2 Once in safe mode you need to find and stop this malware if it is running. This malware changes everything on your desktop and hides all the icons so you need to press the CTRL-SHIFT-ESCAPE keys together to start task manger. Once it is open go to the processes tab and look for files with generated names such as hkfddffl1.exe which are obviously not real file names and stop them.

# 3 Find and delete all files and folders for this malware. To do this search for folders and files called Windows Recovery and then delete all of them.

# 4 Start the registry editor. To do this go to start on the Windows taskbar, then run and type in regedit and press ok. When the registry editor opens find and delete the following.

# 1 HKCU Software Microsoft Windows CurrentVersion Run generated file name
# 2 HKCU Software Microsoft Windows CurrentVersion Run generated file name

Generated file name is a generated file similar to the file in step 2.

# 5 If you are unable to find the files above at all you need to download a system and registry scanner. You must do this in safe mode and then run a full system scan. This will find malware on your computer and stop it and help you to get rid of Windows XP recovery malware quickly.

# 6 Once you have done this you need to get you get your desktop and your icons back. Sometimes just running a system and registry scanner will fix this but if it does not need you to do the following.

Search for and download a program called unhide from the internet. This will get all your shortcuts and desktop icons back. They have not been deleted but hidden by the Windows XP recovery program. This will take a few minutes and you will then see all your desktop icons and shortcuts appear.

Once you have done this restart your computer. You will find that you have managed to get rid of the Windows XP recovery software but your desktop will still have a black background. Right click on the desktop, click on properties and then click on the desktop tab on the box that appears. Once you have done this set your desktop back to the way it was and your computer will be back to normal. Follow these steps to protect you PC from this malware for good.

