Windows Salvage System
To remove Windows Salvage System from an infected computer, we compile a guide, which you can use for free. See it below and carefully follow the instructions.
Windows Salvage System is a fake software developed for Windows systems. It was part of the large group of rogue programs where Windows Rescue Center and Windows Anticrashes Utility also belongs. These programs are able to penetrate into target computer and mess everything to annoy user. With this method, Windows Salvage System may promote itself as the only solution to resolve computer issues. A bunch of fake alerts and messages will also display that alarms users of threats detected on the computer. Every time Windows starts, Windows Salvage System will run its own scan and displays fabricated results in an attempt to persuade users to obtain the paid version of the program.
Usually, people can acquire Windows Salvage System virus by visiting malicious web sites or one that pretends to be an online virus scanner. It will automatically scan visitor’s computer and shows inflated reports of infection. It will advise to clean the system by downloading a trial version of Windows Salvage System. When loaded on the computer, this fake AV will begin to modify system settings and registry that is favorable to its illegal actions inside the system. It is important to remove Windows Salvage System immediately before it can bring more harm. Use only legitimate programs such as the one recommended on this page.
Screenshot Image:
Damage Level: Medium
Systems Affected: Windows 9x, 2000, XP, Vista, Windows 7
Windows Salvage System Removal Procedures
Manual Removal:
1. Unload any running Windows Salvage System process by pressing Ctrl+Alt+Del on your keyboard. This will open Task Manager. Look for the following process and click “End Process”:
random.exe
2. If there are antivirus programs installed, connect to Internet and update it to have the latest database and pattern files.
3. Thoroughly scan the computer and clean/delete all infected files. Check if there are remnants of virus-related files, delete if found.
4. Edit Windows registry and delete Windows Salvage System entries. [how to edit registry]
5. Close registry editor, changes will be save automatically.
6. Remove Windows Salvage System start-up entry by going to Start > Run, type msconfig on the “Open” dialog box. System Configuration Utility will open. Go to Startup tab and uncheck the following Startup item(s):
random.exe
7. Click on Apply and reboot the computer for changes to take effect.
Windows Salvage System Removal Tool:
For automatic removal of this malware, please download and run Malwarebytes Anti-Malware here. There are instances that Windows Salvage System Trojan will block the downloading execution of security application. On this situation, please download the file from an uninfected computer and rename it before installing on the infected computer.
Technical Details and Additional Information:
Malicious Files Added by Windows Salvage System:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\afwserv.exe “Debugger” = ‘svchost.exe’
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings “WarnOnHTTPSToHTTPRedirect” = ’0?
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore “DisableSR ” = ’1?
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avastsvc.exe “Debugger” = ‘svchost.exe’
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avastui.exe “Debugger” = ‘svchost.exe’
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings “WarnOnHTTPSToHTTPRedirect” = ’0?
Windows Salvage System Registry Entries:
%UserProfile%\Application Data\Windows Salvage System\cookies.sqlite
%UserProfile%\Application Data\Windows Salvage System\Instructions.ini
%Documents and Settings%\All Users\Application Data\[random]\[random].exe
%Documents and Settings%\All Users\Application Data\[random]\[random].mof
%Documents and Settings%\All Users\Application Data\[random]\[random].dll
%Documents and Settings%\All Users\Application Data\[random]\[random].ocx
%Documents and Settings%\All Users\Application Data\[random]\[random]\
Comments and Suggestions
On this area you can find Visitor's personal suggestions. We cannot control and evaluate each recommended procedure from visitors so please use it at your own risks. If your inquiry pertains to Windows Salvage System payment refund or lost serial key, kindly check the FAQ for rogue program first.
Disclaimer:
Read our article disclaimer about Windows Salvage System.