If you constantly have a Blue Screen of Death (BSoD), that suggests you call (1-844-813-5673), then be warned that your computer has been infected with Recovery (1-844-813-5673). This application is nothing short of malicious and its primary objective is to make money for its creators. It is designed to lock your desktop and disable Task Manager so that you would have no other course of action but to comply. However, there is a way you can remove this malware, and you can do that by following the guide provided below. But, if you want to know more about this infection, we invite you to read this description.
Recovery (1-844-813-5673) is a highly malicious application. It is designed to infect your computer by stealth and lock its screen by showing a fake Blue Screen of Death window. Its main executable is named Divyesh.exe and research has shown that it is dropped in %WinDir%\Divyesh\Divyesh. It also features registry keys such as that include HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\DIVYESH and HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\DIVYESH, as well as a registry string named Divyesh that is placed at HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run. The Divyesh registry string is designed to autostart this malware on system startup. As a result, when you restart your PC you will be greeted by this program’s BSoD window constantly.
Once on your computer, this application will open its borderless fake error window on top of the desktop to give you the impression that a critical error has indeed occurred. The message states that “A component of the operating system has expired.” And, the error points to \windows\system32\winload.efi and the reason for this. The fictitious error message suggests that you need to use a recovery too and if you do not have a disc or an installation image of Windows, then you need to contact tech support by calling 1-844-813-5673. Evidently, this application uses deceptive means to compel you to call this phone number, and it is likely that the people on the other end of the line will try to sell you a PC optimization tool or a fake antimalware application to resolve this manufactured issue. Also, they may charge you a premium rate for the call and make money that way. So, without a doubt, Recovery (1-844-813-5673) is all about making money.
While gathering information about this malicious application we found that it is currently distributed through bundled installers. These installers are said to install Recovery (1-844-813-5673) without your knowledge or consent, and some have been configured to deny you the means to deselect its installation altogether. These installers can mostly be found on shady freeware hosting websites, so if your PC was infected as a result of installing a malicious software bundle, please leave a comment in the comment section below with the address of the website from which you got it. Unfortunately, nothing else is known about this program, except for the fact that it was created by cyber criminals that understandably stay in the shadows because there no denying that Recovery (1-844-813-5673) is a malicious program.
That is all we have to say about this application. To recap, this app is designed to lock your computer’s screen and show you a fake error message that promotes a fake tech support phone number. It disables Task Manager to prevent you from bypassing its lock screen. It is also distributed in a deceptive manner, so, all things considered, you should delete this program as soon as you can. Please follow the removal instructions below carefully as you will need to boot your PC in Safe Mode.
Boot up the PC in Safe Mode with Networking
Windows 7 and Vista
Remove Recovery (1-844-813-5673)
Delete the registry keys