May 17, 2011

Windows 7 Recovery.

Windows 7 Recovery is the program that may appear on your computer out of nowhere.
Because it designed to rely on such Trojans as TDSS rootkit, you won’t be informed about its intrusion. It will be simply downloaded through security vulnerabilities found. Additionally, Windows 7 Recovery will start to display continuous alerts about hard drive errors detected. Please, never believe these ‘problems’ reported and remove Windows 7 Recovery. It’s important to have a licensed anti-spyware if you want to protect your machine from such fake defragmenters like this one or its relatives like Windows Vista Recovery or Windows XP Recovery. We would recommend having ‘licensed’ version of Spyware Doctor if you want to feel safe online and protect your machine.
When Windows 7 Recovery is running on your machine, you will be informed that your hard drive has numerous errors. It will display fake Safe Mode on your desktop and won’t list files on different folders trying to make you think that your hard disk is really bundled.
Normally, as soon as Windows 7 Recovery enters your workstation, you should remove it from your computer. If simply ignored, this fake defragmenter will start interrupting you every time you will be trying to get online. To remove Windows 7 Recovery, you should use a reputable anti-spyware.

Kill malicious Processes from Task Manager: 
  • <random>.exe
 Location of the infection:
  1. %UserProfile%\AppData\[random].exe
  •  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\afwserv.exe "Debugger" = 'svchost.exe'
  •  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avastsvc.exe "Debugger" = 'svchost.exe'
  •  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avastui.exe "Debugger" = 'svchost.exe'
Although it is possible to manually remove Windows 7 Recovery, such activity can permanently damage your system if any mistakes are made in the process, as advanced spyware parasites are able to automatically repair themselves if not completely removed. Thus, manual spyware removal is recommended for experienced users only, such as IT specialists or highly qualified system administrators. For other users, we recommend  malware and spyware removal applications.

After removing all these files, restart your computer and the issue will be fixed. And don’t forget to do update your Security Software, check the Firewall Settings and the Operating System and finally do a full system scan with the Security Software.


I'm finally safely home and have caught up on numerous hours of sleep after being in San Francisco for a long weekend at WonderCon. Besides toting a shiny new Jim Lee designed Batman statue that I picked up, I've got some great memories that I'm taking home with me.

Post a Comment

Related Posts Plugin for WordPress, Blogger...

Search This Blog



Twitter Delicious Facebook Digg Stumbleupon Favorites More