Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


WIN 7 - Account corrupter afer windows recovery infection

  • Please log in to reply
No replies to this topic

#1 fullgarage


  • Members
  • 1 posts
  • Local time:10:38 AM

Posted 25 May 2011 - 02:23 AM


I've been infected by Windows Recovery on my laptop (using win 7 pro 64 bits).

I think i've removed the infection, using:
- Rkill
- TDSSkiller
- the Anti Malware
- Combo Fix
- and then unhide

I am now able to access to my various files.

However, my profile / user seems now corrupted, and even flagged as administrator, i do not have access anymore to some programs or folders (message prompted is that this requires administrator rights) !
I've tried to solve the issue creating another profile, but this does not work any better.

Additionally, all the shortcuts for programs are no longer valid, and i cannot run the windows system tools (for instance, cannot make a right click on 'computer' on the start menu, and choose 'manage', as the link to administrative tools is no longer valid)...

From time to time, i also have some programs that dissapear (usually the first time after recovery than i start a program, the .exe file can dissapear once i close it).
I am still infected (i've run the anti malware program, no more infection is found) ?

Any idea on how i could solve these issues ?

Thanks for any help, and regards

Edited by fullgarage, 25 May 2011 - 03:56 AM.

BC AdBot (Login to Remove)


0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users