Home Malware Programs Rogue Registry Cleaners Repair Registry 2008

Repair Registry 2008

Posted: July 30, 2009

Repair Registry 2008 is a rogue registry cleaner and system optimizer that pretends to fix up your PC when, in reality, Repair Registry 2008 isn't capable of doing anything except creating fake alerts and other types of misleading attacks. SpywareRemove.com malware research team notes that Repair Registry 2008 is propagated via malicious sites that use fake system scans to encourage you to install Repair Registry 2008 and similar types of rogue registry cleaners; due to this hazard, it's recommended that you keep your browser's security settings at high levels and keep anti-malware products that can detect these attacks and prevent them from installing Repair Registry 2008. If Repair Registry 2008 does sneak its way onto your PC, you should ignore all of its alerts and warning messages, since Repair Registry 2008 is utterly-unable to detect problems with your computer and has no purpose except to defraud you of money by bullying you into purchasing its full version. Like other types of scamware, Repair Registry 2008 can be easily-removed with appropriate anti-malware programs.

Repair Registry 2008 – a Still-Operational Threat Four Years Later

Repair Registry 2008 is marketed by a loose ring of websites that specialize, not just in selling Repair Registry 2008, but also in providing fake information about your PC. SpywareRemove.com malware experts discourage contact with, securityreg.org, repair-registry.net and secure.repair-registry.org, since all of these sites have been known to propagate Repair Registry 2008 by one method or another. Even short visits to these sites can result in a Repair Registry 2008 infection via drive-by-download scripts, and strong security settings for your browser, as well as installation of all security patches, can be considered critical to protect from such Repair Registry 2008 attacks.

However, the top method of infection by Repair Registry 2008 remains simulations of system scans that are hosted at such sites. These fake scanners create inaccurate warnings about backdoor Trojans and similar PC threats, afterward requesting that you download Repair Registry 2008 or another type of scamware to cure your computer. The following is just one sample of such an alert that SpywareRemove.com malware analysts have found at securityreg.org:

"WARNING!!! Quick system scan results
Harmful and malicious software detected
Online scanner detected programs that may compromise your privacy or damage your computer.
Backdoor:Win32/NTRoot
Backdoor:Win32/Sivuxa
Trojan.Caiijing"

Repairing Your PC from a Repair Registry 2008 Attack

After its installation, Repair Registry 2008 will pretend to clean your Windows Registry and optimize other parts of your operating system. However, Repair Registry 2008 lacks any of the features that Repair Registry 2008 claims to have, and substitutes fake warning messages and fake scanner results for its seemingly-benign functions. The example below is one well-known warning pop-up that Repair Registry 2008 uses:

"Online Repair: WINDOWS REQUIRES IMMEDIATE ATTENTION
=============================
ATTENTION ! Security Center has detected
malware on your computer !
Affected Software:
Microsoft Windows Vista
Microsoft Windows XP
Microsoft Windows 2000
Microsoft Windows Server 2003
Impact of Vulnerability: Remote Code Execution / Virus Infection /
Unexpected shutdowns
Recommendation: Users running vulnerable version should install a repair utility immediately
Your system IS affected, download the patch from the address below !
Failure to do so may result in severe computer malfunction.
onlinerepair.org
For the link to become active, please click on 'Add to contacts' skype button or type it in manually into your web browser!"

SpywareRemve.com malware researchers also warn that scamware like Repair Registry 2008 and similar PC threats are often designed to include the ability to redirect your web browser to malicious sites, block PC security sites, block anti-malware software or change your desktop image. Since there's no reason to keep Repair Registry 2008 around and many reasons to urge for its removal, you should disable any Repair Registry 2008 infection by using Safe Mode and then remove Repair Registry 2008 with the anti-malware program of your preference.

Registry Modifications

  • The following newly produced Registry Values are:
    HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "Repair Registry 2008"

2 Comments

  • Cathy Canfield says:

    I got a message supposedly from mcafee on skype saying my pc was infected and to immediately download a patch..for 19.95..after doing this..the web address they gave me doesn't exist..now they have my money and my card information..what do i do

  • Dorthee says:

    Cathy, I'm in the same boat. Silly me, I only started doing the research after downloading the patch. I went onto the website and requested a refund, which I doubt I'll get, but I would say just uninstall the program from your computer and get rid of it. Then just monitor your bank account in case they try to do something there. Sorry!

Loading...