Windows XP Repair

Posted: June 20, 2011
Threat Metric
Threat Level: 10/10
Infected PCs 12

Windows XP Repair Description

ScreenshotWindows XP Repair is yet another entry into a line of rogue defragmenters (or defraggers) that specialize in creating fake infection alerts to mislead you about your PC health. Although Windows XP Repair bears a different name, Windows XP Repair uses almost all of the same code as Windows XP Repair's clones, with a similar appearance and overall behavior. Windows XP Repair may attack your ability to view files, stop programs from working or hijack your browser while also faking Windows XP Repair's error-detecting features. Exterminate Windows XP Repair infections with prejudice and, ideally, the assistance of a good security or anti-virus application.

Windows XP Repair: Full of Fake Excuses for Real Theft

Windows XP Repair masquerades as a defragmenter with a remarkable set of broad features for detecting, not just fragmentation, but also Registry errors, read/write errors and other general problems. Sadly, once Windows XP Repair has your trust, Windows XP Repair yanks the rug out from your feet and creates an effectively infinite number of 'problems' that require you to spend money to fix.

Although Windows XP Repair tries to sell Windows XP Repair's full version to you as the only way to stop the many errors that Windows XP Repair points out, all of these errors and alerts are inaccurate and don't give you a true sense of your PC health. Some of Windows XP Repair's fake errors include:

Critical Error
A critical error has occurred while indexing data stored on hard drive. System restart required.

Critical Error
RAM memory usage is critically high. RAM memory failure.

Critical Error
Hard Drive not found. Missing hard drive.

Critical Error
Windows can't find hard disk space. Hard drive error.

Critical Error!
Windows was unable to save all the data for the file System32496A8300. The data has been lost. This error may be caused by a failure of your computer hardware.

Critical Error!
Damaged hard drive clusters detected. Private data is at risk.

System Restore
The system has been restored after a critical error. Data integrity and hard drive integrity verification required.

Windows XP Repair is closely related to other threats like Windows Repair, Windows Recovery, Windows XP Restore, Windows Vista Restore, and Windows 7 Restore. Like all these other rogue security programs, there's no reason to purchase Windows XP Repair, since Windows XP Repair can't detect or remove any of the problems that Windows XP Repair markets itself as being able to solve.

Windows XP Repair's Last Resorts to Make you Panic

The simple fake detection scam that Windows XP Repair uses is enhanced by a number of other problems that Windows XP Repair can cause, to make it look like these fake threats are really on your PC.

  • Windows XP Repair may alter the Windows Explorer program to make certain files or folders not appear or to appear in the wrong locations. This attack doesn't do any real harm to the files or folders, which can be seen in their normal locations once you've deactivated Windows XP Repair.
  • Like many other rogue security programs, Windows XP Repair is also capable of attacking Windows diagnostic tools and anti-virus scanners, preventing them from launching to stop you from deleting Windows XP Repair. Windows XP Repair may even create a pop-up that tells you (falsely) that the program is contaminated with a keylogger or other serious threat.
  • Windows XP Repair also dabbles in browser hijacks, which can force your web browser to display fake content or redirect you to a dangerous website. Having your homepage changed to Windows XP Repair's home website or another harmful site is one of the most common symptoms of hijacking.

The code '8475082234984902023718742058948' may be able to deactivate Windows XP Repair, but this code isn't a replacement for removing Windows XP Repair with anti-malware software.


ScreenshotScreenshotScreenshotScreenshotScreenshotScreenshotScreenshot

File System Modifications

  • The following files were created in the system:
    # File Name
    1 %CommonAppData%\[RANDOM CHARACTERS]
    2 %CommonAppData%\[RANDOM CHARACTERS].exe
    3 %UserProfile%\Desktop\Windows XP Repair.lnk
    4 %UserProfile%\Local Settings\Application Data\GDIPFONTCACHEV1.DAT

Registry Modifications

  • The following newly produced Registry Values are:
    HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN\USE FORMSUGGEST = YesHKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS\CERTIFICATEREVOCATION = 0HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS\WARNONBADCERTRECVING = 0HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS\WARNONZONECROSSING = 0HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS\ZONES\3\1601 = 0HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\WINTRUST\TRUST PROVIDERS\SOFTWARE PUBLISHING\STATE = 146944HKEY..\..\..\..{RegistryKeys}HKEY_LOCAL_MACHINE\SYSTEM\ControlSet\CONTROL\SESSION MANAGER\PENDINGFILERENAMEOPERATIONS = \??\%CommonAppData%\[RANDOM CHARACTERS].exe

Additional Information on Windows XP Repair

  • The following messages's were detected:
    # Message
    1 The system has detected a problem with one or more installed IDE / SATA hard disks.
    It is recommended that you restart the system.
    2 Critical error
    Windows can`t find disk space. Hard drive error.
    3 System Restore
    The system has been restored after a critical error. Data integrity and hard drive integrity verification required.
    4 Windows – No Disk
    Exception Processing Message 0×0000013
    5 Critical Error
    A critical error has occurred while indexing data stored on hard drive. System restart required.

Use SpyHunter to Detect and Remove PC Threats

If you are concerned that malware or PC threats similar to Windows XP Repair may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.

Download SpyHunter's Malware Scanner

Note: SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware tool to remove the malware threats. Learn more on SpyHunter. If you would like to uninstall SpyHunter for any reason, please follow these uninstall instructions. To learn more about our policies and practices, visit our EULA, Privacy Policy and Threat Assessment Criteria.

Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.

Technical Details

File System Modifications

Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.

The following files were created in the system:



%ALLUSERSPROFILE%\Application Data\93hFFPH3z.exe File name: 93hFFPH3z.exe
Size: 356.35 KB (356352 bytes)
MD5: 4ef5a67c74f0b6e1ff877e9340ba14ed
Detection count: 8
File type: Executable File
Mime Type: unknown/exe
Path: %ALLUSERSPROFILE%\Application Data\
Group: Malware file
Last Updated: June 20, 2011

One Comment

Leave a Reply

Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter. If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.