File Repair

File Repair is a new and advanced variant of a rogue defragmenter that SpywareRemove.com malware researchers have observed using dozens of different names to infect PCs, including the recent Windows XP System Repair, Windows Vista System Repair and Win 7 Home System Repair. Like other rogue defraggers, File Repair has no ability to defrag your hard drive or detect hard drive errors, but File Repair still creates error messages to make you think that purchasing File Repair might prevent your PC from breaking down. As an upgraded variant from its rogue defragger subgroup, File Repair is also capable of making advanced attacks, such as blocking security features, hijacking your browser and especially altering your file-viewing preferences to hide files and shortcuts. Removing File Repair itself with a suitable anti-malware application is the only thing that's required to put a stop to these problems.

Why File Repair is More Likely to Hide Your Files Instead of Repairing Them

File Repair may look like a real defragger, and it may even act like a real defragger at first, but even a brief time spent with File Repair quickly reveals its true nature - as a scamware defragmenter that's more interested in handing out fake warnings than in fixing your hard drive. SpywareRemove.com malware researchers have watched File Repair, like many other rogue defraggers that it's related to, create error messages without any basis in reality for the relevant errors. Samples of some of File Repair's favorite scare tactics are shown here:

Hard Drive Failure
The system has detected a problem with one or more installed IDE / SATA hard disks. It is recommended that you restart the system.

System Error
An error occurred while reading system files. Run a system diagnostic utility to check your hard disk drive for errors.

Critical Error!
Windows was unable to save all the data for the file \System32\496A8300. The data has been lost. This error may be caused by a failure of your computer hardware.

Critical Error!
Damaged hard drive clusters detected. Private data is at risk.

Critical Error
Hard Drive not found. Missing hard drive.

Bad sectors on hard drive or damaged file allocation table

Ram Temperature is 83 C. Optimization is required for normal operation.

Requested registry access is not allowed. Registry defragmentation required

GPU RAM temperature is critically high. Urgent RAM memory optimization is required to prevent system crash

Critical Error
Windows can't find hard disk space. Hard drive error

Critical Error
RAM memory usage is critically high. RAM memory failure.

Critical Error
A critical error has occurred while indexing data stored on hard drive. System restart required.

Low Disk Space
You are running very low disk space on Local Disk (C:).

System Restore
The system has been restored after a critical error. Data integrity and hard drive integrity verification required.

Critical Error
Hard drive critical error. Run a system diagnostic utility to check your hard disk drive for errors. Windows can’t find hard disk space. Hard drive error.

SpywareRemove.com malware research team has also seen many of these errors used by other rogue defraggers that use most of File Repair's own code. These related rogue defragmenters, such as System Repair, Windows Repair, Windows XP Repair, Windows Vista Repair, Windows 7 Repair, Windows Startup Repair and many others should be considered just as worthless and hostile as File Repair itself.

An especially worrisome trait of File Repair is the fact that its file-viewing attacks have been expanded from those of its ancestors. While a typical File Repair clone file-viewing attack might make Windows Explorer-viewed files unable to be seen, File Repair has been seen doing the same for desktop shortcuts and Start menu shorts, as well. However, if you use Safe Mode or another boot method that disables File Repair, your shortcuts and files will magically reappear and be completely unharmed.

Putting Good Repair Techniques to Work Against File Repair

Because trojans, such as Zlob, Vundo, and Fake Microsoft Security Essentials Alert are often accompanied by rogue defraggers and other scamware programs like File Repair, you only should delete File Repair by using a proper anti-malware scanner that can detect all potential infections on your PC. Updating your threat definition database is also strongly encouraged, since File Repair is a recent example of its rogue defragger gang as of August 2011, and may not be deleted if your threat definitions are out-of-date.

File Repair and related trojans may also hinder your attempts to removal File Repair and related threats by hijacking your web browser or disabling anti-malware programs. Like the file-viewing attacks mentioned above, these attacks can only occur when File Repair or its trojans are active, and using standard techniques to avoid triggering File Repair's startup routine (which SpywareRemove.com malware researchers have found to be Registry-based) is the solution.

Technical Details