Windows Repair

Posted: March 26, 2011
Threat Metric
Threat Level: 10/10
Infected PCs 838

Windows Repair Description

ScreenshotWindows Repair is a rogue defragmenter (also known as defragger) application that borrows visual elements and malicious functions from older known rogue threats. There's no gain to be had by refraining from removing Windows Repair from your computer; while it does offer scanning and heuristic services, these functions are all falsified and will offer inaccurate and misleading results. Windows Repair may prevent programs from running, hijack web browser applications and confuse the user with fake error messages, so a thorough removal of this rogue malware isn't something you should wait to do later.

An Alarm a Minute Infection

Unlike some types of rogue PC threats, Windows Repair currently lacks a thoroughly-defined infection technique. You may accidentally download Windows Repair by visiting a website that hosts malicious drive-by download code, by acquiring a trojan infection that downloads malware automatically or by opening a P2P or freeware site file bundled with Windows Repair.

It won't be hard to see Windows Repair on your PC, however, infection will begin by displaying the Windows Repair program brazenly on each startup. While active, Windows Repair may try to create fake errors like the ones you'll see below under the guise of being legitimate system warnings.

Critical Error
A critical error has occurred while indexing data stored on hard drive. System restart required.

Critical Error
RAM memory usage is critically high. RAM memory failure.

Critical Error!
Damaged hard drive clusters detected. Private data is at risk.

System Restore
The system has been restored after a critical error. Data integrity and hard drive integrity verification required.

Critical Error!
Windows was unable to save all the data for the file System32496A8300. The data has been lost. This error may be caused by a failure of your computer hardware.

Critical Error
Windows can't find hard disk space. Hard drive error

Critical Error
Hard Drive not found. Missing hard drive.

If you have a Windows Repair infection or infection by similar rogue malware, you should treat any strange errors or alerts with extreme caution until you've verified that the rogue program isn't running, even as a background process in memory. You can check your background memory processes in Task Manager, although many types of malware like Windows Repair will imitate the names of benign system processes.

Repairing Your PC - Without the 'Help' of Windows Repair

Inadvertently hosting Windows Repair on your PC can also lead to serious system damage:

  • Your web browser may be hijacked by Windows Repair. Hijacks can create misleading content like fake website errors and warnings, change you to a malicious domain or stop you from going to a safe and helpful website. This attack is often coupled with the alteration of your homepage to a malicious one.
  • Windows Repair may stop different programs from launching. Standard victim programs for these attacks include basic Windows maintenance tools like MSConfig and anti-malware scanners that could delete Windows Repair.
  • Exposure to other malware attacks due to the above two conditions can result in your PC becoming more compromised the longer you use it. Only totally removing Windows Repair and reverting all security settings to normal levels will make your computer safe again.

Using the serial key '8475082234984902023718742058948' may allow you to run applications while Windows Repair is active if it's truly necessary. However, a better choice is to reboot into Safe Mode, which stops many types of malware from launching at all.

Windows Repair shares enough code with older known rogue programs that it can be removed without trouble by the right anti-malware applications. Any product that has been received due adulation from the industry and is armed with the latest database updates should be able to remove Windows Repair without further ill effects.

Windows Repair belongs to the FakeSysDef family, which includes members such as System Defragmenter, Ultra Defragger, HDD Control, Win HDD, Win Defrag, Disk Doctor, Hard Drive Diagnostic, HDD Diagnostic, HDD Plus, HDD Repair, HDD Rescue, Smart HDD, Defragmenter, HDD Tools, Disk Repair, Windows Optimization Center, Scanner, HDD Low, Hdd Fix and Win Defragmenter.
ScreenshotScreenshotScreenshotScreenshotScreenshotScreenshotScreenshot

Use SpyHunter to Detect and Remove PC Threats

If you are concerned that malware or PC threats similar to Windows Repair may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.

Download SpyHunter's Malware Scanner

Note: SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware tool to remove the malware threats. Learn more on SpyHunter. If you would like to uninstall SpyHunter for any reason, please follow these uninstall instructions. To learn more about our policies and practices, visit our EULA, Privacy Policy and Threat Assessment Criteria.

Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.

Technical Details

File System Modifications

Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.

The following files were created in the system:



%ALLUSERSPROFILE%\Application Data\JmpyxPEOWqPO.exe File name: JmpyxPEOWqPO.exe
Size: 545.79 KB (545792 bytes)
MD5: 504d44db8bb38ac499950ae9d5585760
Detection count: 53
File type: Executable File
Mime Type: unknown/exe
Path: %ALLUSERSPROFILE%\Application Data\
Group: Malware file
Last Updated: January 8, 2020
%ALLUSERSPROFILE%\Application Data\16113460.exe File name: 16113460.exe
Size: 467.96 KB (467968 bytes)
MD5: ee42befd1d6ee2217f3daab9d38ba699
Detection count: 52
File type: Executable File
Mime Type: unknown/exe
Path: %ALLUSERSPROFILE%\Application Data\
Group: Malware file
Last Updated: March 29, 2011

Registry Modifications


The following newly produced Registry Values are:

File name without pathWindows Repair.lnk

Related Posts

8 Comments

Leave a Reply

Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter. If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.