Windows Repair

Windows Repair is a virus. This software will perform fake PC Performance and Stability Analysis test. It aims to convince computer users that the system needs fixing using the same program. Windows Repair will cause severe annoyances only to promote itself as a legitimate tool. In fact, analyzing the situation proves that Windows Repair is the root of every error occurring on the computer. It may hijack Internet browser and redirect it to malicious web pages. If you try to run any programs, this bogus software averts the action. It asserts virus infection on the executable file. Aside from that, this fake program will disable certain Windows functions of to prevent manual removal of itself.

Windows Repair ascends from the same group who spreads other rogues such as Windows Disk, Windows Diagnostics and Windows Recovery. All of these uphold the sole purpose of making users to consider existing hard drive and system errors. Later it will display an advice to fix these errors using only the paid version of Windows Repair. This tactic has been around for quite some time and has deceived millions of computer users globally. Instead of buying the harmful program, it is best to download real anti-malware tool. As we always insist, never trust unknown product. To prove that the software we are talking about is risky, run full scan of the system using suggested tool below. The result will reveal that Windows Repair is one threat that exists on your computer.

Screen Shot Image:

Windows Repair Virus

Technical Details and Additional Information:

Damage Level: Medium

Systems Affected: Windows 9x, 2000, XP, Vista, Windows 7

How to Remove Windows Repair

Restore Windows Components

If this virus enters your system, there is a big chance that Windows files, registry entries and other essential components are also infected. System Restore can reinstate clean system files by restoring the configuration to an earlier date. If you have a saved restore point before Windows Repair virus infiltrates the computer, please restore Windows to previous settings.

Manual Removal Procedure

1. Press Ctrl+Alt+Del on keyboard to stop the process associated to "Windows Repair". When Windows Task Manager opens, go to Processes tab. Find and end this process.
(random characters).exe

2. You need to update your installed antivirus software. Please connect to the Internet and download the most recent database. This is a one-click process from your AV program’s console.

3. Thoroughly scan the computer and remove any threats found by your antivirus program. If delete option is not available, your best next choice is to quarantine the infected file. There is also a need to manually locate and delete malicious files. Please see the file section for items that are relevant to Windows Repair.

4. Next, you need to remove registry entries created by Windows Repair. Please refer to registry section to view entries related to the rogue program.
- (Windows 2000/XP) Go to Start > Run, type "regedit" on dialog box then press Enter on keyboard.
- (Windows Vista/7) Go to Start > Search Program and Files, type "regedit" and press Enter.

5. Exit registry editor when you are done.

6. Get rid of Windows Repair start-up entry by going to Start > Run, type msconfig on the "Open" dialog box. It will launch a new window containing System Configuration Utility. Click on the Startup tab and uncheck the following item.
(random characters).exe

7. Click Apply. You need to restart the computer.

Windows Repair Removal Tool

In order to remove the threat completely, you need to download and run Malwarebytes Anti-Malware. This is a free malware removal tool. If Trojan infection blocks the downloading of this program, get it using a clean computer. Rename the executable file before executing on the infected PC.

Alternative Removal Method for Windows Repair

Option 1 : Use Windows System Restore to return Windows to previous state

If Windows Repair enters the computer, there is a big chance that Windows files, registry entries and other essential components are also infected. System Restore can reinstate clean system files by restoring the configuration to an earlier date. The method also replaces compromised files with a clean version. If you have a saved restore point before Windows Repair infiltrates the PC, we highly encourage you to execute this procedure if none of the above works. You may proceed with Windows System Restore, click here to see the full procedure.

Option 2 : Windows Repair manual uninstall guide

IMPORTANT! Manual removal of Windows Repair requires technical skills. Deleting system files and registry entries by mistake may result to total disability of Windows system. We advise you to perform a backup of registry before proceeding with this guide.

1. Kill any running process that belongs to Windows Repair.
- Press Ctrl+Alt+Del on your keyboard.
- When Windows Task Manager appears, look for Windows Repair files (refer to Technical Reference) and click End Process.

End Task

2. Delete all registry entries that belong to this malware.
- Press [Windows Key]+R on your keyboard.
- In the 'Open' dialog box, type regedit and press Enter. This will open registry editor.
- Find and delete registry entries as mentioned in Technical Reference section below.
- Close registry editor. Changes made will be save automatically.

Run Regedit

3. Scan the computer with antivirus program.
- Connect to Internet and open your antivirus software. Please update to obtain the latest database and necessary files.
- Restart the computer in Safe Mode.
- Just before Windows logo begins to load press F8 on your keyboard.
- On Windows Advanced Boot Options, select Safe Mode and press Enter.

4. Delete all files dropped by Windows Repair.
- While still in Safe Mode, search and delete malicious files. Please refer to 'Technical Reference'. Make sure that you execute 'End Task' first before deleting the file. Otherwise, the system will not let you perform this action.

Associated Files and Folders:
File Location for Windows Versions:
  • %UserProfile% It is C:\Users\<Current User> for Windows Vista/7; for Windows XP/2000 this is C:\Documents and Settings\<Current User>.
  • %AllUserProfile% for Windows Vista/7 user is C:\Users\<Current User> for Windows XP/2000 this is C:\Documents and Settings\<Current User>.
Added Registry Entries:

7 Responses

  1. JoeZ says:

    A couple of things not mentioned:

    An Autostart manager can help ID the modules and path. Reboot in Safe mode (F8), select the bad entry, make note of its path, then delete the entry. Reboot in normal mode and finish the cleanup.

    Do a system restore to a prior good bookmark. This will save a lot of trouble trying to fix individual items.

    The program sets the attribute of My Documents to hidden, so it looks like all your files are gone. Right click Properties, then uncheck hidden (apply to all subfolders and files).

    It also messes with Search settings such as Indexing. Click Preferences from the bottom of the pop-up menu and set Indexing to ON.

  2. mike says:

    When it mentions removing (random characters).exe how am I to be sure it’s part of the virus and not something that I need?

  3. shopg05a says:

    Drphone offers mobile phone repair and unlock service, especially in iPhone repair and unlock. Drphone also sells all kinds of mobile phones and accessories.

  4. Peter says:

    mike said:
    When it mentions removing (random characters).exe how am I to be sure it’s part of the virus and not something that I need?

    I have the same problem. How do I know which exe’s to end processing? Most of them have random characters.


  5. Prentiss says:

    Got rid of virus but can’t retreive any of my files. They all say ’empty’
    Could that virus have really deleted everything ? Also I can log in now but still get a black screen with windows bar at the bottom. Help please !

  6. Student says:

    I have the exact same problem as Prentiss, I used Malwarebytes to get the virus off of my computer, but now programs cannot open because it can’t find them. Firefox, internet explorer, word, abobe, nothing will open. When I go onto a different user on the same computer everything seems to work fine.

  7. Bacteriophage says:

    When the virus is cleaned off of the computer and you still can’t see your files (using WinXP), double-click My Computer, select Folder Options under Tools, go to the View tab and select “Show hidden files and folders,” and you will now be able to see your files.

    One more step is to right-click on the files or folders that are hidden, choose Properties, and then deselect “hidden.” If it is a folder, select “apply it to all subfolders.”

    I’m not sure how to batch all hidden documents to change its attributes, so I just manually selected all the folders and files at once to remove the hidden attribute.

Leave a Reply

Your email address will not be published. Required fields are marked *