Privacy & Security
Roguefix
Plague of the rogue scanners
Antivirus 2008, Antivirus 2009, Antispykit, AntiSpyCheck, Security toolbar, IEAntiVirus, SpyMaxx, InternetSecurityDeluxe, VirusProtectPro, Virusheat, XP antivirus and many others ....
.
Roguefix detection and removal script to clean computers with the Windows XP operating system that are infected with fake security warnings from a family of rogue scanners, Desktop/Homepage hijackers, their
installing/accompanying trojans and 'partner' programs.If you do not want or need the information about the infection and just want to go straight to the removal tool Click Here
These infections have acquired a generic term of smitfraud. In fact, its only connection with the Smitfraud infection (a phishing trojan that attempts to steal passwords of Smith Barney financial company clients) is one of the early variants gave a fake warning that the PC was infected with the smitfraud trojan. Despite there being many variants released since, each giving a different fake warning, the name smitfraud appears to have stuck.
This tool will scan for,
| Rogue scanners |
Desktop/Homepage Hijackers |
Trojans |
Codec's |
Accompanying Malware |
| AdwareDelete Adwarepunisher adwaresheriff Alphacleaner Anti-Leech AntiSpyCheck antispykit AntispyStorm AntiSpywareBot AntispywareSoldier AntiSpywareSuite Antispyzone AntiVermeans AntiVerminser AntiVermins AntiVerminsPro AntiVirGear Antivirus 2008 Antivirus 2009, Antivirus Gold Antivirus Golden AntiVirusPCSuite AntiWorm2008 Awola BraveSentry BreakSpyware ContraVirus DioCleaner ErrorSafe Error Safe Free ExpertAntivirus IE AntiVirus IE Defender InternetSecurityDeluxe MalwareAlarm Malware Bell MalwareCrush MalwareCore MalwareStopper MalwareWar Malwarewipe MalwareWiped malwarewipeds MalwareWipePro Malwarewiper MrAntispy MultiDefender PCPrivacyToo PCTurboPro PestCapture PestTrap popupwall PrivacyKit PrivacyProtectorFree Protection Bar RegistryCleaner RegistryCleanerXP RemedyAntispy Safety Bar SecureMYpc security toolbar searchspy SpyAway spyaxe SpyBrowser SpyCrush SpyDawn Spyfalcon Spyguard SpyHeal SpyHealer SpyHeals spykiller SpyLax SpyLocked SpyMaxx Spy officer SpyQuake2 Spysheriff Spy-Shield SpyShield SpyShield Demo SpyShredder Spyspotter Spywareaxe SpywareBot SpywareHeal SpywareLocked SpywareStrike SpywareSoftstop SpywareQuake spywarewall Spyware Wizard SystemDoctor 2006 TitanShield Antispyware Trust Cleaner Trustin bar Ultimate Defender virusblast VirusBlasters Virusburst Virusburster Virusbursters Virus-bursters Virusheal Virus heat VirusLocker VirusProtect VirusProtectPro virusranger VirusRay VirusRescue WebSpyShield XP antivirus |
alloversafety.com antispylab antispynet antispywarebox asafetyproject.com asecuritydesktop bestsecurityguide.com bestsafetyguide.net dns404.net (404 errors) guarduptodate.com needupdate.com onlinesecurityguard.net Onlinesecurityworld.com onlinestability.com perfectedsecurity privacy_danger securitycaution.com safetydefender.com safe-strip-download.com www.security-look.cc safetyuptodate.com securitybulletin securityfeature.com securitysafeguards.net Security Troubleshootin syserrors.com www.syssecuritysite.com systemwarning.com www.theguardservices.com topantispyware topsecuritysite.com updatescenter.com updatesearches.com updateyoursystem.com Windowssecuritycenter.com yoursystemupdate.com |
Adclicker Agent.yf Alemod Bizves Cimuz DcomSrv Delf dflnl DHIJACK Dloadr-DM DNSCHANGER EMediaCodec Fake-Alert FAKEALE Fakespy Fakevir Favadd flush harnig lowzones loxoscam newdial Nsaq proxy fz puper small Startpage Spywad Vixup Win32.Renos Win32.VB.vc Zlob |
AviCodecEX Brain Codec Codec Pack - All In 1 DVDCodec eCodec elitecodec emediacodec FreeVideo Gold Codec icodecpack Image Add-on Image ActiveX Object HQ_codec HQvideoCodec icodecpack image access activex object image ax object IntCodec IVideoCodec JPEG Encoder KeyCodec Key Generator media-codec MMediaCodec mpvideocodec NewMediaCodec online video add-on Pcodec Perfect Codec powercodec QualityCodec RichVideoCodec Silver Codec Softcodec StrCodec Super Codec sv-codec svideocodec TrueCodec VAX codec vcodec vidcodecs Video Access ActiveX Object Video ActiveX Object Video AX Object VideoBox VideoCompressionCodec video icodec VideoKeyCodec VideosCodec WinMediaCodec XXXAccess XXXPlugin xxxVideo Access ActiveX Object zipcodec |
404Search 7FaSSt AccessPlugin Accoona AceSpy Aconti dialer ActiveSearch ACXInstall Dialer Adbars AdBlaster Adbreak AdsInContext AsianRaw Dialer AzeSearch BestOffersNetworks Browserad(TX-4) CashDeluxe CnsMin Crystalys Media Daily Weather Forecast DealBar Deskwizz DigiKeygen digipass DollarRevenue EShopee ezPorn EZVideo IEhelper iwatchnow JustPorn KeyToPorn Locksky(worm) Need2find NetProject Netpumper Oemji toolbar MediaTickets My Pass Generator MyGeek/CPVFeed Perflog (keylogger) PornMagPass mirrarsearch moneygainer RuPass Search Maid SearchPorn SelectiveAdmission surf sidekick VideoKey VideoPorn Virtual Maid WatchPorn |
Examples of the fake warnings generated-
These can be in the form of a balloon from an icon near the clock, an alert box, your Internet Explorer home page or your desktop background. They can have the appearance of being from the Windows Security Centre or the Windows operating system and claim your PC is infected with any of the following.
These trojans sneak into your computer by-
Other side effects may include
.
Notice |
To clean an infected computer (Windows XP only)
1) Download Roguefix.bat from HERE and save it to your desktop.(Click Save on the 'File download' box, then select Desktop in the box marked Save in)
This tool is regularly updated, current version 2.190 (updated 11th August 08)
Note - Some users are reporting seeing a text page as opposed to the download box when using this link, (particularly with Firefox browser) if this happens to you, try one of the following -
- Click your browsers back button and try again,
- Use different browser e.g. Internet Explorer,
- Right click the 'download link, select Save As from the drop down list and Save to your desktop.
2) A disk and registry cleaner, I recommend either of the applications below-
Ccleaner, A variety of free cleaning utilities
Ace Utilities, a comprehensive disk and registry cleaner. (Free trial)
Note An older variant of the Zlob trojan seen with the Antivirgear rogue scanner hooks into the Layered service Provider (LSP), this requires a special tool to repair as improper removal can cause problems with connecting to the internet, if you have antivirgear download LSPFix.exe from here http://cexx.org/lspfix.htm and save it to your desktop to use if prompted by Roguefix, then Close LSPFix to allow Roguefix to continue and complete its functions.
Removal procedure
a) Set Windows to 'Show hidden files and folders How to.
b) Restart your PC in Safe Mode How to.
c) Double click on the roguefix.bat icon on your desktop and allow the tool to run. Follow the onscreen prompts, you will be given the option of resetting your Desktop background and your Homepage back to the Windows default settings.
To complete the clean up of your pc, run the registry cleaner you downloaded earlier, and whilst Roguefix targets the Rogue scanners and their installing trojans, it is likely other malware will present in your system, download, update and run one of the following-
AVG Anti-spyware, a free version is available.
Superantispyware, a free version is available.
And run one of the following online scans-
Panda Active scan
Trendmicro
To protect yourself against future infections, make sure you have all Windows critical updates and the latest version of java Update
The Next button will take you to our Clean up after a malware infection page.
You are welcome to send comments. Feedback@internetinspiration.co.uk
Still having problems after this clean up process? support@internetinspiration.co.uk
Roguefix is protected against Piracy for profit or reputation by Intellectual property rights and privileges.
Copying, in full or part and unauthorised distribution is strictly prohibited.
If Roguefix has helped resolve your problems without having the expense of taking your PC to a repair shop or the hassle of reformatting, you may like to support our efforts with a small donation towards the maintenance ,further development of this site and the research to create more pages like this for future malware, even £1, $1, €1 can help make sure we are still here should you ever need us again.
Information
Viruses
hackers, crackers & firewalls
Trojans
Spyware
Keyloggers
Cookies
BHO's & Hijackers
Drive by downloads
diallers
Scams & Hoaxes
Hijack this-
automatic analysis
Free pest scan
Unwanted processes
How to-Tutorials
Clean up/repair after malware infection
Prevent malware installing
Install Hijackthis
Start in Safe mode
Show hidden files/folders
enable/disable Active X controls
Disable Messenger service pop-ups
Use the Host file
Roguefix -
Removal tool for Rogue spyware removers & Fake Warnings
Kill E2Give
Kill MySearch
Kill Sdbot-ADD / lockx.exe
Kill seeve.exe / mediamotors pop ups
Kill Winfixer2005
Kill SysProtect
News/Articles
New Winfixer infection displays fake Blackworm warning
The real cost of Free security software
About us Contact us FAQ Links Privacy Statement Site Map WebmastersClick here to add this page to your favourites
©Internet Inspiration, 2003. All registered trademarks are observed and respected.