Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

SDFix.exe


  • Please log in to reply
5 replies to this topic

#1 Wendy K. Walker

Wendy K. Walker

  • Members
  • 633 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:In The Treeline 300 Yards Behind You, Tracking Your Every Move Through A Sniper Scope
  • Local time:05:24 AM

Posted 26 October 2008 - 06:12 PM

Hi Everyone,

For the first time in ages I ran a virus scan, in safe mode, with Avast! anti virus, and it started screaming when it came across the file SDFix.exe :thumbsup: . I'm puzzled because I run Avast! regularly, under windows regular mode and it hasn't picked that file up before.

I Googled to see what that sucker was and the first link I found on the subject led me to BC, where I found that that file is supposed to be used to remove all things evil.

So my question is... is there anything in that SDFix.exe thingy that would cause Avast! to pick up on it as being infected?

Avast showed it as; C:... \SDFix.exe\SDFix\catchme.exe and list it as an infection called; Win32Crypt-CZN [Trj]

I tried moving it to the virus chest but it couldn't be moved.


Now, as I don't remember having downloaded that file to began with, it is kind of worrying me, especially that final \catchme.exe .

Any advice will be greatly appreciated guys.
TRUST NO ONE...! EXCEPT For The Beloved Computer Geek Helping You In The MALWARE FORUMS.

Do Unto Others Before They Have A Chance To Do Unto You.

HP Pavilion 512n [Rescued from a pile of trash on the side of the road] 128 MB SDRAM, 60 GB Hard Drive, Windows XP, Home Edition, SP3, COMODO Anti Vitus and Firewall.

BC AdBot (Login to Remove)

 


#2 xblindx

xblindx

  • Banned
  • 1,923 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:24 AM

Posted 28 October 2008 - 06:01 PM

SDFix is a powerful program. It is possible that it is a false positive. Upload the infected file to an online scanning site such as Virustotal and see what results you get.

#3 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,579 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:24 PM

Posted 28 October 2008 - 06:08 PM

Given the way SDFix works, many anti-virus programmes will flag it up. However, provided you downloaded SDFix from a trusted source you can rest assured that it doesn't contain a virus.

Also, it's okay to delete SDFix, as you can always download it again if you want to run it.
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw

#4 Wendy K. Walker

Wendy K. Walker
  • Topic Starter

  • Members
  • 633 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:In The Treeline 300 Yards Behind You, Tracking Your Every Move Through A Sniper Scope
  • Local time:05:24 AM

Posted 30 October 2008 - 04:07 PM

Hi xblindx, Thanks for the reply.

I did as you suggested and ran that sucker through VIRUSTOTAL. Now I have to admit that I'm sitting here feeling way too blond as I haven't a clue as to just what the results mean. Here's the URL to that results page --> http://www.virustotal.com/reanalisis.html?...a1a3bb903c442a6 <--maybe it will tell you something that it isn't telling me.

Hi Budapest, Thanks for the reply.

Honestly, I have no recollection of ever having downloaded that little bugger. It doesn't show up in my DOWNLOAD folder, but that doesn't really matter. What worries me is that it never rang a bell with Avast! when I ran virus scans in normal windows, yet Avast! freaked out when I ran a virus scan in safe mode.

I know that there are a lot of evil little things that get caught when scanning in safe mode that aren't detected in regular windows.

I checked my add\remove programs and that CDFix thing isn't listed in it. All I have for it is an icon, in a folder, on my desktop.

The other thing that worried me about that thing is the fact that it has \catchme.exe at the end of its name. I did some Googling and have found that catchme.exe seems to be both a part of a legitimate program for getting rid of spyware AND an actual Trojan.

Anyway, I want to get it off of my system but right now all I see is the icon. I know I can delete that, however, I'm not sure if that will get rid of anything evil that might there too.

As soon as I get this posted I'm going to run a scan with Kaspersky on-line virus scanner to see if it comes up with anything evil.

Thanks for the replies guys.

♥ Wendy
TRUST NO ONE...! EXCEPT For The Beloved Computer Geek Helping You In The MALWARE FORUMS.

Do Unto Others Before They Have A Chance To Do Unto You.

HP Pavilion 512n [Rescued from a pile of trash on the side of the road] 128 MB SDRAM, 60 GB Hard Drive, Windows XP, Home Edition, SP3, COMODO Anti Vitus and Firewall.

#5 xblindx

xblindx

  • Banned
  • 1,923 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:24 AM

Posted 30 October 2008 - 04:15 PM

The results are definitely not heart warming, they are most likely false positives though. =/ If you would like to delete it, I'm pretty positive that SDfix is only a .exe file so just deleting the file (icon) should remove it.

#6 Wendy K. Walker

Wendy K. Walker
  • Topic Starter

  • Members
  • 633 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:In The Treeline 300 Yards Behind You, Tracking Your Every Move Through A Sniper Scope
  • Local time:05:24 AM

Posted 31 October 2008 - 02:55 AM

Hi xblindx, Thanks for the reply.

I think that deleting it is going to be the way that I go here. Shoot, I just about drove myself nuts trying to run an online scan of my system with Kaspersky. I spent over two and a half hours trying to get that sucker to work but I could never get past the first pop-up screen where it kept telling me that I needed a different version of Java.

I clicked on the link provided, and did the download\update thingy several times but it still doesn't want to work for me.

Oh, and I tried running it in both IE and FF... with the same end results.

Oh well, Thanks for the help anyway.

♥ Wendy
TRUST NO ONE...! EXCEPT For The Beloved Computer Geek Helping You In The MALWARE FORUMS.

Do Unto Others Before They Have A Chance To Do Unto You.

HP Pavilion 512n [Rescued from a pile of trash on the side of the road] 128 MB SDRAM, 60 GB Hard Drive, Windows XP, Home Edition, SP3, COMODO Anti Vitus and Firewall.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users