|
Been infected with spyware? Tell us about your problem. For fast automatic spyware removal, try CounterSpy, SUPERAntiSpyware |
SDFix free trojan remover tool
SDFix is a program written by AndyManchesta. The fixtool removes big amount Trojan Variants (Listed using Trend Micro’s - HijackThis)
Backdoor (IRCBot) Trojans:
F2 - REG:system.ini: Shell=Explorer.exe %WINDIR%\accwiz.exe
F2 - REG:system.ini: Shell=Explorer.exe %WINDIR%\astra32.exe
F2 - REG:system.ini: Shell=Explorer.exe %WINDIR%\Avsynmgr.exe
F2 - REG:system.ini: Shell=Explorer.exe %WINDIR%\BTStack.exe
F2 - REG:system.ini: Shell=Explorer.exe %WINDIR%\BTTray.exe
F2 - REG:system.ini: Shell=Explorer.exe %WINDIR%\ctfmon.exe
F2 - REG:system.ini: Shell=Explorer.exe %WINDIR%\czsrv.exe
…
Trojan Ranky/Ranck:
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\config\svchost.exe
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\etc\services.exe
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\NT\nrcs.exe
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\system32\1.tmp
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\system32\mbti.exe
…
Misc’ - Downloader/Dropper, Proxy, Backdoor, PWStealer Trojans:
F2 - REG:system.ini: Shell=explorer.exe %Temp%\cryptfg.exe
F2 - REG:system.ini: Shell=Explorer.exe boot
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\alg32.exe
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\MSACCESS.exe
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\shell.exe
F2 - REG:system.ini: Shell=explorer.exe C:\WINDOWS\system\lsass.exe
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\system32\explorer..exe
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\system32\fservice.exe
…
HackerDefender:
O23 - Service: MSDN Driver (msdndr) - Unknown owner - C:\WINDOWS\system32\msdndr.pif
O23 - Service: MSDV Driver (msdvdr) - Unknown owner - C:\WINDOWS\system32\msdvdr.pif
O23 - Service: ro0 Service (ro0Srv) - Unknown owner - C:\WINDOWS\system32\ro0\ro0.exe
O23 - Service: Time Service (TIME) - Unknown owner - C:\WINDOWS\system32\(RandomName).exe
Trojan/Rootkit Components:
__oddysee.sys
asc355.sys
asc355O.sys
asc3550a.sys
asc3550o.sys
asc3550p.sys
asc3550u.sys
asc3550v.sys
backsys.sys
core.sys
…
How to use SDFix:
1. Download SDFix and save to your Desktop.
2. Install SDFix: double-click on the SDFix. If a “Security Warning window opens”, click on the Run button.
3. Follow the prompts.
4. Reboot your PC in to Safe mode.
- Restart your computer
- After hearing your computer beep once during startup, but before the Windows icon appears, press F8.
- Instead of Windows loading as normal, a menu should appear
- Select the first option, to run Windows in Safe Mode.
5. Click Start -> Run,type the following text in type box: C:\SDFix\RunThis.bat
6. Press Enter or OK button.
7. When the tool is finished, it will produce a report for you.
Notes:
If this error message is displayed when running SDFix:
The command prompt has been disabled by your administrator. Press any key to continue . . .
Please goto Start Menu > Run > then copy and paste the following line: %systemdrive%\SDFix\apps\swreg IMPORT %systemdrive%\SDFix\apps\Enable_Command_Prompt.reg
Press OK then run SDFix again
If the Command Prompt window flashes on then off again on XP or Windows2000
Please goto Start Menu > Run > then copy and paste the following line: %systemdrive%\SDFix\apps\FixPath.exe /Q Reboot and then run SDFix again
If SDFix still doesnt run check the %comspec% variable
Goto Start Menu > Right click My Computer > click properties > click Advanced Click Environment Variables and check that the ComSpec variable points to cmd.exe %SystemRoot%\system32\cmd.exe
SDFix uses ERUNT to create a registry backup in this location: %SystemRoot%\ERUNT\SDFix\
If you are still having problems, then I would recommend that you follow the instructions and post your logs in the spyware removal forum. I will help you.
November 9, 2007 on 4:16 am | In Free Software, Trojan | |Submit to: Digg | SlashDot | Del.icio.us
37 Comments »
RSS feed for comments on this post. TrackBack URI
Leave a comment
Previous Posts:
- How to remove Total Secure 2009
- MalwareBytes Anti-malware - free spyware, malware, trojan remover.
- How to remove Antivirus XP 2008 and tdssserv.sys trojan
- How to remove rogue antispyware: XP Guard, AntiVir64, MSAntivirus, Power Antivirus, SpywarePrevent, XpertAntivirus
- How to remove cnn.com and msnbc.com fake breaking news spam-virus and joke-bluescreen malware
- XLGuarder - fresh rogue antispyware | How to remove
- VirusRemover2008 - fake antispyware | How to remove
- Fresh rogue antispyware: WistaAntivirus, WinDefender, SpywareScanner2008
- FixIEDef - free program for removing rogue antispyware
- Found new fake antispyware - PestSweeper
- MalwareProtector2008 - fresh rogue antispyware.
- How to disable the autorun feature to prevent malware from spreading
- Zinaps - fresh fake antispyware
- How to remove trojans that uses autorun.inf file
- Fresh rogue antispyware: AdvancedXPFixer and DisableSpyware
- Found new rogue antispyware - XPSecurityCenter
- AntiSpywareMaster and RegistryGreat | How to remove
- How to remove new rogue antispywares Malware Bell and IE Antivirus
- How to remove softwarereferral/safewebnavigate hijackers and etlrlws toolbar
- How to uninstall combofix
Forum posts:
- Removing CiD pop-ups
- Win:32KdCrypt(Cryp)
- Have a Joke-Bluescreen and XP Antivirus 2008 problem
- Adware and PUA - i need help
- Combofix Virus [W32.Scrapkut worm]
- Need help with antivirus spyware
- XP Antivirus 2008/2009, Malaware
- autorun malware removal
- Popup Problems
- xpsecuritycenter infection, as well as braviax
- Empty Device manager list = (apropos virus??)
- HijackThis log here, help please :) [ AntivirusXP ]
- False Pop-UPs Help
- Joke Bluescreen - HELP!!! [Antivirus XP]
- Windows Explorer closes by itself.
- prorat infection that doesnt go away
- Please help w/ Vundo
- Infected with Trojan.Vundo PLEASE HELP
- Infected with Zinaps7 virus. Hijackthis log included.
- Bifrose detected, what to do? using combofix?
Categories:
- Pop-Up Blockers and Firewalls (rss) (5)
- Adware (rss) (10)
- Anti Virus Software (rss) (11)
- Best Programs (rss) (4)
- Browser Hijacking (rss) (13)
- Critical patch (rss) (22)
- Exploits & Vulnerabilities (rss) (58)
- FAQ (rss) (8)
- Free Software (rss) (65)
- Identity Theft (rss) (8)
- Internet Browsers and Mail and News readers (rss) (12)
- Linux (rss) (4)
- Malware (rss) (11)
- Online Scanners (rss) (11)
- Phishing (rss) (2)
- Rogue Anti Spyware (rss) (49)
- Rookit (rss) (3)
- spyware (rss) (2)
- Spyware protection and removal (rss) (79)
- Tips (rss) (79)
- Trojan (rss) (37)
- Tutorials - "How to" (rss) (73)
- Updates (rss) (16)
- Virus (rss) (20)
- Worms (rss) (14)
Archives:
- September 2008 (1)
- August 2008 (5)
- July 2008 (3)
- June 2008 (4)
- May 2008 (5)
- April 2008 (1)
- March 2008 (4)
- February 2008 (3)
- January 2008 (2)
- December 2007 (7)
- November 2007 (27)
- October 2007 (4)
- July 2007 (2)
- June 2007 (3)
- April 2007 (1)
- March 2007 (6)
- February 2007 (6)
- December 2006 (1)
- November 2006 (2)
- October 2006 (7)
- September 2006 (2)
- August 2006 (10)
- July 2006 (7)
- June 2006 (22)
- May 2006 (18)
- April 2006 (12)
- March 2006 (24)
- February 2006 (33)
- January 2006 (52)
- December 2005 (50)
- November 2005 (66)
Blogroll
- PC Tips
- Sans Org - Internet Storm Center
- Spyware RU
- Sun Belt Blog
Help Us:
- MyAntiSpyware needs your support. Please make link from your site to us.
Use the button:
Bookmark Us:
MY ANTI SPYWARE Powered by WordPress with Pool theme design by Borja Fernandez.
Entries and comments feeds.
Valid XHTML and CSS. ^Top^
I love SDFIX as a registry and trojan fixing tool.
Comment by Amaechi — December 6, 2007 #
thanks
Comment by a — January 8, 2008 #
thank you for the my anti spyware for poviding the download of SDFix.
Comment by kalyan — January 12, 2008 #
I have to say that SDFix has saved my butt so many times. I just used it today, probably for the millionth time and the client was but most happy.
THANK YOU!!
Comment by Monchster — February 14, 2008 #
i just used the SDFix. Run it under safe mode. it finished and restarted but after the windows came out, black/blank screen comes next and no more activity…what happened?
Comment by Levi Umali — February 19, 2008 #
Probably spyware damaged your system files
Comment by Patrik — February 24, 2008 #
Thanks very much been having problems removing this Trojan ********* for weeks, no gone , thanks very much indeed
Comment by Martin — March 9, 2008 #
thanks for this
Comment by Piyush — March 15, 2008 #
probably i couldn’t get thru first time
Comment by Piyush — March 15, 2008 #
i want to remove braviax spyware
Comment by meharoof — March 15, 2008 #
Meharoof, if you are still having problems with braviax spyware after using sdfix, then please open a new topic in the Myantispyware Forum.
Comment by Patrik — March 16, 2008 #
Wow SDFix saved my computer from two virsus i had, but im relieved that this program worked. Thanks
Comment by Gerardo — March 18, 2008 #
Thanks
Comment by Tamer — March 28, 2008 #
help please
the cleaner does not run for me…. i dont know wither im doing it right or wrong
help please =(
this infection/virus doing my head in
=D
Comment by Pazz — March 29, 2008 #
it fixed my pc but then it haven’t restored it the way before. whenenevr i click my hard drive it still display this message “could not find SSCVIIHOST.exe”. anyone got idea about this? thnks
Comment by dare — March 30, 2008 #
2 dare,
you have autorun infection and should remove autorun.inf from your drives. Download and run Combofix for it.
Comment by Patrik — March 30, 2008 #
2 Pazz, make a new topic at Spyware help forum with details of your problem.
Comment by Patrik — March 30, 2008 #
Backdooor.Rustock.Gen, 208.72.169.54, mx.terra.es and others bothered me several days. Not Spyware Doctor, not Spybot - Search & Destroy, not Windows Defender, only SDfix could help! Thanks a lot!
Comment by Walter — May 20, 2008 #
I try to run SDFix but get a IPC error back. Any idea how I can overcome this?
Thanks a lot!
Comment by Antoine Jansen — July 8, 2008 #
your tool is good , Right now have an new virus that is dungcoi virus , pls help me how to cleAN IT
rEGRDS
bHARANI
Comment by bharani — July 9, 2008 #
If you are still having problems, after using SDFix, then I would recommend that you follow the instructions and post your logs in the spyware removal forum. I will help you.
Comment by Patrik — July 9, 2008 #
My Shell.exe in Location C:\ has a trojan, will this program be able to fix it??
Comment by Lorz Geptun — August 3, 2008 #
Try it, should work.
Comment by Patrik — August 4, 2008 #
kk, thanks
Comment by Lorz Geptun — August 4, 2008 #
this is very useful software for removing ccghost error in xp thanku very much iuse it so many time
Comment by gmeena — August 5, 2008 #
is good
Comment by Angel — August 8, 2008 #
I had use sdfix to fix virus problems of my clients. But latetly, it is deleteing Trendmicro products. It is noted in the generated report that the trendmicro folder is a trojan. Have you encountered this kind of Problem. By the way, trendmicro is an Antivirus software.
Comment by EricB — August 14, 2008 #
2 EricB, its strange. Pls open a new topic at My Antispyware Forum and post a sdfix log.
Comment by Patrik — August 15, 2008 #
I cannot provide you the log because the client’s PC is already fixed.
Comment by EricB — August 15, 2008 #
works very well to be honest I’d given up on removing braviax.exe cannot thank you enough
Comment by dazling — August 20, 2008 #
thx to use sd fix
Comment by samrh — August 22, 2008 #
I tried to install SD Fix but keep getting this error telling me to download a fresh copy of the install file. However I’ve tried downloading from various websites and keep getting the same error.
CRC failed in SDFix\catchme.exe
Comment by SaadS — September 2, 2008 #
Try to download SDfix later, also you can to try Combofix (very good tool).
Comment by Patrik — September 2, 2008 #
Same issue. I downloaded and when I tried to install I get this error.
CRC failed in SDFix\\catchme.exe
Does this error mean this fix no longer works?
Also this virus is blocking bleepingcomputer.com so I am unable to download combofix
Thanks
Comment by Nate — September 4, 2008 #
Just checked SDFix installer, works fine. Try:
1. Disable antivirus before start SDFix.
2. Rename SDFix.exe to s123.exe, for example, and run again.
Comment by Patrik — September 4, 2008 #
Where should it be downloaded from?
I tried to download it from
http://downloads.andymanchesta.com/RemovalTools/SDFix_ReadMe.htm
Thanks
Comment by Nate — September 4, 2008 #
i`ve used direct link from current article (http://downloads.andymanchesta.com/RemovalTools/SDFix.exe).
Try to use WinRar for extract SDFix files (don`t click sdfix.exe for install):
1. Download WinRar
2. Run the file for install.
3. Download fresh version of SDfix.
4. Click right button to SDFix.exe
5. Choose Extract to (Extrack files to C:\SDFix)
6. Reboot your PC in Safe Mode
7. Click Start -> Run, in the type box enter: c:\sdfix\runthis.bat
8. Press Enter
Comment by Patrik — September 4, 2008 #