SDFix - removes worms and trojans

Last night when i browsed my thumb drive i found a folder named new folder and the extension is .exe. i didn't know why but without thinking i clicked on it twice to see what is inside. Just after that it came to my mind that the folder could be some sort of virus. It was true indeed (eventhough i 'm not sure whether it is a virus, malware, spyware or else) but it was harmful since my task manager was disabled..i couldn't run regedit and folder option was missing from the tools drop down menu. After googling, i found this SDFix .

Here is the manual how to use the tool.
SDFix is a program written by AndyManchesta that can remove many different types of Trojans and Worms. You have most likely reached this page when researching a program in our Startup Database and it directed you here to learn how to remove it. If you follow the instructions below, SDFix will remove the known Trojans and Worms found on your computer. For a complete list of Trojans and Worms that SDFix knows how to remove you should read the SDFix Changelog. It is important to note that you must be logged in as an Administrator and in safe mode in order for SDFix to work properly.

Common problems/messages and how to fix them:

Error Message:

The command prompt has been disabled by your administrator.
Press any key to continue . . .

How to fix:

Click on the Start menu, then Run, and then copy and paste the following line into the Run field:

%systemdrive%\SDFix\apps\swreg IMPORT %systemdrive%\SDFix\apps\Enable_Command_Prompt.reg

Press OK then run SDFix again


If the Command Prompt window flashes on then off again on XP or Windows 2000

How to fix:

Click on the Start menu, then Run, and then copy and paste the following line into the Run field:

%systemroot%\system32\cmd.exe /K %systemdrive%\SDFix\apps\FixPath.exe

Then click OK, then type Y and press Enter when prompted, Reboot and start SDFix again


If SDFix still doesn't run check the %comspec% variable

How to fix:

Click on the Start button then right-click on My Computer and select properties. Then click on the Advanced tab and then click on the Environment Variables. Under System Variables, make sure that the ComSpec variable points to %SystemRoot%\system32\cmd.exe


Need to restore your registry after running SDFix

How to fix:

SDFix uses ERUNT to create a registry backup. This backup can be restored by clicking on Start, then Run and typing:


Then press the OK button.

Tools needed for this fix:
Revision History:
02/15/08 - Created the guide

SDFix Instructions:
  1. Please print these instructions as they will be needed later when Internet access is not available.

  2. Logon to your computer with an account that has Administrator privileges.

  3. Download SDFix.exe from the following link and save it to your desktop:

    SDFix Download Link

    Confirm that the file SDFix.exe now resides on your desktop, but do not double-click on the icon as of yet. We will use it in later steps. The icon will look like the one below:

    SDFix Icon

  4. Now, double-click on the SDFix icon that should now be residing on your desktop. If a Open File - Security Warning box opens, click on the Run button.

  5. A window will now open showing SDFix being extracted into the C:\SDFix folder. Once the installation program has finished extracting SDFix, it will open a Notepad with further instructions as shown below.

    SDFix Install Screen

  6. Next, please reboot your computer into Safe Mode by doing the following:

    1. Restart your computer

    2. After hearing your computer beep once during startup, but before the Windows icon appears, press F8.

    3. Instead of Windows loading as normal, a menu should appear

    4. Select the first option, to run Windows in Safe Mode.

    5. When you are at the logon prompt, log in as the same user that you had performed the previous steps as.

  7. When your computer has started in safe mode, and you see the desktop, close all open Windows.

  8. Click on the Start button, click on the Run menu option, and type the following into the Open: field:


    Then press the OK button.

  9. The SDFix window will open, as shown below, containing some brief info and a disclaimer on the use of the tool.

    SDFix Disclaimer

    If you want to continue, please press the Y key on your keyboard and then press enter. Otherwise, you can press the N key to exit the program.

  10. SDFix will now start scanning your computer for known infections as seen in the image below.

    SDFix Scanning

    This process can take a while, so you may want to do something else and periodically check back on the status of SDFix. As the scanning process continues you will continue to see new messages on the screen as shown in the figure below.

    SDFix Scanning #2

  11. When the scanning process has finished you will see a new screen stating that you need to restart your computer in order to continue.

    SDFix Restart Prompt

    At this point you should press any key on your computer's keyboard in order to restart the computer.

  12. After your computer reboots SDFix will automatically start and perform a last check.

    SDFix Finished

  13. You will now be presented with a screen stating that SDFix has finished.

    SDFix Finished

    At this point you should press any key on your computer's keyboard in order to continue to your desktop.

  14. When you are back at your Windows desktop, the SDFix log will automatically be opened in notepad.

    SDFix Log

    Review the log as necessary to see what was removed and then close the Notepad window.

Now that SDFix has finished running, any Worms or Trojans that it knows how to remove should have been deleted from your computer.


Catat Komen