How to remove sdra64.exe virus

This has managed to add the value for the .exe into the windows logon reg key. Every time i remove this path it is added back in. I am unable to delete or rename the .exe file and i can not stop the process as its started when i log in.

Any ideas?

Cheers,

ross13Asked:
Who is Participating?
 
c_a_n_o_nCommented:
If your system is/was infected with a pest, malware, trojan, or virus your system will behave unexpectedly.  The best method to attempt resolution is to completely rule out the operating system by bypassing it.  To do so, you will need a rescue CD.  There are several that are out there, you might be able to create one, there are instructions and sites that can assist with that.  But the easiest way is to use a product that is FREE, and I have used successfully for several of my clients and on many workstations.

BitDefender (FREE Downloadable Rescue CD).  Available Here.
http://download.bitdefender.com/rescue_cd/

Instructions on the product.
http://www.bitdefender.com/KB417-en--Using-the-BitDefender-Rescue-CD.html

Hope this helps.

PS.  This may sound like a "canned" response, it just might be.  However, it is the easiest and most effective method to resolve a situation like this.
0
 
optomaCommented:
Run in order
Hitmanpro
http://www.surfright.nl/en/hitmanpro

Malwarebytes
http://www.malwarebytes.org/mbam-download.php

Also Tdsskiller
http://support.kaspersky.com/viruses/solutions?qid=208280684

Post logfiles if anything detected :)
0
 
JeremySBrownCommented:
Run a temporary file remover...CCleaner is a good one and it's free.
http://www.ccleaner.com/

Download Combofix by sUBs.
http://www.bleepingcomputer.com/combofix/how-to-use-combofix

Before running Combofix, temporary disable any firewall(s) shield(s) ect...to prevent any conflicts with Combofix. After Combofix is done scanning, it will create a log, for further instructions, save and paste the results by Attach File, or by Code Snippet so other experts can take a look at it. Once after the log looks clean, you may enable your firewall(s) shield(s) ect. Combofix will disconnect your machine from the Internet. Your Internet connection will be automatically restored just before Combofix completes its scan. If Combofix runs into problems, your Internet connection can be manually restored by restarting your machine.

You'll might need to rename the file before saving to your desktop so it will not be blocked.

Please note: Don't run Combofix in Safe Mode.
0
Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

 
rpggamergirlCommented:
ExeHelper removes sdra64.exe, just turn off your resident antivirus as it may flag the file as a risk tool. Good to run this tool specially if regedit, task manager or other utilitites have been disabled by nasties.


Please download exeHelper to your desktop.
http://www.raktor.net/exeHelper/exeHelper.com
Double-click on exeHelper.com to run the fix.
A black window should pop up, press any key to close once the fix is completed.
0
 
M1K3Y_GCommented:
Download SuperAntispyware Portable (http://www.superantispyware.com/portablescanner.html)update and run it.
Disable the internet and Restart in safemode (keep pressing F8 when the comp is booting up
then you should be able to delete sdra64.exe from the windows/system32 directory.
You can run superantispyware again if you want . Restart the computer normally.
0
 
sb7785Commented:
In addition to the other great suggestions posted; if they all fail, try creating a bootable antivirus CD. If that doesn't fix it, then you've got some serious problems. It's always good to keep on hand at anytime:
http://www.experts-exchange.com/Software/Internet_Email/Anti-Virus/Q_25347695.html 
http://www.experts-exchange.com/articles/Storage/Misc/Creating-a-bootable-CD-USB.html 
What I like is that there are just some pesky items that can't be removed while in Windows. I run from a bootable source first, then go into Windows and see what's left over and then deal with it after. The bootable CD sometimes will take care of 80-100% of the infected items; making it that much easier. Best of luck to you.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.