sdra64.exe

kamkar1 · Aug 2, 2009

Good day,
my son's computer got a few malware including a pesky sdra64.exe. I've tried couple of recommendations on the web but the malware keeps persisting.

I've used the instructions from previous posts and have already cleaned the system.

Can you help?

jk

kamkar1 · Aug 2, 2009

Hi,
Following up with my previous email, downloaded all mg needed files and started the cleaning process. but now I have another problem
Here is what happended..

1- Followed all good practices (I thin w/o a mistake?)
2- Installed superanti spyware, see attached log
3- installed malware and followed instructions see attached log.
4- system bootup.
Both Superanti spyware and malware saw sdra64.exe and attempted to clean.

Now, I have a new probelm at normal startup or safemode when I login, it automatically logs me out. I tried disabeling option on safemode screen but it did not help.

I used Linux, zenwlak to hack into the laptop, and extract the logfiles for you review.

Thanks in advance,
Please advise?

kamkar1 · Aug 4, 2009

Hi, its me again.
to MG : I am not sure if I am allowed to recommend anything. Please accept my appologies and delete content.

I was able to find a way around xp login and log off without recovery tool, using linux, zenwlak. I am a novice and try at your own risk.

1- Download the cd and brn the image on a cd
2- boot your PC with the CD. Linux will be up and running in no time
3- use the file system (look into "mnt" folder) on linux to find the registry folder on on your c: drive. C:\windows\system32\config
4- you will find the registry files "SOFTWARE". Use linux to rename the file from SOFTWARE to COPY_SOFTWARE_.JJJ (this your original) don't lose it.
5- You will find another file named SOFTWARE.BAK which sytem back up for your computer. make a duplicate for future use COPY_SOFTWARE.bak", and rename it to "SOFTWARE".

logout of linux, and reboot your computer. It should work.

Remeber, you can always go back and rename the files back to their original file name format and use windows xp recovery tool.

chaslang · Aug 6, 2009

There are dozens of ways and dozens of special CDs that can be used to get around boot up issues. We just don't have time to walk people thru creating and using these CDs in this forum. One CD that everyone should create is this: UBCD4Win

Doing what you did is incomplete. You lost much of your software information that was added to your registry since the initial installation of Windows. You need to use System Restore to get a recent restore point which contains a more recent copy of the SOFTWARE registry hive. What you were in part trying to do was only a small part of what is covered in the below link and the UBCD4Win disk makes the below a snap since you can skip many steps.

http://support.microsoft.com/default.aspx?scid=kb;en-us;307545&sd=tech

If you are still having malware issues that you need our help with, you need to attach the below other logs requested in the cleaning procedure:

ComboFix

RootRepeal

MGtools

kamkar1 · Aug 6, 2009

Thank you.
You are so correct. I did lose a lot of my links doing what I did (not recommended). I've since done a complete reinstall and armed the computer with mg recommended software AVG, Antispyware.

I'll downlaod you recommended link for future reference.

thank you for your reply

regards,
jk

chaslang · Aug 8, 2009

You're welcome. Surf safely.

Log in or Sign up

sdra64.exe

kamkar1 Private E-2

kamkar1 Private E-2

Attached Files:

SUPERAntiSpyware Scan Log - 08-02-2009 - 11-09-44.log

mbam-log-2009-08-02 (11-54-35).txt

kamkar1 Private E-2

chaslang MajorGeeks Admin - Master Malware Expert Staff Member

kamkar1 Private E-2

chaslang MajorGeeks Admin - Master Malware Expert Staff Member