What is sdra64.exe, How to remove sdra64.exe


sdra64.exe is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: sdra64
Filename: sdra64.exe
Registry key:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon | Userinit

Command: C:\WINDOWS\system32\sdra64.exe
Startup Type: Winlogon\UserInit
HijackThis Category: F2
HijackThis Line:

F2 – REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\sdra64.exe,

Description: core component of trojan ZBot also known as Trojan-Spy.Win32.Zbot.gen [Kaspersky Lab], PWS:Win32/Zbot.gen!R [Microsoft], Mal/Zbot-O [Sophos], Infostealer.Banker.C [Symantec]

How to remove: use HijackThis + Malwarebytes` Anti-malware

Leave a Reply