Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


Malware/Trojan...Experiencing low-level pop-ups

  • Please log in to reply
No replies to this topic

#1 dbwhit


  • Members
  • 42 posts
  • Local time:03:42 AM

Posted 21 January 2010 - 02:15 PM

Yesterday I visited a website & it failed to load, but at the same time my pc acted strange. I run a web based web watcher program that filters out some content, I assumed it was that. But, last night I went to the internet & noticed it loaded slowly, after going to a website, I got a "pop-up" that acted as if I'd requested it to open in a new tab. I scanned my PC w/ Malwarebytes' Anti-Malware & SUPERAntiSpyware (both being free editions)....As well as a full virus scan...All three logs are shown below in the order they were executed. Do you see anything? Normally, I would take these result as saying, "ALL IS GOOD", but it still loads Mozilla slow & just then I was researching "sdra64.exe", which was found on Malwarebytes scan (see below). When after googling for it, I received 2 pop-ups, in a new tab, both were shady looking search engines that had advertising for "sdra64.exe".

Malwarebytes' Anti-Malware Log

Malwarebytes' Anti-Malware 1.44
Database version: 3606
Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13

1/20/2010 11:06:15 PM
mbam-log-2010-01-20 (23-06-15).txt

Scan type: Full Scan (C:\|)
Objects scanned: 328182
Time elapsed: 1 hour(s), 38 minute(s), 6 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Hijack.Userinit) -> Bad: (C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\sdra64.exe,) Good: (Userinit.exe) -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

SUPERAntiSpyware Free Edition Log

SUPERAntiSpyware Scan Log

Generated 01/21/2010 at 00:02 AM

Application Version : 4.33.1000

Core Rules Database Version : 4499
Trace Rules Database Version: 2313

Scan type : Complete Scan
Total Scan Time : 00:49:21

Memory items scanned : 502
Memory threats detected : 0
Registry items scanned : 7141
Registry threats detected : 0
File items scanned : 26374
File threats detected : 13

Adware.Tracking Cookie

Symantec Endpoint Protection Log

Virus scan found nothing!

Edit: Moved topic from XP to the more appropriate forum. ~ Animal

BC AdBot (Login to Remove)


0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users