I was recently given a laptop that refused to cooperate with the end user. Safemode only worked half the time, and regular boots would just hang after attempting to login.
The computer ended up having a windows init known as sdra64.exe. I don’t even care what these programs do anymore – I just get rid of them.
Quick google search provided me with this guy’s blog:
http://mrmusicmaker.blogspot.com/2009/04/how-to-remove-sdra64exe-yourself-for.html
Although I’m going to provide a different way to fix this issue, a lot of the knowledge was gained from the above blog about this problem and how to fix it.
First, grab your handy IT-Fix-It Disc (Hirens).
Boot off the hirens disc – I’m using version 9.8, current at the time of this writing
Boot into Tiny/Mini XP
After XP loads, open My Computer and navigate to C:\windows\system32\
Find the file sdra64.exe and either delete or rename this file. I renamed just in case I really wanted to go back to the way it was.
Then reboot back into safe mode (F8 before Windows starts loading).
When in safe mode, open the registry Start
Run
Regedit
Navigate to
HKLM\software\microsoft\windows nt\currentversion\winlogon
Find the “userinit” key
Double click on this key
You should only have the following:
C:\Windows\System32\Userinit.exe,
So delete anything after that comma.
Reboot once again, but this time don’t go into safe mode. You probably will have other infections that you should remove using Malwarebytes or Eset’s Nod32. Combination attacks work the best.
thanks, finally i get rid of it