How to remove the sdra64 virus

Most antivirus programs identify sdra64.exe as malware—for instance F-Secure identifies it as Trojan.Generic.3994137, and Symantec identifies it as Packed.Generic.264 or Suspicious.Insight.

Sdra64.exe is an executable file created by Trojan.Zbot, a malicious computer program that steals sensitive information from a computer. This file should be scanned with an advanced anti-virus software and removed immediately. Trojan.Zbot, also known as Zeus, is a Trojan horse, a software program designed to steal personal information such as passwords and credit card details from an infected computer. The trojan horse might also download additional updates from the Internet. Trojans such as this are created using Trojan-building toolkits, available in online marketplaces for cyber criminals. The toolkit enables a great degree of control over the design and functionality of the final executable that is distributed to targeted computers.

sdra64 stands for Trojan.Zbot

The free file information forum can help you find out how to remove it. If you have additional information about this file, please leave a comment or a suggestion for other users.

Click to Run a Free Virus Scan for the sdra64.exe malware

Sdra64.exe file information

Windows Task Manager with sdra64
Sdra64.exe process in Windows Task Manager

The process known as hloader or Sandboxie Start belongs to software Sandboxie or ACT! 2000 or Project1 by tzuk or DreamLair (

Description: Sdra64.exe is not essential for Windows and will often cause problems. Sdra64.exe is located in the C:\Windows\System32 folder. Known file sizes on Windows 10/8/7/XP are 127,488 bytes (7% of all occurrences), 111,104 bytes and 23 more variants. 
The file is not a Windows core file. The software has no file description. The program has no visible window. It is located in the Windows folder, but it is not a Windows core file. Sdra64.exe is able to monitor applications, manipulate other programs, record keyboard and mouse inputs and connect to the Internet. Therefore the technical security rating is 68% dangerous, however you should also read the user reviews.

Uninstalling this variant: You have the option to remove the entire program ACT! 2000 using Windows Control Panel.

Recommended: Identify sdra64.exe related errors

Important: You should check the sdra64.exe process on your PC to see if it is a threat. We recommend Security Task Manager for verifying your computer's security. This was one of the Top Download Picks of The Washington Post and PC World.


User Comments

öffnet zich mal die explorer:user.ini
Hackt Online Banking Achtung !!!
  Nicht wichtig   (further information)
Sdra64.exe is a dangerous file which creates activities on a user’s computer which may be highly undesirable. This file is a trojan virus and is unsafe.

Summary: Average user rating of sdra64.exe: based on 15 votes with 3 user comments. 15 users think sdra64.exe is dangerous and recommend removing it.

Do you have additional information?
What do you know about sdra64.exe:
How would you rate it:
Link for more info:
Your Name:

Best practices for resolving sdra64 issues

The following programs have also been shown useful for a deeper analysis: Security Task Manager examines the active sdra64 process on your computer and clearly tells you what it is doing. Malwarebytes' well-known anti-malware tool tells you if the sdra64.exe on your computer displays annoying ads, slowing it down. This type of unwanted adware program is not considered by some antivirus software to be a virus and is therefore not marked for cleanup.

A clean and tidy computer is the key requirement for avoiding PC trouble. This means running a scan for malware, cleaning your hard drive using cleanmgr and sfc /scannow, uninstalling programs that you no longer need, checking for Autostart programs (using msconfig) and enabling Windows' Automatic Update. Always remember to perform periodic backups, or at least to set restore points.

Should you experience an actual problem, try to recall the last thing you did, or the last thing you installed before the problem appeared for the first time. Use the resmon command to identify the processes that are causing your problem. Even for serious problems, rather than reinstalling Windows, you are better off repairing of your installation or, for Windows 8 and later versions, executing the DISM.exe /Online /Cleanup-image /Restorehealth command. This allows you to repair the operating system without losing data.

Other processes

sdra64.exe [all]