Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: stdrt.exe and Malicious Site?


25 May 2011   #1

Windows 7 Ultimate 32
 
 
stdrt.exe and Malicious Site?

After running Malwarebytes Anti-Malware I found out that I have a virus in stdrt.exe on Temp Folder..

I started scanning it because I've got this Virus keeps on accessing my net which my Avast blocks..
Here's the Screenshot of the Virus it always show me that.. keeps on accessing:



Is "stdrt.exe" related to my problem?

And how do I remove stdrt.exe ?

My System SpecsSystem Spec
.

25 May 2011   #3

Windows 7 Ultimate 32
 
 

By any chance, is this related to the picture I've posted above?
My System SpecsSystem Spec
.


25 May 2011   #4

 

not sure, I don't click links
My System SpecsSystem Spec
25 May 2011   #5

Windows 7 Ultimate 32
 
 

I mean, how does this virus function?
My System SpecsSystem Spec
25 May 2011   #6

Windows 7 Ultimate x86
 
 

It's a Trojan so everything is possible (most likely it tries to connect to some shady site to download the rest of its payload) if you just delete it it comes back after then next reboot.
so go into Taskmanager (CTRL-ALT-DEL) and delete/end it there,
Then go into regedit, and serach for stdrt.exe (probably find it in
HKEY_LOCAL_MACHINE\Software\stdrt.exe)
Delete that key and press F3 to scan the rest of the registry.
Now go in your TEMP files and delete all found copies of that thing (or use CCleaner for that) they're ususally in different folders with random names inside your Temp directory.
Now reboot and check if it pops up again

And for the future get this and run it once a week or so
http://www.malwarebytes.org/products/malwarebytes_free

-DG
My System SpecsSystem Spec
25 May 2011   #7

Windows 7 Basic 32bit
 
 

I have the same problem here. Even i clear the temp folder, this stuff creates folders like " c:\windows\TEMP\mrt8D08.tmp\stdrt.exe every time i rebbot the pc.

but there is no such .exe running in task manager.

here is the avast notification.

any idea?


Attached Images
 
My System SpecsSystem Spec
25 May 2011   #8
Xhi

Windows 7 Ultimate 64-bit / Ubuntu Linux 11.04
 
 

That's a virus. It's more likely to be a trojan. There might be something in the registry that is re-creating the file. Try running Autoruns (Autoruns for Windows) look for the file, autoruns will find it in the registry and other locations, right click and delete then restart the PC.
My System SpecsSystem Spec
25 May 2011   #9

Windows 7 Ultimate x86
 
 

Quote   Quote: Originally Posted by icedLR View Post
but there is no such .exe running in task manager.

here is the avast notification.

any idea?
Look at that Avast pop up: The Thread has been BLOCKED that's why it's not in your taskmanager. just follow the rest instructions I posted. Go in you registry, remove the call(s) and then go ahead and delete all those stdrt.exe in your Temp folder.
My System SpecsSystem Spec
26 May 2011   #10

Windows 7 Ultimate 32
 
 

I've searched the STDRT.exe in Regedit even in the location you've provided but it's not there.. Also, I tried Full Scanning with Anti-Malware Pro by Malwarebytes, after successful scan, it quarantined and delete those files, but when I restart/reboot (which the program said I must) it came back..I already deleted those TEMP files but it came back again..
My System SpecsSystem Spec
Reply

 stdrt.exe and Malicious Site?




Thread Tools



Similar help and support threads for2: stdrt.exe and Malicious Site?
Thread Forum
Beware of fake SourceForge site offering malicious downloads Security News
stdrt.exe running from windows temp?? System Security
Hyperlink syntax to open a parent site and then child site Browsers & Mail
Solved Malicious URL Dilemma System Security
Multiple Site to Site VPN Network & Sharing
Malicious Sites System Security
Alert:Threat Type: Malicious Web Site / Malicious Code Security News

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 07:20 PM.
Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App
  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33