Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: stdrt.exe and Malicious Site?

25 May 2011   #1
Alphard

Windows 7 Ultimate 32
 
 
stdrt.exe and Malicious Site?

After running Malwarebytes Anti-Malware I found out that I have a virus in stdrt.exe on Temp Folder..

I started scanning it because I've got this Virus keeps on accessing my net which my Avast blocks..
Here's the Screenshot of the Virus it always show me that.. keeps on accessing:



Is "stdrt.exe" related to my problem?

And how do I remove stdrt.exe ?


My System SpecsSystem Spec
.

25 May 2011   #2
brady

 

My System SpecsSystem Spec
25 May 2011   #3
Alphard

Windows 7 Ultimate 32
 
 

By any chance, is this related to the picture I've posted above?
My System SpecsSystem Spec
.


25 May 2011   #4
brady

 

not sure, I don't click links
My System SpecsSystem Spec
25 May 2011   #5
Alphard

Windows 7 Ultimate 32
 
 

I mean, how does this virus function?
My System SpecsSystem Spec
25 May 2011   #6
SledgeDG

Windows 7 Ultimate x86
 
 

It's a Trojan so everything is possible (most likely it tries to connect to some shady site to download the rest of its payload) if you just delete it it comes back after then next reboot.
so go into Taskmanager (CTRL-ALT-DEL) and delete/end it there,
Then go into regedit, and serach for stdrt.exe (probably find it in
HKEY_LOCAL_MACHINE\Software\stdrt.exe)
Delete that key and press F3 to scan the rest of the registry.
Now go in your TEMP files and delete all found copies of that thing (or use CCleaner for that) they're ususally in different folders with random names inside your Temp directory.
Now reboot and check if it pops up again

And for the future get this and run it once a week or so
http://www.malwarebytes.org/products/malwarebytes_free

-DG
My System SpecsSystem Spec
25 May 2011   #7
icedLR

Windows 7 Basic 32bit
 
 

I have the same problem here. Even i clear the temp folder, this stuff creates folders like " c:\windows\TEMP\mrt8D08.tmp\stdrt.exe every time i rebbot the pc.

but there is no such .exe running in task manager.

here is the avast notification.

any idea?


Attached Images
 
My System SpecsSystem Spec
25 May 2011   #8
Xhi

Windows 7 Ultimate 64-bit / Ubuntu Linux 11.04
 
 

That's a virus. It's more likely to be a trojan. There might be something in the registry that is re-creating the file. Try running Autoruns (Autoruns for Windows) look for the file, autoruns will find it in the registry and other locations, right click and delete then restart the PC.
My System SpecsSystem Spec
25 May 2011   #9
SledgeDG

Windows 7 Ultimate x86
 
 

Quote   Quote: Originally Posted by icedLR View Post
but there is no such .exe running in task manager.

here is the avast notification.

any idea?
Look at that Avast pop up: The Thread has been BLOCKED that's why it's not in your taskmanager. just follow the rest instructions I posted. Go in you registry, remove the call(s) and then go ahead and delete all those stdrt.exe in your Temp folder.
My System SpecsSystem Spec
26 May 2011   #10
Alphard

Windows 7 Ultimate 32
 
 

I've searched the STDRT.exe in Regedit even in the location you've provided but it's not there.. Also, I tried Full Scanning with Anti-Malware Pro by Malwarebytes, after successful scan, it quarantined and delete those files, but when I restart/reboot (which the program said I must) it came back..I already deleted those TEMP files but it came back again..
My System SpecsSystem Spec
Reply

 stdrt.exe and Malicious Site?




Thread Tools





Similar help and support threads
Thread Forum
Malicious Key
I had a question running in my mind from many days but didn't find the answer could any one tell me is there anything like MALICIOUS KEY like there is malicious softwares....malicious key I mean to say like it is entered into system during installation so it will change or install something that...
General Discussion
Beware of fake SourceForge site offering malicious downloads
Source A Guy
Security News
stdrt.exe running from windows temp??
My firewall keeps triggering on stdrt.exe from: Windows/Temp/mrt643E.tmp (or Similar, because it regenerates if deleted) I can delete that directory and it will regenerate. I see other queries about this one on the web. It isn't tripping anyone's virus detectors, but anything that keep...
System Security
Hyperlink syntax to open a parent site and then child site
I may not have this under the correct section and please keep in mind that I am not a programmer but here goes. I am trying to add a hyperlink in Outlook 2007 signature file that will open a child site, but the child site seems to need some personalized information in the cache that comes from...
Browsers & Mail
Malicious Sites
Malicious Sites April 4 New additions of malicious and rogue sites for April 4, 2010 which will compromise your PC Security. Some may contain ‘driveby’ downloads, trojans, backdoor bots, rootkits, rogue programs (PUP’s) and all are to be considered highly dangerous. Also bear in mind that...
System Security
Alert:Threat Type: Malicious Web Site / Malicious Code
Source - Office.Microsoft.Com Search Results Can Lead To Rogue Anti-Virus - Security Labs Alert
Security News

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 02:21.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App