stdrt.exe and Malicious Site?

[Alphard]

After running Malwarebytes Anti-Malware I found out that I have a virus in stdrt.exe on Temp Folder..

I started scanning it because I've got this Virus keeps on accessing my net which my Avast blocks..
Here's the Screenshot of the Virus it always show me that.. keeps on accessing:

Is "stdrt.exe" related to my problem?

And how do I remove stdrt.exe ?

 

[brady]

http://www.sevenforums.com/system-security/76867-stdrt-exe-running-windows-temp.html

 

[Alphard]

By any chance, is this related to the picture I've posted above?

 

[brady]

not sure, I don't click links

 

[Alphard]

I mean, how does this virus function?

 

[SledgeDG]

It's a Trojan so everything is possible (most likely it tries to connect to some shady site to download the rest of its payload) if you just delete it it comes back after then next reboot.
so go into Taskmanager (CTRL-ALT-DEL) and delete/end it there,
Then go into regedit, and serach for stdrt.exe (probably find it in
HKEY_LOCAL_MACHINE\Software\stdrt.exe)
Delete that key and press F3 to scan the rest of the registry.
Now go in your TEMP files and delete all found copies of that thing (or use CCleaner for that) they're ususally in different folders with random names inside your Temp directory.
Now reboot and check if it pops up again

And for the future get this and run it once a week or so
http://www.malwarebytes.org/products/malwarebytes_free

-DG

 

[icedLR]

I have the same problem here. Even i clear the temp folder, this stuff creates folders like " c:\windows\TEMP\mrt8D08.tmp\stdrt.exe every time i rebbot the pc.

but there is no such .exe running in task manager.

here is the avast notification.

any idea?

 

[Xhi]

That's a virus. It's more likely to be a trojan. There might be something in the registry that is re-creating the file. Try running Autoruns (Autoruns for Windows) look for the file, autoruns will find it in the registry and other locations, right click and delete then restart the PC.

 

[SledgeDG]

but there is no such .exe running in task manager.

here is the avast notification.

any idea?

Look at that Avast pop up: The Thread has been BLOCKED that's why it's not in your taskmanager. just follow the rest instructions I posted. Go in you registry, remove the call(s) and then go ahead and delete all those stdrt.exe in your Temp folder.

 

[Alphard]

I've searched the STDRT.exe in Regedit even in the location you've provided but it's not there.. Also, I tried Full Scanning with Anti-Malware Pro by Malwarebytes, after successful scan, it quarantined and delete those files, but when I restart/reboot (which the program said I must) it came back..I already deleted those TEMP files but it came back again..

 

[SledgeDG]

Did you right click regedit and started as Administrator?
Did you check the location I gave you earlier?
(HKEY_LOCAL_MACHINE\Software\stdrt.exe)

 

[Borg 386]

Have you tried running Malwarebytes and deleting it while in safe mode? (without being connected to the net, in case it tries to "call for help".

Also, if this happened recently and you are able to do a system restore prior to the suspicious activity, then try doing that. Do not go to the 1st restore point though, as some malware embeds itself into that. Go the the second, preferably the 3rd restore point if possible...

Another program you may wish to try:

http://www.microsoft.com/security/scanner/en-us/default.aspx

Fake STDRT.exe virus removal guide

http://www.techvts.com/remove-stdrt-exe-virus

EDIT: I'm seeing multiple listings saying it may/may not be a virus. The following link (as well as others) identify it supposedly belonging to a program called Multimedia Fusion 2. Did you by any chance get these readings after you d/l ed a certain program?

http://www.threatexpert.com/files/stdrt.exe.html

Some sites report it as malware and others state that it is a part of the media center that is buggy.

 

[Alphard]

I'll try this later..
PS: To the one who's having the same problem, please do it too.. and let's see if it works

 

[Jacee]

Please download TFC by Old Timer TFC - Temp File Cleaner by OldTimer - Geeks to Go Forums and save it to your desktop.
Save any unsaved work. TFC will close ALL open programs including your browser!
Double-click on TFC.exe to run it. If you are using Vista/Windows 7 right-click on the file and choose Run As Administrator.
Click the Start button to begin the cleaning process and let it run uninterrupted to completion.
Important! If TFC prompts you to reboot, please do so immediately. If not prompted, manually reboot the machine anyway to ensure a complete clean.

Next,

I'd like you to scan your machine with ESET OnlineScan

1. Hold down Control and click on the following link to open ESET OnlineScan in a new window.
   ESET OnlineScan
2. Click the
   
   button.
3. For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
   1. Click on
      
      to download the ESET Smart Installer. Save it to your desktop.
   2. Double click on the
      
      icon on your desktop.
4. Check
   
5. Click the
   
   button.
6. Accept any security warnings from your browser.
7. Check
   
8. Push the Start button.
9. ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
10. When the scan completes, push
    
11. Push
    
    , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
12. Push the
    
    button.
13. Push
    

 

[icedLR]

but there is no such .exe running in task manager.

here is the avast notification.

any idea?

Look at that Avast pop up: The Thread has been BLOCKED that's why it's not in your taskmanager. just follow the rest instructions I posted. Go in you registry, remove the call(s) and then go ahead and delete all those stdrt.exe in your Temp folder.

This worked perfectly. I did not try it before because i was looking for the exe in task manager.

Thank you very much.