Notices

Overclockers Forums > Software > Microsoft Operating Systems
Microsoft Operating Systems Microsoft Operating Systems and Applications
Forum Jump

Stdrt.exe Virus. Can't get rid of it.

Post Reply New Thread Subscribe Search this Thread
 
 
Thread Tools
Old 06-16-10, 01:57 AM Thread Starter   #1
CompuTamer
Member with Some Fancy Text Under His Name

 
CompuTamer's Avatar 

Join Date: Jan 2009
Location: Brandon Mississippi

 
Stdrt.exe Virus. Can't get rid of it.


I don't know where i got this one either, but i've had it before, and i completely forgot how i got rid of it. It's just a program that uses 13% of the CPU constantly, and downloads basically nothing non-stop. It downloaded 20GB in a little over 4 hours, and it's driving my bandwidth meter through the roof.

It's claiming that it's Windows Media Center, but, i don't even have that on my computer (Removed it to save space on the SSD).

Has anyone had this, and know how to get rid of it? AVG won't find it, Malwarebytes won't, Windows Defender won't... nothing i can think of will

__________________
Intel Core i7 C0 @ 4.01GHz with 1.388 vCore ..........................................Intel C2D T8100
Intel DX58SO Motherboard IOH + QPI @ 1.250 Volts..............................HP 6910p Notebook
Sony Optiarc Blu-Ray Drive.................................................. ...............DVD-RAM
8 GB G-Skill Sniper DDR3 1600 @ 1.65 Volts ...........................................4GB Hyundai DDR2 800
60GB OCZ Solid 3 + 320GB WD Blue+ 1TB WD Green...............................Intel 320 80GB
Antec 900.................................................. .......................................Titanium Lid
BFG GS-650.................................................. .....................................Various HP AC Adapters
XFX Radeon HD 4850 (660/1060 53C Idle 62C Load) @ 1.31 vCore............ATI X2300 Pro
Dual Dell E2311H LED 1920x1080.................................................. .......14.1" 1440x900
Windows 8 ProMC.................................................. .............................Windows 8 ProMC
Those specs up there? They're silent. Silence is good. Very good.
Your Core 2 Quad is based off of the Pentium pro in a few ways.
CompuTamer is offline   QUOTE Thanks
Old 06-16-10, 10:29 AM   #2
King107s
Member

 
King107s's Avatar 

Join Date: Oct 2008
Location: Florida

 
Have you tried spybot search and destroy run as admin in safemode? Do you have a regular, up to date antivirus program installed and running?

Have you checked this out yet?
http://greatis.com/blog/how-to-remov...-stdrt-exe.htm
Seems to have some good info on what files and registry entries to remove and looks like they have an app as well. Safe mode time

Found this on http://www.virus-com.com/viruscom/viruscom_83208.html
Quote:
stdrt.exe remove instruction

1. Temporarily Disable System Restore, Reboot computer in SafeMode;

2. Locate stdrt.exe virus files and uninstall stdrt.exe files program. Follow the screen step-by-step screen instructions to complete uninstallation of stdrt.exe.

3. Delete/Modify any values added to the registry related with stdrt.exe,Exit registry editor and restart the computer;

4.Clean/delete all stdrt.exeinfected file(s):stdrt.exe and related,or rename stdrt.exe virus files;

5.Please delete all your IE temp files with stdrt.exe manually,run a whole scan with antivirus program

raidh0st.exe
raidhosst.exe
ytd4.exe
svcgoost.exe
STReLjaSTVo.exe
svchos t.exe
svchos t.exe
tdll.dll
vistaxpupgrade.exe
etdlcyin.dll
fdrpage.dll
fgtdipod.sys
fnts~1netdde.exe
fwsgtdgu.dll
hcrtdceq.dll
hikbentd.dll
hthatd.dll
idplist.dll
infsvchost.exe
instbeta.exe
ipxrtdde.dll
isafeaddrhelper.dll
kbdru32.dll
hotndrtfq.exe
hsiqdrbmb.exe
istojjouk.dll
svcoost.exe
fvgqtdong.dll
jsthsqw.dll
wstdecodq.exe
_voidoitdgxlgpj.dll
alilandrybypatio2.exe
triuni_ver_cguninst.ex��
windowstime.exe
ctast.dll
odre.exe
trustdoctor.exe
asksearchasst.exe
drl.exe
uwtdapog.sys

__________________
CPU Intel Core i7-2600K @ 4.9 GHz on H2O
MB ASRock Z77 Extreme9
RAM G.SKILL Ripjaws X Series 8GB (2 x 4GB) DDR3 2133 9-11-10-28
VC Sapphire Dual-X OC 7970 3GB 1050/1500 (3DMark11 P10551)
SSD Samsung 840 Pro 256GB
HDD RAID0 2x1TB Seagate Barracuda 7200.12
PSU Corsair AX1200
Case Corsair Obsidian 800D w/ Aerocool Shark Black ed. fans
Cooling EK Supreme HF Rev 2 block, BIX GTX360 Rad, AFC1212D-PWM Fans, Primochill Myraid Res, Swiftech MCP655-B, Prolimatech PK-1 TIM, PrimoChill Liquid Utopia, PrimoFlex PRO LRT Tubing 1/2" ID 3/4" UV Blue

Last edited by King107s; 06-16-10 at 10:38 AM.
King107s is offline Heatware Profile   QUOTE Thanks
Old 06-16-10, 01:11 PM   #3
c627627

c(π*199780) Senior Member

 
c627627's Avatar 

Join Date: Feb 2002
Location: Kansas

10 Year Badge
 
Install http://www.malwarebytes.org/

Keep pressing F8 to boot into Safe Mode of the infected PC, then install Malwarebytes and run a full scan.
Reboot normally (not into Safe Mode), update Malwarebytes, then run it again.


Maybe try using Avira Antivir http://www.free-av.com/en/download/1...antivirus.html because it has been known to have better definitions and more importantly more zero day definitions than most if not all other antivirus programs.
c627627 is offline Author Profile   QUOTE Thanks
Old 06-16-10, 01:11 PM Thread Starter   #4
CompuTamer
Member with Some Fancy Text Under His Name

 
CompuTamer's Avatar 

Join Date: Jan 2009
Location: Brandon Mississippi

 
Yeah, i've tried AVG, Malwarebytes, SP, and everything i can possibly think of.

Let me try that real quick. If it wasn't for that fact that it's downloading so much "nothing" i'd just leave it alone, but it is, and that's going to cost me money after a while.

__________________
Intel Core i7 C0 @ 4.01GHz with 1.388 vCore ..........................................Intel C2D T8100
Intel DX58SO Motherboard IOH + QPI @ 1.250 Volts..............................HP 6910p Notebook
Sony Optiarc Blu-Ray Drive.................................................. ...............DVD-RAM
8 GB G-Skill Sniper DDR3 1600 @ 1.65 Volts ...........................................4GB Hyundai DDR2 800
60GB OCZ Solid 3 + 320GB WD Blue+ 1TB WD Green...............................Intel 320 80GB
Antec 900.................................................. .......................................Titanium Lid
BFG GS-650.................................................. .....................................Various HP AC Adapters
XFX Radeon HD 4850 (660/1060 53C Idle 62C Load) @ 1.31 vCore............ATI X2300 Pro
Dual Dell E2311H LED 1920x1080.................................................. .......14.1" 1440x900
Windows 8 ProMC.................................................. .............................Windows 8 ProMC
Those specs up there? They're silent. Silence is good. Very good.
Your Core 2 Quad is based off of the Pentium pro in a few ways.
CompuTamer is offline   QUOTE Thanks
Old 06-22-10, 03:56 PM   #5
opivy224
New Member



Join Date: Jun 2010

 
oh my god, I have this virus too. It's playing crazy music and taking up 20% resource. oh, god help me. please. it is not windows media center
opivy224 is offline   QUOTE Thanks
Old 07-14-10, 09:42 PM   #6
SnakePlissken
New Member



Join Date: Jul 2010

 
I have encountered this process also. I have Win7 Ult x64 I noticed when I had UAC off one time, Windows Media Center popped up in Volume control and was muted and it used up around 500MB of my RAM. With UAC on it only uses about 12MB. Also WMC Doesn't show up either. I have Webroot Antivirus on here and I have Webroot and Panda on another hard drive with Win XP. Both haven't found anything so I don't know. Maybe try running from XP and use Malwarebytes. I'll post back with my resolve.
SnakePlissken is offline   QUOTE Thanks
Old 07-15-10, 07:19 AM   #7
King107s
Member

 
King107s's Avatar 

Join Date: Oct 2008
Location: Florida

 
LOL Read my post... it just might help you.

__________________
CPU Intel Core i7-2600K @ 4.9 GHz on H2O
MB ASRock Z77 Extreme9
RAM G.SKILL Ripjaws X Series 8GB (2 x 4GB) DDR3 2133 9-11-10-28
VC Sapphire Dual-X OC 7970 3GB 1050/1500 (3DMark11 P10551)
SSD Samsung 840 Pro 256GB
HDD RAID0 2x1TB Seagate Barracuda 7200.12
PSU Corsair AX1200
Case Corsair Obsidian 800D w/ Aerocool Shark Black ed. fans
Cooling EK Supreme HF Rev 2 block, BIX GTX360 Rad, AFC1212D-PWM Fans, Primochill Myraid Res, Swiftech MCP655-B, Prolimatech PK-1 TIM, PrimoChill Liquid Utopia, PrimoFlex PRO LRT Tubing 1/2" ID 3/4" UV Blue
King107s is offline Heatware Profile   QUOTE Thanks
Old 07-15-10, 07:46 AM   #8
decoste007xt
Member

 
decoste007xt's Avatar 

Join Date: Nov 2009
Location: Canada

 
Backup, reformat, reinstall! Takes me 35minutes, but i keep backups of all my files on 2 , 2TB externals =)

__________________
To the Max!!!

i7 920 4.23 ghz
EVGA FTW 3 SLI/Crossfire
x2 5770 Crossfire (900/1350)
3x2GB G.Skill Trident Ram 2020MHz 8-8-8-22
x2 500GB WD Blue HD
x1 60GB OCZ Vertex 2
Coolmaster V8 CPU Cooler
850W Silverstone Strider Modular PSU
Corsair D800 Case! (*DROOLS*)
decoste007xt is offline   QUOTE Thanks
Old 07-15-10, 11:33 AM   #9
orion456

 
orion456's Avatar 

Join Date: May 2004
Location: Canada

 
Use msconfig in a command box and see if you have windows media sharing service listed under non-microsoft services; "unknown" services. Try turning that service off and reboot. Some are reporting this service uses up to 20% of bandwidth continually.

__________________
-- W3570 @ 3.8 P6TD on Swiftech H20-220
-- QX9650 P5K-E on Swiftech H20-220 water, ATI 3870, G.Skill PC 8500.



The only thing for sure, is that nothing is for sure!
orion456 is offline   QUOTE Thanks
Old 07-15-10, 11:53 AM   #10
KonaKona
Trashcan Man Member

 
KonaKona's Avatar 

Join Date: Nov 2008
Location: College radio?

 
If you want to hunt it down manually you can go get process explorer. You should be able to find the location of the .exe file and delete/rename it to keep it from running.

__________________
LTC: LbVSSv4Phj1NWvxBw76zmhV8K1P63xhYJ9

Member of the MOAR VOLTS™ club.
KonaKona is offline Benching Profile Heatware Profile   QUOTE Thanks
Old 07-15-10, 04:28 PM Thread Starter   #11
CompuTamer
Member with Some Fancy Text Under His Name

 
CompuTamer's Avatar 

Join Date: Jan 2009
Location: Brandon Mississippi

 
Quote:
Originally Posted by decoste007xt View Post
Backup, reformat, reinstall! Takes me 35minutes, but i keep backups of all my files on 2 , 2TB externals =)
My user profile and everything is stored on my 1TB internal drive now. I just wiped the SSD, reinstalled Windows, and then pointed it to my old user profile, and it's working great now

__________________
Intel Core i7 C0 @ 4.01GHz with 1.388 vCore ..........................................Intel C2D T8100
Intel DX58SO Motherboard IOH + QPI @ 1.250 Volts..............................HP 6910p Notebook
Sony Optiarc Blu-Ray Drive.................................................. ...............DVD-RAM
8 GB G-Skill Sniper DDR3 1600 @ 1.65 Volts ...........................................4GB Hyundai DDR2 800
60GB OCZ Solid 3 + 320GB WD Blue+ 1TB WD Green...............................Intel 320 80GB
Antec 900.................................................. .......................................Titanium Lid
BFG GS-650.................................................. .....................................Various HP AC Adapters
XFX Radeon HD 4850 (660/1060 53C Idle 62C Load) @ 1.31 vCore............ATI X2300 Pro
Dual Dell E2311H LED 1920x1080.................................................. .......14.1" 1440x900
Windows 8 ProMC.................................................. .............................Windows 8 ProMC
Those specs up there? They're silent. Silence is good. Very good.
Your Core 2 Quad is based off of the Pentium pro in a few ways.
CompuTamer is offline   QUOTE Thanks
Old 07-15-10, 04:45 PM   #12
boucher91
Member



Join Date: Apr 2009
Location: Guthrie

 
where did the virus comr from...any ideah?

__________________
asus crosshair formula 3 w/ek full board silver/acetal water block
pc&p silencer 750
x4-965 w/ek hf supreme full copper water block
mcp655vario/rx480rad/swifty microres x2each
xfx 6970
2x4gig muskin 787 24 1600
mushkin callisto 60gig ssd
wd velociraptor 300
wd 1tb
seagate 1tb
sum dvd burner
case NZXT zero
boucher91 is offline   QUOTE Thanks
Old 07-15-10, 06:26 PM Thread Starter   #13
CompuTamer
Member with Some Fancy Text Under His Name

 
CompuTamer's Avatar 

Join Date: Jan 2009
Location: Brandon Mississippi

 
No clue. I've had it before, but forgot how i removed it.

I'm pretty sure that someone else who i've let use my computer got it for me. I never get my own viruses; if i do, there's not enough of an OS left over to even bother trying to fix.

__________________
Intel Core i7 C0 @ 4.01GHz with 1.388 vCore ..........................................Intel C2D T8100
Intel DX58SO Motherboard IOH + QPI @ 1.250 Volts..............................HP 6910p Notebook
Sony Optiarc Blu-Ray Drive.................................................. ...............DVD-RAM
8 GB G-Skill Sniper DDR3 1600 @ 1.65 Volts ...........................................4GB Hyundai DDR2 800
60GB OCZ Solid 3 + 320GB WD Blue+ 1TB WD Green...............................Intel 320 80GB
Antec 900.................................................. .......................................Titanium Lid
BFG GS-650.................................................. .....................................Various HP AC Adapters
XFX Radeon HD 4850 (660/1060 53C Idle 62C Load) @ 1.31 vCore............ATI X2300 Pro
Dual Dell E2311H LED 1920x1080.................................................. .......14.1" 1440x900
Windows 8 ProMC.................................................. .............................Windows 8 ProMC
Those specs up there? They're silent. Silence is good. Very good.
Your Core 2 Quad is based off of the Pentium pro in a few ways.
CompuTamer is offline   QUOTE Thanks
Old 07-16-10, 07:44 AM   #14
King107s
Member

 
King107s's Avatar 

Join Date: Oct 2008
Location: Florida

 
Probably someone like my wife who will click 'YES' to any window that pops up.... I was standing next to her using one of my laptops and a notification/warning window popped up and she just clicked yes and moved on without even reading it. I said "what was that? What did it Say?" Shes replies "I don't know... I just clicked it" Ughhhhh!

__________________
CPU Intel Core i7-2600K @ 4.9 GHz on H2O
MB ASRock Z77 Extreme9
RAM G.SKILL Ripjaws X Series 8GB (2 x 4GB) DDR3 2133 9-11-10-28
VC Sapphire Dual-X OC 7970 3GB 1050/1500 (3DMark11 P10551)
SSD Samsung 840 Pro 256GB
HDD RAID0 2x1TB Seagate Barracuda 7200.12
PSU Corsair AX1200
Case Corsair Obsidian 800D w/ Aerocool Shark Black ed. fans
Cooling EK Supreme HF Rev 2 block, BIX GTX360 Rad, AFC1212D-PWM Fans, Primochill Myraid Res, Swiftech MCP655-B, Prolimatech PK-1 TIM, PrimoChill Liquid Utopia, PrimoFlex PRO LRT Tubing 1/2" ID 3/4" UV Blue
King107s is offline Heatware Profile   QUOTE Thanks
Old 07-16-10, 09:06 AM   #15
YoshiMon
Member

 
YoshiMon's Avatar 

Join Date: Dec 2008

 
That is one nasty virus indeed. I had it on my office Win7 install and don't know how it got there. Never run IE save to download Firefox the one time.

The only thing I can think of as to how it got on that computer was that I did not update Flash right away when there was the known exploit for it and it might have gotten in via that.

__________________
Desktop: AMD A8-5500, ECS A75F2-A2, Geil PC3-12800 8G, Powercolor 5670, Intel 520 SSD, Seagate 500G, Corsair CX430, Corsair 200R.
Server/HTPC: Biostar NM70I-847 w/Intel Celeron 847, Rosewill RS-MI-01.
YoshiMon is offline   QUOTE Thanks
Old 07-16-10, 09:40 AM   #16
_s3v3n_
Member



Join Date: Jun 2010
Location: New Jersey

 
Quote:
Originally Posted by CompuTamer View Post
Yeah, i've tried AVG, Malwarebytes, SP, and everything i can possibly think of.

Let me try that real quick. If it wasn't for that fact that it's downloading so much "nothing" i'd just leave it alone, but it is, and that's going to cost me money after a while.



I'm pretty sure you haven't tried this one -> ComboFix.

Try downloading the latest version and run it. This will reboot your PC at least once or twice and after that you're good. You don't need to download the recovery console if it asked for it, just say No to that and it will continue with the batch jobs.

http://download.bleepingcomputer.com...a/ComboFix.exe


I only use this one if malwarebytes cannot resolve the issue and it seems like you have the same scenario.


Hope this one helps.
_s3v3n_ is offline   QUOTE Thanks
Old 10-07-10, 04:11 AM   #17
sorr535771
New Member



Join Date: Oct 2010

 
it seems to only load when i start Xfire, has anyone else noticed this?

cheers
sorr535771 is offline   QUOTE Thanks
Old 10-14-10, 12:46 PM   #18
RJARRRPCGP
Member



Join Date: May 2004
Location: USA (Springfield, Vermont)

 
Quote:
Originally Posted by decoste007xt View Post
Backup, reformat, reinstall!
QFT.

__________________
Asus Maximus II Gene- Core 2 Duo E8600 @ 3.900 Ghz (390x10.0)

-ICH10R
- eVGA GeForce 9500 GT-Fortron FSP500-60GLN(80) 500W PSU


" holy cow!! you find a rat in there too!?!?!? " -turbohans
"Reinstall winders." -jivetrky
"I think I am going to need another coke before I start this up." -cadman420
"Soon Windows will be 50 gb! lololol" -Tokae
"NOT FOR SALE IN CALIFORNIA."
RJARRRPCGP is offline   QUOTE Thanks
Old 10-14-10, 02:43 PM   #19
habbajabba
Member



Join Date: Oct 2005

 
Use processhacker (way better than processx RIP) and try autoruns too as it can delete all kinds of stuff from starting up.
http://sourceforge.net/projects/processhacker/
http://technet.microsoft.com/en-us/s.../bb963902.aspx
The trick is in locating it after it's running so that it can be deleted. If it's hidden in xfire I'd try and reinstall that. Sounds like you need to be more careful who you 'play' with. just kidding

__________________
Intel Northwood @3.06 GHz
Biostar microatx
2 GB DDR2 675
Evga 8400gs
Samsung 2232GW 2ms 22"
Altec Lansing 2.1 speakers
Memorex ext usb burner
Win7Ult 32bit/Manjaro dualboot
WD cav blue 320gb
Samsung F4 2tb
WD Blue 2tb
CP850avrlcd ups
habbajabba is offline   QUOTE Thanks
Old 01-07-11, 05:45 PM   #20
RFL
New Member



Join Date: Jan 2011

 
stdrt.exe defeated


As you may have experienced, the directories in Windows\Temp, containing stdrt, keep coming back at boot time.

Using TaskInfo immediately after boot, I found that regw2.exe, in the system32 directory, starts stdrt at boot time. Then regw2.exe shuts down. Delete these two modules and all references in the registry. Worked for me!
RFL is offline   QUOTE Thanks

Post Reply New Thread Subscribe


Overclockers Forums > Software > Microsoft Operating Systems
Microsoft Operating Systems Microsoft Operating Systems and Applications
Forum Jump

Thread Tools Search this Thread
Search this Thread:

Advanced Search


Mobile Skin
All times are GMT -5. The time now is 03:57 PM.
Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.
You can add these icons by updating your profile information to include your Heatware ID, Benching Profile ID or your Folding/SETI profile ID. Edit your profile!
X

Welcome to Overclockers.com

Create your username to jump into the discussion!

New members like you have made this the best community on the Internet since 1998!


(4 digit year)

Why Join Us?

  • Share experience
  • Max out your hardware
  • Best forum members anywhere
  • Customized forum experience

Already a member?