Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Starting/terminating Of Program On Boot Urdltr.exe


  • Please log in to reply
4 replies to this topic

#1 lithium

lithium

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:01:00 PM

Posted 09 October 2007 - 09:04 PM

When I boot up my computer there is a program that is called urdltr.exe that opens and closes repeatedly (about 30 times) in a MS-DOS style window. The only information I have found on it is the following:

1) The file can be found in C:\WINDOWS\system32\

2) I found a reference to it in the registry key:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\tjhdtp

with the value "C:\WINDOWS\system32\urdltr.exe reg_run"

Attached are screenshots of what the registry key and the MS-DOS window that pops up.

Do you know what urdltr.exe is associated with? Is it harmful? How do I get it to stop running on every boot?

Thank you very much in advance!

Attached Files



BC AdBot (Login to Remove)

 


#2 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,579 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:00 AM

Posted 10 October 2007 - 12:30 AM

I did a quick search on the net for information on this urdltr.exe file and didn't get a single hit. Usually this means that you have a virus or other malware problem. Have you run your anti-virus and anti-spyware scans recently?
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw

#3 lithium

lithium
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:01:00 PM

Posted 10 October 2007 - 08:48 AM

Yes, but nothing seems to catch it.

#4 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,579 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:00 AM

Posted 10 October 2007 - 09:06 AM

Try uploading the file at Jotti for analysis. Post back the results.
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw

#5 lithium

lithium
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:01:00 PM

Posted 10 October 2007 - 11:04 AM

Service load:
0% 100%

File: urdltr.exe

Status:

POSSIBLY INFECTED/MALWARE (Note: this file was only classified as malware by scanners known to generate more false positives than the average scanner. Do not consider these results definately accurate. Also, because of this, results of this scan will not be recorded in the database.)

MD5: da112fd6f7d65e28b6b2d73de51ec71d

Packers detected: - Scan taken on 10 Oct 2007 15:56:55 (GMT)
A-Squared
Found nothing
AntiVir
Found nothing
ArcaVir
Found nothing
Avast
Found Win32:Qoologic-AK

AVG Antivirus
Found nothing
BitDefender
Found nothing
ClamAV
Found nothing
CPsecure
Found nothing
Dr.Web
Found nothing
F-Prot Antivirus
Found nothing
F-Secure Anti-Virus
Found nothing
Fortinet
Found nothing
Kaspersky Anti-Virus
Found nothing
NOD32
Found nothing
Norman Virus Control
Found nothing
Panda Antivirus
Found nothing
Rising Antivirus
Found nothing
Sophos Antivirus
Found nothing
VirusBuster
Found nothing
VBA32
Found nothing

Bit9 reports: File not found

Edited by lithium, 10 October 2007 - 11:04 AM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users