ch810.exe
I'm getting a startup error message that module ch810.exe can't be found in c:\users\myusername\AppData\Local\Temp\.
I've seen some refs to this in German forums but don't have enough German to understand. Is this evidence of a trojan infection? If so, how do I deal with it?
Iain Lowson
Comments
-
Hi Cornhillfarm,
The error message indicate that the c:\users\myusername\AppData\Local\Temp\ch810.exe doesn't exist on your system anymore, if the executable file is a virus it could not do any harm to your system. I do believe that the file was removed but the entry created in your startup program list remains. Kindly check and remove the entry from the Registry Editor.
1. Start > Run or "Winkey+R", type "regedit".
2. Check and remove the entry contain value of "c:\users\myusername\AppData\Local\Temp\ch810.exe" from location below:
- HKEY_LOCAL_MACHINE\Software\Microsoft\Shared Tools\MSConfig\startupfolder
- HKEY_LOCAL_MACHINE\Software\Microsoft\Shared Tools\MSConfig\startupreg
3. Restart your computer and test.
Thanks.
Best Regards,
Jayson -
Jayson
Thanks very much for responding. It's encouraging to learn that the error message means that the dodgy file is probably no longer there. However, I can find no registry entry corresponding to the error message. I looked in the locations you identified and then did a registry search on a variety of strings, all without success.
Any further suggestions would be welcomed. Should I just put up with the error message? F-Secure scan returns no bad file and MalWareBytes found two which I have deleted. They were to do with firewall disabling.
Thanks again
Iain
-
-
-
Hi Iain,
Rundll32.exe is an important process of your windows operating system. The process rundll32.exe executes dll files and puts their libraries into your system's memory. The Rundll32.exe located in C:\Windows\System32 should be genuine. What you have in Startup folder is just a shortcut, you may proceed to detele it.
Thanks.
Best Regards,
Jayson -