ch810.exe

Highlighted
Aspirant

ch810.exe

I'm getting a startup error message that module ch810.exe can't be found in c:\users\myusername\AppData\Local\Temp\.

 

I've seen some refs to this in German forums but don't have enough German to understand.  Is this evidence of a trojan infection?  If so, how do I deal with it?

 

Iain Lowson 

1 ACCEPTED SOLUTION

Accepted Solutions
Aspirant

Re: ch810.exe

Jayson

 

I'm very grateful to you for your prompt resolution of my problem.  Thanks very much.

 

Best wishes.

 

Iain 

6 REPLIES 6
F-Secure Product Expert

Re: ch810.exe

Hi Cornhillfarm,

The error message indicate that the c:\users\myusername\AppData\Local\Temp\ch810.exe doesn't exist on your system anymore, if the executable file is a virus it could not do any harm to your system. I do believe that the file was removed but the entry created in your startup program list remains. Kindly check and remove the entry from the Registry Editor.

1. Start > Run or "Winkey+R", type "regedit".
2. Check and remove the entry contain value of "c:\users\myusername\AppData\Local\Temp\ch810.exe" from location below:

- HKEY_LOCAL_MACHINE\Software\Microsoft\Shared Tools\MSConfig\startupfolder
- HKEY_LOCAL_MACHINE\Software\Microsoft\Shared Tools\MSConfig\startupreg

3. Restart your computer and test.

Thanks.


Best Regards,
Jayson

"A person who never made a mistake never tried anything new" -Albert Einstein

Has somebody helped you? Say thanks by giving kudos. Has your issue been solved? Mark the post using "Accept As Solution" button to let others know.
Aspirant

Re: ch810.exe

Jayson

 

Thanks very much for responding.  It's encouraging to learn that the error message means that the dodgy file is probably no longer there.  However, I can find no registry entry corresponding to the error message.  I looked in the locations you identified and then did a registry search on a variety of strings, all without success.

 

Any further suggestions would be welcomed.  Should I just put up with the error message?  F-Secure scan returns no bad file and MalWareBytes found two which I have deleted.  They were to do with firewall disabling.

 

Thanks again

 

Iain 

F-Secure Product Expert

Re: ch810.exe

Hi Cornhillfarm,

Try to search in these 2 locations:

1. Start > Run or "Winkey+R", type "msconfig".
2. Start > All Programs > Startup.


Best Regards,
Jayson

"A person who never made a mistake never tried anything new" -Albert Einstein

Has somebody helped you? Say thanks by giving kudos. Has your issue been solved? Mark the post using "Accept As Solution" button to let others know.
Aspirant

Re: ch810.exe

Jayson

 

There's an entry in the startup folder for CH810.exe.  It's a shortcut to  C:\Windows\System32\rundll32

 

I'm happy deleting the shortcut.  What should I do about rundll32?

 

Many thanks in advance.

 

Iain 

F-Secure Product Expert

Re: ch810.exe

Hi Iain,

Rundll32.exe is an important process of your windows operating system. The process rundll32.exe executes dll files and puts their libraries into your system's memory. The Rundll32.exe located in C:\Windows\System32 should be genuine. What you have in Startup folder is just a shortcut, you may proceed to detele it.

Thanks.


Best Regards,
Jayson

"A person who never made a mistake never tried anything new" -Albert Einstein

Has somebody helped you? Say thanks by giving kudos. Has your issue been solved? Mark the post using "Accept As Solution" button to let others know.
Aspirant

Re: ch810.exe

Jayson

 

I'm very grateful to you for your prompt resolution of my problem.  Thanks very much.

 

Best wishes.

 

Iain