Startup Programs?

Discussion in 'Computer Games and General Discussion' started by raiderscrusade, Sep 23, 2011.

  1. raiderscrusade
    OP

    raiderscrusade GBAtemp Fan

    Member
    433
    1
    Jun 30, 2009
    Hello,

    So today I opened CCleaner for my weekly clean, as I do.

    I noticed that in the startup programs, I have 2 entries which I have absolutely no idea what they are used for.

    They are:
    Code:
    KmalirazohitozofÂÂÂÂrundll32.exeÂÂ"C:\Users\USERNAME\AppData\Local\BDAPap.dll",Startup
    SkemiyÂÂÂÂrundll32.exe "C:\Users\USERNAME\AppData\Local\epapehukuhox.dll",Startup
    I was wondering, what exactly are these entries for.

    Are they, by chance, a virus?

    If anyone has had experience with this, or can let me know how to determine what they are for, it would be greatly appreciated.

    Thanks.
     
  2. FAST6191

    FAST6191 Techromancer

    pip Reporter
    23,344
    9,140
    Nov 21, 2005
    They are most certainly something bad- I usually see them in conjunction with either the false virus scanners or google redirect viruses. No executable (dll files are technically executables) should be found in appdata (although some programmers need a slap as they still do it), certainly not sitting in there outside a program directory and especially not during startup.

    They can get annoying to clean so I would go right for malwarebytes and/or combofix.
     
  3. Rydian

    Rydian Resident Furvert™

    Member
    27,883
    8,108
    Feb 4, 2010
    United States
    Cave Entrance, Watching Cyan Write Letters
    Yeah, you got a driveby.
     
  4. Dialga.The.Maste

    Dialga.The.Maste GBAtemp Regular

    Member
    143
    0
    Feb 3, 2009
    Canada
    Earth
  5. raiderscrusade
    OP

    raiderscrusade GBAtemp Fan

    Member
    433
    1
    Jun 30, 2009
    Driveby would sound right, everytime I go to google and click a link it takes me elsewhere.

    For some reason, whenever I use Malwarebytes it seems to just freeze/crash whilst scanning MSSMBIOS.SYS (or something similar to that name). This happens every single time I use Malwarebytes. How can I stop this from happening?

    I'll follow that infection removal guide now [​IMG]