Guest PattiNS Posted December 31, 2008 Posted December 31, 2008 I worked with the folks at Microsoft security past 2 days, which enabled me to get the nasty Vundo and firewall-bypass (among others) spyware and malware removed from my HP laptop. Now, after I (happily) no longer get those yucky popups on my PC since all the malware has been removed, I keep getting the following two (2) SIMULTANEOUS Microsoft Windows XP (home edition) popups AFTER I start OR reboot my PC: Error loading C:\WINDOWS\system32\kiramega.dll The specified module could not be found Error loading C:\WINDOWS\system32\falolofu.dll The specified module could not be found My question is: how can I get these two "error message" to not appear any more, going forward? Very annoying when I boot up my HP laptop! If this helps any, I recall these two .dll files came up as "could not remove" after the Microsoft tech assistant helped me remove them from my laptop. HELP!!! Many thanks in advance! Quote
Guest Malke Posted December 31, 2008 Posted December 31, 2008 PattiNS wrote: <span style="color:blue"> > I worked with the folks at Microsoft security past 2 days, which enabled > me to get the nasty Vundo and firewall-bypass (among others) spyware and > malware removed from my HP laptop. > Now, after I (happily) no longer get those yucky popups on my PC since all > the malware has been removed, I keep getting the following two (2) > SIMULTANEOUS Microsoft Windows XP (home edition) popups AFTER I start OR > reboot my PC: > > Error loading C:WINDOWSsystem32kiramega.dll > The specified module could not be found > > Error loading C:WINDOWSsystem32falolofu.dll > The specified module could not be found > > My question is: how can I get these two "error message" to not appear > any more, going forward? Very annoying when I boot up my HP laptop! If > this helps any, I recall these two .dll files came up as "could not > remove" after > the Microsoft tech assistant helped me remove them from my laptop. > HELP!!!</span> There is always the possibility that your computer is not really clean, even though you aren't getting the popups. Vundo infections are extremely difficult to remove. It would be wise to register at one of the following specialty forums and post a HijackThis log to get an expert opinion as to whether your computer is really malware-free. If the machine is in fact clean, then you can stop the error messages by managing your Startup, since references to the malware were still left in Startup. A. Specialty forums: PLEASE DO NOT POST LOGS IN THE MS NEWSGROUPS. http://aumha.org/downloads/hijackthis.zip http://aumha.net/ - Click on the HijackThis forum. Read the announcement and the stickies first . http://www.atribune.org/forums/index.php?showforum=9 http://aumha.net/viewforum.php?f=30 http://www.bleepingcomputer.com/forums/forum22.html http://www.dslreports.com/forum/cleanup http://www.cybertechhelp.com/forums/forumdisplay.php?f=25 http://www.geekstogo.com/forum/Malware_Rem...o_Here-f37.html http://www.malwarebytes.org/forums/index.php?showforum=7 http://gladiator-antivirus.com/forum/index.php?showforum=170 http://spywarewarrior.com/viewforum.php?f=5 http://forums.techguy.org/54-security/ http://forums.tomcoyote.org/ http://www.thespykiller.co.uk/index.php?board=3.0 http://forums.subratam.org/index.php?showforum=7 B. Manage your Startup: Start>Run>msconfig [enter] This brings up the System Configuration Utility. Look on the Startup tab and find the probable culprit. Uncheck the box next to its name, Apply and OK out. You don't need to restart immediately, but the next time you do you'll get a dialog saying you've used the Utility. Just tick the box that says in effect, "don't bother me about this again". Important - Do not use the System Configuration Utility to stop processes. Instead, use Start>Run>services.msc [enter] and do not stop any services unless you really, really know what you're doing. How to Troubleshoot By Using the Msconfig Utility in Windows XP - http://support.microsoft.com/?id=310560 The free Autoruns program is very useful for managing your Startup - http://www.microsoft.com/technet/sysinternals/default.mspx - Autoruns Malke -- MS-MVP Elephant Boy Computers - Don't Panic! FAQ - http://www.elephantboycomputers.com/#FAQ Quote
Guest The Real Truth MVP Posted December 31, 2008 Posted December 31, 2008 Your issue is a prime example of why good registry cleaners are needed. Don't listen to the others who say registry cleaners are "snake oil". To fix your issue automatically, download CCleaner from here http://www.ccleaner.com/ install it and when you run it select the registry icon on the left to clean your registry. Let it fix all but choose to backup when prompted. Your problem should then be fixed. -- The Real Truth http://pcbutts1-therealtruth.blogspot.com/ "PattiNS" <PattiNS@discussions.microsoft.com> wrote in message news:CD23D53F-0D90-40CE-9CB2-A9195A0C47DA@microsoft.com...<span style="color:blue"> >I worked with the folks at Microsoft security past 2 days, which enabled me > to get the nasty Vundo and firewall-bypass (among others) spyware and > malware > removed from my HP laptop. > Now, after I (happily) no longer get those yucky popups on my PC since all > the malware has been removed, I keep getting the following two (2) > SIMULTANEOUS Microsoft Windows XP (home edition) popups AFTER I start OR > reboot my PC: > > Error loading C:WINDOWSsystem32kiramega.dll > The specified module could not be found > > Error loading C:WINDOWSsystem32falolofu.dll > The specified module could not be found > > My question is: how can I get these two "error message" to not appear > any more, going forward? Very annoying when I boot up my HP laptop! If > this > helps any, I recall these two .dll files came up as "could not remove" > after > the Microsoft tech assistant helped me remove them from my laptop. > HELP!!! > > Many thanks in advance! </span> Quote
Guest Geoff Posted December 31, 2008 Posted December 31, 2008 On Wed, 31 Dec 2008 03:57:01 -0800, PattiNS <PattiNS@discussions.microsoft.com> wrote: <span style="color:blue"> >I worked with the folks at Microsoft security past 2 days, which enabled me >to get the nasty Vundo and firewall-bypass (among others) spyware and malware >removed from my HP laptop. >Now, after I (happily) no longer get those yucky popups on my PC since all >the malware has been removed, I keep getting the following two (2) >SIMULTANEOUS Microsoft Windows XP (home edition) popups AFTER I start OR >reboot my PC: > > Error loading C:WINDOWSsystem32kiramega.dll > The specified module could not be found > > Error loading C:WINDOWSsystem32falolofu.dll > The specified module could not be found > >My question is: how can I get these two "error message" to not appear >any more, going forward? Very annoying when I boot up my HP laptop! If this >helps any, I recall these two .dll files came up as "could not remove" after >the Microsoft tech assistant helped me remove them from my laptop. HELP!!! ></span> The files are gone but the system is still attempting to load them. Download Autoruns and you may be able to see the registry entries that are set to load those DLL's. They will be marked as unavailable files. http://technet.microsoft.com/en-us/sysinte...c84cb9e2f5.aspx You can probably see the entry right away, un-check the box to disable the function and it will disable the loading of that DLL and back up the setting just in case you goof. Reboot and check that your startup is clean again. Start Autoruns again and delete the disabled entries. Do a complete search of your disks for those DLLs by name to make sure they are gone. (Although in some cases this can be a false negative if they are hiding.) Confidence is relatively high that since they are not loading they are not stealthed. Quote
Guest dlbinne Posted January 4, 2009 Posted January 4, 2009 There are still most like runpoint entries still in the registry. You need to go to the HKey_CurrentUser and HKey_LocalMachine \software\microsoft\windows\currentversion\run and remove the associated entries that are still pointing the vundo .dll's "PattiNS" <PattiNS@discussions.microsoft.com> wrote in message news:CD23D53F-0D90-40CE-9CB2-A9195A0C47DA@microsoft.com...<span style="color:blue"> >I worked with the folks at Microsoft security past 2 days, which enabled me > to get the nasty Vundo and firewall-bypass (among others) spyware and > malware > removed from my HP laptop. > Now, after I (happily) no longer get those yucky popups on my PC since all > the malware has been removed, I keep getting the following two (2) > SIMULTANEOUS Microsoft Windows XP (home edition) popups AFTER I start OR > reboot my PC: > > Error loading C:WINDOWSsystem32kiramega.dll > The specified module could not be found > > Error loading C:WINDOWSsystem32falolofu.dll > The specified module could not be found > > My question is: how can I get these two "error message" to not appear > any more, going forward? Very annoying when I boot up my HP laptop! If > this > helps any, I recall these two .dll files came up as "could not remove" > after > the Microsoft tech assistant helped me remove them from my laptop. > HELP!!! > > Many thanks in advance! </span> Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.