after removing malware RUNDLL error

Posted on 2013-05-21
Medium Priority
Last Modified: 2013-06-01
After removing the insidious "The FBI has your computer locked ....to unlock your computer pay $300 via GreenPak" all is working well except on startup I am getting an error message
Error loading C:\DOCUME~1\ALLUSE~1\APPLIC~1\boo2.dat
The specified module could not be found."
Question by:atf3doc
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
  • 2
  • +1
LVL 38

Expert Comment

by:Gerwin Jansen, EE MVE
ID: 39185498
That is probably because the malware cannot load anymore as it was removed.

Have a look with msconfig, TAB 'Startup' and look for an entry that has rundll and that ...boo2.dat in the command, then disable that startup entry.
LVL 29

Accepted Solution

Thomas Zucker-Scharff earned 1600 total points
ID: 39185504
or if you have autoruns on your system use that to do the same thing.

Author Comment

ID: 39185527
msconfig....no dll or boo2 listed. I unchecked registry booster2, just to see if that was it.
                    still get the error.
autoruns....am downloading it now..will install and try,,will advise
2017 Webroot Threat Report

MSPs: Get the facts you need to protect your clients.
The 2017 Webroot Threat Report provides a uniquely insightful global view into the analysis and discoveries made by the Webroot® Threat Intelligence Platform to provide insights on key trends and risks as seen by our users.

LVL 29

Expert Comment

by:Thomas Zucker-Scharff
ID: 39185547
make sure you check the choice to show microsoft items.
LVL 38

Assisted Solution

by:Gerwin Jansen, EE MVE
Gerwin Jansen, EE MVE earned 400 total points
ID: 39185617
Yes, autoruns or hijackthis will show you the entry. Let us know what you find.

Author Comment

ID: 39185693
autoruns rules!!! Showed the error exacly as it was written...unchecked it and error message gone..hooray! Thanks.

Expert Comment

ID: 39213075
Thanks gerwinjansen!! It took me 2 days to finally find what was causing the rundll pop-up when the machine starts up. Checked msconfig startup tab and BINGO!

Featured Post

Ransomware Attacks Keeping You Up at Night?

Will your organization be ransomware's next victim?  The good news is that these attacks are predicable and therefore preventable. Learn more about how you can  stop a ransomware attacks before encryption takes place with our Ransomware Prevention Kit!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Most PC repair technicians (if not all) always start their cleanup process by emptying the temp folders before running any removal tools. It makes sense because temp folders are common places for malware installers to lurk and removing all the junk …
When you upgrade from Windows 8 to 8.1 or to Windows 10 or if you are like me you are on the Insider Program you may find yourself with many 450MB recovery partitions.  With a traditional disk that may not be a problem but with relatively smaller SS…
In this video, we discuss why the need for additional vertical screen space has become more important in recent years, namely, due to the transition in the marketplace of 4x3 computer screens to 16x9 and 16x10 screens (so-called widescreen format). …
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…
Suggested Courses

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question