Solved Hacktool.rootkit!inf

[Ved]

Thank You very much for your time and assistance. I have completed those final steps as well, and am done with this desktop for now.
I have another question for you. Is it possible that You can assist me a bit with my daughters laptop.
She is using it mainly for games and so.
Bunch of them are downloaded, and it makes system a bit slow. That’s ok, but I am wondering if I can run something that will show you what is on that computer and maybe you can suggest besides the games what can be arrested to get some more space.

Also upon start up this screen keeps on showing titled: RunDLL and with the message:
Error loading C:\PROGRA~1\CHEATE~1\OPENCA~1\OCSETU~1.DLL
The specific module could not be found.

I have removed Norton from this computer and installed Avira and ZoneAlarm

Also upon shut down the screen shows up at all time, titled:
CL RC Engine 3 Dummy Window: OPService.exe – Application Error
With the message:
The instruction at 0x00928feb referenced memory at 0x000227f6. The memory could not be read.
Click Ok to terminate this program.
Note: part of the text 0x00828feb is changing so that previous time when I wrote this message down it was for example 0x01c82c70, the same goes for the part of the text 0x000227f6 where it was the previous time I wrote it down 0x0000000e.
It also seems to me that part of the text:…could not be read
Was previously could not be written.

Could you please assist with this matter.
Thank You.

 

[Bobbye]

I would like you to begin a new thread for this laptop. And please keep in mind that this forum is for virus and malware removal.If you suspect that, have her follow the same preliminary steps that you did HERE.

Copy the specific problems to the new thread and leave the logs from the programs on the new thread. I do not handle multiple systems on the same thread- it's too confusing for everyone!
==========================================
I will give you a starting point though:
Error loading C:\PROGRA~1\CHEATE~1\OPENCA~1\OCSETU~1.DLL
Product name OCSetupHlp Dynamic Link Library
Company name OpenCandy, Inc.
File description OCSetupHlp Dynamic Link Library
Internal name OCSetupHlp
Original filename OCSetupHlp.dll
Comments Setup helper library
Legal copyright Copyright (C) 2008
Product version 1.0.1.0
File version 1.0.37.1
Digital signatures [?]

Use Autoruns to remove items from Startup:

Please download Autoruns from HERE

• 
  [1]. Extract the Autoruns Zip file contents to your Desktop.
  (Right click and choose Extract All)
  [2]. Double-click the "Autoruns.exe".
  [3]. Click on the "Everything" tab
  [4]. Remove any entries that mention "File Not Found" by right-clicking the entry and select Delete.
  [5]. Go to File then to Export As.
  [6]. Save AutoRuns.txt file to know location.
  [7]. Attach to your next reply

Next,
Please click Start > Run
In the run box type msconfig
Click the Startup Tab and uncheck any entries for the above.

We will stop Services with the Autoruns logs after double checking the startup items.

This utility, which has the most comprehensive knowledge of auto-starting locations of any startup monitor, shows you what programs are configured to run during system bootup or login, and shows you the entries in the order Windows processes them. These programs include ones in your startup folder, Run, RunOnce, and other Registry keys. You can configure Autoruns to show other locations, including Explorer shell extensions, toolbars, browser helper objects, Winlogon notifications, auto-start services, and much more. Autoruns goes way beyond the MSConfig utility bundled with Windows Me and XP.

From Majorgeeks
=======================
For this:CL RC Engine 3 Dummy Window: OPService.exe – Application Error

Are you sure that it said OPService.exe or was it QPService.exe. It the latter, it is due to an HP program you are running.

O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"

And the below services may be related to it:

O23 - Service: QuickPlay Background Capture Service (QBCS) (QPCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
O23 - Service: QuickPlay Task Scheduler (QTS) (QPSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe

This is not a malware issue. I suggest you talk to HP or post in the Software Forum.

Please don't add more about these problems to this thread. Add any additional information or questions to the new thread in the Windows OS forum. Tell them I referred you to get these entries handled. If malware is still suspected, the come back here with a new malware thread for this system.

 

[Bobbye]

I am asking the moderator to take your Reply #33 and start a new thread with subject Help with daughters computer

Any additional logs or information for that system should be on the new thread.

I'm going to close this thread and send the moderator a PM. Since it's the weekend, it may take a few hours. I have added en Edit to your post: Atten: Bobbye.

 

[Bobbye]

Please see https://www.techspot.com/vb/topic148454.html for new thread Help with daughter's computer

Include all logs and comments there.