Solved Information relating to RogueKiller software.

DonnaB

Malware Fighter
Member
Ah... Ok. The icon in the notification tray has disappeared. That is only a shortcut icon to the actual software. That does not mean that the software has been erased.

If you go to your Control Panel and look in the Programs and Features, you will see that the Realtek High Definition Audio Driver is still installed. There is also indication that I found in the log that it is fine and it is running:

R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-01-08] (Realtek Semiconductor)

At the beginning of the line above, the R means it is running as it should be and the 2 means it is set for Automatic meaning it will run automatically when it is needed.

It appears that you have Ccleaner running as a task to continually check your system. See below:

Task: {B0FBAF86-3782-4638-9340-62E7B55A4D57} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-03-13] (Piriform Ltd)

There is a possibility that Ccleaner found the shortcut icon to be unnecessary and removed it. This is what optimizer software, such as Ccleaner is designed to do. Remove files that can cause the system to slow down.

Bottom line, there is nothing wrong with your Audio.

Does that make sense to you?
 
Last edited:

bobbyscot

Member
DonnaB, regards to sound Icon, can you say as to why, if the HD sound quality icon in not showing, then on playing a DVD Movie the high Definition sound quality is absent with only the normal sound quality to be heard.
 

DonnaB

Malware Fighter
Member
I'm not sure Bobby. Could it be the DVD that you are playing? But the RealTek drive is fine.

What did you do yesterday around 7:17pm your time? The logs show that you changed, downloaded, updated something to do with your sound. See files below and please note Date and Time:

2015-04-19 19:18 - 2015-04-19 19:18 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2015-04-19 19:18 - 2015-04-19 19:18 - 00000000 ____D () C:\Program Files\Realtek
2015-04-19 19:18 - 2014-05-14 18:37 - 03962840 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2015-04-19 19:18 - 2014-04-25 13:51 - 02834648 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2015-04-19 19:18 - 2014-03-06 16:35 - 01959128 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2015-04-19 19:18 - 2011-12-20 15:32 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2015-04-19 19:18 - 2011-11-22 16:28 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2015-04-19 19:18 - 2009-11-24 09:55 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2015-04-19 19:18 - 2009-11-24 09:55 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2015-04-19 19:18 - 2009-11-24 09:55 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2015-04-19 19:18 - 2009-11-24 09:55 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2015-04-19 19:17 - 2014-05-14 16:00 - 01099203 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2015-04-19 19:17 - 2014-05-12 20:11 - 60636160 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2015-04-19 19:17 - 2014-05-09 11:17 - 00628952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2015-04-19 19:17 - 2014-04-30 11:34 - 00948952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2015-04-19 19:17 - 2014-04-28 15:48 - 02800344 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2015-04-19 19:17 - 2014-04-25 13:23 - 01022168 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2015-04-19 19:17 - 2014-02-18 17:04 - 02770976 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2015-04-19 19:17 - 2014-01-28 11:48 - 01286872 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2015-04-19 19:17 - 2013-10-16 03:43 - 00209096 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2015-04-19 19:17 - 2013-10-11 12:47 - 00113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2015-04-19 19:17 - 2012-03-08 11:47 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2015-04-19 19:17 - 2010-11-08 07:31 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2015-04-19 19:17 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2015-04-19 19:17 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2015-04-19 19:17 - 2010-11-08 07:31 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2015-04-19 19:17 - 2010-11-08 07:31 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2015-04-19 19:17 - 2010-11-08 07:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2015-04-19 19:17 - 2010-11-03 18:30 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
 

bobbyscot

Member
DonnaB, most probably reinstalled the Reltek HDS software. As a matter of pure interest, how can anyone read what is on my computer C hard drive or what is actually installed? BobbyScot.
 

DonnaB

Malware Fighter
Member
most probably reinstalled the Reltek HDS software
If I may be so honest, that is one reason you are having so many problems. You are fixing things that are not broke and they become broke. Such as all those programs you find at sites online that entice you to download their tool to fix what you think is broke when it really isn't.

Example:

The shortcut icon to your RealTek program disappears so you think it has been erased. You go looking for an answer to your problem (which doesn't exist in the first place) and install software over software that is already there and has nothing wrong with it.

As a matter of pure interest, how can anyone read what is on my computer C hard drive or what is actually installed?
The tools that I use audit the Windows Operating System. They create log reports of all the files on the system and displays dates and times when they were created, modified, etc. That is how I can tell that you are still downloading stuff and running it on your system even after I asked you not to. By doing so, you are changing the system and I have to keep starting over to see where we are at. Honestly, by you continuing to do what I ask you not to, is wasting my time where I could be helping others who are willing to follow my instructions. We should have had whatever problem you are experiencing fixed by now.

What I can tell you is that from the last logs you posted, you are not infected. Only problem I see from what you are telling me is that you have file corruption due to all the useless tools that you have installed trying to fix what is not broken.

If your computer came with Vista installed, I am sure it is not a new computer. The minute you get a new computer you find it is fast and as time goes by and you install Windows Updates, software, data files such as pictures, music, movies, etc. the system slows down. This is normal and the only way to fix it is to start over by restoring the computer back to factory settings but over time it will once again become slow the more with every program, windows update a personal data files that you install.

Bottom line:

There is nothing wrong with your computer and please do not be offended but the problem is the user and the programs you used to try and fix what is not broke.

Only thing I can do at this time to help is to have you run system file checker to fix and replace files that were damaged or removed by the tools you used trying to fix what is not broke.

Brink has created a tutorial on how to run System File Checker on Vista.

See here > How to Repair and Verify the Integrity of Vista System Files with System File Checker

Scroll down to where it says Here's How: and follow the instructions for Step 1., 2. and A)

Once the scan is complete, open another elevated command prompt by right clicking on your command prompt and choosing Run as administrator and copy and paste the following into the command prompt then press you enter key:

findstr /c:"[SR]" %windir%\Logs\CBS\CBS.log >"%userprofile%\Desktop\sfcdetails.txt"

That will put the log report on your desktop so you can attach it to your next reply so I can review it.

If you can't copy and paste the above command into command prompt, you will have to type the command exactly as it is or it won't work.
 

bobbyscot

Member
DonnaB, referring to the Sound issue, believe me that when Reltek High Definition is current, sound is of high quality and surround sound superb. When icon no longer shown, sound quality drops remarkably - that is my findings. All software you recommended to be erased, where, and not reinstalled, plus I have respected your comments. I can assure you the computer was obtained new, though in 2009 and the OS Vista preinstalled by HP. I will carry out the latest instruction and post back later, results. I certainly appreciate your time taken and time to anyone is limited.
What caused this computer to fail from the start to make ""backups" and Restore Points? Thanks BobbyScot.
 

DonnaB

Malware Fighter
Member
Hi Bobby,

What caused this computer to fail from the start to make ""backups" and Restore Points? Thanks BobbyScot.
A corrupt Operating System will cause this. Malware being present can cause this as well.

From the last logs you provided, there isn't any visible malware to remove. Junk files leftover from uninstalled software, yes, but they shouldn't cause any problems.

Please follow the instructions to run System File Checker. That may fix the corrupted files, or at least some of them.

We could also ran a scan to make sure there are no rootkits.

Let me know when the System File Checker is complete and please post the log when done.

:)
 

bobbyscot

Member
DonnaB, I carried out the sfc check and details posted to this thread. Reading context, Mozilla browser is mentioned. I do not use this browser and I had no idea it was installed. Thank you for help, BobbyScot.
 

bobbyscot

Member
DonnaB, I have un-ticked box to start Sidebar in Vista when Windows opens. Only reason that I use Sidebar is for the time clock and calendar, both that I refer frequently. However, if SB interferes with the running of computer, best to keep SB un-installed. What is your opinion on Junk remover? Should I re-run SFCdetails.txt again. Thanks BobbyScot.
 

bobbyscot

Member
townsbg, thank you for reply and interest shown. Sidebar not loading at powerup does not appear to make any difference according to a further sfcdetails.txt being carried out. Thanks BobbyScot.
 

bobbyscot

Member
townsbg, I remember when using Windows 7, I completely lost the ability to Backup computer. Error was found to be caused by .Net Framework 4.0. being corrupted. At present DonnaB is trying to restore computer running under Vista OS and in fairness better await for her further instructions. Your interest shown is appreciated, BobbyScot.
 

bobbyscot

Member
townsbg, from what you say, does it mean DonnaB will no longer be dealing with this thread? Thank you and DonnaB for all suggestions and assistance given, most appreciated. BobbyScot.
 

townsbg

~~тσωηsвg~~
Vista Guru
Gold Member
All I know is that she asked me to look at it. I don't know what her intentions are. She may like to stick to security matters and that's great if it's her specialty.
 
Top