Run a DLL as an app windows pop-up message, possible malware

Unfortunately yes it is still there.

Can you delete it now?

No I can not delete it.

You'll need to logon to the administrator account then.
Press Start > Log off > log off

Now in the user menu, you might only see your account and the other, but not administrator.
Hit alt+ctrl+del twice to access an advanced logon option.
In the username part, type in "administrator" without the quote and try to logon.
If it won't let you because of a password, try admin or administrator.

If you can get on, go to Start > Control Panel > User account.
Choose Seth if it's there and see if there's an option to delete it.

Tried all variations, can't login under administrator.

Hmm.
Who set up this machine? did you parents set the administrator password?

This machine was hector's brothers machine. The provided passwords from him to access the accounts for admin, and seth did not work, So I don't think there's anything we can do there. Do we have other options? Can I use a utility to just move/delete the Seth folder?

The control userpasswords2 does have an option to change the administrator password, go back into the control userpasswords2, highlight administrator and underneath the user accounts list should be a change password option.

Successfully changed hte password and tried to login as administrator again. Get message unable to log you in because of an account restriction.

Hmm.
I'll give this one more shot then ask another forum tech to drop by.
In control usepasswords2, click the Advanced tab.
Under the Advanced user management, click Advanced.

This opens the advanced user control. Double click on "Users", then right click Seth if it's there and delete it.

After clicking the "Advanced" tab under advanced user management i get a message in the right hand column stating that this snapin can not be used with windows XP home.

Okay, hang tight and we'll see what my colleagues think.

For what it's worth, I am able to login to the machine under the administrator account in safe mode, tried deleting the "seth" folder and it still says access denied.

Oh, you got in.
In the control panel, go into the user accounts again.
Is Seth there?

The user "Seth" is no in the user accounts. Just FYI, I also tried deleting the seth folder in documents and settings and still got the access denied.

Okay.
You can empty the temp folder anyway.

1. Open My Computer.
   
2. Go to Tools > Folder Options.
   
3. Select the View tab.
   
4. Scroll down to Hidden files and folders.
   
5. Select Show hidden files and folders.
   
6. Uncheck (untick) Hide extensions of known file types.
   
7. Uncheck (untick) Hide protected operating system files (Recommended).
   
8. Click Yes when prompted.
   
9. Click OK.
   
10. Close My Computer.

Now locate C:\Documents and settings\Seth\Local Settings\Temp
Delete EVERYTHING inside the temp folder, but don't delete the Temp folder.

I keep getting access denied.

Even from the administrator account?
Anyway, I wouldn't say your in trouble, the file is only a temp file.

What problems remain?

The run a DLL as an application message pops up pretty consistently. And my device manager is completely broken. I tried pluggin in a USB mouse and thumb drive and neither one was recognized so something is still up.

Lets take a look at the event viewer.
Press Start > Run.
Type in eventvwr and hit enter.

This opens the event viewer. Double click on system.
Press the "Date" header to sort them into the most recent.

Double click the most recent and it has a big description box explaining the problem.
Highlight what's inside the box, copy and paste it back here.

The WMI Performance Adapter service entered the stopped state.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Hmm.
Have a look through a few of them and see if any of the descriptions mention a rundll32 error.

I don't see anything relating to the dll problem

Okay, hold tight and we'll see if my colleagues have any ideas.

Any news back from your colleagues?

I've told him about this thread, he told me he'd drop by later. I might have to just split out a post or two to move it into the hardware section because he works better in that area.

No problem, thank you.

Hello.
I got feedback.

"From what I know, Vista doesn't allow you to delete the account folder, so it should be the same in XP"

Although you can't delete it, the temp files leftover can't cause you any harm.

As for the device manager problem, is the device manager window blank?

No the device manager window isn't blank, but it's missing some of the icons up top (such as the "scan for hardware changes button." It's also missing all of the icons next to each device, (like the little memory icon next to where it would say memory) I believe this problem, the dll message, and the lack of USB devices (and probably others) might be related, as I always get the dll message when i click on one of the objects inside of device manager, or when i try to plug in a USB stick, which is recognized, but it's almost as though it can't load it, thus doesn't show up as driveX in MyComputer. USB doesn't appear to be working as if i plug in a USB mouse it doesn't work.

Windows update through Internet explorer will not work as well... keep getting errors. I really can't afford to do a clean install on this machine either.

If you have your XP disc, we can do a repair install. (repair install is different than formatting, your files are not touched, only legit files are replaced)

Sounds like a sensible next step, I have the cd, can you post the instructions?

Using repair install instructions here:
http://www.michaelstevenstech.com/XPrepairinstall.htm

I'll be here if you have any questions.

I found the same instructions, performing the repair now ty.

Did the repair and all seems to be doing well no dll problems, device manager checks out ok, anything else i should check for?

Nope, just stay safe.

Below I have included a number of recommendations for how to protect your computer in order to prevent future malware infections. Please take these recommendations seriously; these few simple steps can stave off the vast majority of spyware problems. As happy as we are to help you, for your sake we would rather not have repeat customers.

1) Please navigate to http://windowsupdate.microsoft.com and download all the "critical updates" for Windows. This can patch many of the security holes through which attackers can gain access to your computer.

Please either enable Automatic Updates under Start -> Control Panel -> Automatic Updates , or get into the habit of checking for Windows updates regularly. I cannot stress enough how important this is.

2) In order to protect yourself against spyware, you should consider installing and running the following free programs:

Ad-Aware SE
A tutorial on using Ad-Aware to remove spyware from your computer may be found here.

Spybot-Search & Destroy
A tutorial on using Spybot to remove spyware from your computer may be found here. Please also remember to enable Spybot's "Immunize" and "TeaTimer" features.

SpywareBlaster
A tutorial on using SpywareBlaster to prevent spyware from ever installing on your computer may be found here.

SpywareGuard
A tutorial on using SpywareGuard for realtime protection against spyware and hijackers may be found here.

Make sure to keep these programs up-to-date and to run them regularly, as this can prevent a great deal of spyware hassle.

3) Please consider using an alternate browser. Mozilla's Firefox browser is fantastic; it is much more secure than Internet Explorer, immune to almost all known browser hijackers, and also has the best built-in popup blocker (as an added benefit!) that I have ever seen. If you are interested, Firefox may be downloaded from here:
http://www.mozilla.org/products/firefox/
I also recommand the following add-ons for Firefox, they will help keep you safe from malicious scripts or activeX exploits.
https://addons.mozilla.org/en-US/firefox/addon/722
https://addons.mozilla.org/en-US/firefox/addon/1865
https://addons.mozilla.org/en-US/firefox/addon/433

4) Also make sure to run your antivirus software regularly, and to keep it up-to-date.

To help you keep your software updated, please considering using this free software program that will check for program updates.
Update Checker

5) Finally, consider maintaining a firewall. Some good free firewalls are Kerio, or
Outpost
A tutorial on understanding and using firewalls may be found here.

Please also read Tony Klein's excellent article: How I got Infected in the First Place

If you would take a moment to fill out our feedback form, we would appreciate it.
The link can be found here.

Hopefully this should take care of your problems! Good luck.