[CompCav]

Interesting since they appear in your extras file.


Well go on to step 2.

[Advertisements]

All processes killed
========== OTL ==========
No active process named realplay.exe was found!
No active process named realsched.exe was found!
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.4.53\ deleted successfully.
C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.4.53\ deleted successfully.
C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.4.53\ deleted successfully.
C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.4.53\ deleted successfully.
C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.4.53\ deleted successfully.
C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll moved successfully.
File HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext not found.
File HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext not found.
C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT\Components folder moved successfully.
C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT\Chrome\Skin folder moved successfully.
C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT\Chrome\Content folder moved successfully.
C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT\Chrome folder moved successfully.
C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT folder moved successfully.
C:\Program Files\Mozilla Firefox\plugins\nprpplugin.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3049C3E9-B461-4BC5-8870-4C09146192CA}\ deleted successfully.
C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\TkBellExe deleted successfully.
C:\Program Files\real\realplayer\Update\realsched.exe moved successfully.
C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-3843634061-819627678-391793244-1005.job moved successfully.
C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-3843634061-819627678-391793244-1005.job moved successfully.
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Documents and Settings\Ben\Desktop\cmd.bat deleted successfully.
C:\Documents and Settings\Ben\Desktop\cmd.txt deleted successfully.
c:\program files\real\RealUpgrade\Plugins folder moved successfully.
c:\program files\real\RealUpgrade\Common folder moved successfully.
c:\program files\real\RealUpgrade folder moved successfully.
c:\program files\real\realplayer\Visualizations folder moved successfully.
c:\program files\real\realplayer\Update\UI\loc folder moved successfully.
c:\program files\real\realplayer\Update\UI\Images folder moved successfully.
c:\program files\real\realplayer\Update\UI folder moved successfully.
c:\program files\real\realplayer\Update folder moved successfully.
c:\program files\real\realplayer\templates folder moved successfully.
c:\program files\real\realplayer\Setup\accesspoints folder moved successfully.
c:\program files\real\realplayer\Setup folder moved successfully.
c:\program files\real\realplayer\rpplugins folder moved successfully.
c:\program files\real\realplayer\rcaplugins folder moved successfully.
c:\program files\real\realplayer\Producer\Tools folder moved successfully.
c:\program files\real\realplayer\Producer folder moved successfully.
c:\program files\real\realplayer\Plugins\ExtResources folder moved successfully.
c:\program files\real\realplayer\Plugins folder moved successfully.
c:\program files\real\realplayer\Netscape6 folder moved successfully.
c:\program files\real\realplayer\mpaplugins folder moved successfully.
c:\program files\real\realplayer\library folder moved successfully.
c:\program files\real\realplayer\Flash folder moved successfully.
c:\program files\real\realplayer\Devices folder moved successfully.
c:\program files\real\realplayer\DataCache\webresources folder moved successfully.
c:\program files\real\realplayer\DataCache\web folder moved successfully.
c:\program files\real\realplayer\DataCache\video folder moved successfully.
c:\program files\real\realplayer\DataCache\UsageStats folder moved successfully.
c:\program files\real\realplayer\DataCache\Update folder moved successfully.
c:\program files\real\realplayer\DataCache\search folder moved successfully.
c:\program files\real\realplayer\DataCache\RollingStone folder moved successfully.
c:\program files\real\realplayer\DataCache\Radio folder moved successfully.
c:\program files\real\realplayer\DataCache\prefs folder moved successfully.
c:\program files\real\realplayer\DataCache\music folder moved successfully.
c:\program files\real\realplayer\DataCache\mstore folder moved successfully.
c:\program files\real\realplayer\DataCache\Login\templates folder moved successfully.
c:\program files\real\realplayer\DataCache\Login\loc\en folder moved successfully.
c:\program files\real\realplayer\DataCache\Login\loc folder moved successfully.
c:\program files\real\realplayer\DataCache\Login\js folder moved successfully.
c:\program files\real\realplayer\DataCache\Login\images\btns\94x28 folder moved successfully.
c:\program files\real\realplayer\DataCache\Login\images\btns\94x24 folder moved successfully.
c:\program files\real\realplayer\DataCache\Login\images\btns\184x28 folder moved successfully.
c:\program files\real\realplayer\DataCache\Login\images\btns\184x24 folder moved successfully.
c:\program files\real\realplayer\DataCache\Login\images\btns\139x28 folder moved successfully.
c:\program files\real\realplayer\DataCache\Login\images\btns\139x24 folder moved successfully.
c:\program files\real\realplayer\DataCache\Login\images\btns folder moved successfully.
c:\program files\real\realplayer\DataCache\Login\images\alerts folder moved successfully.
c:\program files\real\realplayer\DataCache\Login\images folder moved successfully.
c:\program files\real\realplayer\DataCache\Login\data folder moved successfully.
c:\program files\real\realplayer\DataCache\Login folder moved successfully.
c:\program files\real\realplayer\DataCache\library folder moved successfully.
c:\program files\real\realplayer\DataCache\keywords folder moved successfully.
c:\program files\real\realplayer\DataCache\intl folder moved successfully.
c:\program files\real\realplayer\DataCache\howto folder moved successfully.
c:\program files\real\realplayer\DataCache\Help folder moved successfully.
c:\program files\real\realplayer\DataCache\GPFeat folder moved successfully.
c:\program files\real\realplayer\DataCache\GetMedia\page\Common folder moved successfully.
c:\program files\real\realplayer\DataCache\GetMedia\page folder moved successfully.
c:\program files\real\realplayer\DataCache\GetMedia\loc\en\xpr folder moved successfully.
c:\program files\real\realplayer\DataCache\GetMedia\loc\en\wrn folder moved successfully.
c:\program files\real\realplayer\DataCache\GetMedia\loc\en\Web folder moved successfully.
c:\program files\real\realplayer\DataCache\GetMedia\loc\en\visualizations folder moved successfully.
c:\program files\real\realplayer\DataCache\GetMedia\loc\en\upsell folder moved successfully.
c:\program files\real\realplayer\DataCache\GetMedia\loc\en\tutorials folder moved successfully.
c:\program files\real\realplayer\DataCache\GetMedia\loc\en\trig folder moved successfully.
c:\program files\real\realplayer\DataCache\GetMedia\loc\en\toc folder moved successfully.
c:\program files\real\realplayer\DataCache\GetMedia\loc\en\skins folder moved successfully.
c:\program files\real\realplayer\DataCache\GetMedia\loc\en\search folder moved successfully.
c:\program files\real\realplayer\DataCache\GetMedia\loc\en\rollingstone folder moved successfully.
c:\program files\real\realplayer\DataCache\GetMedia\loc\en\radio folder moved successfully.
c:\program files\real\realplayer\DataCache\GetMedia\loc\en\musicstore folder moved successfully.
c:\program files\real\realplayer\DataCache\GetMedia\loc\en\musicguide folder moved successfully.
c:\program files\real\realplayer\DataCache\GetMedia\loc\en\Home folder moved successfully.
c:\program files\real\realplayer\DataCache\GetMedia\loc\en\Help folder moved successfully.
c:\program files\real\realplayer\DataCache\GetMedia\loc\en\Guide folder moved successfully.
c:\program files\real\realplayer\DataCache\GetMedia\loc\en\Error folder moved successfully.
c:\program files\real\realplayer\DataCache\GetMedia\loc\en\dvdburning folder moved successfully.
c:\program files\real\realplayer\DataCache\GetMedia\loc\en\Devices folder moved successfully.
c:\program files\real\realplayer\DataCache\GetMedia\loc\en\default folder moved successfully.
c:\program files\real\realplayer\DataCache\GetMedia\loc\en\custsupport\techsupport folder moved successfully.
c:\program files\real\realplayer\DataCache\GetMedia\loc\en\custsupport\sersupport folder moved successfully.
c:\program files\real\realplayer\DataCache\GetMedia\loc\en\custsupport\prodsurvey folder moved successfully.
c:\program files\real\realplayer\DataCache\GetMedia\loc\en\custsupport\pccontrols folder moved successfully.
c:\program files\real\realplayer\DataCache\GetMedia\loc\en\custsupport folder moved successfully.
c:\program files\real\realplayer\DataCache\GetMedia\loc\en\CTW folder moved successfully.
c:\program files\real\realplayer\DataCache\GetMedia\loc\en\Common folder moved successfully.
c:\program files\real\realplayer\DataCache\GetMedia\loc\en\Channels folder moved successfully.
c:\program files\real\realplayer\DataCache\GetMedia\loc\en\Central folder moved successfully.
c:\program files\real\realplayer\DataCache\GetMedia\loc\en\cdburning folder moved successfully.
c:\program files\real\realplayer\DataCache\GetMedia\loc\en\acct folder moved successfully.
c:\program files\real\realplayer\DataCache\GetMedia\loc\en\404 folder moved successfully.
c:\program files\real\realplayer\DataCache\GetMedia\loc\en folder moved successfully.
c:\program files\real\realplayer\DataCache\GetMedia\loc folder moved successfully.
c:\program files\real\realplayer\DataCache\GetMedia\images folder moved successfully.
c:\program files\real\realplayer\DataCache\GetMedia\CTW\Images folder moved successfully.
c:\program files\real\realplayer\DataCache\GetMedia\CTW folder moved successfully.
c:\program files\real\realplayer\DataCache\GetMedia folder moved successfully.
c:\program files\real\realplayer\DataCache\games folder moved successfully.
c:\program files\real\realplayer\DataCache\Formats folder moved successfully.
c:\program files\real\realplayer\DataCache\DVDBurning folder moved successfully.
c:\program files\real\realplayer\DataCache\Devices folder moved successfully.
c:\program files\real\realplayer\DataCache\Channels folder moved successfully.
c:\program files\real\realplayer\DataCache\CDBurning folder moved successfully.
c:\program files\real\realplayer\DataCache\attributedto folder moved successfully.
c:\program files\real\realplayer\DataCache\admodules folder moved successfully.
c:\program files\real\realplayer\DataCache folder moved successfully.
c:\program files\real\realplayer\Common folder moved successfully.
c:\program files\real\realplayer\Codecs folder moved successfully.
c:\program files\real\realplayer\CDBurning folder moved successfully.
c:\program files\real\realplayer folder moved successfully.
c:\program files\real folder moved successfully.
========== REGISTRY ==========
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: All Users
->Flash cache emptied: 0 bytes

User: Ben
->Temp folder emptied: 3864 bytes
->Temporary Internet Files folder emptied: 32902 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 72525805 bytes
->Flash cache emptied: 2540 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32835 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 69.00 mb

Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.54.0 log created on 07222012_213744

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...


That has cleared Realplayer.exe from my Taskmanager and the CPU usage is down to prettymuch zero. Winpatrol has detected a change in Filename: Hosts: c:\windows\system32\drivers\etc\hosts. Can i accept this?

[bg111]

All processes killed
========== OTL ==========
No active process named realplay.exe was found!
No active process named realsched.exe was found!
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.4.53\ deleted successfully.
C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.4.53\ deleted successfully.
C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.4.53\ deleted successfully.
C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.4.53\ deleted successfully.
C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.4.53\ deleted successfully.
C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll moved successfully.
File HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext not found.
File HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext not found.
C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT\Components folder moved successfully.
C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT\Chrome\Skin folder moved successfully.
C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT\Chrome\Content folder moved successfully.
C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT\Chrome folder moved successfully.
C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT folder moved successfully.
C:\Program Files\Mozilla Firefox\plugins\nprpplugin.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3049C3E9-B461-4BC5-8870-4C09146192CA}\ deleted successfully.
C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\TkBellExe deleted successfully.
C:\Program Files\real\realplayer\Update\realsched.exe moved successfully.
C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-3843634061-819627678-391793244-1005.job moved successfully.
C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-3843634061-819627678-391793244-1005.job moved successfully.
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Documents and Settings\Ben\Desktop\cmd.bat deleted successfully.
C:\Documents and Settings\Ben\Desktop\cmd.txt deleted successfully.
c:\program files\real\RealUpgrade\Plugins folder moved successfully.
c:\program files\real\RealUpgrade\Common folder moved successfully.
c:\program files\real\RealUpgrade folder moved successfully.
c:\program files\real\realplayer\Visualizations folder moved successfully.
c:\program files\real\realplayer\Update\UI\loc folder moved successfully.
c:\program files\real\realplayer\Update\UI\Images folder moved successfully.
c:\program files\real\realplayer\Update\UI folder moved successfully.
c:\program files\real\realplayer\Update folder moved successfully.
c:\program files\real\realplayer\templates folder moved successfully.
c:\program files\real\realplayer\Setup\accesspoints folder moved successfully.
c:\program files\real\realplayer\Setup folder moved successfully.
c:\program files\real\realplayer\rpplugins folder moved successfully.
c:\program files\real\realplayer\rcaplugins folder moved successfully.
c:\program files\real\realplayer\Producer\Tools folder moved successfully.
c:\program files\real\realplayer\Producer folder moved successfully.
c:\program files\real\realplayer\Plugins\ExtResources folder moved successfully.
c:\program files\real\realplayer\Plugins folder moved successfully.
c:\program files\real\realplayer\Netscape6 folder moved successfully.
c:\program files\real\realplayer\mpaplugins folder moved successfully.
c:\program files\real\realplayer\library folder moved successfully.
c:\program files\real\realplayer\Flash folder moved successfully.
c:\program files\real\realplayer\Devices folder moved successfully.
c:\program files\real\realplayer\DataCache\webresources folder moved successfully.
c:\program files\real\realplayer\DataCache\web folder moved successfully.
c:\program files\real\realplayer\DataCache\video folder moved successfully.
c:\program files\real\realplayer\DataCache\UsageStats folder moved successfully.
c:\program files\real\realplayer\DataCache\Update folder moved successfully.
c:\program files\real\realplayer\DataCache\search folder moved successfully.
c:\program files\real\realplayer\DataCache\RollingStone folder moved successfully.
c:\program files\real\realplayer\DataCache\Radio folder moved successfully.
c:\program files\real\realplayer\DataCache\prefs folder moved successfully.
c:\program files\real\realplayer\DataCache\music folder moved successfully.
c:\program files\real\realplayer\DataCache\mstore folder moved successfully.
c:\program files\real\realplayer\DataCache\Login\templates folder moved successfully.
c:\program files\real\realplayer\DataCache\Login\loc\en folder moved successfully.
c:\program files\real\realplayer\DataCache\Login\loc folder moved successfully.
c:\program files\real\realplayer\DataCache\Login\js folder moved successfully.
c:\program files\real\realplayer\DataCache\Login\images\btns\94x28 folder moved successfully.
c:\program files\real\realplayer\DataCache\Login\images\btns\94x24 folder moved successfully.
c:\program files\real\realplayer\DataCache\Login\images\btns\184x28 folder moved successfully.
c:\program files\real\realplayer\DataCache\Login\images\btns\184x24 folder moved successfully.
c:\program files\real\realplayer\DataCache\Login\images\btns\139x28 folder moved successfully.
c:\program files\real\realplayer\DataCache\Login\images\btns\139x24 folder moved successfully.
c:\program files\real\realplayer\DataCache\Login\images\btns folder moved successfully.
c:\program files\real\realplayer\DataCache\Login\images\alerts folder moved successfully.
c:\program files\real\realplayer\DataCache\Login\images folder moved successfully.
c:\program files\real\realplayer\DataCache\Login\data folder moved successfully.
c:\program files\real\realplayer\DataCache\Login folder moved successfully.
c:\program files\real\realplayer\DataCache\library folder moved successfully.
c:\program files\real\realplayer\DataCache\keywords folder moved successfully.
c:\program files\real\realplayer\DataCache\intl folder moved successfully.
c:\program files\real\realplayer\DataCache\howto folder moved successfully.
c:\program files\real\realplayer\DataCache\Help folder moved successfully.
c:\program files\real\realplayer\DataCache\GPFeat folder moved successfully.
c:\program files\real\realplayer\DataCache\GetMedia\page\Common folder moved successfully.
c:\program files\real\realplayer\DataCache\GetMedia\page folder moved successfully.
c:\program files\real\realplayer\DataCache\GetMedia\loc\en\xpr folder moved successfully.
c:\program files\real\realplayer\DataCache\GetMedia\loc\en\wrn folder moved successfully.
c:\program files\real\realplayer\DataCache\GetMedia\loc\en\Web folder moved successfully.
c:\program files\real\realplayer\DataCache\GetMedia\loc\en\visualizations folder moved successfully.
c:\program files\real\realplayer\DataCache\GetMedia\loc\en\upsell folder moved successfully.
c:\program files\real\realplayer\DataCache\GetMedia\loc\en\tutorials folder moved successfully.
c:\program files\real\realplayer\DataCache\GetMedia\loc\en\trig folder moved successfully.
c:\program files\real\realplayer\DataCache\GetMedia\loc\en\toc folder moved successfully.
c:\program files\real\realplayer\DataCache\GetMedia\loc\en\skins folder moved successfully.
c:\program files\real\realplayer\DataCache\GetMedia\loc\en\search folder moved successfully.
c:\program files\real\realplayer\DataCache\GetMedia\loc\en\rollingstone folder moved successfully.
c:\program files\real\realplayer\DataCache\GetMedia\loc\en\radio folder moved successfully.
c:\program files\real\realplayer\DataCache\GetMedia\loc\en\musicstore folder moved successfully.
c:\program files\real\realplayer\DataCache\GetMedia\loc\en\musicguide folder moved successfully.
c:\program files\real\realplayer\DataCache\GetMedia\loc\en\Home folder moved successfully.
c:\program files\real\realplayer\DataCache\GetMedia\loc\en\Help folder moved successfully.
c:\program files\real\realplayer\DataCache\GetMedia\loc\en\Guide folder moved successfully.
c:\program files\real\realplayer\DataCache\GetMedia\loc\en\Error folder moved successfully.
c:\program files\real\realplayer\DataCache\GetMedia\loc\en\dvdburning folder moved successfully.
c:\program files\real\realplayer\DataCache\GetMedia\loc\en\Devices folder moved successfully.
c:\program files\real\realplayer\DataCache\GetMedia\loc\en\default folder moved successfully.
c:\program files\real\realplayer\DataCache\GetMedia\loc\en\custsupport\techsupport folder moved successfully.
c:\program files\real\realplayer\DataCache\GetMedia\loc\en\custsupport\sersupport folder moved successfully.
c:\program files\real\realplayer\DataCache\GetMedia\loc\en\custsupport\prodsurvey folder moved successfully.
c:\program files\real\realplayer\DataCache\GetMedia\loc\en\custsupport\pccontrols folder moved successfully.
c:\program files\real\realplayer\DataCache\GetMedia\loc\en\custsupport folder moved successfully.
c:\program files\real\realplayer\DataCache\GetMedia\loc\en\CTW folder moved successfully.
c:\program files\real\realplayer\DataCache\GetMedia\loc\en\Common folder moved successfully.
c:\program files\real\realplayer\DataCache\GetMedia\loc\en\Channels folder moved successfully.
c:\program files\real\realplayer\DataCache\GetMedia\loc\en\Central folder moved successfully.
c:\program files\real\realplayer\DataCache\GetMedia\loc\en\cdburning folder moved successfully.
c:\program files\real\realplayer\DataCache\GetMedia\loc\en\acct folder moved successfully.
c:\program files\real\realplayer\DataCache\GetMedia\loc\en\404 folder moved successfully.
c:\program files\real\realplayer\DataCache\GetMedia\loc\en folder moved successfully.
c:\program files\real\realplayer\DataCache\GetMedia\loc folder moved successfully.
c:\program files\real\realplayer\DataCache\GetMedia\images folder moved successfully.
c:\program files\real\realplayer\DataCache\GetMedia\CTW\Images folder moved successfully.
c:\program files\real\realplayer\DataCache\GetMedia\CTW folder moved successfully.
c:\program files\real\realplayer\DataCache\GetMedia folder moved successfully.
c:\program files\real\realplayer\DataCache\games folder moved successfully.
c:\program files\real\realplayer\DataCache\Formats folder moved successfully.
c:\program files\real\realplayer\DataCache\DVDBurning folder moved successfully.
c:\program files\real\realplayer\DataCache\Devices folder moved successfully.
c:\program files\real\realplayer\DataCache\Channels folder moved successfully.
c:\program files\real\realplayer\DataCache\CDBurning folder moved successfully.
c:\program files\real\realplayer\DataCache\attributedto folder moved successfully.
c:\program files\real\realplayer\DataCache\admodules folder moved successfully.
c:\program files\real\realplayer\DataCache folder moved successfully.
c:\program files\real\realplayer\Common folder moved successfully.
c:\program files\real\realplayer\Codecs folder moved successfully.
c:\program files\real\realplayer\CDBurning folder moved successfully.
c:\program files\real\realplayer folder moved successfully.
c:\program files\real folder moved successfully.
========== REGISTRY ==========
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: All Users
->Flash cache emptied: 0 bytes

User: Ben
->Temp folder emptied: 3864 bytes
->Temporary Internet Files folder emptied: 32902 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 72525805 bytes
->Flash cache emptied: 2540 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32835 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 69.00 mb

Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.54.0 log created on 07222012_213744

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...


That has cleared Realplayer.exe from my Taskmanager and the CPU usage is down to prettymuch zero. Winpatrol has detected a change in Filename: Hosts: c:\windows\system32\drivers\etc\hosts. Can i accept this?

[CompCav]

Winpatrol has detected a change in Filename: Hosts: c:\windows\system32\drivers\etc\hosts. Can i accept this?

Yes please accept the change, we reset it as part of the cleaning process.

That has cleared Realplayer.exe from my Taskmanager and the CPU usage is down to prettymuch zero

What issues remain?

[bg111]

None that i know of. Realplayer.exe was the problem I was having, i dint know if there was a bigger problem hiding in the background.

[CompCav]

Let's do a sweep to check!



Step 1.

Please download Malwarebytes' Anti-Malware

Double Click mbam-setup.exe to install the application. Please do not accept the trial right now. We just want to run it on demand.

• Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
• If an update is found, it will download and install the latest version.
• Once the program has loaded, select "Perform Quick Scan", then click Scan.
• The scan may take some time to finish, so please be patient.
• When the scan is complete, click OK, then Show Results to view the results.
• Make sure that everything is checked, and click Remove Selected.
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
• Copy&Paste the entire report in your next reply.

Extra Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately.


Step 2.

Run ESET Online Scan

Note: You can use either Internet Explorer or Mozilla FireFox for this scan.

Vista / 7 users: You will need to to right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator from the context menu.

Please go here then click on:

If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.
All of the following instructions work with either Internet Explorer or Mozilla FireFox.

• Select the option YES, I accept the Terms of Use then click on:
• When prompted allow Add-On/Active X to install.
• Make sure that the option Scan archives is checked.
• Now click on Advanced Settings and select the following:
  
  • Scan for potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth Technology
• Now click on:
• The virus signature database will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
• When completed the Online Scan will begin automatically. The scan may take several hours.
• Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
• When completed select Uninstall application on close, make sure you copy the logfile first!
• Now click on:
• Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
• Copy and paste that log as a reply to this topic.

Step 3.

Security Check
Download Security Check by screen317 from here or here.

Save it to your Desktop.
Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
A Notepad document should open automatically called checkup.txt; please post the contents of that document.


Step 4.

Please post:


mbam log
eset log
security check log

Please give me an update on how your computer is doing!

[bg111]

Hi, sorry for the delay.

Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Database version: v2012.07.23.03

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Ben :: DBKQ562J [administrator]

23/07/2012 07:27:26
mbam-log-2012-07-23 (07-27-26).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 229319
Time elapsed: 8 minute(s),

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)





ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6211
# api_version=3.0.2
# EOSSerial=2f80cf91f8d5de4da1ba070db6c87ab9
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2010-06-13 08:23:44
# local_time=2010-06-13 09:23:44 (+0000, GMT Daylight Time)
# country="United Kingdom"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=768 16777215 100 0 36411079 36411079 0 0
# compatibility_mode=1024 16777215 100 0 16843491 16843491 0 0
# compatibility_mode=5891 16776533 100 100 11280 16690640 0 0
# compatibility_mode=8192 67108863 100 0 305 305 0 0
# scanned=176251
# found=1
# cleaned=1
# scan_time=9763
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinZBot1.zip Win32/Bagle.gen.zip worm (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=2f80cf91f8d5de4da1ba070db6c87ab9
# end=stopped
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-07-23 06:39:43
# local_time=2012-07-23 07:39:43 (+0000, GMT Daylight Time)
# country="United Kingdom"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=768 16777215 100 0 102985770 102985770 0 0
# compatibility_mode=1024 16777215 100 0 0 0 0 0
# compatibility_mode=5891 16776869 42 92 64371 10756499 0 0
# compatibility_mode=8192 67108863 100 0 66574996 66574996 0 0
# scanned=686
# found=0
# cleaned=0
# scan_time=32
ESETSmartInstaller@High as downloader log:
all ok
esets_scanner_update returned -1 esets_gle=53251
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=2f80cf91f8d5de4da1ba070db6c87ab9
# end=stopped
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2012-07-23 07:17:15
# local_time=2012-07-23 08:17:15 (+0000, GMT Daylight Time)
# country="United Kingdom"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=768 16777215 100 0 102985878 102985878 0 0
# compatibility_mode=1024 16777215 100 0 0 0 0 0
# compatibility_mode=5891 16776869 42 92 64479 10756607 0 0
# compatibility_mode=8192 67108863 100 0 66575104 66575104 0 0
# scanned=38597
# found=3
# cleaned=3
# scan_time=2175
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinMuollo3.zip Win32/Bagle.gen.zip worm (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinMuollo6.zip Win32/Bagle.gen.zip worm (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinMuollo9.zip Win32/Bagle.gen.zip worm (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=2f80cf91f8d5de4da1ba070db6c87ab9
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2012-07-23 08:36:40
# local_time=2012-07-23 09:36:40 (+0000, GMT Daylight Time)
# country="United Kingdom"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=768 16777215 100 0 103026339 103026339 0 0
# compatibility_mode=1024 16777215 100 0 0 0 0 0
# compatibility_mode=5891 16776869 42 92 104940 10797068 0 0
# compatibility_mode=8192 67108863 100 0 66615565 66615565 0 0
# scanned=206939
# found=0
# cleaned=0
# scan_time=9680








Results of screen317's Security Check version 0.99.43
Windows XP Service Pack 3 x86
Internet Explorer 8
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Disabled!
Microsoft Security Essentials
ECHO is off.
Microsoft Security Essentials
Antivirus up to date! (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
WinPatrol
Spybot - Search & Destroy
Malwarebytes Anti-Malware version 1.62.0.1300
CCleaner
Java™ 6 Update 33
Java version out of Date!
Adobe Flash Player 10 Flash Player out of Date!
Adobe Flash Player 11.3.300.265
Adobe Reader 7 Adobe Reader out of Date!
Mozilla Firefox (14.0.1)
````````Process Check: objlist.exe by Laurent````````
Microsoft Security Essentials MSMpEng.exe
Microsoft Security Essentials msseces.exe
WinPatrol winpatrol.exe
BillP Studios WinPatrol winpatrol.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:: 15% Defragment your hard drive soon!
````````````````````End of Log``````````````````````

[CompCav]

Step 1.

Clear the Java Cache by following the instructions here


Then you will need to reconnect to the internet. At this point update Norton virus definitions and update MalwareBytes' then go on to step 2.

Step 2.

Update Java

Please download JavaRa to your desktop and unzip it to its own folder

Run JavaRa.exe, pick the language of your choice and click Select. Then click Remove Older Versions.
Accept any prompts.
Open JavaRa.exe again and select Search For Updates.
Select Update Using Sun Java's Website then click Search and click on the Open Webpage button. Download and install the latest Java Runtime Environment (JRE) version for your computer.


Step 3.

Update Adobe Reader

Recently there have been vulnerabilities detected in older versions of Adobe Reader. It is strongly suggested that you update to the current version.

Uninstall all previous versions.
Download the latest version from: http://www.adobe.com.../readstep2.html

If you already have Adobe Photoshop® Album Starter Edition installed or do not wish to have it installed UNcheck the box which says Also Download Adobe Photoshop® Album Starter Edition.


Step 4.

Update adobe flash player

We need to uninstall the existing flash player(s). Please go here
Follow steps 1. to 4.
Once flash player is uninstalled go on to the next paragraph.

You will need to download and install both the IE and non-IE versions of Adobe Flashplayer. Make sure to uncheck the install of the McAfee tool before downloading. You will need to select your operating system (Windows XP 32-bit) and then each version to download and install separately.


Step 5.



Then come back and give me an update on your computer

[bg111]

I am a bit confused by the Java page, im not sure which one i meant to download, is it this one:

Windows x64 20.86 MB jre-7u5-windows-x64.exe

[CompCav]

Windows XP Service Pack 3 x86


So 586 version 32 bit.

[bg111]

Think i got the right version. Things seem to be running ok now, thank you. Can i re-install Realplayer and will I need PunkBuster again?

[CompCav]

Things seem to be running ok now, thank you.

Good and thank you

Can i re-install Realplayer and will I need PunkBuster again?

You can now reinstall RealPlayer. PunkBuster is used by some games so I would install it only if and when I need it.

So go ahead and install RealPlayer and come back when you have to update me on your computer's performance before I cleanup and close.

Regards,

CompCav

[bg111]

Hi. I Installed Realplayer before going to bed last nite, and it seemed fine. I have tried it after getting back from work and in my Task Manager Realplay.exe is running at 50% again and sometimes is open twice so the CPU usage is 100%. I checked in the Add Remove programmes and Realplayer is in there this time.

[CompCav]

Please download RevoUninstaller the free version.

Use it on medium settings for removal and remove RealPlayer.

Use Revo Uninstaller to remove a program

Click here to download Revo Uninstaller
Once downloaded, double click the file and follow the prompts to install it
Run Revo Uninstaller, then click the program you want to remove, then click Uninstall at the top
Click Yes to confirm, then click Next
After it has ran the official uninstaller, click Next to search for leftover information
If it finds any leftover files and folders, click Select All, then Delete
Click Next after it has removed the leftovers, then click Finish

[bg111]

Ok, Realplayer has been deleted again and the CPU usage is back down to normal, dont know why its keeps going funny now.

[CompCav]

Let's run an OTL scan again. Please delete the one on your desktop.

Step 2.

Download OTL to your Desktop

• Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
• Select Scan All Users
• Select Lop Check and Purity Check
• Under Extra Registry select Use SafeList
• Under the Custom Scan box paste this in
  netsvcs
  %SYSTEMDRIVE%\*.exe
  msconfig
  activex
  HKEY_CURRENT_USER\Software\Microsoft\Windows Media\WMSDK\Local\AutoProxyCache /s
  CREATERESTOREPOINT
• Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  
• When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
• Post both logs