"C:\Program Files (x86)\Pinnacle\Studio 9\OEM\hhupd.exe";"

Hi all
My computer has been acting slugish the last few days and I just ran a virus scan with AVG, this popped up.....
"C:\Program Files (x86)\Pinnacle\Studio 9\OEM\hhupd.exe";"The file is signed with a broken signiture"
when I google "hhupd.exe" it comes back as a virus. I have tried to remove with AVG but it does nothing.
#1 is this a virus
#2 if it is how do I get rid of it


Thanks in advance

Hi there hemp22!

I am Gabethebabe and I will be helping you with this issue. Before we start some general remarks/rules:

• Whilst I´m helping you, please follow my instructions carefully and do not experiment on your own or accept help from other persons.
  
• Feel free to ask questions! Especially if my instructions are not clear. I´m here to help, not confuse you.
  
• I will try and respond quickly, but please understand I do have a real life (job, wife, 3 kids, kinky hobbies).
  
• Stick with me till the end. If your computer starts running better, doesn´t mean it is clean yet!

====================

What you are seeing with the hhupd.exe is almost certainly a false alarm. The file is located in a legit folder of a legit program.

We can run a few scans to see if you are clean.

====================

Please download OTL by OldTimer from here and save it to your desktop.

• Close all windows and double click OTL.exe.
  
• The Extra Registry setting should be Use Safelist
  
• Copy and paste the following text into the Custom Scans/Fixes box:

• Click the Run Scan button and allow it to run.
  
• It will produce two logs for you, OTL.txt and Extras.txt. Please post both logs in this thread.
  
• You may need multiple posts to get it all.

====================

Please download aswMBR by Alwil Software from here and save it to your desktop.

• Double click aswMBR.exe to run the tool
  
• Click the Scan button to start the scan
  
• Don´t panic if you see any **Rootkit** entries. The tool sometimes produces false alarms
  
• Once the scan finishes click Save log to save the log to your desktop
  
• Copy and paste the contents of this log (aswMBR.txt) into your next reply.

OTL logfile created on: 5/9/2011 6:10:19 AM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\home\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

8.00 Gb Total Physical Memory | 6.00 Gb Available Physical Memory | 74.00% Memory free
16.00 Gb Paging File | 13.00 Gb Available in Paging File | 84.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 919.08 Gb Total Space | 760.11 Gb Free Space | 82.70% Space Free | Partition Type: NTFS
Drive D: | 12.33 Gb Total Space | 2.22 Gb Free Space | 17.98% Space Free | Partition Type: NTFS
Drive E: | 54.94 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive K: | 298.02 Gb Total Space | 29.52 Gb Free Space | 9.90% Space Free | Partition Type: FAT32

Computer Name: HOME-PC | User Name: home | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/05/09 06:07:17 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\home\Desktop\OTL.exe
PRC - [2011/04/22 02:15:21 | 000,307,376 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
PRC - [2011/03/21 17:10:00 | 001,230,704 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2011/03/15 09:03:52 | 002,071,904 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\avgtray.exe
PRC - [2010/11/24 09:19:13 | 000,725,344 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\avgcsrvx.exe
PRC - [2010/11/20 19:12:25 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2010/10/27 20:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
PRC - [2010/10/16 13:29:59 | 000,232,912 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10k_ActiveX.exe
PRC - [2010/10/14 18:27:38 | 000,092,216 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2010/08/25 11:27:44 | 000,309,824 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
PRC - [2010/07/21 09:16:01 | 000,921,952 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\avgemc.exe
PRC - [2010/07/15 09:51:04 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe
PRC - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2009/09/29 10:17:50 | 000,013,088 | ---- | M] (Intuit Inc.) -- C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe
PRC - [2009/08/05 16:45:22 | 000,206,120 | ---- | M] (CyberLink) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
PRC - [2009/07/23 23:45:52 | 000,128,296 | ---- | M] (CyberLink Corp.) -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
PRC - [2009/05/26 04:36:13 | 000,656,896 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
PRC - [2009/03/16 03:47:28 | 000,122,880 | ---- | M] () -- C:\Windows\SysWOW64\WinMsgBalloonServer.exe
PRC - [2009/03/16 03:47:24 | 000,139,264 | ---- | M] () -- C:\Windows\SysWOW64\WinMsgBalloonClient.exe
PRC - [2009/03/16 03:47:22 | 000,122,880 | ---- | M] (AMD) -- C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe
PRC - [2009/03/16 03:47:20 | 000,065,536 | ---- | M] () -- C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpert.exe
PRC - [2008/11/20 13:47:28 | 000,062,768 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
PRC - [2008/09/30 21:59:26 | 000,192,512 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Easy Backup\HPBtnSrv.exe


========== Modules (SafeList) ==========

MOD - [2011/05/09 06:07:17 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\home\Desktop\OTL.exe
MOD - [2010/08/21 01:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/05/15 19:24:10 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2010/11/20 19:12:25 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2010/10/14 18:27:38 | 000,092,216 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2010/10/06 11:31:48 | 000,517,448 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\AVG\AVG9\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)
SRV - [2010/07/21 09:16:01 | 000,921,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG9\avgemc.exe -- (avg9emc)
SRV - [2010/07/15 09:51:04 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2010/06/09 14:33:45 | 000,120,712 | ---- | M] (LogMeIn, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe -- (LMIMaint)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009/09/29 10:17:50 | 000,013,088 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe -- (IntuitUpdateService)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/05/22 14:02:20 | 000,250,616 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2009/03/16 03:47:22 | 000,122,880 | ---- | M] (AMD) [Auto | Running] -- C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe -- (AMD_RAIDXpert)
SRV - [2008/09/30 21:59:26 | 000,192,512 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Easy Backup\HPBtnSrv.exe -- (HPBtnSrv)
SRV - [2008/08/11 13:40:58 | 000,057,920 | ---- | M] (LogMeIn, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe -- (LogMeIn)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/05/06 08:01:08 | 000,317,520 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (AvgTdiA)
DRV:64bit: - [2011/03/11 02:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/09/23 00:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2010/07/15 09:50:44 | 000,269,904 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (AvgLdx64)
DRV:64bit: - [2010/06/09 14:33:23 | 000,087,456 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV:64bit: - [2010/06/02 09:23:35 | 000,035,536 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (AvgMfx64)
DRV:64bit: - [2010/04/19 20:47:42 | 000,050,688 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2009/07/31 07:10:58 | 000,237,936 | ---- | M] (Advanced Micro Devices, Inc) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ahcix64s.sys -- (ahcix64s)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 10:31:42 | 000,233,472 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/06/29 05:00:00 | 000,116,752 | ---- | M] (ATI Research Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2009/06/10 16:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/05 11:10:10 | 001,478,144 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009/05/18 15:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/05/15 20:02:04 | 005,957,632 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2009/05/05 06:00:28 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO)
DRV:64bit: - [2009/04/03 09:39:58 | 000,034,872 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2008/08/11 13:40:58 | 000,072,216 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV:64bit: - [2008/08/11 13:40:32 | 000,011,552 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lmimirr.sys -- (lmimirr)
DRV - [2008/08/11 13:41:00 | 000,015,928 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\rainfo.sys -- (LMIInfo)
DRV - [2004/03/10 16:27:18 | 000,011,264 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\asapiW2k.sys -- (ASAPIW2k)
DRV - [2002/03/19 10:29:16 | 000,014,165 | ---- | M] (Pinnacle Systems GmbH) [Kernel | System | Stopped] -- C:\Windows\SysWOW64\drivers\Pclepci.sys -- (PCLEPCI)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_US&c=94&bd=bestbuy&pf=cndt
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_US&c=94&bd=bestbuy&pf=cndt
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_US&c=94&bd=bestbuy&pf=cndt
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_US&c=94&bd=bestbuy&pf=cndt
IE - HKLM\..\URLSearchHook: {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files (x86)\AIM Toolbar\aimtb.dll (AOL Inc.)
IE - HKLM\..\URLSearchHook: {a0b91230-b76e-4022-a900-e567a6fafbf5} - C:\Program Files (x86)\Element_Search\tbElem.dll (Conduit Ltd.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_US&c=94&bd=bestbuy&pf=cndt
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.wmur.com/weather/grid.html
IE - HKCU\..\URLSearchHook: {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files (x86)\AIM Toolbar\aimtb.dll (AOL Inc.)
IE - HKCU\..\URLSearchHook: {a0b91230-b76e-4022-a900-e567a6fafbf5} - C:\Program Files (x86)\Element_Search\tbElem.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/01/18 16:17:52 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2011/04/17 09:35:23 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2011/04/17 09:35:24 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssiea.dll (AVG Technologies CZ, s.r.o.)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg64.dll (Google Inc.)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (DivX Plus Web Player HTML5

========== Files/Folders - Created Within 30 Days ==========

[2011/05/09 06:07:16 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\home\Desktop\OTL.exe
[2011/05/08 21:30:18 | 000,000,000 | ---D | C] -- C:\Users\home\AppData\Local\{7572ED3C-07CC-4AEB-99A5-D0C1D08593BF}
[2011/05/08 19:09:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDiveLog
[2011/05/08 19:09:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\JDiveLog
[2011/05/02 05:54:47 | 000,000,000 | ---D | C] -- C:\Users\home\AppData\Roaming\YouSendIt
[2011/05/02 05:54:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\YouSendIt
[2011/05/01 00:24:44 | 000,000,000 | ---D | C] -- C:\jam
[2011/04/30 21:46:43 | 002,870,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2011/04/30 21:46:42 | 002,614,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2011/04/30 21:46:40 | 000,662,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2011/04/30 21:46:40 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2011/04/30 21:46:09 | 002,566,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\esent.dll
[2011/04/30 21:46:08 | 001,686,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\esent.dll
[2011/04/30 21:46:08 | 000,187,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys
[2011/04/30 21:46:08 | 000,107,904 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys
[2011/04/30 21:46:07 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fsutil.exe
[2011/04/30 21:46:07 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fsutil.exe
[2011/04/30 21:46:07 | 000,027,008 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys
[2011/04/30 21:45:49 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prevhost.exe
[2011/04/30 21:45:49 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prevhost.exe
[2011/04/18 15:56:33 | 000,000,000 | ---D | C] -- C:\Users\home\AppData\Local\DDMSettings
[2011/04/17 09:34:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine
[2011/04/17 09:34:44 | 000,000,000 | ---D | C] -- C:\Program Files\DivX
[2011/04/17 09:34:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus
[2011/04/17 09:34:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DivX Shared
[2011/04/17 09:32:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DivX
[2011/04/17 09:31:39 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX
[2011/04/14 03:04:56 | 000,000,000 | ---D | C] -- C:\85baf47608dc8d6c4c5b2f9075c5
[2011/04/13 19:03:43 | 000,476,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2011/04/13 19:03:43 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2011/04/13 19:03:41 | 000,852,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2011/04/13 19:03:40 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2011/04/13 19:03:40 | 000,612,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2011/04/13 19:03:38 | 001,395,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42.dll
[2011/04/13 19:03:38 | 001,359,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42u.dll
[2011/04/13 19:03:37 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42u.dll
[2011/04/13 19:03:37 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42.dll
[2011/04/13 19:03:35 | 000,367,104 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2011/04/13 19:03:35 | 000,294,912 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2011/04/13 19:03:35 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2011/04/13 19:03:35 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2011/04/13 19:03:27 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2011/04/13 19:03:27 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2011/04/13 19:03:27 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2011/04/13 19:03:27 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011/04/13 19:03:27 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2011/04/13 19:03:27 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011/04/13 19:03:27 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011/04/13 19:03:27 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011/04/13 19:03:26 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2011/04/13 19:03:26 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2011/04/13 19:03:26 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2011/04/13 19:03:26 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2011/04/13 19:03:26 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2011/04/13 19:03:26 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2011/04/13 19:03:02 | 000,356,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll
[2011/04/13 19:03:02 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnscacheugc.exe
[2011/04/13 19:03:02 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscacheugc.exe
[2011/04/13 19:02:59 | 000,640,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2011/04/13 19:02:59 | 000,603,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe
[2011/04/13 19:02:59 | 000,556,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2011/04/13 19:02:59 | 000,518,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe
[2011/04/13 19:02:59 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSCOVER.exe
[2011/04/13 19:02:59 | 000,020,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdusb.dll
[2011/04/13 19:02:59 | 000,019,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kd1394.dll
[2011/04/13 19:02:59 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdcom.dll
[2011/04/13 00:11:37 | 000,000,000 | ---D | C] -- C:\Users\home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\XP Codec Pack 2.4
[2011/04/13 00:11:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XP Codec Pack 2.4
[2011/04/13 00:11:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\XP Codec Pack
[2011/04/09 13:38:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid
[2011/04/09 13:38:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Xvid
[2004/11/24 14:25:52 | 000,335,872 | ---- | C] ( ) -- C:\Windows\SysWow64\drvc.dll

========== Files - Modified Within 30 Days ==========

[2011/05/09 06:07:17 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\home\Desktop\OTL.exe
[2011/05/09 05:25:00 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/05/09 04:25:00 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/05/09 01:05:57 | 075,773,760 | ---- | M] () -- C:\Windows\SysNative\drivers\Avg\incavi.avm
[2011/05/08 20:28:29 | 000,271,200 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2011/05/08 20:28:29 | 000,271,200 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011/05/08 20:25:14 | 000,103,736 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2011/05/08 20:07:01 | 000,015,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/05/08 20:07:01 | 000,015,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/05/08 19:59:37 | 000,000,328 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForhome.job
[2011/05/08 19:59:28 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/05/08 19:59:23 | 2141,106,175 | -HS- | M] () -- C:\hiberfil.sys
[2011/05/08 19:13:36 | 000,000,116 | ---- | M] () -- C:\Users\home\.jdivelog
[2011/05/08 19:08:03 | 011,104,126 | ---- | M] () -- C:\Users\Public\Documents\jdivelog-installer-2.15.exe
[2011/05/07 02:19:00 | 000,730,320 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/05/07 02:19:00 | 000,626,844 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/05/07 02:19:00 | 000,107,160 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/05/06 08:01:08 | 000,317,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgtdia.sys
[2011/05/03 19:15:40 | 000,014,498 | ---- | M] () -- C:\Users\Public\Documents\RECITAL_MINI_PROGRAM_2011.zip
[2011/05/02 05:54:45 | 000,743,066 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/05/01 10:16:42 | 000,001,789 | ---- | M] () -- C:\Users\home\Desktop\JAMAICA - Shortcut.lnk
[2011/04/14 03:29:12 | 000,379,328 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/04/13 00:11:41 | 000,001,096 | ---- | M] () -- C:\Users\home\Desktop\Media Player Classic.lnk

========== Files Created - No Company Name ==========

[2011/05/08 19:13:36 | 000,000,116 | ---- | C] () -- C:\Users\home\.jdivelog
[2011/05/08 19:08:03 | 011,104,126 | ---- | C] () -- C:\Users\Public\Documents\jdivelog-installer-2.15.exe
[2011/05/03 19:15:40 | 000,014,498 | ---- | C] () -- C:\Users\Public\Documents\RECITAL_MINI_PROGRAM_2011.zip
[2011/05/02 05:54:45 | 000,743,066 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/05/01 10:16:42 | 000,001,789 | ---- | C] () -- C:\Users\home\Desktop\JAMAICA - Shortcut.lnk
[2011/04/13 00:11:41 | 000,001,096 | ---- | C] () -- C:\Users\home\Desktop\Media Player Classic.lnk
[2011/04/13 00:11:40 | 000,421,888 | ---- | C] () -- C:\Windows\SysNative\ac3filter.acm
[2011/04/09 13:38:22 | 000,255,488 | ---- | C] () -- C:\Windows\SysNative\xvidvfw.dll
[2011/04/09 13:38:21 | 000,703,488 | ---- | C] () -- C:\Windows\SysNative\xvidcore.dll
[2011/04/09 13:38:21 | 000,650,752 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2011/04/09 13:38:21 | 000,240,640 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2011/04/09 13:38:21 | 000,173,056 | ---- | C] () -- C:\Windows\SysNative\xvid.ax
[2011/04/09 13:38:21 | 000,152,064 | ---- | C] () -- C:\Windows\SysWow64\xvid.ax
[2010/11/25 21:52:33 | 000,000,952 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2010/11/25 21:52:33 | 000,000,088 | RHS- | C] () -- C:\ProgramData\084B3596F9.sys
[2010/11/06 23:01:24 | 000,000,871 | ---- | C] () -- C:\Windows\eReg.dat
[2010/04/13 18:27:59 | 000,406,016 | ---- | C] () -- C:\Windows\SysWow64\PSDrvCheck.exe
[2010/01/25 11:58:06 | 000,462,848 | ---- | C] () -- C:\Windows\SysWow64\ractrlkeyhook.dll
[2010/01/18 16:17:19 | 000,023,141 | ---- | C] () -- C:\Windows\hpqins15.dat
[2010/01/01 11:43:33 | 000,025,126 | ---- | C] () -- C:\Users\home\AppData\Roaming\Comma Separated Values (DOS).ADR
[2009/12/25 13:53:01 | 000,000,409 | ---- | C] () -- C:\Windows\CoDUO.INI
[2009/12/25 13:32:55 | 000,000,745 | ---- | C] () -- C:\Windows\CoD.INI
[2009/12/22 23:05:02 | 000,271,200 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2009/12/22 23:04:59 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2009/12/22 23:04:51 | 000,000,293 | ---- | C] () -- C:\Windows\game.ini
[2009/12/22 22:02:58 | 000,165,229 | ---- | C] () -- C:\Windows\hpoins37.dat
[2009/12/22 17:48:50 | 000,000,000 | ---- | C] () -- C:\Users\home\AppData\Roaming\wklnhst.dat
[2009/12/02 13:02:50 | 001,632,887 | ---- | C] () -- C:\Windows\SysWow64\ffmpegmt.dll
[2009/11/04 14:43:20 | 000,324,096 | ---- | C] () -- C:\Windows\SysWow64\TomsMoComp_ff.dll
[2009/11/03 16:11:22 | 000,113,152 | ---- | C] () -- C:\Windows\SysWow64\ff_unrar.dll
[2009/11/03 16:11:00 | 000,146,944 | ---- | C] () -- C:\Windows\SysWow64\ff_tremor.dll
[2009/11/03 16:10:42 | 000,183,296 | ---- | C] () -- C:\Windows\SysWow64\ff_samplerate.dll
[2009/11/03 16:09:18 | 000,178,688 | ---- | C] () -- C:\Windows\SysWow64\ff_libmad.dll
[2009/11/03 16:08:58 | 000,484,864 | ---- | C] () -- C:\Windows\SysWow64\ff_libfaad2.dll
[2009/11/03 16:08:12 | 000,257,024 | ---- | C] () -- C:\Windows\SysWow64\ff_libdts.dll
[2009/11/03 16:07:16 | 000,142,848 | ---- | C] () -- C:\Windows\SysWow64\ff_liba52.dll
[2009/11/03 15:36:06 | 000,145,408 | ---- | C] () -- C:\Windows\SysWow64\libmpeg2_ff.dll
[2009/10/27 18:46:26 | 000,248,320 | ---- | C] () -- C:\Windows\SysWow64\ff_kernelDeint.dll
[2009/09/04 11:06:40 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2009/08/11 16:21:26 | 000,087,552 | ---- | C] () -- C:\Windows\SysWow64\ac3config.exe
[2009/07/15 20:50:42 | 000,013,312 | ---- | C] () -- C:\Windows\LPRES.DLL
[2009/07/14 01:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 22:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/13 22:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/13 20:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 17:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/07/08 10:40:39 | 000,000,632 | ---- | C] () -- C:\Windows\hpomdl37.dat
[2009/06/10 17:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2009/03/16 03:47:28 | 000,122,880 | ---- | C] () -- C:\Windows\SysWow64\WinMsgBalloonServer.exe
[2009/03/16 03:47:24 | 000,139,264 | ---- | C] () -- C:\Windows\SysWow64\WinMsgBalloonClient.exe
[2009/03/05 22:00:36 | 000,532,480 | ---- | C] () -- C:\Windows\SysWow64\libxml2.dll
[2009/01/10 18:17:32 | 000,163,840 | ---- | C] () -- C:\Windows\SysWow64\ts.dll
[2009/01/10 18:16:56 | 000,148,480 | ---- | C] () -- C:\Windows\SysWow64\mkx.dll
[2009/01/10 18:16:50 | 000,108,032 | ---- | C] () -- C:\Windows\SysWow64\avi.dll
[2009/01/10 18:16:14 | 000,141,312 | ---- | C] () -- C:\Windows\SysWow64\mp4.dll
[2009/01/10 18:16:04 | 000,335,872 | ---- | C] () -- C:\Windows\SysWow64\gdsmux.exe
[2009/01/10 18:15:54 | 000,120,832 | ---- | C] () -- C:\Windows\SysWow64\ogm.dll
[2009/01/10 18:15:44 | 000,159,744 | ---- | C] () -- C:\Windows\SysWow64\mmfinfo.dll
[2009/01/10 18:15:36 | 000,103,424 | ---- | C] () -- C:\Windows\SysWow64\dsmux.exe
[2009/01/10 18:15:32 | 000,102,400 | ---- | C] () -- C:\Windows\SysWow64\avss.dll
[2009/01/10 18:15:28 | 000,246,784 | ---- | C] () -- C:\Windows\SysWow64\dxr.dll
[2009/01/10 18:15:12 | 000,097,280 | ---- | C] () -- C:\Windows\SysWow64\avs.dll
[2009/01/10 18:15:06 | 000,135,168 | ---- | C] () -- C:\Windows\SysWow64\mkv2vfr.exe
[2009/01/10 18:14:08 | 000,079,360 | ---- | C] () -- C:\Windows\SysWow64\mkzlib.dll
[2009/01/10 18:14:06 | 000,023,552 | ---- | C] () -- C:\Windows\SysWow64\mkunicode.dll
[2008/11/06 12:37:32 | 003,596,288 | ---- | C] () -- C:\Windows\SysWow64\qt-dx331.dll
[2008/07/05 06:14:48 | 000,456,192 | ---- | C] () -- C:\Windows\SysWow64\libmplayer.dll
[2008/07/05 06:14:44 | 003,591,168 | ---- | C] () -- C:\Windows\SysWow64\libavcodec.dll
[2008/07/05 06:13:16 | 000,708,096 | ---- | C] () -- C:\Windows\SysWow64\ff_x264.dll
[2008/06/22 12:34:00 | 000,177,664 | ---- | C] () -- C:\Windows\SysWow64\ff_theora.dll
[2008/06/13 06:39:38 | 000,023,552 | ---- | C] () -- C:\Windows\SysWow64\ff_wmv9.dll
[2008/06/12 13:36:38 | 000,007,680 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2008/01/14 17:47:06 | 000,099,712 | ---- | C] () -- C:\Windows\HPBroker.dll
[2007/10/13 05:30:20 | 000,000,137 | ---- | C] () -- C:\Windows\SysWow64\Registration.ini
[2006/11/02 11:10:16 | 000,080,912 | ---- | C] () -- C:\Windows\SysWow64\sherlock2.exe
[2005/08/26 15:28:34 | 000,143,360 | ---- | C] () -- C:\Windows\unzip.exe
[2005/08/26 15:28:20 | 000,024,576 | ---- | C] () -- C:\Windows\shortcut.exe
[2005/08/26 15:27:58 | 000,045,056 | ---- | C] () -- C:\Windows\devenum.exe
[2004/10/03 12:50:54 | 000,129,024 | ---- | C] () -- C:\Windows\SysWow64\ff_mpeg2enc.dll
[2004/03/18 08:44:29 | 001,663,068 | ---- | C] () -- C:\Windows\SysWow64\libmmd.dll

========== Custom Scans ==========


< %systemroot%\system32\*.dll /lockedfiles >
[2009/07/13 21:15:13 | 000,346,112 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\SysWOW64\dxtmsft.dll
[2009/07/13 21:15:13 | 000,215,552 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\SysWOW64\dxtrans.dll

< %systemroot%\system32\*.exe /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\system32\drivers\*.sys >
[2004/03/10 16:27:18 | 000,011,264 | ---- | M] (Pinnacle Systems GmbH) -- C:\Windows\SysWOW64\drivers\asapiW2k.sys
[2010/12/20 19:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWOW64\drivers\mbamswissarmy.sys
[2002/03/19 10:29:16 | 000,014,165 | ---- | M] (Pinnacle Systems GmbH) -- C:\Windows\SysWOW64\drivers\Pclepci.sys
[2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\drivers\wimmount.sys

< %systemroot%\system32\drivers\*.dll >

< %systemroot%\system32\drivers\*.ini >

< %systemroot%\system32\drivers\*.exe >

< %SYSTEMDRIVE%\*.* >
[2009/12/30 15:56:11 | 000,001,024 | ---- | M] () -- C:\.rnd
[2010/04/13 18:50:17 | 000,403,902 | ---- | M] () -- C:\adorage-protocol.txt
[2010/05/07 13:59:20 | 000,000,250 | ---- | M] () -- C:\FINIS_IT.TXT
[2011/05/08 19:59:23 | 2141,106,175 | -HS- | M] () -- C:\hiberfil.sys
[2010/03/23 18:24:07 | 000,000,349 | -H-- | M] () -- C:\IPH.PH
[2006/12/02 02:37:14 | 000,904,704 | ---- | M] (Microsoft Corporation) -- C:\msdia80.dll
[2011/05/08 19:59:24 | 4286,463,999 | -HS- | M] () -- C:\pagefile.sys

< %PROGRAMFILES%\*. >
[2009/12/22 18:18:24 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Activation Assistant for the 2007 Microsoft Office suites
[2009/12/25 00:24:59 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Activision
[2010/02/04 08:04:54 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Adobe
[2010/04/13 18:50:17 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\AdorageI-GfxDatas
[2010/04/13 18:49:13 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\AdorageI-SAL
[2010/03/23 18:24:01 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\AIM
[2010/03/23 18:24:17 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\AIM Toolbar
[2009/09/04 11:16:52 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\AMD
[2009/12/25 11:09:44 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Apple Software Update
[2010/10/20 21:00:07 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\ArcSoft
[2009/09/04 11:17:54 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\ATI Technologies
[2009/12/22 18:05:54 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\AVG
[2010/04/13 20:51:15 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\AVS4YOU
[2010/08/15 16:58:26 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Bonjour
[2009/12/25 20:17:01 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Call of Duty Game of the Year Edition
[2011/04/17 09:34:50 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files
[2010/04/15 21:28:28 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Conduit
[2009/09/04 11:25:03 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Cyberlink
[2011/04/17 09:35:27 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\DivX
[2010/11/25 19:19:01 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\EA GAMES
[2010/04/15 21:28:28 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Element_Search
[2010/11/25 21:52:21 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Enterbrain
[2009/12/31 01:54:08 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\FLV Player
[2009/12/31 01:53:03 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Free FLV Converter
[2010/11/25 21:44:27 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Game_Maker8
[2011/01/30 17:41:36 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Google
[2010/12/19 14:33:43 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Hewlett-Packard
[2010/09/29 06:58:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\hp
[2009/12/24 19:33:32 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\HP Games
[2011/05/02 05:54:28 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\InstallShield Installation Information
[2011/04/14 03:27:31 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Internet Explorer
[2010/09/11 14:22:31 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\iTunes
[2010/02/09 20:29:02 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Java
[2011/05/08 19:10:57 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\JDiveLog
[2010/06/30 03:12:02 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\JunoPreloader
[2010/01/31 16:06:31 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Kodak
[2010/08/24 00:03:51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\LogMeIn
[2010/01/16 23:50:52 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Lowes
[2011/01/15 11:47:11 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2009/12/22 19:50:45 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Office
[2011/04/30 21:37:03 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Silverlight
[2010/10/20 20:39:55 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2009/12/22 19:51:43 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Visual Studio
[2010/12/16 04:02:37 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Works
[2010/06/25 03:01:53 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft.NET
[2009/07/14 01:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSBuild
[2009/09/04 11:46:11 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSN
[2009/12/24 04:09:39 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSXML 4.0
[2009/09/04 11:45:14 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\NetZeroPreloader
[2010/10/01 22:21:24 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\office Convert Pdf to Jpg Jpeg Tiff Free
[2009/12/22 19:57:50 | 000,000,000 | R--D | M] -- C:\Program Files (x86)\Online Services
[2010/04/14 00:32:58 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Ordix
[2009/09/04 11:29:32 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\PictureMover
[2010/04/13 18:26:44 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Pinnacle
[2010/04/13 18:56:42 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\proDAD
[2010/09/11 14:20:56 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\QuickTime
[2009/09/04 11:18:29 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Realtek
[2009/07/14 01:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Reference Assemblies
[2010/01/12 21:34:11 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Sectra
[2010/04/13 18:30:05 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\SmartSound Software
[2009/09/04 11:34:54 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Symantec
[2009/09/04 11:18:37 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Temp
[2010/02/05 19:58:40 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\TurboTax
[2009/07/14 00:57:06 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Uninstall Information
[2009/07/14 01:37:47 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Defender
[2011/03/30 03:01:37 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Live
[2010/12/16 04:20:47 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Mail
[2010/10/13 03:26:45 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Media Player
[2009/07/14 01:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows NT
[2009/07/14 01:37:47 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Photo Viewer
[2009/07/14 01:32:40 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Portable Devices
[2009/12/22 19:57:49 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Sidebar
[2011/04/13 00:11:41 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\XP Codec Pack
[2011/04/09 13:38:42 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Xvid
[2009/12/22 22:12:29 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Yahoo!
[2011/05/02 05:54:18 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\YouSendIt


< MD5 for: ATAPI.SYS >
[2009/07/13 21:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009/07/13 21:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009/07/13 21:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys

< MD5 for: EXPLORER.EXE >
[2011/02/26 02:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\explorer.exe
[2011/02/26 02:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011/02/26 01:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009/07/13 21:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011/02/26 01:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009/10/31 01:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011/02/26 01:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\SysWOW64\explorer.exe
[2011/02/26 01:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011/02/25 02:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/26 02:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2009/08/03 02:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011/02/25 01:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009/10/31 02:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009/08/03 01:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2009/10/31 02:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009/08/03 01:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009/07/13 21:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009/10/31 02:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011/02/26 02:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009/08/03 02:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

< MD5 for: USERINIT.EXE >
[2009/07/13 21:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009/07/13 21:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009/07/13 21:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\SysNative\userinit.exe
[2009/07/13 21:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009/07/13 21:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009/10/28 03:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009/10/28 02:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\SysNative\winlogon.exe
[2009/10/28 02:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< End of report >

Thanks for the help Gabethebabe, I hope it is just a false alarm.

The OTL log is a happy family of legit programs.
Do you have the aswMBR log for me?

You have Malwarebytes installed. Can you open it, update, do a quick scan and post the log?

I thought I posted that..hmmmmm, I will when I get home.

aswMBR version 0.9.5.256 Copyright(c) 2011 AVAST Software
Run date: 2011-05-09 20:30:46
-----------------------------
20:30:46.939 OS Version: Windows x64 6.1.7600
20:30:46.939 Number of processors: 4 586 0x402
20:30:46.954 ComputerName: HOME-PC UserName: home
20:30:49.107 Initialize success
20:31:09.247 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000005c
20:31:09.247 Disk 0 Vendor: WDC_____ 01.0 Size: 953869MB BusType: 8
20:31:11.275 Disk 0 MBR read successfully
20:31:11.275 Disk 0 MBR scan
20:31:11.275 Disk 0 unknown MBR code
20:31:11.290 Service scanning
20:31:12.367 Disk 0 trace - called modules:
20:31:12.367 ntoskrnl.exe CLASSPNP.SYS disk.sys storport.sys hal.dll ahcix64s.sys
20:31:12.382 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007da0060]
20:31:12.382 3 CLASSPNP.SYS[fffff8800100143f] -> nt!IofCallDriver -> \Device\0000005c[0xfffffa800750f9c0]
20:31:12.398 Scan finished successfully
20:33:23.438 Disk 0 MBR has been saved successfully to "C:\Users\home\Desktop\MBR.dat"
20:33:23.454 The log file has been saved successfully to "C:\Users\home\Desktop\aswMBR.txt"

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 6542

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

5/9/2011 10:14:50 PM
mbam-log-2011-05-09 (22-14-50).txt

Scan type: Full scan (C:\|D:\|)
Objects scanned: 469583
Time elapsed: 1 hour(s), 2 minute(s), 32 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

Excellent. As far as I can see, your computer is CLEAN.



====================

I noticed that you have a HP computer with a non standard MBR. Here is a recommendation:

Protect your MBR (Master Boot Record)

Your MBR is a small but critical part of the operating system. It is vulnerable to infection and you might want to make a backup copy.

• Navigate to the Systemintegrasjon AS website here.
  
• Find MBRFix and click the download link to download this tool.
  
• Unpack the zip archive and extract MBRFix.exe to your desktop
  
• Go to Start > Run, copy/paste the following:

  "%userprofile%\desktop\MBRFix" /drive 0 savembr "%userprofile%\desktop\MBR_0.dat"

  and hit Enter.
  
• A file named MBR_0.dat will appear on your desktop, containing the backup of your Master Boot Record.
  
• Store this file in a safe place.

====================

And some general recommendations on avoiding malware problems:

1) Keep your Windows up-to-date. Windows Autoupdate should be ON (see Start >> Control Panel >> Security Center). An alternative way (but more time-consuming) is to periodically visit http://windowsupdate.microsoft.com. Hackers are looking every day for new security holes. Microsoft keeps patching them. You cannot fall behind in this race, it will make your system vulnerable.

2) For your average daily computer activities, use a limited/standard user account. If you use Vista/WIN7 do not disable User Account Control (UAC). You would be amazed to know how much malware can´t touch you if you deny it admin rights. Create a separate password-protected administrator account that you use for admin activities, like (un)installing software.

3) Use a good antivirus. There are various free ones, you cannot go wrong with either of the following three:

• Panda Cloud Antivirus. If you want your antivirus to be light on resources, I recommend Panda. Install without the toolbar.
  
• Avira. 100 million users can´t be wrong. If you want high detection rates, this is your best free bet.
  
• Avast! is a very complete antivirus, with modules like mailscanner and webshield.

4) If your computer has 1GB system memory or more, you should install a third party firewall, to replace the weak Windows Firewall. I recommend:

• Comodo Firewall. Install the internet security suite, but without the antivirus and without the Hopsurf toolbar.
  
• Online Armor. A very smart and user friendly firewall.
  
• Outpost Firewall is another rocksolid choice.

Note: you should run only ONE antivirus and ONE firewall. Running multiples of either is bad, it will cause slowdowns and/or conflicts.

5) Miscellaneous advice:

• Stay away from cracks and keygens (look here for the why). Get free software instead. Gizmo is an excellent source of freeware reviews.
  
• Navigate safely. Google Chrome is the safest browser available. However, Mozilla Firefox can be made extremely safe with the NoScript addon. Internet Explorer (always use version 8) can be made a lot safer with Spywareblaster (manual here).
  
• The WOT (Webs Of Trust) addon will help you to stay on reliable webpages.
  
• WinPatrol alerts you when changes are made in vital system areas. Especially good on light systems not running a third party firewall.
  
• Make sure you have ways to recuperate your operating system and vital other data if its gets frustrated by malware and/or other problems. A Windows setup CD and recent backups/disk images will be priceless, if you find yourself in an unexpected tight spot.

Finally: did we help you? Help us back!

Great Thanks for the help

Whoo Hooo!!!

Gabethebabe wrote:

Hi there hemp22!

I am Gabethebabe and I will be helping you with this issue. Before we start some general remarks/rules:

• Whilst I´m helping you, please follow my instructions carefully and do not experiment on your own or accept help from other persons.
  
• Feel free to ask questions! Especially if my instructions are not clear. I´m here to help, not confuse you.
  
• I will try and respond quickly, but please understand I do have a real life (job, wife, 3 kids, kinky hobbies).
  
• Stick with me till the end. If your computer starts running better, doesn´t mean it is clean yet!
  

====================

What you are seeing with the hhupd.exe is almost certainly a false alarm. The file is located in a legit folder of a legit program.

We can run a few scans to see if you are clean.

====================

Please download OTL by OldTimer from here and save it to your desktop.

• Close all windows and double click OTL.exe.
  
• The Extra Registry setting should be Use Safelist
  
• Copy and paste the following text into the Custom Scans/Fixes box:
  

Code:

netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\*.exe /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\system32\drivers\*.sys
%systemroot%\system32\drivers\*.dll
%systemroot%\system32\drivers\*.ini
%systemroot%\system32\drivers\*.exe
%SYSTEMDRIVE%\*.*
%PROGRAMFILES%\*.
/md5start
atapi.sys
explorer.exe
iastor.sys
userinit.exe
winlogon.exe
/md5stop

• Click the Run Scan button and allow it to run.
  
• It will produce two logs for you, OTL.txt and Extras.txt. Please post both logs in this thread.
  
• You may need multiple posts to get it all.
  

====================

Please download aswMBR by Alwil Software from here and save it to your desktop.

• Double click aswMBR.exe to run the tool
  
• Click the Scan button to start the scan
  
• Don´t panic if you see any **Rootkit** entries. The tool sometimes produces false alarms
  
• Once the scan finishes click Save log to save the log to your desktop
  
• Copy and paste the contents of this log (aswMBR.txt) into your next reply.