"C:\Program Files (x86)\Pinnacle\Studio 9\OEM\hhupd.exe";"

View previous topic View next topic Go down

"C:Program Files (x86)PinnacleStudio 9OEMhhupd.exe";"

Post by hemp22 on Mon 09 May 2011, 12:18 pm

Hi all
My computer has been acting slugish the last few days and I just ran a virus scan with AVG, this popped up.....
"C:\Program Files (x86)\Pinnacle\Studio 9\OEM\hhupd.exe";"The file is signed with a broken signiture"
when I google "hhupd.exe" it comes back as a virus. I have tried to remove with AVG but it does nothing.
#1 is this a virus
#2 if it is how do I get rid of it


Thanks in advance


hemp22

Newbie Surfer
Newbie Surfer

Posts : 41
Joined : 2009-10-17
Operating System : xp

View user profile

Back to top Go down

Re: "C:\Program Files (x86)\Pinnacle\Studio 9\OEM\hhupd.exe";"

Post by Gabethebabe on Mon 09 May 2011, 8:23 pm

Hi there hemp22!

I am Gabethebabe and I will be helping you with this issue. Before we start some general remarks/rules:
  • Whilst Iīm helping you, please follow my instructions carefully and do not experiment on your own or accept help from other persons.
  • Feel free to ask questions! Especially if my instructions are not clear. Iīm here to help, not confuse you.
  • I will try and respond quickly, but please understand I do have a real life (job, wife, 3 kids, kinky hobbies).
  • Stick with me till the end. If your computer starts running better, doesnīt mean it is clean yet!

====================

What you are seeing with the hhupd.exe is almost certainly a false alarm. The file is located in a legit folder of a legit program.

We can run a few scans to see if you are clean.

====================

Please download OTL by OldTimer from here and save it to your desktop.
  • Close all windows and double click OTL.exe.
  • The Extra Registry setting should be Use Safelist
  • Copy and paste the following text into the Custom Scans/Fixes box:

Code:
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\*.exe /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\system32\drivers\*.sys
%systemroot%\system32\drivers\*.dll
%systemroot%\system32\drivers\*.ini
%systemroot%\system32\drivers\*.exe
%SYSTEMDRIVE%\*.*
%PROGRAMFILES%\*.
/md5start
atapi.sys
explorer.exe
iastor.sys
userinit.exe
winlogon.exe
/md5stop
  • Click the Run Scan button and allow it to run.
  • It will produce two logs for you, OTL.txt and Extras.txt. Please post both logs in this thread.
  • You may need multiple posts to get it all.

====================

Please download aswMBR by Alwil Software from here and save it to your desktop.

  • Double click aswMBR.exe to run the tool
  • Click the Scan button to start the scan
  • Donīt panic if you see any **Rootkit** entries. The tool sometimes produces false alarms
  • Once the scan finishes click Save log to save the log to your desktop
  • Copy and paste the contents of this log (aswMBR.txt) into your next reply.



Gabethebabe

Tech Advisor
Tech Advisor

Posts : 1568
Joined : 2010-03-07
Operating System : WIN7 64bit, Ubuntu 12.04 LTS

View user profile

Back to top Go down

Re: "C:\Program Files (x86)\Pinnacle\Studio 9\OEM\hhupd.exe";"

Post by hemp22 on Mon 09 May 2011, 9:19 pm

OTL logfile created on: 5/9/2011 6:10:19 AM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\home\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

8.00 Gb Total Physical Memory | 6.00 Gb Available Physical Memory | 74.00% Memory free
16.00 Gb Paging File | 13.00 Gb Available in Paging File | 84.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 919.08 Gb Total Space | 760.11 Gb Free Space | 82.70% Space Free | Partition Type: NTFS
Drive D: | 12.33 Gb Total Space | 2.22 Gb Free Space | 17.98% Space Free | Partition Type: NTFS
Drive E: | 54.94 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive K: | 298.02 Gb Total Space | 29.52 Gb Free Space | 9.90% Space Free | Partition Type: FAT32

Computer Name: HOME-PC | User Name: home | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/05/09 06:07:17 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\home\Desktop\OTL.exe
PRC - [2011/04/22 02:15:21 | 000,307,376 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
PRC - [2011/03/21 17:10:00 | 001,230,704 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2011/03/15 09:03:52 | 002,071,904 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\avgtray.exe
PRC - [2010/11/24 09:19:13 | 000,725,344 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\avgcsrvx.exe
PRC - [2010/11/20 19:12:25 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2010/10/27 20:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
PRC - [2010/10/16 13:29:59 | 000,232,912 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10k_ActiveX.exe
PRC - [2010/10/14 18:27:38 | 000,092,216 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2010/08/25 11:27:44 | 000,309,824 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
PRC - [2010/07/21 09:16:01 | 000,921,952 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\avgemc.exe
PRC - [2010/07/15 09:51:04 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe
PRC - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2009/09/29 10:17:50 | 000,013,088 | ---- | M] (Intuit Inc.) -- C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe
PRC - [2009/08/05 16:45:22 | 000,206,120 | ---- | M] (CyberLink) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
PRC - [2009/07/23 23:45:52 | 000,128,296 | ---- | M] (CyberLink Corp.) -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
PRC - [2009/05/26 04:36:13 | 000,656,896 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
PRC - [2009/03/16 03:47:28 | 000,122,880 | ---- | M] () -- C:\Windows\SysWOW64\WinMsgBalloonServer.exe
PRC - [2009/03/16 03:47:24 | 000,139,264 | ---- | M] () -- C:\Windows\SysWOW64\WinMsgBalloonClient.exe
PRC - [2009/03/16 03:47:22 | 000,122,880 | ---- | M] (AMD) -- C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe
PRC - [2009/03/16 03:47:20 | 000,065,536 | ---- | M] () -- C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpert.exe
PRC - [2008/11/20 13:47:28 | 000,062,768 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
PRC - [2008/09/30 21:59:26 | 000,192,512 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Easy Backup\HPBtnSrv.exe


========== Modules (SafeList) ==========

MOD - [2011/05/09 06:07:17 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\home\Desktop\OTL.exe
MOD - [2010/08/21 01:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/05/15 19:24:10 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2010/11/20 19:12:25 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2010/10/14 18:27:38 | 000,092,216 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2010/10/06 11:31:48 | 000,517,448 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\AVG\AVG9\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)
SRV - [2010/07/21 09:16:01 | 000,921,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG9\avgemc.exe -- (avg9emc)
SRV - [2010/07/15 09:51:04 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2010/06/09 14:33:45 | 000,120,712 | ---- | M] (LogMeIn, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe -- (LMIMaint)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009/09/29 10:17:50 | 000,013,088 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe -- (IntuitUpdateService)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/05/22 14:02:20 | 000,250,616 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2009/03/16 03:47:22 | 000,122,880 | ---- | M] (AMD) [Auto | Running] -- C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe -- (AMD_RAIDXpert)
SRV - [2008/09/30 21:59:26 | 000,192,512 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Easy Backup\HPBtnSrv.exe -- (HPBtnSrv)
SRV - [2008/08/11 13:40:58 | 000,057,920 | ---- | M] (LogMeIn, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe -- (LogMeIn)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/05/06 08:01:08 | 000,317,520 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (AvgTdiA)
DRV:64bit: - [2011/03/11 02:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/09/23 00:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2010/07/15 09:50:44 | 000,269,904 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (AvgLdx64)
DRV:64bit: - [2010/06/09 14:33:23 | 000,087,456 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV:64bit: - [2010/06/02 09:23:35 | 000,035,536 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (AvgMfx64)
DRV:64bit: - [2010/04/19 20:47:42 | 000,050,688 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2009/07/31 07:10:58 | 000,237,936 | ---- | M] (Advanced Micro Devices, Inc) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ahcix64s.sys -- (ahcix64s)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 10:31:42 | 000,233,472 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/06/29 05:00:00 | 000,116,752 | ---- | M] (ATI Research Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2009/06/10 16:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/05 11:10:10 | 001,478,144 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009/05/18 15:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/05/15 20:02:04 | 005,957,632 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2009/05/05 06:00:28 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO)
DRV:64bit: - [2009/04/03 09:39:58 | 000,034,872 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2008/08/11 13:40:58 | 000,072,216 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV:64bit: - [2008/08/11 13:40:32 | 000,011,552 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lmimirr.sys -- (lmimirr)
DRV - [2008/08/11 13:41:00 | 000,015,928 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\rainfo.sys -- (LMIInfo)
DRV - [2004/03/10 16:27:18 | 000,011,264 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\asapiW2k.sys -- (ASAPIW2k)
DRV - [2002/03/19 10:29:16 | 000,014,165 | ---- | M] (Pinnacle Systems GmbH) [Kernel | System | Stopped] -- C:\Windows\SysWOW64\drivers\Pclepci.sys -- (PCLEPCI)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [You must be registered and logged in to see this link.]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [You must be registered and logged in to see this link.]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKLM\..\URLSearchHook: {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files (x86)\AIM Toolbar\aimtb.dll (AOL Inc.)
IE - HKLM\..\URLSearchHook: {a0b91230-b76e-4022-a900-e567a6fafbf5} - C:\Program Files (x86)\Element_Search\tbElem.dll (Conduit Ltd.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKCU\..\URLSearchHook: {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files (x86)\AIM Toolbar\aimtb.dll (AOL Inc.)
IE - HKCU\..\URLSearchHook: {a0b91230-b76e-4022-a900-e567a6fafbf5} - C:\Program Files (x86)\Element_Search\tbElem.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/01/18 16:17:52 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2011/04/17 09:35:23 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2011/04/17 09:35:24 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssiea.dll (AVG Technologies CZ, s.r.o.)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg64.dll (Google Inc.)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (DivX Plus Web Player HTML5

hemp22

Newbie Surfer
Newbie Surfer

Posts : 41
Joined : 2009-10-17
Operating System : xp

View user profile

Back to top Go down

Re: "C:\Program Files (x86)\Pinnacle\Studio 9\OEM\hhupd.exe";"

Post by hemp22 on Mon 09 May 2011, 9:20 pm

========== Files/Folders - Created Within 30 Days ==========

[2011/05/09 06:07:16 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\home\Desktop\OTL.exe
[2011/05/08 21:30:18 | 000,000,000 | ---D | C] -- C:\Users\home\AppData\Local\{7572ED3C-07CC-4AEB-99A5-D0C1D08593BF}
[2011/05/08 19:09:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDiveLog
[2011/05/08 19:09:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\JDiveLog
[2011/05/02 05:54:47 | 000,000,000 | ---D | C] -- C:\Users\home\AppData\Roaming\YouSendIt
[2011/05/02 05:54:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\YouSendIt
[2011/05/01 00:24:44 | 000,000,000 | ---D | C] -- C:\jam
[2011/04/30 21:46:43 | 002,870,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2011/04/30 21:46:42 | 002,614,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2011/04/30 21:46:40 | 000,662,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2011/04/30 21:46:40 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2011/04/30 21:46:09 | 002,566,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\esent.dll
[2011/04/30 21:46:08 | 001,686,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\esent.dll
[2011/04/30 21:46:08 | 000,187,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys
[2011/04/30 21:46:08 | 000,107,904 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys
[2011/04/30 21:46:07 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fsutil.exe
[2011/04/30 21:46:07 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fsutil.exe
[2011/04/30 21:46:07 | 000,027,008 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys
[2011/04/30 21:45:49 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prevhost.exe
[2011/04/30 21:45:49 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prevhost.exe
[2011/04/18 15:56:33 | 000,000,000 | ---D | C] -- C:\Users\home\AppData\Local\DDMSettings
[2011/04/17 09:34:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine
[2011/04/17 09:34:44 | 000,000,000 | ---D | C] -- C:\Program Files\DivX
[2011/04/17 09:34:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus
[2011/04/17 09:34:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DivX Shared
[2011/04/17 09:32:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DivX
[2011/04/17 09:31:39 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX
[2011/04/14 03:04:56 | 000,000,000 | ---D | C] -- C:\85baf47608dc8d6c4c5b2f9075c5
[2011/04/13 19:03:43 | 000,476,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2011/04/13 19:03:43 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2011/04/13 19:03:41 | 000,852,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2011/04/13 19:03:40 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2011/04/13 19:03:40 | 000,612,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2011/04/13 19:03:38 | 001,395,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42.dll
[2011/04/13 19:03:38 | 001,359,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42u.dll
[2011/04/13 19:03:37 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42u.dll
[2011/04/13 19:03:37 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42.dll
[2011/04/13 19:03:35 | 000,367,104 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2011/04/13 19:03:35 | 000,294,912 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2011/04/13 19:03:35 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2011/04/13 19:03:35 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2011/04/13 19:03:27 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2011/04/13 19:03:27 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2011/04/13 19:03:27 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2011/04/13 19:03:27 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011/04/13 19:03:27 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2011/04/13 19:03:27 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011/04/13 19:03:27 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011/04/13 19:03:27 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011/04/13 19:03:26 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2011/04/13 19:03:26 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2011/04/13 19:03:26 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2011/04/13 19:03:26 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2011/04/13 19:03:26 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2011/04/13 19:03:26 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2011/04/13 19:03:02 | 000,356,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll
[2011/04/13 19:03:02 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnscacheugc.exe
[2011/04/13 19:03:02 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscacheugc.exe
[2011/04/13 19:02:59 | 000,640,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2011/04/13 19:02:59 | 000,603,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe
[2011/04/13 19:02:59 | 000,556,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2011/04/13 19:02:59 | 000,518,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe
[2011/04/13 19:02:59 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSCOVER.exe
[2011/04/13 19:02:59 | 000,020,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdusb.dll
[2011/04/13 19:02:59 | 000,019,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kd1394.dll
[2011/04/13 19:02:59 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdcom.dll
[2011/04/13 00:11:37 | 000,000,000 | ---D | C] -- C:\Users\home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\XP Codec Pack 2.4
[2011/04/13 00:11:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XP Codec Pack 2.4
[2011/04/13 00:11:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\XP Codec Pack
[2011/04/09 13:38:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid
[2011/04/09 13:38:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Xvid
[2004/11/24 14:25:52 | 000,335,872 | ---- | C] ( ) -- C:\Windows\SysWow64\drvc.dll

========== Files - Modified Within 30 Days ==========

[2011/05/09 06:07:17 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\home\Desktop\OTL.exe
[2011/05/09 05:25:00 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/05/09 04:25:00 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/05/09 01:05:57 | 075,773,760 | ---- | M] () -- C:\Windows\SysNative\drivers\Avg\incavi.avm
[2011/05/08 20:28:29 | 000,271,200 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2011/05/08 20:28:29 | 000,271,200 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011/05/08 20:25:14 | 000,103,736 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2011/05/08 20:07:01 | 000,015,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/05/08 20:07:01 | 000,015,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/05/08 19:59:37 | 000,000,328 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForhome.job
[2011/05/08 19:59:28 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/05/08 19:59:23 | 2141,106,175 | -HS- | M] () -- C:\hiberfil.sys
[2011/05/08 19:13:36 | 000,000,116 | ---- | M] () -- C:\Users\home\.jdivelog
[2011/05/08 19:08:03 | 011,104,126 | ---- | M] () -- C:\Users\Public\Documents\jdivelog-installer-2.15.exe
[2011/05/07 02:19:00 | 000,730,320 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/05/07 02:19:00 | 000,626,844 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/05/07 02:19:00 | 000,107,160 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/05/06 08:01:08 | 000,317,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgtdia.sys
[2011/05/03 19:15:40 | 000,014,498 | ---- | M] () -- C:\Users\Public\Documents\RECITAL_MINI_PROGRAM_2011.zip
[2011/05/02 05:54:45 | 000,743,066 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/05/01 10:16:42 | 000,001,789 | ---- | M] () -- C:\Users\home\Desktop\JAMAICA - Shortcut.lnk
[2011/04/14 03:29:12 | 000,379,328 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/04/13 00:11:41 | 000,001,096 | ---- | M] () -- C:\Users\home\Desktop\Media Player Classic.lnk

========== Files Created - No Company Name ==========

[2011/05/08 19:13:36 | 000,000,116 | ---- | C] () -- C:\Users\home\.jdivelog
[2011/05/08 19:08:03 | 011,104,126 | ---- | C] () -- C:\Users\Public\Documents\jdivelog-installer-2.15.exe
[2011/05/03 19:15:40 | 000,014,498 | ---- | C] () -- C:\Users\Public\Documents\RECITAL_MINI_PROGRAM_2011.zip
[2011/05/02 05:54:45 | 000,743,066 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/05/01 10:16:42 | 000,001,789 | ---- | C] () -- C:\Users\home\Desktop\JAMAICA - Shortcut.lnk
[2011/04/13 00:11:41 | 000,001,096 | ---- | C] () -- C:\Users\home\Desktop\Media Player Classic.lnk
[2011/04/13 00:11:40 | 000,421,888 | ---- | C] () -- C:\Windows\SysNative\ac3filter.acm
[2011/04/09 13:38:22 | 000,255,488 | ---- | C] () -- C:\Windows\SysNative\xvidvfw.dll
[2011/04/09 13:38:21 | 000,703,488 | ---- | C] () -- C:\Windows\SysNative\xvidcore.dll
[2011/04/09 13:38:21 | 000,650,752 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2011/04/09 13:38:21 | 000,240,640 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2011/04/09 13:38:21 | 000,173,056 | ---- | C] () -- C:\Windows\SysNative\xvid.ax
[2011/04/09 13:38:21 | 000,152,064 | ---- | C] () -- C:\Windows\SysWow64\xvid.ax
[2010/11/25 21:52:33 | 000,000,952 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2010/11/25 21:52:33 | 000,000,088 | RHS- | C] () -- C:\ProgramData\084B3596F9.sys
[2010/11/06 23:01:24 | 000,000,871 | ---- | C] () -- C:\Windows\eReg.dat
[2010/04/13 18:27:59 | 000,406,016 | ---- | C] () -- C:\Windows\SysWow64\PSDrvCheck.exe
[2010/01/25 11:58:06 | 000,462,848 | ---- | C] () -- C:\Windows\SysWow64\ractrlkeyhook.dll
[2010/01/18 16:17:19 | 000,023,141 | ---- | C] () -- C:\Windows\hpqins15.dat
[2010/01/01 11:43:33 | 000,025,126 | ---- | C] () -- C:\Users\home\AppData\Roaming\Comma Separated Values (DOS).ADR
[2009/12/25 13:53:01 | 000,000,409 | ---- | C] () -- C:\Windows\CoDUO.INI
[2009/12/25 13:32:55 | 000,000,745 | ---- | C] () -- C:\Windows\CoD.INI
[2009/12/22 23:05:02 | 000,271,200 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2009/12/22 23:04:59 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2009/12/22 23:04:51 | 000,000,293 | ---- | C] () -- C:\Windows\game.ini
[2009/12/22 22:02:58 | 000,165,229 | ---- | C] () -- C:\Windows\hpoins37.dat
[2009/12/22 17:48:50 | 000,000,000 | ---- | C] () -- C:\Users\home\AppData\Roaming\wklnhst.dat
[2009/12/02 13:02:50 | 001,632,887 | ---- | C] () -- C:\Windows\SysWow64\ffmpegmt.dll
[2009/11/04 14:43:20 | 000,324,096 | ---- | C] () -- C:\Windows\SysWow64\TomsMoComp_ff.dll
[2009/11/03 16:11:22 | 000,113,152 | ---- | C] () -- C:\Windows\SysWow64\ff_unrar.dll
[2009/11/03 16:11:00 | 000,146,944 | ---- | C] () -- C:\Windows\SysWow64\ff_tremor.dll
[2009/11/03 16:10:42 | 000,183,296 | ---- | C] () -- C:\Windows\SysWow64\ff_samplerate.dll
[2009/11/03 16:09:18 | 000,178,688 | ---- | C] () -- C:\Windows\SysWow64\ff_libmad.dll
[2009/11/03 16:08:58 | 000,484,864 | ---- | C] () -- C:\Windows\SysWow64\ff_libfaad2.dll
[2009/11/03 16:08:12 | 000,257,024 | ---- | C] () -- C:\Windows\SysWow64\ff_libdts.dll
[2009/11/03 16:07:16 | 000,142,848 | ---- | C] () -- C:\Windows\SysWow64\ff_liba52.dll
[2009/11/03 15:36:06 | 000,145,408 | ---- | C] () -- C:\Windows\SysWow64\libmpeg2_ff.dll
[2009/10/27 18:46:26 | 000,248,320 | ---- | C] () -- C:\Windows\SysWow64\ff_kernelDeint.dll
[2009/09/04 11:06:40 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2009/08/11 16:21:26 | 000,087,552 | ---- | C] () -- C:\Windows\SysWow64\ac3config.exe
[2009/07/15 20:50:42 | 000,013,312 | ---- | C] () -- C:\Windows\LPRES.DLL
[2009/07/14 01:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 22:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/13 22:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/13 20:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 17:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/07/08 10:40:39 | 000,000,632 | ---- | C] () -- C:\Windows\hpomdl37.dat
[2009/06/10 17:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2009/03/16 03:47:28 | 000,122,880 | ---- | C] () -- C:\Windows\SysWow64\WinMsgBalloonServer.exe
[2009/03/16 03:47:24 | 000,139,264 | ---- | C] () -- C:\Windows\SysWow64\WinMsgBalloonClient.exe
[2009/03/05 22:00:36 | 000,532,480 | ---- | C] () -- C:\Windows\SysWow64\libxml2.dll
[2009/01/10 18:17:32 | 000,163,840 | ---- | C] () -- C:\Windows\SysWow64\ts.dll
[2009/01/10 18:16:56 | 000,148,480 | ---- | C] () -- C:\Windows\SysWow64\mkx.dll
[2009/01/10 18:16:50 | 000,108,032 | ---- | C] () -- C:\Windows\SysWow64\avi.dll
[2009/01/10 18:16:14 | 000,141,312 | ---- | C] () -- C:\Windows\SysWow64\mp4.dll
[2009/01/10 18:16:04 | 000,335,872 | ---- | C] () -- C:\Windows\SysWow64\gdsmux.exe
[2009/01/10 18:15:54 | 000,120,832 | ---- | C] () -- C:\Windows\SysWow64\ogm.dll
[2009/01/10 18:15:44 | 000,159,744 | ---- | C] () -- C:\Windows\SysWow64\mmfinfo.dll
[2009/01/10 18:15:36 | 000,103,424 | ---- | C] () -- C:\Windows\SysWow64\dsmux.exe
[2009/01/10 18:15:32 | 000,102,400 | ---- | C] () -- C:\Windows\SysWow64\avss.dll
[2009/01/10 18:15:28 | 000,246,784 | ---- | C] () -- C:\Windows\SysWow64\dxr.dll
[2009/01/10 18:15:12 | 000,097,280 | ---- | C] () -- C:\Windows\SysWow64\avs.dll
[2009/01/10 18:15:06 | 000,135,168 | ---- | C] () -- C:\Windows\SysWow64\mkv2vfr.exe
[2009/01/10 18:14:08 | 000,079,360 | ---- | C] () -- C:\Windows\SysWow64\mkzlib.dll
[2009/01/10 18:14:06 | 000,023,552 | ---- | C] () -- C:\Windows\SysWow64\mkunicode.dll
[2008/11/06 12:37:32 | 003,596,288 | ---- | C] () -- C:\Windows\SysWow64\qt-dx331.dll
[2008/07/05 06:14:48 | 000,456,192 | ---- | C] () -- C:\Windows\SysWow64\libmplayer.dll
[2008/07/05 06:14:44 | 003,591,168 | ---- | C] () -- C:\Windows\SysWow64\libavcodec.dll
[2008/07/05 06:13:16 | 000,708,096 | ---- | C] () -- C:\Windows\SysWow64\ff_x264.dll
[2008/06/22 12:34:00 | 000,177,664 | ---- | C] () -- C:\Windows\SysWow64\ff_theora.dll
[2008/06/13 06:39:38 | 000,023,552 | ---- | C] () -- C:\Windows\SysWow64\ff_wmv9.dll
[2008/06/12 13:36:38 | 000,007,680 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2008/01/14 17:47:06 | 000,099,712 | ---- | C] () -- C:\Windows\HPBroker.dll
[2007/10/13 05:30:20 | 000,000,137 | ---- | C] () -- C:\Windows\SysWow64\Registration.ini
[2006/11/02 11:10:16 | 000,080,912 | ---- | C] () -- C:\Windows\SysWow64\sherlock2.exe
[2005/08/26 15:28:34 | 000,143,360 | ---- | C] () -- C:\Windows\unzip.exe
[2005/08/26 15:28:20 | 000,024,576 | ---- | C] () -- C:\Windows\shortcut.exe
[2005/08/26 15:27:58 | 000,045,056 | ---- | C] () -- C:\Windows\devenum.exe
[2004/10/03 12:50:54 | 000,129,024 | ---- | C] () -- C:\Windows\SysWow64\ff_mpeg2enc.dll
[2004/03/18 08:44:29 | 001,663,068 | ---- | C] () -- C:\Windows\SysWow64\libmmd.dll

========== Custom Scans ==========


< %systemroot%\system32\*.dll /lockedfiles >
[2009/07/13 21:15:13 | 000,346,112 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\SysWOW64\dxtmsft.dll
[2009/07/13 21:15:13 | 000,215,552 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\SysWOW64\dxtrans.dll

< %systemroot%\system32\*.exe /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\system32\drivers\*.sys >
[2004/03/10 16:27:18 | 000,011,264 | ---- | M] (Pinnacle Systems GmbH) -- C:\Windows\SysWOW64\drivers\asapiW2k.sys
[2010/12/20 19:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWOW64\drivers\mbamswissarmy.sys
[2002/03/19 10:29:16 | 000,014,165 | ---- | M] (Pinnacle Systems GmbH) -- C:\Windows\SysWOW64\drivers\Pclepci.sys
[2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\drivers\wimmount.sys

< %systemroot%\system32\drivers\*.dll >

< %systemroot%\system32\drivers\*.ini >

< %systemroot%\system32\drivers\*.exe >

< %SYSTEMDRIVE%\*.* >
[2009/12/30 15:56:11 | 000,001,024 | ---- | M] () -- C:\.rnd
[2010/04/13 18:50:17 | 000,403,902 | ---- | M] () -- C:\adorage-protocol.txt
[2010/05/07 13:59:20 | 000,000,250 | ---- | M] () -- C:\FINIS_IT.TXT
[2011/05/08 19:59:23 | 2141,106,175 | -HS- | M] () -- C:\hiberfil.sys
[2010/03/23 18:24:07 | 000,000,349 | -H-- | M] () -- C:\IPH.PH
[2006/12/02 02:37:14 | 000,904,704 | ---- | M] (Microsoft Corporation) -- C:\msdia80.dll
[2011/05/08 19:59:24 | 4286,463,999 | -HS- | M] () -- C:\pagefile.sys

< %PROGRAMFILES%\*. >
[2009/12/22 18:18:24 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Activation Assistant for the 2007 Microsoft Office suites
[2009/12/25 00:24:59 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Activision
[2010/02/04 08:04:54 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Adobe
[2010/04/13 18:50:17 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\AdorageI-GfxDatas
[2010/04/13 18:49:13 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\AdorageI-SAL
[2010/03/23 18:24:01 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\AIM
[2010/03/23 18:24:17 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\AIM Toolbar
[2009/09/04 11:16:52 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\AMD
[2009/12/25 11:09:44 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Apple Software Update
[2010/10/20 21:00:07 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\ArcSoft
[2009/09/04 11:17:54 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\ATI Technologies
[2009/12/22 18:05:54 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\AVG
[2010/04/13 20:51:15 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\AVS4YOU
[2010/08/15 16:58:26 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Bonjour
[2009/12/25 20:17:01 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Call of Duty Game of the Year Edition
[2011/04/17 09:34:50 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files
[2010/04/15 21:28:28 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Conduit
[2009/09/04 11:25:03 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Cyberlink
[2011/04/17 09:35:27 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\DivX
[2010/11/25 19:19:01 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\EA GAMES
[2010/04/15 21:28:28 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Element_Search
[2010/11/25 21:52:21 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Enterbrain
[2009/12/31 01:54:08 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\FLV Player
[2009/12/31 01:53:03 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Free FLV Converter
[2010/11/25 21:44:27 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Game_Maker8
[2011/01/30 17:41:36 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Google
[2010/12/19 14:33:43 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Hewlett-Packard
[2010/09/29 06:58:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\hp
[2009/12/24 19:33:32 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\HP Games
[2011/05/02 05:54:28 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\InstallShield Installation Information
[2011/04/14 03:27:31 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Internet Explorer
[2010/09/11 14:22:31 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\iTunes
[2010/02/09 20:29:02 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Java
[2011/05/08 19:10:57 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\JDiveLog
[2010/06/30 03:12:02 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\JunoPreloader
[2010/01/31 16:06:31 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Kodak
[2010/08/24 00:03:51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\LogMeIn
[2010/01/16 23:50:52 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Lowes
[2011/01/15 11:47:11 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2009/12/22 19:50:45 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Office
[2011/04/30 21:37:03 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Silverlight
[2010/10/20 20:39:55 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2009/12/22 19:51:43 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Visual Studio
[2010/12/16 04:02:37 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Works
[2010/06/25 03:01:53 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft.NET
[2009/07/14 01:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSBuild
[2009/09/04 11:46:11 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSN
[2009/12/24 04:09:39 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSXML 4.0
[2009/09/04 11:45:14 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\NetZeroPreloader
[2010/10/01 22:21:24 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\office Convert Pdf to Jpg Jpeg Tiff Free
[2009/12/22 19:57:50 | 000,000,000 | R--D | M] -- C:\Program Files (x86)\Online Services
[2010/04/14 00:32:58 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Ordix
[2009/09/04 11:29:32 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\PictureMover
[2010/04/13 18:26:44 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Pinnacle
[2010/04/13 18:56:42 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\proDAD
[2010/09/11 14:20:56 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\QuickTime
[2009/09/04 11:18:29 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Realtek
[2009/07/14 01:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Reference Assemblies
[2010/01/12 21:34:11 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Sectra
[2010/04/13 18:30:05 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\SmartSound Software
[2009/09/04 11:34:54 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Symantec
[2009/09/04 11:18:37 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Temp
[2010/02/05 19:58:40 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\TurboTax
[2009/07/14 00:57:06 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Uninstall Information
[2009/07/14 01:37:47 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Defender
[2011/03/30 03:01:37 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Live
[2010/12/16 04:20:47 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Mail
[2010/10/13 03:26:45 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Media Player
[2009/07/14 01:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows NT
[2009/07/14 01:37:47 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Photo Viewer
[2009/07/14 01:32:40 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Portable Devices
[2009/12/22 19:57:49 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Sidebar
[2011/04/13 00:11:41 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\XP Codec Pack
[2011/04/09 13:38:42 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Xvid
[2009/12/22 22:12:29 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Yahoo!
[2011/05/02 05:54:18 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\YouSendIt


< MD5 for: ATAPI.SYS >
[2009/07/13 21:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009/07/13 21:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009/07/13 21:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys

< MD5 for: EXPLORER.EXE >
[2011/02/26 02:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\explorer.exe
[2011/02/26 02:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011/02/26 01:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009/07/13 21:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011/02/26 01:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009/10/31 01:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011/02/26 01:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\SysWOW64\explorer.exe
[2011/02/26 01:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011/02/25 02:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/26 02:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2009/08/03 02:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011/02/25 01:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009/10/31 02:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009/08/03 01:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2009/10/31 02:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009/08/03 01:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009/07/13 21:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009/10/31 02:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011/02/26 02:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009/08/03 02:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

< MD5 for: USERINIT.EXE >
[2009/07/13 21:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009/07/13 21:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009/07/13 21:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\SysNative\userinit.exe
[2009/07/13 21:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009/07/13 21:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009/10/28 03:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009/10/28 02:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\SysNative\winlogon.exe
[2009/10/28 02:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< End of report >

hemp22

Newbie Surfer
Newbie Surfer

Posts : 41
Joined : 2009-10-17
Operating System : xp

View user profile

Back to top Go down

Re: "C:\Program Files (x86)\Pinnacle\Studio 9\OEM\hhupd.exe";"

Post by hemp22 on Mon 09 May 2011, 9:21 pm

Thanks for the help Gabethebabe, I hope it is just a false alarm.


hemp22

Newbie Surfer
Newbie Surfer

Posts : 41
Joined : 2009-10-17
Operating System : xp

View user profile

Back to top Go down

Re: "C:\Program Files (x86)\Pinnacle\Studio 9\OEM\hhupd.exe";"

Post by Gabethebabe on Mon 09 May 2011, 10:07 pm

The OTL log is a happy family of legit programs.
Do you have the aswMBR log for me?

You have Malwarebytes installed. Can you open it, update, do a quick scan and post the log?

Gabethebabe

Tech Advisor
Tech Advisor

Posts : 1568
Joined : 2010-03-07
Operating System : WIN7 64bit, Ubuntu 12.04 LTS

View user profile

Back to top Go down

Re: "C:\Program Files (x86)\Pinnacle\Studio 9\OEM\hhupd.exe";"

Post by hemp22 on Tue 10 May 2011, 6:51 am

I thought I posted that..hmmmmm, I will when I get home.


hemp22

Newbie Surfer
Newbie Surfer

Posts : 41
Joined : 2009-10-17
Operating System : xp

View user profile

Back to top Go down

Re: "C:\Program Files (x86)\Pinnacle\Studio 9\OEM\hhupd.exe";"

Post by hemp22 on Tue 10 May 2011, 11:34 am

aswMBR version 0.9.5.256 Copyright(c) 2011 AVAST Software
Run date: 2011-05-09 20:30:46
-----------------------------
20:30:46.939 OS Version: Windows x64 6.1.7600
20:30:46.939 Number of processors: 4 586 0x402
20:30:46.954 ComputerName: HOME-PC UserName: home
20:30:49.107 Initialize success
20:31:09.247 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000005c
20:31:09.247 Disk 0 Vendor: WDC_____ 01.0 Size: 953869MB BusType: 8
20:31:11.275 Disk 0 MBR read successfully
20:31:11.275 Disk 0 MBR scan
20:31:11.275 Disk 0 unknown MBR code
20:31:11.290 Service scanning
20:31:12.367 Disk 0 trace - called modules:
20:31:12.367 ntoskrnl.exe CLASSPNP.SYS disk.sys storport.sys hal.dll ahcix64s.sys
20:31:12.382 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007da0060]
20:31:12.382 3 CLASSPNP.SYS[fffff8800100143f] -> nt!IofCallDriver -> \Device\0000005c[0xfffffa800750f9c0]
20:31:12.398 Scan finished successfully
20:33:23.438 Disk 0 MBR has been saved successfully to "C:\Users\home\Desktop\MBR.dat"
20:33:23.454 The log file has been saved successfully to "C:\Users\home\Desktop\aswMBR.txt"

hemp22

Newbie Surfer
Newbie Surfer

Posts : 41
Joined : 2009-10-17
Operating System : xp

View user profile

Back to top Go down

Re: "C:\Program Files (x86)\Pinnacle\Studio 9\OEM\hhupd.exe";"

Post by hemp22 on Tue 10 May 2011, 1:15 pm

Malwarebytes' Anti-Malware 1.50.1.1100
[You must be registered and logged in to see this link.]

Database version: 6542

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

5/9/2011 10:14:50 PM
mbam-log-2011-05-09 (22-14-50).txt

Scan type: Full scan (C:\|D:\|)
Objects scanned: 469583
Time elapsed: 1 hour(s), 2 minute(s), 32 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

hemp22

Newbie Surfer
Newbie Surfer

Posts : 41
Joined : 2009-10-17
Operating System : xp

View user profile

Back to top Go down

Re: "C:\Program Files (x86)\Pinnacle\Studio 9\OEM\hhupd.exe";"

Post by Gabethebabe on Tue 10 May 2011, 5:46 pm


Excellent. As far as I can see, your computer is CLEAN.



====================

I noticed that you have a HP computer with a non standard MBR. Here is a recommendation:

Protect your MBR (Master Boot Record)

Your MBR is a small but critical part of the operating system. It is vulnerable to infection and you might want to make a backup copy.

  • Navigate to the Systemintegrasjon AS website here.
  • Find MBRFix and click the download link to download this tool.
  • Unpack the zip archive and extract MBRFix.exe to your desktop
  • Go to Start > Run, copy/paste the following:
    "%userprofile%\desktop\MBRFix" /drive 0 savembr "%userprofile%\desktop\MBR_0.dat"
    and hit Enter.
  • A file named MBR_0.dat will appear on your desktop, containing the backup of your Master Boot Record.
  • Store this file in a safe place.

====================

And some general recommendations on avoiding malware problems:

1) Keep your Windows up-to-date. Windows Autoupdate should be ON (see Start >> Control Panel >> Security Center). An alternative way (but more time-consuming) is to periodically visit [You must be registered and logged in to see this link.]. Hackers are looking every day for new security holes. Microsoft keeps patching them. You cannot fall behind in this race, it will make your system vulnerable.

2) For your average daily computer activities, use a limited/standard user account. If you use Vista/WIN7 do not disable User Account Control (UAC). You would be amazed to know how much malware canīt touch you if you deny it admin rights. Create a separate password-protected administrator account that you use for admin activities, like (un)installing software.

3) Use a good antivirus. There are various free ones, you cannot go wrong with either of the following three:
  • Panda Cloud Antivirus. If you want your antivirus to be light on resources, I recommend Panda. Install without the toolbar.
  • Avira. 100 million users canīt be wrong. If you want high detection rates, this is your best free bet.
  • Avast! is a very complete antivirus, with modules like mailscanner and webshield.

4) If your computer has 1GB system memory or more, you should install a third party firewall, to replace the weak Windows Firewall. I recommend:
  • Comodo Firewall. Install the internet security suite, but without the antivirus and without the Hopsurf toolbar.
  • Online Armor. A very smart and user friendly firewall.
  • Outpost Firewall is another rocksolid choice.

Note: you should run only ONE antivirus and ONE firewall. Running multiples of either is bad, it will cause slowdowns and/or conflicts.

5) Miscellaneous advice:
  • Stay away from cracks and keygens (look [You must be registered and logged in to see this link.] for the why). Get free software instead. Gizmo is an excellent source of freeware reviews.
  • Navigate safely. Google Chrome is the safest browser available. However, Mozilla Firefox can be made extremely safe with the NoScript addon. Internet Explorer (always use version 8) can be made a lot safer with Spywareblaster (manual here).
  • The WOT (Webs Of Trust) addon will help you to stay on reliable webpages.
  • WinPatrol alerts you when changes are made in vital system areas. Especially good on light systems not running a third party firewall.
  • Make sure you have ways to recuperate your operating system and vital other data if its gets frustrated by malware and/or other problems. A Windows setup CD and recent backups/disk images will be priceless, if you find yourself in an unexpected tight spot.

Finally: did we help you? [You must be registered and logged in to see this link.]!

Gabethebabe

Tech Advisor
Tech Advisor

Posts : 1568
Joined : 2010-03-07
Operating System : WIN7 64bit, Ubuntu 12.04 LTS

View user profile

Back to top Go down

Re: "C:\Program Files (x86)\Pinnacle\Studio 9\OEM\hhupd.exe";"

Post by hemp22 on Tue 10 May 2011, 9:12 pm

Great Thanks for the help

Whoo Hooo!!!

hemp22

Newbie Surfer
Newbie Surfer

Posts : 41
Joined : 2009-10-17
Operating System : xp

View user profile

Back to top Go down

great help Gabethebabe. Keep up the good work

Post by Evangelist Gavin Leigh on Wed 24 Jul 2013, 9:16 am

Gabethebabe wrote:Hi there hemp22!

I am Gabethebabe and I will be helping you with this issue. Before we start some general remarks/rules:

  • Whilst Iīm helping you, please follow my instructions carefully and do not experiment on your own or accept help from other persons.
  • Feel free to ask questions! Especially if my instructions are not clear. Iīm here to help, not confuse you.
  • I will try and respond quickly, but please understand I do have a real life (job, wife, 3 kids, kinky hobbies).
  • Stick with me till the end. If your computer starts running better, doesnīt mean it is clean yet!

====================

What you are seeing with the hhupd.exe is almost certainly a false alarm. The file is located in a legit folder of a legit program.

We can run a few scans to see if you are clean.

====================

Please download OTL by OldTimer from here and save it to your desktop.

  • Close all windows and double click OTL.exe.
  • The Extra Registry setting should be Use Safelist
  • Copy and paste the following text into the Custom Scans/Fixes box:

Code:
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\*.exe /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\system32\drivers\*.sys
%systemroot%\system32\drivers\*.dll
%systemroot%\system32\drivers\*.ini
%systemroot%\system32\drivers\*.exe
%SYSTEMDRIVE%\*.*
%PROGRAMFILES%\*.
/md5start
atapi.sys
explorer.exe
iastor.sys
userinit.exe
winlogon.exe
/md5stop

  • Click the Run Scan button and allow it to run.
  • It will produce two logs for you, OTL.txt and Extras.txt. Please post both logs in this thread.
  • You may need multiple posts to get it all.

====================

Please download aswMBR by Alwil Software from here and save it to your desktop.


  • Double click aswMBR.exe to run the tool
  • Click the Scan button to start the scan
  • Donīt panic if you see any **Rootkit** entries. The tool sometimes produces false alarms
  • Once the scan finishes click Save log to save the log to your desktop
  • Copy and paste the contents of this log (aswMBR.txt) into your next reply.



Evangelist Gavin Leigh

Unborn
Unborn

Posts : 1
Joined : 2013-07-24
Operating System : microsoft windows xp 2002

View user profile

Back to top Go down

Re: "C:\Program Files (x86)\Pinnacle\Studio 9\OEM\hhupd.exe";"

Post by Sponsored content Today at 9:17 am


Sponsored content


Back to top Go down

View previous topic View next topic Back to top


 
Permissions in this forum:
You cannot reply to topics in this forum