100% CPU Use, All docs deleted, Updates Fail, HDD always working

Hello and thank you for the great work you do!

Running Vista Home Basic, SP2
AMD Sempron 3600+ 2ghz
Ram 2gb
32 bit system
AVG free anti-virus

DO NOT have a cd specifically named Vista.

Do have a cd named "Windows Automatic Update"
**************************
Symptoms & History:

CPU usage frequently 95-100% even when idle.

HDD heads "working" for extended periods. Sounds like a scan is running but
no scans are known or seen to be running.

Windows updates fail to install.

All docs in My Documents (400+) were mysteriously sent to the Recycle Bin.

PayPal, Gmail and coupon service sites/accounts were previously hacked by someone in Poland and someone in Hungary.
*******************************
Thank you again and please let me know if you accept donations to help maintain the forums?
********************************
DDS.txt

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 9.0.8112.16457 BrowserJavaVersion: 10.9.2
Run by carl at 14:36:27 on 2012-12-26
.
============== Running Processes ================
.
C:\PROGRA~1\AVG\AVG2013\avgrsx.exe
C:\Program Files\AVG\AVG2013\avgcsrvx.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\SLsvc.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\AVG\AVG2013\avgidsagent.exe
C:\Program Files\AVG\AVG2013\avgwdsvc.exe
C:\Windows\system32\lxbtcoms.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Program Files\AVG\AVG2013\avgnsx.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVG\AVG2013\avgui.exe
C:\Users\carl\AppData\Roaming\Smilebox\SmileboxTray.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Users\carl\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\carl\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\carl\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\carl\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskeng.exe
C:\ProgramData\HP Photo Creations\MessageCheck.exe
C:\Windows\system32\msiexec.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k swprv
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://isearch.avg.com/?cid={1A28F69C-BF79-4697-B102-A2956C77189B}&mid=659aa1f85f9747d18767d1482afccf6a-b2b927add38b943000256dd8aa85841600055bd3&lang=en&ds=AVG&pr=fr&d=&v=&sap=hp
uSearch Bar = hxxp://www.google.com/ie
uSearch Page = hxxp://www.google.com
mStart Page = hxxp://www.gateway.com/g/startpage.html?Ch=Retail&Br=EM&Loc=ENG_US&Sys=DTP&M=T3616
mDefault_Page_URL = hxxp://www.gateway.com/g/startpage.html?Ch=Retail&Br=EM&Loc=ENG_US&Sys=DTP&M=T3616
uProxyOverride = <local>
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
mSearchAssistant = hxxp://www.gateway.com/g/sidepanel.html?Ch=Retail&Br=EM&Loc=ENG_US&Sys=DTP&M=T3616
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Skype Plug-In: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
uRun: [SmileboxTray] "c:\users\carl\appdata\roaming\smilebox\SmileboxTray.exe"
uRun: [Google Update] "c:\users\carl\appdata\local\google\update\GoogleUpdate.exe" /c
mRun: [Windows Defender] c:\program files\windows defender\MSASCui.exe -hide
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [RemoteControl] "c:\program files\cyberlink\powerdvd\PDVDServ.exe"
mRun: [LanguageShortcut] "c:\program files\cyberlink\powerdvd\language\Language.exe"
mRun: [LXBTCATS] rundll32 c:\windows\system32\spool\drivers\w32x86\3\LXBTtime.dll,_RunDLLEntry@16
mRun: [Skytel] Skytel.exe
mRun: [Conime] c:\windows\system32\conime.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [Nikon Message Center 2] c:\program files\nikon\nikon message center 2\NkMC2.exe -s
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [AVG_UI] "c:\program files\avg\avg2013\avgui.exe" /TRAYONLY
mRunOnce: [Launcher] c:\windows\sminst\launcher.exe
dRunOnce: [KodakHomeCenter] "c:\program files\kodak\aio\center\AiOHomeCenter.exe"
mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_70C5B381380DB17F.dll/cmsidewiki.html
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC} - c:\program files\java\jre7\bin\jp2iexp.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: NameServer = 68.105.28.12 68.105.29.12 68.105.28.11
TCP: Interfaces\{98B47D06-EEBA-496C-84CF-ED8EDB2797F6} : DHCPNameServer = 68.105.28.12 68.105.29.12 68.105.28.11
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
Hosts: 127.0.0.1 Spyware Info | Spyware Info | spyware software | spyware program | protection spyware
.
============= SERVICES / DRIVERS ===============
.
R? clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86
R? Lbd;Lbd
R? NETw2v32;Intel(R) PRO/Wireless 2200BG Network Connection Driver for Windows Vista
R? SkypeUpdate;Skype Updater
R? WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0
S? AVGIDSAgent;AVGIDSAgent
S? AVGIDSDriver;AVGIDSDriver
S? AVGIDSHX;AVGIDSHX
S? AVGIDSShim;AVGIDSShim
S? Avgldx86;AVG AVI Loader Driver
S? Avglogx;AVG Logging Driver
S? Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield
S? Avgrkx86;AVG Anti-Rootkit Driver
S? Avgtdix;AVG TDI Driver
S? avgwd;AVG WatchDog
S? FontCache;Windows Font Cache Service
.
=============== Created Last 30 ================
.
2012-12-21 10:00:24 34304 ----a-w- c:\windows\system32\atmlib.dll
2012-12-21 10:00:24 293376 ----a-w- c:\windows\system32\atmfd.dll
2012-12-16 16:17:04 -------- d-----w- c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1
2012-12-13 15:46:36 -------- d-----w- c:\users\carl\appdata\roaming\AVG2013
2012-12-13 15:37:49 -------- d-----w- c:\users\carl\appdata\roaming\TuneUp Software
2012-12-13 15:34:49 -------- d-----w- c:\programdata\AVG2013
2012-12-13 10:06:19 9728 ----a-w- c:\windows\system32\Wdfres.dll
2012-12-13 10:06:06 66560 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2012-12-13 10:06:06 155136 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2012-12-13 10:06:03 16896 ----a-w- c:\windows\system32\winusb.dll
2012-12-13 10:06:02 73216 ----a-w- c:\windows\system32\WUDFSvc.dll
2012-12-13 10:06:02 172032 ----a-w- c:\windows\system32\WUDFPlatform.dll
2012-12-13 10:06:01 526952 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2012-12-13 10:06:01 47720 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2012-12-13 10:05:59 613888 ----a-w- c:\windows\system32\WUDFx.dll
2012-12-13 10:05:59 38912 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2012-12-13 10:05:59 196608 ----a-w- c:\windows\system32\WUDFHost.exe
2012-12-13 02:06:55 -------- d-----w- c:\users\carl\appdata\local\MFAData
2012-12-13 02:06:55 -------- d-----w- c:\users\carl\appdata\local\Avg2013
2012-12-12 10:36:45 2048000 ----a-w- c:\windows\system32\win32k.sys
2012-12-12 10:36:40 224640 ----a-w- c:\windows\system32\drivers\volsnap.sys
2012-12-12 10:36:37 376320 ----a-w- c:\windows\system32\dpnet.dll
2012-12-12 10:36:37 23040 ----a-w- c:\windows\system32\dpnsvr.exe
2012-12-12 10:36:29 2048 ----a-w- c:\windows\system32\tzres.dll
2012-12-11 10:08:04 -------- d-----w- c:\windows\PCHEALTH
2012-12-09 16:30:48 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin7.dll
2012-12-09 16:30:48 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin6.dll
2012-12-09 16:30:48 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin5.dll
2012-12-09 16:30:48 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin4.dll
2012-12-09 16:30:48 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin3.dll
2012-12-09 16:30:48 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin2.dll
2012-12-09 16:30:48 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin.dll
2012-11-29 01:26:04 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
.
==================== Find3M ====================
.
2012-12-12 12:53:17 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-12-12 12:53:17 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-11-29 01:25:13 821736 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-11-29 01:25:13 746984 ----a-w- c:\windows\system32\deployJava1.dll
2012-11-14 02:09:22 1800704 ----a-w- c:\windows\system32\jscript9.dll
2012-11-14 01:58:15 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2012-11-14 01:57:37 1129472 ----a-w- c:\windows\system32\wininet.dll
2012-11-14 01:49:25 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2012-11-14 01:48:27 420864 ----a-w- c:\windows\system32\vbscript.dll
2012-11-14 01:44:42 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-10-22 20:02:46 179936 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys
2012-10-15 10:48:52 55776 ----a-w- c:\windows\system32\drivers\avgidshx.sys
2012-10-11 04:15:04 1867112 ----a-w- c:\windows\system32\nvcuvenc.dll
2012-10-11 04:15:00 2574696 ----a-w- c:\windows\system32\nvcuvid.dll
2012-10-11 04:14:50 888168 ----a-w- c:\windows\system32\nvdispgenco32.dll
2012-10-11 04:14:46 17559912 ----a-w- c:\windows\system32\nvcompiler.dll
2012-10-11 04:14:44 2428776 ----a-w- c:\windows\system32\nvapi.dll
2012-10-11 04:14:42 7697768 ----a-w- c:\windows\system32\nvcuda.dll
2012-10-11 04:14:40 52584 ----a-w- c:\windows\system32\OpenCL.dll
2012-10-11 04:14:28 10837352 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2012-10-11 04:14:22 19906920 ----a-w- c:\windows\system32\nvoglv32.dll
2012-10-11 04:14:22 1009512 ----a-w- c:\windows\system32\nvdispco32.dll
2012-10-11 04:14:16 6127464 ----a-w- c:\windows\system32\nvopencl.dll
2012-10-11 04:14:16 15309160 ----a-w- c:\windows\system32\nvd3dum.dll
2012-10-02 19:29:42 645992 ----a-w- c:\windows\system32\nvvsvc.exe
2012-10-02 19:29:41 62312 ----a-w- c:\windows\system32\nvshext.dll
2012-10-02 19:29:41 2557288 ----a-w- c:\windows\system32\nvsvcr.dll
2012-10-02 19:29:41 108392 ----a-w- c:\windows\system32\nvmctray.dll
2012-10-02 19:29:22 2853224 ----a-w- c:\windows\system32\nvsvc.dll
2012-10-02 19:28:53 3965288 ----a-w- c:\windows\system32\nvcpl.dll
2012-10-02 10:30:38 159712 ----a-w- c:\windows\system32\drivers\avgldx86.sys
.
============= FINISH: 14:37:06.21 ===============

Attached Files

Ark&Attach.zip (3.1 KB)