The computer crashed a hard drive after corrupting windows Vista 64. Strange activity such as windows explorer being unable to open a window abd crashing. Programs not being able to run.
Lots of lock ups, usually PC will only stay alive for 10 mins. No antivirus program can be used or installed.
I installed WIN 7 x64 from cd then updated to service pack one. i downlaoded all current drivers etc.
Then the same problems came back again. Windows explorer no being able to open a window on some starts, then fine the next. Plenty of freezes and crashes.
AVG anti virus died after installation.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by Ant at 8:16:09 on 2012-04-29
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.61.1033.18.8190.6997 [GMT 10:00]
.
AV: AVG Anti-Virus Free Edition 2012 *Disabled/Outdated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2012 *Disabled/Outdated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\SysWOW64\PnkBstrB.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\AVG\AVG2012\avgemca.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Windows\SysWOW64\NOTEPAD.EXE
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com.au/
mWinlogon: Userinit=userinit.exe
BHO: AVG Do Not Track: {31332eef-cb9f-458f-afeb-d30e9a66b6ba} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: WinZip Courier BHO: {a8fb70fa-0fdf-4601-9dc4-bfa1b357204f} - C:\PROGRA~2\WINZIP~1\wzwmcie.dll
uRun: [Google Update] "C:\Users\Ant\AppData\Local\Google\Update\GoogleUpdate.exe" /c
mRun: [EasyTuneV] C:\Program Files (x86)\Gigabyte\ET5\ETcall.exe
mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/s ... wflash.cab
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{00CE06CB-A783-43A4-BDE6-1751A177F288} : DhcpNameServer = 192.168.0.1
TCP: Interfaces\{324C51B5-BEEB-4582-88CC-7923E84451D9} : DhcpNameServer = 192.168.0.1
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
BHO-X64: AVG Do Not Track: {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
BHO-X64: AVG Do Not Track - No File
BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: WinZip Courier BHO: {A8FB70FA-0FDF-4601-9DC4-BFA1B357204F} - C:\PROGRA~2\WINZIP~1\wzwmcie.dll
BHO-X64: WinZip Courier BHO - No File
mRun-x64: [EasyTuneV] C:\Program Files (x86)\Gigabyte\ET5\ETcall.exe
mRun-x64: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Ant\AppData\Roaming\Mozilla\Firefox\Profiles\nu2pdy1y.default\
FF - prefs.js: network.proxy.type - 0
FF - plugin: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Program Files (x86)\WinZip Courier\npwzwmc.dll
FF - plugin: C:\Users\Ant\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_233.dll
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHA;AVGIDSHA;C:\Windows\system32\DRIVERS\avgidsha.sys --> C:\Windows\system32\DRIVERS\avgidsha.sys [?]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\system32\DRIVERS\avgrkx64.sys --> C:\Windows\system32\DRIVERS\avgrkx64.sys [?]
R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\system32\DRIVERS\avgmfx64.sys --> C:\Windows\system32\DRIVERS\avgmfx64.sys [?]
R1 Avgtdia;AVG TDI Driver;C:\Windows\system32\DRIVERS\avgtdia.sys --> C:\Windows\system32\DRIVERS\avgtdia.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-2-14 193288]
R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-4-26 2348352]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-2-29 382272]
R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\system32\DRIVERS\avgidsdrivera.sys --> C:\Windows\system32\DRIVERS\avgidsdrivera.sys [?]
R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\system32\DRIVERS\avgidsfiltera.sys --> C:\Windows\system32\DRIVERS\avgidsfiltera.sys [?]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
S1 Avgldx64;AVG AVI Loader Driver;C:\Windows\system32\DRIVERS\avgldx64.sys --> C:\Windows\system32\DRIVERS\avgldx64.sys [?]
S2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe [2012-4-8 5158992]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-26 253088]
S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-4-26 129976]
S3 netr7364;RT73 USB Extensible Wireless LAN Card Driver;C:\Windows\system32\DRIVERS\netr7364.sys --> C:\Windows\system32\DRIVERS\netr7364.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
.
=============== Created Last 30 ================
.
2012-04-28 21:56:14 -------- d-----w- C:\Users\Ant\AppData\Local\{CD183150-CD4E-459F-A8AA-A2356DAF49E8}
2012-04-28 21:56:03 -------- d-----w- C:\Users\Ant\AppData\Local\{041C6928-056F-45F8-BCFE-04F3F9EA89C1}
2012-04-28 21:41:07 388096 ----a-r- C:\Users\Ant\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-04-28 21:41:07 -------- d-----w- C:\Program Files (x86)\Trend Micro
2012-04-28 14:07:25 -------- d-----w- C:\Users\Ant\AppData\Roaming\NVIDIA
2012-04-28 13:38:54 -------- d-----w- C:\Program Files (x86)\Seagate
2012-04-28 13:36:58 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard
2012-04-28 11:41:40 -------- d-----w- C:\TOOLS
2012-04-28 11:06:02 -------- d-----w- C:\Windows\System32\wbem\Framework\root\OpenHardwareMonitor
2012-04-28 11:06:02 -------- d-----w- C:\Windows\System32\wbem\Framework\root
2012-04-28 11:06:02 -------- d-----w- C:\Windows\System32\wbem\Framework
2012-04-28 08:05:46 189248 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
2012-04-28 08:05:46 189248 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0
2012-04-28 08:05:44 75136 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe
2012-04-28 08:05:44 2580552 ----a-w- C:\Windows\SysWow64\pbsvc.exe
2012-04-27 08:31:35 -------- d-----w- C:\Users\Ant\AppData\Local\{6697F168-B0E5-4B8D-86C1-5C95AA7FFF72}
2012-04-27 08:31:07 -------- d-----w- C:\Users\Ant\AppData\Local\{3382CB56-CF56-42E6-B821-7484EED93C2F}
2012-04-27 08:29:04 -------- d-----w- C:\Users\Ant\AppData\Roaming\WinZip
2012-04-27 08:28:09 -------- d-----w- C:\STORE
2012-04-27 08:07:59 -------- d-----w- C:\Windows\CheckSur
2012-04-27 07:57:21 -------- d-----w- C:\Program Files (x86)\Foxit Software
2012-04-27 05:01:57 -------- d-----w- C:\Program Files\CCleaner
2012-04-27 04:24:07 -------- d-----w- C:\GENERAL
2012-04-27 04:22:30 -------- d-----w- C:\Users\Ant\AppData\Local\WinZip
2012-04-27 04:21:47 -------- d-----w- C:\ProgramData\WinZipEC
2012-04-27 04:21:47 -------- d-----w- C:\Program Files (x86)\WinZip Courier
2012-04-27 04:21:45 -------- d-----w- C:\Windows\CD95F661A5C411AFB2CCABCD21A325B8.TMP
2012-04-26 20:30:27 -------- d-----w- C:\Users\Ant\AppData\Local\{4E04E9BE-ABDE-4905-9863-4BFF0A3A933C}
2012-04-26 20:30:16 -------- d-----w- C:\Users\Ant\AppData\Local\{C02A3DBA-0E68-4E9D-A670-38165DF67B5D}
2012-04-26 20:30:00 -------- d-----w- C:\Users\Ant\AppData\Roaming\Windows Live Writer
2012-04-26 20:30:00 -------- d-----w- C:\Users\Ant\AppData\Local\Windows Live Writer
2012-04-26 20:27:26 2565632 ----a-w- C:\Windows\System32\esent.dll
2012-04-26 20:27:26 1659776 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2012-04-26 20:27:25 96768 ----a-w- C:\Windows\System32\fsutil.exe
2012-04-26 20:27:25 74240 ----a-w- C:\Windows\SysWow64\fsutil.exe
2012-04-26 20:27:25 410496 ----a-w- C:\Windows\System32\drivers\iaStorV.sys
2012-04-26 20:27:25 27008 ----a-w- C:\Windows\System32\drivers\amdxata.sys
2012-04-26 20:27:25 189824 ----a-w- C:\Windows\System32\drivers\storport.sys
2012-04-26 20:27:25 1699328 ----a-w- C:\Windows\SysWow64\esent.dll
2012-04-26 20:27:25 166272 ----a-w- C:\Windows\System32\drivers\nvstor.sys
2012-04-26 20:27:25 148352 ----a-w- C:\Windows\System32\drivers\nvraid.sys
2012-04-26 20:27:25 107904 ----a-w- C:\Windows\System32\drivers\amdsata.sys
2012-04-26 20:06:13 -------- d-----w- C:\Windows\en
2012-04-26 20:05:15 -------- d-----w- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2012-04-26 20:02:44 69464 ----a-w- C:\Windows\SysWow64\XAPOFX1_3.dll
2012-04-26 20:02:44 523088 ----a-w- C:\Windows\System32\d3dx10_42.dll
2012-04-26 20:02:44 515416 ----a-w- C:\Windows\SysWow64\XAudio2_5.dll
2012-04-26 20:02:44 453456 ----a-w- C:\Windows\SysWow64\d3dx10_42.dll
2012-04-26 20:02:13 4398360 ----a-w- C:\Windows\System32\d3dx9_32.dll
2012-04-26 20:02:13 3426072 ----a-w- C:\Windows\SysWow64\d3dx9_32.dll
2012-04-26 19:59:54 89944 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\25097d0c1cd23e71f\DSETUP.dll
2012-04-26 19:59:54 537432 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\25097d0c1cd23e71f\DXSETUP.exe
2012-04-26 19:59:54 1801048 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\25097d0c1cd23e71f\dsetup32.dll
2012-04-26 19:59:47 94040 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\21645c321cd23e71e\DSETUP.dll
2012-04-26 19:59:47 525656 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\21645c321cd23e71e\DXSETUP.exe
2012-04-26 19:59:47 1691480 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\21645c321cd23e71e\dsetup32.dll
2012-04-26 19:58:51 6260088 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\ffe72d4a1cd23e617\Silverlight.4.0.exe
2012-04-26 19:56:37 -------- d-----w- C:\Users\Ant\AppData\Local\Windows Live
2012-04-26 19:56:36 -------- d-----w- C:\Program Files (x86)\Common Files\Windows Live
2012-04-26 19:09:39 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys
2012-04-26 19:09:38 98816 ----a-w- C:\Windows\System32\drivers\usbccgp.sys
2012-04-26 19:09:38 7936 ----a-w- C:\Windows\System32\drivers\usbd.sys
2012-04-26 19:09:38 52736 ----a-w- C:\Windows\System32\drivers\usbehci.sys
2012-04-26 19:09:38 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys
2012-04-26 19:09:38 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys
2012-04-26 19:09:38 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys
2012-04-26 18:04:20 81408 ----a-w- C:\Windows\System32\imagehlp.dll
2012-04-26 18:04:20 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys
2012-04-26 18:04:20 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll
2012-04-26 18:04:20 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll
2012-04-26 18:04:19 5120 ----a-w- C:\Windows\SysWow64\wmi.dll
2012-04-26 18:04:19 5120 ----a-w- C:\Windows\System32\wmi.dll
2012-04-26 18:04:19 220672 ----a-w- C:\Windows\System32\wintrust.dll
2012-04-26 17:55:13 -------- d-----w- C:\Windows\SysWow64\Wat
2012-04-26 17:55:12 -------- d-----w- C:\Windows\System32\Wat
2012-04-26 17:49:05 5559152 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-04-26 17:49:04 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2012-04-26 17:49:04 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2012-04-26 17:48:46 -------- d-----w- C:\Program Files\Microsoft IntelliPoint
2012-04-26 17:46:42 -------- d-----w- C:\Program Files\Microsoft IntelliType Pro
2012-04-26 17:30:39 715776 ----a-w- C:\Windows\System32\kerberos.dll
2012-04-26 17:29:57 288768 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys
2012-04-26 17:28:57 1164288 ----a-w- C:\Windows\SysWow64\mfc42u.dll
2012-04-26 17:27:59 498688 ----a-w- C:\Windows\System32\drivers\afd.sys
2012-04-26 17:26:55 90624 ----a-w- C:\Windows\System32\drivers\bowser.sys
2012-04-26 17:26:51 861696 ----a-w- C:\Windows\System32\oleaut32.dll
2012-04-26 17:26:51 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll
2012-04-26 17:26:51 331776 ----a-w- C:\Windows\System32\oleacc.dll
2012-04-26 17:26:51 233472 ----a-w- C:\Windows\SysWow64\oleacc.dll
2012-04-26 17:26:48 534528 ----a-w- C:\Windows\SysWow64\EncDec.dll
2012-04-26 17:26:47 723456 ----a-w- C:\Windows\System32\EncDec.dll
2012-04-26 17:26:32 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2012-04-26 17:26:29 2048 ----a-w- C:\Windows\System32\tzres.dll
2012-04-26 17:26:24 1731920 ----a-w- C:\Windows\System32\ntdll.dll
2012-04-26 17:26:24 1292080 ----a-w- C:\Windows\SysWow64\ntdll.dll
2012-04-26 17:26:16 77312 ----a-w- C:\Windows\System32\packager.dll
2012-04-26 17:26:16 67072 ----a-w- C:\Windows\SysWow64\packager.dll
2012-04-26 15:54:14 -------- d-----w- C:\Windows\PCHEALTH
2012-04-26 15:25:20 -------- d-----w- C:\Users\Ant\AppData\Local\Google
2012-04-26 15:25:05 -------- d-----w- C:\Users\Ant\AppData\Local\Apps
2012-04-26 15:25:04 -------- d-----w- C:\Users\Ant\AppData\Local\Deployment
2012-04-26 01:23:44 -------- d-----w- C:\Users\Ant\AppData\Roaming\AVG2012
2012-04-26 01:22:50 -------- d-----w- C:\Windows\SysWow64\drivers\AVG
2012-04-26 01:22:30 -------- d--h--w- C:\$AVG
2012-04-26 01:22:30 -------- d-----w- C:\Windows\System32\drivers\AVG
2012-04-26 01:22:30 -------- d-----w- C:\ProgramData\AVG2012
2012-04-26 01:22:00 -------- d-----w- C:\Program Files (x86)\AVG
2012-04-25 23:20:56 -------- d--h--w- C:\ProgramData\Common Files
2012-04-25 23:20:40 -------- d-----w- C:\ProgramData\MFAData
2012-04-25 21:50:06 -------- d-----w- C:\Users\Ant\AppData\Local\Diagnostics
2012-04-25 21:40:10 -------- d-----w- C:\Program Files (x86)\Origin Games
2012-04-25 21:40:04 -------- d-----w- C:\Users\Ant\AppData\Local\Origin
2012-04-25 21:40:04 -------- d-----w- C:\ProgramData\Origin
2012-04-25 21:39:13 -------- d-----w- C:\Users\Ant\AppData\Roaming\Origin
2012-04-25 21:38:47 -------- d-----w- C:\Program Files (x86)\Origin
2012-04-25 21:35:27 8917360 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{109E8C16-1B21-43E6-8DF0-7D6C3899F32F}\mpengine.dll
2012-04-25 21:35:26 279656 ------w- C:\Windows\System32\MpSigStub.exe
2012-04-25 21:30:31 -------- d-----w- C:\ProgramData\Electronic Arts
2012-04-25 21:30:31 -------- d-----w- C:\ProgramData\EA Core
2012-04-25 21:30:30 -------- d-----w- C:\ProgramData\EA Logs
2012-04-25 21:18:23 -------- d-----w- C:\Users\Ant\AppData\Local\Microsoft Games
2012-04-25 21:18:02 24896 ----a-w- C:\Windows\ET5Drv.sys
2012-04-25 21:15:34 -------- d-sh--w- C:\Windows\Installer
2012-04-25 21:15:18 889664 ----a-w- C:\Windows\System32\nvvsvc.exe
2012-04-25 21:15:18 63296 ----a-w- C:\Windows\System32\nvshext.dll
2012-04-25 21:15:18 6074176 ----a-w- C:\Windows\System32\nvcpl.dll
2012-04-25 21:15:18 3089728 ----a-w- C:\Windows\System32\nvsvc64.dll
2012-04-25 21:15:18 2515790 ----a-w- C:\Windows\System32\nvcoproc.bin
2012-04-25 21:15:18 118080 ----a-w- C:\Windows\System32\nvmctray.dll
2012-04-25 21:15:08 -------- d-----w- C:\ProgramData\NVIDIA Corporation
2012-04-25 21:15:05 -------- d-----w- C:\Program Files (x86)\NVIDIA Corporation
2012-04-25 21:08:53 -------- d-----w- C:\Program Files (x86)\Gigabyte
2012-04-25 21:08:49 327168 ----a-w- C:\Windows\IsUninst.exe
2012-04-25 21:05:48 74272 ----a-w- C:\Windows\System32\RtNicProp64.dll
2012-04-25 21:05:48 646248 ----a-w- C:\Windows\System32\drivers\Rt64win7.sys
2012-04-25 21:05:48 107552 ----a-w- C:\Windows\System32\RTNUninst64.dll
2012-04-25 21:05:45 -------- d-----w- C:\Program Files (x86)\Realtek
2012-04-25 20:49:40 53248 ----a-w- C:\Windows\SysWow64\CSVer.dll
2012-04-25 20:49:31 -------- d-----w- C:\Intel
2012-04-25 20:45:33 70304 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-04-25 20:45:33 418464 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-04-25 20:45:16 -------- d--h--w- C:\Windows\AxInstSV
2012-04-25 20:40:14 -------- d-----w- C:\drivers
2012-04-25 20:30:22 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe
2012-04-25 20:30:20 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll
2012-04-25 20:30:20 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys
2012-04-25 20:30:20 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys
2012-04-25 20:30:20 1031680 ----a-w- C:\Windows\System32\rdpcore.dll
2012-04-25 20:28:49 -------- d-sh--w- C:\Recovery
2012-04-18 18:50:26 28480 ----a-w- C:\Windows\System32\drivers\avgidsha.sys
.
==================== Find3M ====================
.
2012-03-18 19:17:26 383808 ----a-w- C:\Windows\System32\drivers\avgtdia.sys
2012-03-08 08:37:20 302448 ----a-w- C:\Windows\WLXPGSS.SCR
2012-02-29 03:26:56 416064 ----a-w- C:\Windows\SysWow64\nvStreaming.exe
2012-02-28 06:56:48 2311168 ----a-w- C:\Windows\System32\jscript9.dll
2012-02-28 06:49:56 1390080 ----a-w- C:\Windows\System32\wininet.dll
2012-02-28 06:48:57 1493504 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-02-28 06:42:55 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-02-28 01:18:55 1799168 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-02-28 01:11:21 1427456 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-02-28 01:11:07 1127424 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-02-28 01:03:16 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-02-21 19:25:32 289872 ----a-w- C:\Windows\System32\drivers\avgldx64.sys
2012-02-10 06:36:07 1544192 ----a-w- C:\Windows\System32\DWrite.dll
2012-02-10 05:38:43 1077248 ----a-w- C:\Windows\SysWow64\DWrite.dll
2012-02-03 04:34:34 3145728 ----a-w- C:\Windows\System32\win32k.sys
2012-01-30 18:46:48 36944 ----a-w- C:\Windows\System32\drivers\avgrkx64.sys
.
============= FINISH: 8:16:26.89 ===============
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:26:35 AM, on 29/04/2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
C:\Windows\SysWOW64\NOTEPAD.EXE
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\SysWOW64\NOTEPAD.EXE
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: WinZip Courier BHO - {A8FB70FA-0FDF-4601-9DC4-BFA1B357204F} - C:\PROGRA~2\WINZIP~1\wzwmcie.dll
O4 - HKLM\..\Run: [EasyTuneV] C:\Program Files (x86)\Gigabyte\ET5\ETcall.exe
O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Ant\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-714707007-236651521-3519863920-1003\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-714707007-236651521-3519863920-1003\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 8000 bytes