CPU usage crazy high all the time.

[lemon07r]

I dont know why but my cpu usage is always around 50% on idle and 100% whenever im doing something even things that arent cpu intensive. Normally it idle arounds 0-4% and doesnt really go above 40% unless im doing something cpu intensive like gaming. Its driving me crazy I cant play any games with out freezing and crashing randomly now. I have a athlon II x3 445 (3.1ghz) 8gb ddr3 1333mhz ripjaws ram and a gigabyte ati hd 4850 1gb. I tried booting in safe mode and my cpu usage went back to normal, but when i booted regularly again the lag came bk. When I look at task manage the only process really using my up my cpu is system idle process so I cant seem to narrow down the source of this lag. Ive tried resetting default on bios but that didnt make a difference.

My hijackthis log

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 3:10:47 PM, on 04/08/2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16447)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Uniblue\SpeedUpMyPC\spmonitor.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Users\Lamim\AppData\Local\Lexar Media\LxrAutorun.exe
C:\Program Files (x86)\OpenDNS Updater\OpenDNSUpdater.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Users\Lamim\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Lamim\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Lamim\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Lamim\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Lamim\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT2790392
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ca.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.poony.info/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
R3 - URLSearchHook: mipony-plugin Toolbar - {90d46c30-9f25-4104-aea9-35c3f84477ff} - C:\Program Files (x86)\mipony-plugin\tbmip1.dll
R3 - URLSearchHook: (no name) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - (no file)
R3 - URLSearchHook: XfireXO Toolbar - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files (x86)\XfireXO\prxtbXfir.dll
R3 - URLSearchHook: BitTorrentBar Toolbar - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\prxtbBitT.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: XfireXO - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files (x86)\XfireXO\prxtbXfir.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: BitTorrentBar - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\prxtbBitT.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: mipony-plugin Toolbar - {90d46c30-9f25-4104-aea9-35c3f84477ff} - C:\Program Files (x86)\mipony-plugin\tbmip1.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Mega Manager IE Click Monitor - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files (x86)\Megaupload\Mega Manager\MegaIEMn.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: mipony-plugin Toolbar - {90d46c30-9f25-4104-aea9-35c3f84477ff} - C:\Program Files (x86)\mipony-plugin\tbmip1.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll
O3 - Toolbar: XfireXO Toolbar - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files (x86)\XfireXO\prxtbXfir.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: BitTorrentBar Toolbar - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\prxtbBitT.dll
O4 - HKLM\..\Run: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe"
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Win7PDF] C:\Program Files\PDF Printer for Windows 7\PDF.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Live Update 5] C:\Program Files (x86)\MSI\Live Update 5\BootStartLiveupdate.exe /reminder
O4 - HKCU\..\Run: [Google Update] "C:\Users\Lamim\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [LxrAutorun] C:\Users\Lamim\AppData\Local\Lexar Media\LxrAutorun.exe
O4 - HKCU\..\Run: [OpenDNS Updater] "C:\Program Files (x86)\OpenDNS Updater\OpenDNSUpdater.exe" /autostart
O4 - HKCU\..\Run: [SpeedUpMyPC] "C:\Program Files (x86)\Uniblue\SpeedUpMyPC\launcher.exe" -d 20000
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download Link Using Mega Manager... - C:\Program Files (x86)\Megaupload\Mega Manager\mm_file.htm
O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download video with Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dllink.htm
O8 - Extra context menu item: Download with Mipony - file://C:\Program Files (x86)\MiPony\Browser\IEContext.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MIF5BA~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_2D06158FAC79A790.dll/cmsidewiki.html
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MIF5BA~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{F1AD97B1-D761-4E82-B244-51DB0960D8FB}: NameServer = 208.67.222.222,208.67.220.220
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: AMD FusionUtility Service - Advanced Micro Devices, Inc. - C:\Program Files (x86)\AMD\Fusion Utility for Desktop\FusionUtility2Service.exe
O23 - Service: AMD Reservation Manager - Advanced Micro Devices - C:\Program Files (x86)\AMD\Reservation Manager\AMD Reservation Manager.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Futuremark SystemInfo Service - Futuremark Corporation - C:\Program Files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Lexar Secure II (LxrSII1s) - Lexar Media, Inc. - C:\Windows\system32\LxrSII1s.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Nalpeiron Licensing Service (nlsX86cc) - Nalpeiron Ltd. - C:\Windows\system32\NlsSrv32.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PS3 Media Server - Unknown owner - C:\Program Files (x86)\PS3 Media Server\win32\service\wrapper.exe
O23 - Service: PSPR Control Service (PSPRSERV) - ElcomSoft Co. Ltd. - C:\Program Files (x86)\ElcomSoft\Proactive System Password Recovery\psprserv64.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Samsung UPD Service - Unknown owner - C:\Windows\System32\SUPDSvc.exe (file missing)
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: Adobe SwitchBoard (SwitchBoard) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 5 (TeamViewer5) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe
O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files (x86)\Tunngle\TnglCtrl.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: PDF Printer Service for Windows 7 (Win7PDFPrinting) - Vivid Document Imaging Technologies - C:\Program Files\PDF Printer for Windows 7\Win7PDFPrinting.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 17681 bytes

Thanks for any input!

 

[johnb35]

OK, I see lots of issues.

I need you to use hijacthis to run a special scan for me.

Open hijackthis, click on open misc tools section, click on Uninstall manager, click on save list. Save it and then copy and paste the contents back here.

 

[lemon07r]

Here you go:

1ClickDownloader
Adobe AIR
Adobe AIR
Adobe Community Help
Adobe Community Help
Adobe Download Assistant
Adobe Download Assistant
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Photoshop CS5.1
Adobe Reader 9.5.1
Advanced GIF Compressor 1.0
Aimersoft DRM Media Converter(Build 1.5.0.0)
Akamai NetSession Interface Service
AMD Fusion Utility
AMD System Monitor
Apple Application Support
Apple Software Update
Ask Toolbar
Atheros Driver Installation Program
ATI Catalyst Registration
Audacity 1.3.14 (Unicode)
Avast License by ZeNiX [2012-03-14]
AviSynth 2.5
Battle vs. Chess
BIOS Code Unlocked Technology
BitTorrent
BitTorrentBar Toolbar
Black & White® 2
Black & White® 2 Battle of the Gods
Bloodline Champions
Bloodline Champions
BurnAware Free 4.2
Cain & Abel v4.9.43
calibre
Catalyst Control Center - Branding
Cheat Engine 6.1
Command & Conquer Generals
Command and ConquerTM Generals Zero Hour
Conduit Engine
D3DX10
Diablo III
Diablo III Beta
DivX Setup
Dota 2
DragonNest
Elite Launcher
Fable III
Feedback Tool
Feedback Tool
FLAC 1.2.1b (remove only)
Flash Packager 2.1
Fraps (remove only)
Free Download Manager 3.0
Free Hide IP
Futuremark SystemInfo
Google Earth
Google SketchUp 8
Google Toolbar for Internet Explorer
Google Toolbar for Internet Explorer
Google Update Helper
Haali Media Splitter
Hero Fighter
HiJackThis
Hotfix for Microsoft Visual Basic 2010 Express - ENU (KB2635973)
Hotfix for Microsoft Visual C# 2010 Express - ENU (KB2635973)
Hotfix for Microsoft Visual C++ 2010 Express - ENU (KB2565057)
Hotfix for Microsoft Visual C++ 2010 Express - ENU (KB2635973)
Hotfix for Microsoft Visual Web Developer 2010 Express - ENU (KB2548139)
Hotfix for Microsoft Visual Web Developer 2010 Express - ENU (KB2635973)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2280741)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2284668)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2295689)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2420513)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2452649)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2455033)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2485545)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB982517)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB982721)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB983233)
iFunbox (v1.98.948.666), iFunbox DevTeam
IIS 7.5 Express
ImgBurn
Inno Setup QuickStart Pack version 5.4.0
InnoIDE 1.0.0.67
IrfanView (remove only)
ISTool 5.3.0.1
Java(TM) 6 Update 33
Junk Mail filter update
LADSPA_plugins-win-0.4.15
LAME v3.98.3 for Audacity
LCP 5.04
League of Legends
Left 4 Dead 2
Live Update 5
Liveupdate4
LOCO v1.3
LogMeIn Hamachi
LogMeIn Hamachi
MagicDisc 2.7.106
Mega Manager
Microsoft ASP.NET MVC 2
Microsoft ASP.NET MVC 2 - VWD Express 2010 Tools
Microsoft ASP.NET MVC 3
Microsoft ASP.NET MVC 3 - VWD Express 2010 Tools
Microsoft ASP.NET Web Pages
Microsoft ASP.NET Web Pages - VWD Express 2010 Tools
Microsoft F# Runtime for Silverlight 4
Microsoft Games for Windows - LIVE Redistributable
Microsoft Games for Windows Marketplace
Microsoft Reader
Microsoft Silverlight 3 SDK
Microsoft Silverlight 4 SDK
Microsoft Silverlight 4 Toolkit April 2010
Microsoft Silverlight Tools for Visual Studio 2010
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft SQL Server 2008 Browser
Microsoft SQL Server 2008 R2 Management Objects
Microsoft SQL Server Compact 3.5 SP2 ENU
Microsoft SQL Server Compact 4.0 Web Tools ENU
Microsoft SQL Server Database Publishing Wizard 1.4
Microsoft Visual Basic 2010 Express - ENU
Microsoft Visual Basic 2010 Express - ENU
Microsoft Visual C# 2010 Express - ENU
Microsoft Visual C# 2010 Express - ENU
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219
Microsoft Visual C++ 2010 Express - ENU
Microsoft Visual C++ 2010 Express - ENU
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
Microsoft Visual Studio 2010 Service Pack 1
Microsoft Visual Studio 2010 Service Pack 1
Microsoft Visual Web Developer 2010 Express - ENU
Microsoft Visual Web Developer 2010 Express - ENU
Microsoft WebMatrix
Microsoft XNA Framework Redistributable 3.1
Microsoft XNA Framework Redistributable 4.0
Microsoft XNA Game Studio 4.0
Microsoft XNA Game Studio 4.0 (ARP entry)
Microsoft XNA Game Studio 4.0 (Redists)
Microsoft XNA Game Studio 4.0 (Shared Components)
Microsoft XNA Game Studio 4.0 (Visual Studio)
Microsoft XNA Game Studio 4.0 (XnaLiveProxy)
Microsoft XNA Game Studio 4.0 Documentation
Microsoft XNA Game Studio Platform Tools
Microsoft_VC80_ATL_x86
Microsoft_VC80_CRT_x86
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFCLOC_x86
Microsoft_VC90_ATL_x86
Microsoft_VC90_CRT_x86
Microsoft_VC90_MFC_x86
Microsoft_VC90_MFCLOC_x86
MiPony 1.6.4
mipony-plugin Toolbar
Mobipocket Reader 6.2
Mozilla Firefox 5.0 (x86 en-US)
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML4 Parser
Mz Shutdown Scheduler
NCsoft Launcher
Nexon Game Manager
Norton Security Scan
Notepad++
NuGet
NVIDIA PhysX
ooVoo
OpenAL
OpenDNS Updater 2.2.1
OpenGL Extensions Viewer 3.0
Opera 11.61
ophcrack 3.3.1
OverclockingCenter
PAK Explorer
PC Alert 4
PCSX2 - Playstation 2 Emulator
PDF Settings CS5
Pokemon Defense
PS3 Media Server
PSP Video 9 6
PunkBuster Services
Python 2.2.3
QuickTime
Rainmeter
RAM Defrag (remove only)
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealPlayer
RealUpgrade 1.1
reFX Nexus VSTi RTAS v2.2.0
Romance of the Three Kingdoms XI Razor 1911
Rome - Total War
Rusty Hearts PWE
Samsung SCX-4x16 Series
Samsung Universal Print Driver
SeaTools for Windows
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft Visual Basic for Applications 6.5 (KB974945)
Skype Click to Call
Skype™ 5.10
SliderDock
Smart Install Maker
Smart Install Maker 5.03
SmarThru
Speccy
SpeedFan (remove only)
StarCraft II
Steam
Stick RPG Director's Cut 0.942
SUPER © v2012.build.51 (April 7, 2012) version v2012.build.51
Super MNC Invitational
TeamSpeak 3 Client
TeamViewer 5
Terraria
The Lord of the Rings FREE Trial
Thrustmaster Force Feedback Driver
trakAxPC
Trillian
Tunngle beta
Uniblue SpeedUpMyPC
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
VC80CRTRedist - 8.0.50727.6195
VIA Platform Device Manager
VideoGenie
Videora iPod touch Converter 6
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU
WCF RIA Services V1.0 SP1
Windows Live Communications Platform
Windows Live Essentials
Windows Live Essentials
Windows Live Installer
Windows Live Mail
Windows Live Mail
Windows Live Messenger
Windows Live Messenger
Windows Live Movie Maker
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Media Player Firefox Plugin
WinPcap 4.1.2
WinUHA 2.0 RC1 (2005.02.27)
WinZip Registry Optimizer
wxWidgets 2.9.1
Xfire (remove only)
XfireXO Toolbar
yBook
yBook2
YouTube Downloader App 3.00

And thanks for the help!

 

[johnb35]

OK, first thing first....

You have some pirated software installed on your system. I don't know exactly how much pirated software is installed but at this point, your best bet is to uninstall everything pirated or if you have a lot, then reinstall windows and only installed genuine software that you legally own/paid for. Your avast sofware is definately pirated.

Avast License by ZeNiX [2012-03-14]

I'm not even gonna attempt to get you straightened out until I know all pirated software is off your machine.

Sorry.

 

[lemon07r]

I dont have any antivirus installed on my computer.. I only have the crack installed from years ago.. right now im running with no antivirus. (I dont download anything ever so I just uninstalled it awhile ago, I use my computer to play a few games, diablo 3 (cant be pirated so u know it legitimate), aion (its free), LoL (also free) blood line champions (also free), starcraft 2 (i play online only so its not pirated), all other games i have on my pc I dont touch) .

 

[johnb35]

Please download Malwarebytes' Anti-Malware from here or here and save it to your desktop.

• Double-click mbam-setup.exe and follow the prompts to install the program.
• At the end, be sure a checkmark is placed next to
  • Update Malwarebytes' Anti-Malware
  • and Launch Malwarebytes' Anti-Malware
• then click Finish.
• If an update is found, it will download and install the latest version. Please keep updating until it says you have the latest version.
• Once the program has loaded, select Perform quick scan, then click Scan.
• When the scan is complete, click OK, then Show Results to view the results.
• Be sure that everything is checked, and click Remove Selected.
• A log will be saved automatically which you can access by clicking on the Logs tab within Malwarebytes' Anti-Malware

If for some reason Malwarebytes will not install or run please download and run Rkill.scr, Rkill.exe, or Rkill.com. If you are still having issues running rkill then try downloading these renamed versions of the same program.

EXPLORER.EXE
IEXPLORE.EXE
USERINIT.EXE
WINLOGON.EXE

But DO NOT reboot the system and then try installing or running Malwarebytes. If Rkill (which is a black box) appears and then disappears right away or you get a message saying rkill is infected, keep trying to run rkill until it over powers the infection and temporarily kills it. Once a log appears on the screen, you can try running malwarebytes or downloading other programs.

Afterwards, post a fresh hijackthis log.

 

[lemon07r]

Ok so I did the scan, found 5 infected objects mostly registry. Told me to restart to remove malware properly, i restarded, but my desktop was all black, and there was no start menu or anything. I tried right clicking and got nothing, so alt+cntrl+dlt and started task manager and saw two interesting processes by the name of runoncewrapper.exe or something like that, I killed the process tree and everything loaded up normally. not sure what it is.
Here's the malwarebytes log:

Malwarebytes Anti-Malware (Trial) 1.62.0.1300
www.malwarebytes.org

Database version: v2012.08.07.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Lamim :: XPC-WYVERN011 [administrator]

Protection: Enabled

07/08/2012 1:43:43 PM
mbam-log-2012-08-07 (13-47-57).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 240282
Time elapsed: 3 minute(s), 44 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 3
HKLM\SOFTWARE\Microsoft\Security Center|AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKLM\SOFTWARE\Microsoft\Security Center|FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKLM\SOFTWARE\Microsoft\Security Center|UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.

Folders Detected: 0
(No malicious items detected)

Files Detected: 2
C:\plyxe.pif (Malware.Packer.Gen) -> No action taken.
C:\Users\Lamim\Local Settings\Application Data\7z.exe (Trojan.Autoit) -> No action taken.

(end)

Here's hte hijackthis log:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 1:52:48 PM, on 07/08/2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16447)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Users\Lamim\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Lamim\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Lamim\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Lamim\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Lamim\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
C:\Windows\SysWOW64\DllHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT2790392
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ca.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.poony.info/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
R3 - URLSearchHook: mipony-plugin Toolbar - {90d46c30-9f25-4104-aea9-35c3f84477ff} - C:\Program Files (x86)\mipony-plugin\tbmip1.dll
R3 - URLSearchHook: (no name) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - (no file)
R3 - URLSearchHook: XfireXO Toolbar - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files (x86)\XfireXO\prxtbXfir.dll
R3 - URLSearchHook: BitTorrentBar Toolbar - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\prxtbBitT.dll
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: XfireXO - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files (x86)\XfireXO\prxtbXfir.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: BitTorrentBar - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\prxtbBitT.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: mipony-plugin Toolbar - {90d46c30-9f25-4104-aea9-35c3f84477ff} - C:\Program Files (x86)\mipony-plugin\tbmip1.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Mega Manager IE Click Monitor - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files (x86)\Megaupload\Mega Manager\MegaIEMn.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: mipony-plugin Toolbar - {90d46c30-9f25-4104-aea9-35c3f84477ff} - C:\Program Files (x86)\mipony-plugin\tbmip1.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll
O3 - Toolbar: XfireXO Toolbar - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files (x86)\XfireXO\prxtbXfir.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: BitTorrentBar Toolbar - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\prxtbBitT.dll
O4 - HKLM\..\Run: [Win7PDF] C:\Program Files\PDF Printer for Windows 7\PDF.exe
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKCU\..\Run: [SpeedUpMyPC] "C:\Program Files (x86)\Uniblue\SpeedUpMyPC\launcher.exe" -d 20000
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download Link Using Mega Manager... - C:\Program Files (x86)\Megaupload\Mega Manager\mm_file.htm
O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download video with Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dllink.htm
O8 - Extra context menu item: Download with Mipony - file://C:\Program Files (x86)\MiPony\Browser\IEContext.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MIF5BA~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_2D06158FAC79A790.dll/cmsidewiki.html
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MIF5BA~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{F1AD97B1-D761-4E82-B244-51DB0960D8FB}: NameServer = 208.67.222.222,208.67.220.220
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: AMD FusionUtility Service - Advanced Micro Devices, Inc. - C:\Program Files (x86)\AMD\Fusion Utility for Desktop\FusionUtility2Service.exe
O23 - Service: AMD Reservation Manager - Advanced Micro Devices - C:\Program Files (x86)\AMD\Reservation Manager\AMD Reservation Manager.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Futuremark SystemInfo Service - Futuremark Corporation - C:\Program Files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Lexar Secure II (LxrSII1s) - Lexar Media, Inc. - C:\Windows\system32\LxrSII1s.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Nalpeiron Licensing Service (nlsX86cc) - Nalpeiron Ltd. - C:\Windows\system32\NlsSrv32.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PS3 Media Server - Unknown owner - C:\Program Files (x86)\PS3 Media Server\win32\service\wrapper.exe
O23 - Service: PSPR Control Service (PSPRSERV) - ElcomSoft Co. Ltd. - C:\Program Files (x86)\ElcomSoft\Proactive System Password Recovery\psprserv64.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Samsung UPD Service - Unknown owner - C:\Windows\System32\SUPDSvc.exe (file missing)
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: Adobe SwitchBoard (SwitchBoard) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 5 (TeamViewer5) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe
O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files (x86)\Tunngle\TnglCtrl.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: PDF Printer Service for Windows 7 (Win7PDFPrinting) - Vivid Document Imaging Technologies - C:\Program Files\PDF Printer for Windows 7\Win7PDFPrinting.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 15700 bytes

And here's the uninstall manager log from hijackthis: (btw I uninstalled zenix since I dont even have avast in the first place)

1ClickDownloader
Adobe AIR
Adobe AIR
Adobe Community Help
Adobe Community Help
Adobe Download Assistant
Adobe Download Assistant
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Photoshop CS5.1
Adobe Reader 9.5.1
Advanced GIF Compressor 1.0
Aimersoft DRM Media Converter(Build 1.5.0.0)
Akamai NetSession Interface Service
AMD Fusion Utility
AMD System Monitor
Apple Application Support
Apple Software Update
Ask Toolbar
Atheros Driver Installation Program
ATI Catalyst Registration
Audacity 1.3.14 (Unicode)
AviSynth 2.5
Battle vs. Chess
BIOS Code Unlocked Technology
BitTorrent
BitTorrentBar Toolbar
Black & White® 2
Black & White® 2 Battle of the Gods
Bloodline Champions
Bloodline Champions
BurnAware Free 4.2
Cain & Abel v4.9.43
calibre
Catalyst Control Center - Branding
Cheat Engine 6.1
Command & Conquer Generals
Command and ConquerTM Generals Zero Hour
Conduit Engine
D3DX10
Diablo III
Diablo III Beta
DivX Setup
Dota 2
DragonNest
Elite Launcher
Fable III
Feedback Tool
Feedback Tool
FLAC 1.2.1b (remove only)
Flash Packager 2.1
Fraps (remove only)
Free Download Manager 3.0
Free Hide IP
Futuremark SystemInfo
Google Earth
Google SketchUp 8
Google Toolbar for Internet Explorer
Google Toolbar for Internet Explorer
Google Update Helper
Haali Media Splitter
Hero Fighter
HiJackThis
Hotfix for Microsoft Visual Basic 2010 Express - ENU (KB2635973)
Hotfix for Microsoft Visual C# 2010 Express - ENU (KB2635973)
Hotfix for Microsoft Visual C++ 2010 Express - ENU (KB2565057)
Hotfix for Microsoft Visual C++ 2010 Express - ENU (KB2635973)
Hotfix for Microsoft Visual Web Developer 2010 Express - ENU (KB2548139)
Hotfix for Microsoft Visual Web Developer 2010 Express - ENU (KB2635973)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2280741)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2284668)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2295689)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2420513)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2452649)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2455033)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2485545)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB982517)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB982721)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB983233)
iFunbox (v1.98.948.666), iFunbox DevTeam
IIS 7.5 Express
ImgBurn
Inno Setup QuickStart Pack version 5.4.0
InnoIDE 1.0.0.67
IrfanView (remove only)
ISTool 5.3.0.1
Java(TM) 6 Update 33
Junk Mail filter update
LADSPA_plugins-win-0.4.15
LAME v3.98.3 for Audacity
LCP 5.04
League of Legends
Left 4 Dead 2
Live Update 5
Liveupdate4
LOCO v1.3
LogMeIn Hamachi
LogMeIn Hamachi
MagicDisc 2.7.106
Malwarebytes Anti-Malware version 1.62.0.1300
Mega Manager
Microsoft ASP.NET MVC 2
Microsoft ASP.NET MVC 2 - VWD Express 2010 Tools
Microsoft ASP.NET MVC 3
Microsoft ASP.NET MVC 3 - VWD Express 2010 Tools
Microsoft ASP.NET Web Pages
Microsoft ASP.NET Web Pages - VWD Express 2010 Tools
Microsoft F# Runtime for Silverlight 4
Microsoft Games for Windows - LIVE Redistributable
Microsoft Games for Windows Marketplace
Microsoft Reader
Microsoft Silverlight 3 SDK
Microsoft Silverlight 4 SDK
Microsoft Silverlight 4 Toolkit April 2010
Microsoft Silverlight Tools for Visual Studio 2010
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft SQL Server 2008 Browser
Microsoft SQL Server 2008 R2 Management Objects
Microsoft SQL Server Compact 3.5 SP2 ENU
Microsoft SQL Server Compact 4.0 Web Tools ENU
Microsoft SQL Server Database Publishing Wizard 1.4
Microsoft Visual Basic 2010 Express - ENU
Microsoft Visual Basic 2010 Express - ENU
Microsoft Visual C# 2010 Express - ENU
Microsoft Visual C# 2010 Express - ENU
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219
Microsoft Visual C++ 2010 Express - ENU
Microsoft Visual C++ 2010 Express - ENU
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
Microsoft Visual Studio 2010 Service Pack 1
Microsoft Visual Studio 2010 Service Pack 1
Microsoft Visual Web Developer 2010 Express - ENU
Microsoft Visual Web Developer 2010 Express - ENU
Microsoft WebMatrix
Microsoft XNA Framework Redistributable 3.1
Microsoft XNA Framework Redistributable 4.0
Microsoft XNA Game Studio 4.0
Microsoft XNA Game Studio 4.0 (ARP entry)
Microsoft XNA Game Studio 4.0 (Redists)
Microsoft XNA Game Studio 4.0 (Shared Components)
Microsoft XNA Game Studio 4.0 (Visual Studio)
Microsoft XNA Game Studio 4.0 (XnaLiveProxy)
Microsoft XNA Game Studio 4.0 Documentation
Microsoft XNA Game Studio Platform Tools
Microsoft_VC80_ATL_x86
Microsoft_VC80_CRT_x86
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFCLOC_x86
Microsoft_VC90_ATL_x86
Microsoft_VC90_CRT_x86
Microsoft_VC90_MFC_x86
Microsoft_VC90_MFCLOC_x86
MiPony 1.6.4
mipony-plugin Toolbar
Mobipocket Reader 6.2
Mozilla Firefox 14.0.1 (x86 en-US)
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML4 Parser
Mz Shutdown Scheduler
NCsoft Launcher
Nexon Game Manager
Norton Security Scan
Notepad++
NuGet
NVIDIA PhysX
ooVoo
OpenAL
OpenDNS Updater 2.2.1
OpenGL Extensions Viewer 3.0
Opera 11.61
ophcrack 3.3.1
OverclockingCenter
PAK Explorer
PC Alert 4
PCSX2 - Playstation 2 Emulator
PDF Settings CS5
Pokemon Defense
PS3 Media Server
PSP Video 9 6
PunkBuster Services
Python 2.2.3
QuickTime
Rainmeter
RAM Defrag (remove only)
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealPlayer
RealUpgrade 1.1
reFX Nexus VSTi RTAS v2.2.0
Romance of the Three Kingdoms XI Razor 1911
Rome - Total War
Rusty Hearts PWE
Samsung SCX-4x16 Series
Samsung Universal Print Driver
SeaTools for Windows
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft Visual Basic for Applications 6.5 (KB974945)
Skype Click to Call
Skype™ 5.10
SliderDock
Smart Install Maker
Smart Install Maker 5.03
SmarThru
Speccy
SpeedFan (remove only)
StarCraft II
Steam
Stick RPG Director's Cut 0.942
SUPER © v2012.build.51 (April 7, 2012) version v2012.build.51
Super MNC Invitational
TeamSpeak 3 Client
TeamViewer 5
Terraria
The Lord of the Rings FREE Trial
Thrustmaster Force Feedback Driver
trakAxPC
Trillian
Tunngle beta
Uniblue SpeedUpMyPC
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
VC80CRTRedist - 8.0.50727.6195
VIA Platform Device Manager
VideoGenie
Videora iPod touch Converter 6
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU
WCF RIA Services V1.0 SP1
Windows Live Communications Platform
Windows Live Essentials
Windows Live Essentials
Windows Live Installer
Windows Live Mail
Windows Live Mail
Windows Live Messenger
Windows Live Messenger
Windows Live Movie Maker
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Media Player Firefox Plugin
WinPcap 4.1.2
WinUHA 2.0 RC1 (2005.02.27)
WinZip Registry Optimizer
wxWidgets 2.9.1
Xfire (remove only)
XfireXO Toolbar
yBook
yBook2
YouTube Downloader App 3.00

Again thanks for your help.

 

[johnb35]

according to the malwarebytes log, no action was taken. Did you click on the remove selected button to remove those infections? Please rescan your system to make sure they are gone.

 

[lemon07r]

Oh i saved the log before taking any action, I had malwarebytes remove the infected objects after I saved the log. I will do a rescan tomorrow though.

 

[johnb35]

Highly recommend uninstalling the following programs.

Uniblue SpeedUpMyPC
WinZip Registry Optimizer
Norton Security Scan
Conduit Engine
BitTorrent
BitTorrentBar Toolbar


Download the free version of Avast or Microsoft Security Essentials. Don't run without any virus protection.

 

[lemon07r]

Funny thing is I never installed those and it wont let me uninstall them, I never wanted them in the first place.

 

[lemon07r]

Alot of those I didnt install myself, I had been wanting to uninstall those.
EDIT: Ok ive uninstalled all of them but I still have major cpu lag. Ive now also overclocked my cpu to 3.5ghz (was 3.1ghz before)

 

[johnb35]

Then I would guess its time to reinstall windows. Not sure what else could be wrong. If you are still having high cpu usage, open task manager, and sort by cpu usage and find what process is using the most of the cpu. Ignore system idle processes.

 

[lemon07r]

Ive tried that I cant seem to find anything but system idle using up my cpu, is there a way to re install with removing a couple of my programs? I have stuff like word 2010 and i dont know where my install disc is and I dont want to download aion, diablo, starcraft 2 (i have on disc but updates are huge) and aion again, that's 200gb of bandwidth right there and I only get 80 a month .

 

[johnb35]

As I said, System idle process is nothing to worry about, it will always be high as its supposed to.

Look in the following image and you'll see what an average XP system will look like. See how system idle process is at 99%. The thing you need to look at is at the bottom for the actual cpu usage. See where it says 0%. Thats where you need to look at first. If that number is high then you need to look up top for whats using it EXCEPT for system idle processes. As other processes start using the cpu, then the system idle process percentage will start going down. 99% system idle processes means just that. 99% of your cpu is at an idle state.
If you click on the cpu usage column you can sort it that way. If you sort it high to low then system idle process should always be at the top.

Hopefully we are on the same page here. If it shows cpu usage 50% or more than make sure you check the box that says show processes from all users. If its at 50% then a process or processes will reflect that.

The next time its high, expand task manager and get a screen shot of it or multiple screenshots if need be to get the whole list of processes. Not sure what else to tell you to do.

 

[StrangleHold]

Like said above. If you have high cpu usage it should show what process/es is using it from the above Task Manager.

 

[lemon07r]

Yeah my cpu usage has gone down now after much cleaning and a full malwarbytes scan which took a while. Right after I then ran scan with avast free (screensaver scan) and it found that ton of amd and ati files were infected with with win32:sality (im not sure how malware bytes missed this, this scan took place right after the malwarebytes one). I cant remove it cause when I try to my avast crashes. And I dont want o remove it cause it my screw up my videocard drivers. What should I do?

 

[johnb35]

Unfortunately, with the Sality infection along with virut and another, its very hard to remove. You may be in store to format and reinstall windows. However, I would like for you to run the following.

Please download and run the ESET Online Scanner
Disable any antivirus/security programs.
IMPORTANT! UN-check Remove found threats
Accept any security warnings from your browser.
Check Scan archives
Click Start
ESET will then download updates, install and then start scanning your system.
When the scan is done, push list of found threats
Click on Export to text file , and save the file to your desktop using a file name, such as ESETlog. Include the contents of this report in your next reply.
If no threats are found then it won't produce a log.

 

[lemon07r]

I couldn't find the "UN-check Remove found threats" but sorry but I did run the scan anyways:

C:\AMD\ATI_Win7_Vista_Catalyst10.1_Hotfix_8.69.3RC2_Jan27\Setup.exe Win32/Sality.NBA virus cleaned - quarantined
C:\AMD\ATI_Win7_Vista_Catalyst10.1_Hotfix_8.69.3RC2_Jan27\Bin\InstallManagerApp.exe Win32/Sality.NBA virus cleaned - quarantined
C:\AMD\ATI_Win7_Vista_Catalyst10.1_Hotfix_8.69.3RC2_Jan27\Bin\Setup.exe Win32/Sality.NBA virus cleaned - quarantined
C:\AMD\Support\12-6-legacy_vista_win7_64_dd_ccc_whql\Packages\Apps\AppEx\AppEx\ABC.exe Win32/Sality.NBA virus cleaned - quarantined
C:\AMD\Support\12-6_vista_win7_64_dd_ccc_whql\Packages\Apps\AppEx\AppEx\ABC.exe Win32/Sality.NBA virus cleaned - quarantined
C:\ATI\Support\10-7_vista64_win7_64_dd_ccc_enu\Setup.exe Win32/Sality.NBA virus cleaned - quarantined
C:\ATI\Support\10-7_vista_win7_32-64_sb\Setup.exe Win32/Sality.NBA virus cleaned - quarantined
C:\ATI\Support\10-7_vista_win7_32-64_sb\Bin\ATISetup.exe Win32/Sality.NBA virus cleaned - quarantined
C:\ATI\Support\10-7_vista_win7_32-64_sb\Bin\InstallManagerApp.exe Win32/Sality.NBA virus cleaned - quarantined
C:\ATI\Support\10-7_vista_win7_32-64_sb\Bin\Setup.exe Win32/Sality.NBA virus cleaned - quarantined
C:\ATI\Support\10-7_vista_win7_32-64_xcode\Setup.exe Win32/Sality.NBA virus cleaned - quarantined
C:\ATI\Support\10-7_vista_win7_32-64_xcode\Bin\ATISetup.exe Win32/Sality.NBA virus cleaned - quarantined
C:\ATI\Support\10-7_vista_win7_32-64_xcode\Bin\InstallManagerApp.exe Win32/Sality.NBA virus cleaned - quarantined
C:\ATI\Support\10-7_vista_win7_32-64_xcode\Bin\Setup.exe Win32/Sality.NBA virus cleaned - quarantined
C:\ATI\Support\10-8_vista64_win7_64_dd_ccc_enu\Setup.exe Win32/Sality.NBA virus cleaned - quarantined
C:\ATI\Support\11-2_vista64_win7_64_dd_ccc_ocl\Setup.exe Win32/Sality.NBA virus cleaned - quarantined
C:\ATI\Support\11-3_vista64_win7_64_dd_ccc_ocl\Setup.exe Win32/Sality.NBA virus cleaned - quarantined
C:\BigFishGamesCache\Upgrade\stub\masterofdefense_s1_l1_gF869T1L1_d1434332206.exe Win32/Sality.NBA virus cleaned - quarantined
C:\Fraps\fraps.exe Win32/Sality.NBA virus cleaned - quarantined
C:\Fraps\uninstall.exe Win32/Sality.NBA virus cleaned - quarantined
C:\Perfect World Entertainment\Rusty Hearts\Launcher\tool\ClientLauncher.exe Win32/Sality.NBA virus cleaned - quarantined
C:\Perfect World Entertainment\Rusty Hearts\Launcher\tool\ServerListLauncher.exe Win32/Sality.NBA virus cleaned - quarantined
C:\Program Files (x86)\2K Games\Mafia II\pc\SKIDROW.exe Win32/Sality.NBA virus cleaned - quarantined
C:\Program Files (x86)\Common Files\Wise Installation Wizard\WIS1EFAF4929A3B48C39349234B146FDA46_5_0_4.MSI multiple threats deleted - quarantined
C:\Program Files (x86)\LCP\Data\pwdump2\samdump.dll probably a variant of Win32/Agent.GELFBUE trojan cleaned by deleting - quarantined
C:\Program Files (x86)\LCP\Data\pwdump3\pwservice.exe Win32/PSWTool.PWDump3 application cleaned by deleting - quarantined
C:\Program Files (x86)\LCP\Data\pwdump3e\pwservice.exe Win32/PSWTool.PWDump.A application cleaned by deleting - quarantined
C:\Program Files (x86)\ophcrack\ophcrack.exe a variant of Win32/PSWTool.ophCrack.A application cleaned by deleting - quarantined
C:\Program Files (x86)\ophcrack\ophcrack_nogui.exe a variant of Win32/PSWTool.ophCrack.A application cleaned by deleting - quarantined
C:\Program Files (x86)\ophcrack\pwdump\lsremora.dll Win32/PSWTool.PWDump6 application cleaned by deleting - quarantined
C:\Program Files (x86)\ophcrack\pwdump\pwdump6_setup.exe Win32/PSWTool.PWDump6 application cleaned by deleting - quarantined
C:\Program Files (x86)\ophcrack\pwdump\servpw.exe Win32/PSWTool.PWDump6 application cleaned by deleting - quarantined
C:\Users\Lamim\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37\35a186a5-22da8a9e multiple threats deleted - quarantined
C:\Windows\AutoKMS\AutoKMS.exe probably a variant of Win32/HackKMS.B application cleaned by deleting - quarantined
C:\Windows\Installer\3e9ca0.msi multiple threats deleted - quarantined

I downloaded ophcrack awhile ago cause I had added a password and realized I count remember it haha.

During another screen saverscan avast found more files infected, one that arent listed by the eset scan So i think its spreading

 

[johnb35]

The safest thing to do would be to fresh install windows. Do not back up any exe files.