Inactive Random high CPU usage and lag spikes in Vista x32

[Rifero]

Hello all,

I have a problem with my laptop. Since a few days, I have random high CPU usage during online gaming, and lag spikes.
I had this issue before, but somehow I have the same problem again. I can't seem to fix it, I've tried lots of tools and guides on the web, but nothing helped.

System specs:

Windows: Windows VISTA, Version 6.0.6002, Service Pack 2, 32 Bit.
Internet Explorer: 7.0.6002.18005
Memory (RAM): 3002 MB
CPU Info: Celeron(R) Dual-Core CPU T3000 @ 1.80GHz
CPU Speed: 370,0 MHz
Sound Card: Luidsprekers (High Definition A
Display Adapters: Mobile Intel(R) 4 Series Express Chipset Family | Mobile Intel(R) 4 Series Express Chipset Family | RDPDD Chained DD | RDP Encoder Mirror Driver
Monitors: 1x; Algemeen PnP-beeldscherm |
Screen Resolution: 1600 X 900 - 32 bit
Network: Network Present
Network Adapters: Atheros AR5B91 Wireless Network Adapter | Broadcom NetLink (TM) Gigabit Ethernet
CD / DVD Drives: D: HL-DT-STDVDRAM GT20N
Ports: NOT Present NOT Present
Mouse: 5 Button Wheel Mouse Present
Hard Disks: C: 95,9GB | X: 40,1GB
Hard Disks - Free: C: 9,0GB | X: 11,1GB
USB Controllers: 8 host controllers.
Firewire (1394): Not Detected
Manufacturer: Packard Bell
Product Make: EasyNote LJ65
AC Power Status: OnLine
BIOS Info: AT/AT COMPATIBLE | 06/25/09 | ACRSYS - 1
Time Zone: West-Europa (standaardtijd)
Battery: High
Motherboard: Packard Bell EasyNote LJ65
IP Address: 192.168.1.101 |
MAC Address: 00-22-5F-DB-E0-43
Host Name: HOME

I will download and run Combofix now, and post the log when its finished.

EDIT: Combofix.txt


Awaiting for your support patiently, thanks in advance.

 

[Bobbye]

Welcome to TechSpot! I'll go over this with you. But I wish you had been more patient as our sticky says clearly not to run Combofix unless your helper instructs you to and then with guidance. I am also not familiar with the site you posted the log on so I will not check that log. Logs are pasted into replies on this site

I am at a loss as to what tools and guides told you to run Combofix first, then put it on some unknown site.

Let's try to turn this around:
If you would like us to check the system for malware, please follow the steps in the Preliminary Virus and Malware Removal thread HERE.

When you have finished, Paste the logs for review in your next reply . You can use more than one post if needed.

Important!
Please do not use any other cleaning programs or scans while I'm helping you, unless I direct you to. Do not use a Registry cleaner or make any changes in the Registry.

 

[Rifero]

Hi Bobbye,

Thanx for your reply. I will now post the logs here.

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Databaseversie: 4742

Windows 6.0.6002 Service Pack 2
Internet Explorer 7.0.6002.18005

5-10-2010 4:37:45
mbam-log-2010-10-05 (04-37-45).txt

Scantype: Volledige scan (C:\|D:\|F:\|X:\|)
Objecten gescand: 246546
Verstreken tijd: 1 uur/uren, 27 minuut/minuten, 47 seconde(n)

Geheugenprocessen geïnfecteerd: 0
Geheugenmodulen geïnfecteerd: 0
Registersleutels geïnfecteerd: 2
Registerwaarden geïnfecteerd: 0
Registerdata geïnfecteerd: 0
Mappen geïnfecteerd: 0
Bestanden geïnfecteerd: 0

Geheugenprocessen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Geheugenmodulen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Registersleutels geïnfecteerd:
HKEY_CURRENT_USER\Software\QNB2EB90WX (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\RZDVL2F27W (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Registerwaarden geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Registerdata geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Mappen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Bestanden geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)


GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-10-05 15:35:51
Windows 6.0.6002 Service Pack 2
Running: 86xwqowx.exe; Driver: C:\Users\Rick\AppData\Local\Temp\fxldipow.sys

Edit: Deleting excessive GMER log entries. Member advised.

All other posts with just GMER log are being deleted. Member advised.

 

[Rifero]

---- Kernel code sections - GMER 1.0.15 ----

.text ntkrnlpa.exe!RtlPrefetchMemoryNonTemporal 81E86258 1 Byte [90]
.text ntkrnlpa.exe!ZwQueryLicenseValue + D15 81E89DB9 1 Byte [06]
.text ntkrnlpa.exe!KiDispatchInterrupt + 4FA 81EE77AA 18 Bytes [E0, 25, 7F, FF, FF, FF, 0F, ...]
.text ntkrnlpa.exe!KiDispatchInterrupt + 512 81EE77C2 1 Byte [00]

---- User code sections - GMER 1.0.15 ----

UPX1 C:\Users\Rick\Desktop\86xwqowx.exe[1348] C:\Users\Rick\Desktop\86xwqowx.exe entry point in "UPX1" section [0x004B3F40]

---- User IAT/EAT - GMER 1.0.15 ----

 

[Rifero]

For some reasons I can't find the DDS logs anymore, I will redo that scan and post the logs a.s.a.p.



Edit: End excessive GMER log deletes.

 

[Bobbye]

Did you miss this in GMER?

Warning ! Please, do not select the "Show all" checkbox during the scan.
Post the log.

 

[Rifero]

Yes, I did not see that, I'm sorry. I didn't read the GMER FAQ because I had no questions about the tool.
Do you want me to delete that log and repost one with "Show all" unchecked?

 

[Rifero]

DDS.txt

DDS (Ver_10-03-17.01) - NTFSx86
Run by Rick at 9:19:17,04 on wo 06-10-2010
Internet Explorer: 7.0.6002.18005 BrowserJavaVersion: 1.6.0_16
Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.31.1043.18.3001.2155 [GMT 2:00]

SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
X:\SECURITY\Avast5\AvastSvc.exe
C:\Windows\System32\spoolsv.exe
X:\SECURITY\Avira\AntiVir Desktop\sched.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
X:\ROOT\HTTP\bin\httpd.exe
C:\Program Files\Packard Bell\Packard Bell PowerSave Solution\ePowerSvc.exe
X:\ROOT\FTP\FileZilla Server.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k WerSvcGroup
X:\ROOT\HTTP\bin\httpd.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
X:\SECURITY\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Packard Bell\Packard Bell PowerSave Solution\ePowerTray.exe
X:\SECURITY\Avast5\AvastUI.exe
C:\Program Files\Mz Ultimate Tools\Mz CPU Accelerator\MzCPUAccelerator.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Packard Bell\Packard Bell PowerSave Solution\ePowerEvent.exe
C:\Windows\system32\igfxext.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Users\Rick\Desktop\dds.scr
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com/
mStart Page = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0413&s=2&o=vb32&d=1009&m=easynote_lj65
uURLSearchHooks: H - No File
TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
uRun: [MzCPUAccelerator] c:\program files\mz ultimate tools\mz cpu accelerator\MzCPUAccelerator.exe
mRun: [Acer ePower Management] c:\program files\packard bell\packard bell powersave solution\ePowerTrayLauncher.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [IObit Security 360] "c:\program files\iobit\iobit security 360\IS360tray.exe" /autostart
mRun: [avgnt] "x:\security\avira\antivir desktop\avgnt.exe" /min
mRun: [avast5] x:\security\avast5\avastUI.exe /nogui
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
DPF: {99FE5072-78AA-4FEE-89BA-69A5FA55343F} - hxxp://download.microsoft.com/download/B/3/A/B3A2EA73-793D-4ABE-992D-C81140384044/igdtoolx.cab
Notify: igfxcui - igfxdev.dll

================= FIREFOX ===================

FF - ProfilePath - c:\users\rick\appdata\roaming\mozilla\firefox\profiles\e3qel8za.default\
FF - prefs.js: keyword.URL - hxxp://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg&type=yahoo_avg_hs2-tb-web_us&p=
FF - plugin: c:\program files\mozilla firefox\plugins\NPMFireLauncher.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}

============= SERVICES / DRIVERS ===============

R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2010-9-13 25680]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2010-10-5 165584]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;x:\security\avira\antivir desktop\sched.exe [2010-10-5 135336]
R2 Apache2.2;Apache2.2;x:\root\http\bin\httpd.exe [2010-7-30 24645]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2010-10-5 17744]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-10-5 50768]
R2 avast! Antivirus;avast! Antivirus;x:\security\avast5\AvastSvc.exe [2010-10-5 40384]
R2 ePowerSvc;Acer ePower Service;c:\program files\packard bell\packard bell powersave solution\ePowerSvc.exe [2009-4-3 703008]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2010-3-15 127488]
R3 k57nd60x;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\k57nd60x.sys [2009-4-3 223232]
S2 Axigen;Axigen Mail Server;c:\program files\axigen mail server\axigen.exe --> c:\program files\axigen mail server\axigen.exe [?]
S2 IS360service;IS360service;c:\program files\iobit\iobit security 360\is360srv.exe [2010-10-4 312152]
S3 avast! Mail Scanner;avast! Mail Scanner;x:\security\avast5\AvastSvc.exe [2010-10-5 40384]
S3 avast! Web Scanner;avast! Web Scanner;x:\security\avast5\AvastSvc.exe [2010-10-5 40384]
S3 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-21 21504]
S4 AntiVirService;Avira AntiVir Guard;x:\security\avira\antivir desktop\avguard.exe [2010-10-5 267432]
S4 DTNetService;DTNetService;c:\program files\daemon tools net\dtnetsrv.exe --> c:\program files\daemon tools net\DTNetSrv.exe [?]
S4 HsfXAudioService;HsfXAudioService;c:\windows\system32\svchost.exe -k HsfXAudioService [2008-1-21 21504]

=============== Created Last 30 ================

2010-10-05 21:50:41 0 d-----w- c:\users\rick\Tracing
2010-10-05 18:21:28 0 d-----w- c:\program files\Mz Ultimate Tools
2010-10-05 01:08:01 0 d-----w- c:\program files\VideoLAN
2010-10-05 00:51:19 0 d-----w- c:\users\rick\appdata\roaming\Malwarebytes
2010-10-05 00:51:08 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-10-05 00:51:07 0 d-----w- c:\programdata\Malwarebytes
2010-10-05 00:51:06 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-10-04 23:45:07 38848 ----a-w- c:\windows\avastSS.scr
2010-10-04 23:37:29 50768 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2010-10-04 23:37:05 0 d-----w- c:\programdata\Alwil Software
2010-10-04 22:45:23 0 d-----w- c:\users\rick\appdata\roaming\Avira
2010-10-04 22:41:36 60936 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2010-10-04 22:41:35 0 d-----w- c:\programdata\Avira
2010-10-04 19:01:26 0 d-sh--w- C:\$RECYCLE.BIN
2010-10-04 16:12:06 98816 ----a-w- c:\windows\sed.exe
2010-10-04 16:12:06 77312 ----a-w- c:\windows\MBR.exe
2010-10-04 16:12:06 256512 ----a-w- c:\windows\PEV.exe
2010-10-04 16:12:06 161792 ----a-w- c:\windows\SWREG.exe
2010-10-04 07:49:42 0 d-----w- c:\users\rick\appdata\roaming\AVG10
2010-10-04 07:48:55 0 d--h--w- c:\programdata\Common Files
2010-10-04 07:43:37 0 d-----w- c:\programdata\IObit
2010-10-04 07:38:06 0 d-----w- c:\programdata\MFAData
2010-09-29 21:25:39 0 d-----w- c:\program files\URUSoft
2010-09-26 00:55:00 81920 ----a-w- c:\windows\system32\iccvid.dll
2010-09-26 00:53:57 317952 ----a-w- c:\windows\system32\MP4SDECD.DLL
2010-09-26 00:53:55 274944 ----a-w- c:\windows\system32\schannel.dll
2010-09-26 00:53:52 905088 ----a-w- c:\windows\system32\drivers\tcpip.sys
2010-09-26 00:47:52 739328 ----a-w- c:\windows\system32\inetcomm.dll
2010-09-20 18:51:34 0 d-----w- c:\program files\SnapShot
2010-09-20 02:04:13 0 d-----w- c:\users\rick\appdata\roaming\DAEMON Tools Net
2010-09-13 14:27:40 25680 ----a-w- c:\windows\system32\drivers\AVGIDSEH.sys
2010-09-11 15:59:23 847 ----a-w- c:\users\rick\.recently-used.xbel

==================== Find3M ====================

2010-10-06 07:14:58 695042 ----a-w- c:\windows\system32\perfh013.dat
2010-10-06 07:14:58 143476 ----a-w- c:\windows\system32\perfc013.dat
2010-10-04 07:47:06 51200 ----a-w- c:\windows\inf\infpub.dat
2010-10-04 07:47:06 143360 ----a-w- c:\windows\inf\infstrng.dat
2010-10-04 07:47:04 86016 ----a-w- c:\windows\inf\infstor.dat
2010-10-04 07:28:45 16968 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys
2010-09-20 02:05:21 445936 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-08-17 14:11:37 128000 ----a-w- c:\windows\system32\spoolsv.exe
2009-11-15 02:30:01 665600 ----a-w- c:\windows\inf\drvindex.dat
2008-01-21 05:43:08 41976 ----a-w- c:\windows\inf\perflib\0413\perfd.dat
2008-01-21 05:43:08 41976 ----a-w- c:\windows\inf\perflib\0413\perfc.dat
2008-01-21 05:43:08 336440 ----a-w- c:\windows\inf\perflib\0413\perfi.dat
2008-01-21 05:43:08 336440 ----a-w- c:\windows\inf\perflib\0413\perfh.dat
2008-01-21 02:57:01 174 --sha-w- c:\program files\desktop.ini
2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfc.dat
2010-06-29 22:37:12 16384 --sha-w- c:\windows\serviceprofiles\localservice\appdata\local\microsoft\windows\history\history.ie5\index.dat
2010-06-29 22:37:12 32768 --sha-w- c:\windows\serviceprofiles\localservice\appdata\local\microsoft\windows\temporary internet files\content.ie5\index.dat
2010-06-29 22:37:12 16384 --sha-w- c:\windows\serviceprofiles\localservice\appdata\roaming\microsoft\windows\cookies\index.dat
2010-01-15 20:00:22 16384 --sha-w- c:\windows\serviceprofiles\networkservice\appdata\local\microsoft\windows\history\history.ie5\index.dat
2010-01-15 20:00:22 32768 --sha-w- c:\windows\serviceprofiles\networkservice\appdata\local\microsoft\windows\temporary internet files\content.ie5\index.dat
2010-01-15 20:00:22 16384 --sha-w- c:\windows\serviceprofiles\networkservice\appdata\roaming\microsoft\windows\cookies\index.dat

============= FINISH: 9:19:34,53 ===============


Attach.txt

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-03-17.01)

Microsoft® Windows Vista™ Home Basic
Boot Device: \Device\HarddiskVolume2
Install Date: 12-10-2009 20:32:15
System Uptime: 10-6-2010 9:09:45 (2832 hours ago)

Motherboard: Packard Bell | | EasyNote LJ65
Processor: Celeron(R) Dual-Core CPU T3000 @ 1.80GHz | uPGA-478 | 1795/200mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 96 GiB total, 34,605 GiB free.
D: is CDROM ()
F: is Removable
X: is FIXED (NTFS) - 40 GiB total, 39,577 GiB free.

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP549: 5-10-2010 1:36:52 - avast! Free Antivirus Setup
RP550: 5-10-2010 5:40:07 - Removed MySQL Server 5.1
RP551: 5-10-2010 5:41:51 - Removed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
RP552: 5-10-2010 5:45:36 - Removed QuickTime
RP553: 5-10-2010 6:03:34 - Microsoft Visual C++ 2005 Redistributable is verwijderd

==== Installed Programs ======================

1st SMTP Server
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Advanced SystemCare 3
All Media Fixer 9.11
Apache HTTP Server 2.2.16
Apple Application Support
Apple Software Update
Ares 2.1.1
avast! Free Antivirus
Avira AntiVir Personal - Free Antivirus
Axialis IconWorkshop 6.52
Backup Manager Basic
BitLord 1.1
Cheat Engine 5.6.1
Dream AMR Converter 3.0.3.2
ffdshow [rev 1324] [2007-07-01]
FileZilla Server (remove only)
Free SMTP Server
Free YouTube to MP3 Converter version 3.8
Game Booster
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Identity Card
InfoCentre
Intel(R) Graphics Media Accelerator Driver
Intel(R) TV Wizard
IObit Security 360
Java(TM) 6 Update 16
Junk Mail filter update
LAME v3.98.2 for Audacity
Launch Manager
Malwarebytes' Anti-Malware
Microsoft .NET Framework 3.5 Language Pack SP1 - nld
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Silverlight
Microsoft SQL Server 2008 Common Files
Microsoft SQL Server 2008 Database Engine Services
Microsoft SQL Server 2008 Database Engine Shared
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
mIRC
Mozilla Firefox (3.5.3)
MP3 Repair Tool v1.5.2
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Mz CPU Accelerator
neroxml
NVIDIA PhysX
OGA Notifier 2.0.0048.0
Packard Bell Customer Registration
Packard Bell MyBackup
Packard Bell PowerSave Solution
Packard Bell Recovery Management
PHP 5.2.14
Realtek USB 2.0 Card Reader
SetupMyPC
SnapShot 3.0.0
Sql Server Customer Experience Improvement Program
Subtitle Workshop 2.51
Synaptics Pointing Device Driver
System Requirements Lab
System Requirements Lab for Intel
Taalpakket voor Microsoft .NET Framework 3.5 SP1 - NL
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Updator
VC80CRTRedist - 8.0.50727.4053
Ventrilo Client
Ventrilo Server
Video Web Camera
Vista Codec Package
Windows Live - Hulpprogramma voor uploaden
Windows Live aanmeldhulp
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live OneCare safety scanner
Windows Live Photo Gallery
Windows Live Sync
Windows Live Writer
WinRAR

==== End Of File ===========================

 

[Bobbye]

With your permission, I'll go into the replies and delete the GMER contents. I don't think you can Edit once there has been a reply. It looks okay, but I don't need all the entries.

You are running multiple antivirus programs: avast! Free Antivirus, Avira AntiVir and IObit Security 360
That needs to ge down to only 1 AV because multiples make the system more vulnerable, not less.
I am removing entries for Iobit Security and Hitman Pro after you've run Combofix, because neither are good programs to have on the system. But you can go ahead with the uninstall and then decide if you want to keep Avast or Avira. Here are removal tools to help:
Avast Removal
To uninstall Avira:

• Start> Settings> Control Panel> Add or Remove Programs (Windows 2000/ XP) or Start - Control Panel - Uninstall a program (Windows Vista / 7)
• Wait for the list of installed programs to load, then click the name of the Avira program.
• Click Remove next to the program's name (Windows 2000 / XP) or in the menu above the list (Windows Vista / 7).
• Press Yes, to confirm the removal and then OK.
• . Click Next until Finish. The software is removed.

=====================================
Please reboot the computer after making the antivirus changes.
=======================================
Please download ComboFix from Here and save to your Desktop.

• 
  [1]. Do NOT rename Combofix unless instructed.
  [2].Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
  [3].Close any open browsers.
  [4]. Double click combofix.exe & follow the prompts to run.
• NOTE: Combofix will disconnect your machine from the Internet as soon as it starts. The connection is automatically restored before CF completes its run. If it does not, restart your computer to restore your connection.
  [5]. If Combofix asks you to install Recovery Console, please allow it.
  [6]. If Combofix asks you to update the program, always allow.
• Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
  [7]. A report will be generated after the scan. Please paste the C:\ComboFix.txt in next reply.

Note: Do not mouseclick combofix's window while it's running. That may cause it to stall.
Note: Make sure you re-enable your security programs, when you're done with Combofix..
===================================
Run Eset NOD32 Online AntiVirus scan HEREhttp://www.eset.eu/online-scanner

1. Tick the box next to YES, I accept the Terms of Use.
2. Click Start
3. When asked, allow the Active X control to install
4. Disable your current Antivirus software. You can usually do this with its Notification Tray icon near the clock.
5. Click Start
6. Make sure that the option "Remove found threats" is Unchecked, and the option "Scan unwanted applications" is checked
7. Click Scan
8. Wait for the scan to finish
9. Re-enable your Antivirus software.
10. A logfile is created and located at C:\Program Files\EsetOnlineScanner\log.txt. Please include this on your post.

Questions:
1. What is Drive x?
2. When you think there is excessive CPU usage, open the Task Manager and note the names of the processes with high usage. Let me know what they are. If you know what any are specifically for and you are using the program at the time, please tell me that so I can exclude it.

 

[Bobbye]

I've cleaned up the thread which should make it easier to follow. I'll keep it open for a couple of days in case you want to continue.