Hi,
My computer is running xp sp2. With kapersky LABS virus protection.
Whenever I start up the machine is goes straight to 100% cpu usage even when no programs are running. The internet connection is also very intermittent and has only been this way since it GOT infected.
I have run normal virus scans with no help.
The file: Toolbar; .NET CLR 3.0.04506.30) also keeps appearing in my documents after restart, even after they have been deleted.
Posted below is the superantispyware log, then malware bytes log then HJT log is attached. If you can spot the virus/malware then please help. Thanks heap in advance...

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 05/04/2009 at 05:00 AM

Application Version : 4.26.1002

Core Rules Database Version : 3875
Trace Rules Database Version: 1823

Scan type : Complete Scan
Total Scan Time : 06:36:13

Memory items scanned : 515
Memory threats detected : 0
REGISTRY items scanned : 4905
Registry threats detected : 0
File items scanned : 17990
File threats detected : 0


Malwarebytes' Anti-Malware 1.36
Database version: 2069
Windows 5.1.2600 Service Pack 3

5/4/2009 7:02:40 AM
mbam-log-2009-05-04 (07-02-40).txt

Scan type: Full Scan (C:\|)
Objects scanned: 102811
Time elapsed: 53 minute(s), 49 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

The HJT txt file is attached


[attachment deleted by admin]Do you know what the .NET CLR is?

If not then why are you deleting it? http://en.wikipedia.org/wiki/.NET_Framework

O4 - HKLM\..\Run: [StopHid] StopHid.exe <- Do you know what this is?Evilfantasy,
Thanks for the reply. Point taken on .net files

No I dont really know what stophid.exe is. But I do know that it is a non esential file that can be infected...

So what to do next?

P.S. there is another application in the same folder called setform.exe about 500kb in size, I have no idea what it is and it dosent seem to have a ligitimate purpose there.

Thanks,
Scan with Panda ActiveScan 2.0

This scanner requires Internet Explorer

• Once you are on the Panda site click the Scan your PC now button
  
• A new window will open...click the Check Now button
  
• Enter your Country
  
• Enter your State/Province
  
• Enter your e-mail address and click send
  
• Select either Home User or Company
  
• Select the appropriate Yes or No to receiving marketing information
• Click the Free Online Scan button
  
• If it wants to install an ActiveX component allow it
• It will start downloading the files it requires for the scan (Note: It may take a couple of minutes)
  
• When download is complete, click on My Computer to start the scan
  
• When the scan completes, if ANYTHING malicious is detected, click the See Report button, then Save Report and save it to a convenient location.