please analyze these logs

[cybersspot.com]

my hp tx1000 keeps over heating. I keep getting malwarebytes notices that it has successfully blocked access to a potentially malicious website: 89:28:44:84 <-- that number changes most every time.

Now I have my combofix log and my hijack this log, but I can't get completely through a mbam scan without overheating.

What can you tell me from what I have? Svchost taking half my resources.



Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 3:47:48 PM, on 2/20/2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16722)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe
C:\Users\David\Downloads\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe"
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: CrypKey License - Unknown owner - C:\Windows\system32\crypserv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\SysWOW64\ZoneLabs\vsmon.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 5230 bytes



















ComboFix 11-02-15.04 - David 02/20/2011 15:22:30.2.2 - x64
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.4031.3213 [GMT -5:00]
Running from: c:\users\David\Downloads\ComboFix.exe
FW: ZoneAlarm Firewall *Enabled* {D17DF357-CFF5-F001-D1C1-FCD21DFE3D5E}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\programdata\Desktop
c:\users\David\AppData\Roaming\Local
c:\users\David\AppData\Roaming\Local\Temp\DDM\Settings\(2).ddr
c:\users\David\AppData\Roaming\Local\Temp\DDM\Settings\(3).ddr
c:\users\David\AppData\Roaming\Local\Temp\DDM\Settings\.ddr
c:\users\David\AppData\Roaming\Local\Temp\DDM\Settings\[From www.metacafe.com] 4756611.14494631.4.mp4.ddr
c:\users\David\AppData\Roaming\Local\Temp\DDM\Settings\0.ddi
c:\users\David\AppData\Roaming\Local\Temp\DDM\Settings\146083395402617_38097.mp4.ddr
c:\users\David\AppData\Roaming\Local\Temp\DDM\Settings\Inception_Trailer_NEW.divx.ddr
c:\users\David\AppData\Roaming\Local\Temp\DDM\Settings\settings.ddi
c:\users\David\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\(2)
c:\users\David\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\(3)
c:\users\David\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\(4)
c:\users\David\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\[From www.metacafe.com] 4756611.14494631.4.mp4
c:\users\David\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\146083395402617_38097.mp4
c:\users\David\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\Inception_Trailer_NEW.divx
c:\users\David\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\x6gjfy.mp4
c:\users\David\AppData\Roaming\Local\Temp\DDM\Settings\x6gjfy.mp4.ddr
c:\windows\XSxS

.
((((((((((((((((((((((((( Files Created from 2011-01-20 to 2011-02-20 )))))))))))))))))))))))))))))))
.

2011-02-20 20:38 . 2011-02-20 20:38 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-02-19 17:57 . 2011-02-19 17:57 -------- d-----w- c:\programdata\UAB
2011-02-19 16:13 . 2011-02-19 16:13 -------- d-----w- c:\programdata\Driver Whiz
2011-02-19 16:11 . 2011-02-19 16:11 -------- d-----w- c:\program files (x86)\Driver Whiz
2011-02-19 15:57 . 2004-01-14 16:25 81920 ----a-w- c:\windows\SysWow64\ZDPN50.DLL
2011-02-19 15:57 . 2003-03-14 17:24 24576 ----a-w- c:\windows\SysWow64\ZyDelReg.exe
2011-02-19 15:57 . 2005-07-12 19:44 15872 ----a-w- c:\windows\SysWow64\InsDrvZD64.DLL
2011-02-19 15:57 . 2004-03-23 21:38 28672 ----a-w- c:\windows\SysWow64\InsDrvZD.dll
2011-02-18 14:52 . 2010-04-09 11:06 374664 ----a-w- c:\windows\system32\drivers\netio.sys
2011-02-18 14:51 . 2010-11-16 22:45 69120 ----a-w- c:\windows\SysWow64\zlcomm.dll
2011-02-18 14:51 . 2010-11-16 22:45 104448 ----a-w- c:\windows\SysWow64\zlcommdb.dll
2011-02-18 14:50 . 2010-11-16 22:45 1238528 ----a-w- c:\windows\SysWow64\zpeng25.dll
2011-02-18 14:50 . 2011-02-18 14:52 -------- d-----w- c:\windows\SysWow64\ZoneLabs
2011-02-18 14:50 . 2010-05-15 21:30 458840 ----a-w- c:\windows\system32\drivers\~GLH0023.TMP
2011-02-18 14:50 . 2010-05-15 21:30 458840 ------w- c:\windows\system32\drivers\vsdatant.sys
2011-02-18 14:50 . 2011-02-18 14:50 -------- d-----w- c:\program files (x86)\Zone Labs
2011-02-18 14:49 . 2011-02-18 14:49 -------- d-----w- c:\programdata\CheckPoint
2011-02-18 14:49 . 2011-02-20 20:41 -------- d-----w- c:\windows\Internet Logs
2011-02-17 23:10 . 2011-02-17 23:10 -------- d-----w- c:\program files (x86)\LSoft Technologies
2011-02-17 23:10 . 2011-02-19 19:34 -------- d--h--w- c:\program files (x86)\InstallShield Installation Information
2011-02-15 14:36 . 2011-02-15 14:36 -------- d-----w- c:\windows\system32\appmgmt
2011-02-14 21:25 . 2009-11-12 09:44 1534976 ----a-w- c:\windows\windows 7 ultimate black.msstyles
2011-02-14 21:25 . 2009-07-13 22:03 350720 ----a-w- c:\windows\shellstyle.dll
2011-02-14 21:25 . 2009-07-13 20:39 1187984 ----a-w- c:\windows\backup.msstyles
2011-02-14 15:49 . 2011-02-14 15:49 -------- d-----w- c:\program files (x86)\CCleaner
2011-02-13 00:53 . 2011-02-13 00:53 -------- d-----w- C:\_JCVideo Library
2011-02-13 00:53 . 2005-10-20 01:29 102400 ----a-w- c:\windows\SysWow64\tsccvid.dll
2011-02-13 00:53 . 2011-02-13 00:53 -------- d-----w- c:\programdata\JC Video
2011-02-13 00:52 . 2011-02-13 00:52 -------- d-----w- C:\JC Video
2011-02-12 23:24 . 2010-03-18 23:11 30272 ----a-w- c:\windows\system32\Ckldrv.sys
2011-02-12 23:24 . 2010-03-18 20:25 126976 ----a-w- c:\windows\system32\Crypserv.exe
2011-02-12 23:24 . 2010-01-20 16:28 11776 ----a-w- c:\windows\Ckrfresh.exe
2011-02-12 23:24 . 2010-01-20 16:28 165888 ----a-r- c:\windows\Ckconfig.exe
2011-02-11 23:36 . 2010-04-29 20:39 38224 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-02-11 23:36 . 2011-02-11 23:36 -------- d-----w- c:\programdata\Malwarebytes
2011-02-11 23:36 . 2010-04-29 20:39 24664 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-02-11 23:36 . 2011-02-11 23:38 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-02-10 13:53 . 2009-07-01 05:00 176128 ----a-w- c:\windows\system32\dlxzizil.dll
2011-02-10 13:53 . 2006-09-05 18:12 77312 ----a-w- c:\windows\system32\dlzcinst.dll
2011-02-10 13:50 . 2011-02-10 13:50 -------- d-----w- C:\dell
2011-02-09 06:33 . 2011-01-05 06:20 612352 ----a-w- c:\windows\system32\vbscript.dll
2011-02-09 06:33 . 2011-01-05 05:37 428032 ----a-w- c:\windows\SysWow64\vbscript.dll
2011-02-09 06:33 . 2010-10-27 05:18 5510528 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-02-09 06:33 . 2010-10-27 05:16 1739176 ----a-w- c:\windows\system32\ntdll.dll
2011-02-09 06:33 . 2010-10-27 04:43 3901824 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2011-02-09 06:33 . 2010-10-27 04:43 3957120 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2011-02-09 06:33 . 2010-10-27 04:40 1293120 ----a-w- c:\windows\SysWow64\ntdll.dll
2011-02-09 06:33 . 2011-01-07 08:06 46080 ----a-w- c:\windows\system32\atmlib.dll
2011-02-09 06:33 . 2011-01-07 07:27 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2011-02-09 06:33 . 2011-01-07 05:49 366080 ----a-w- c:\windows\system32\atmfd.dll
2011-02-09 06:33 . 2011-01-07 05:33 294400 ----a-w- c:\windows\SysWow64\atmfd.dll
2011-02-08 16:18 . 2011-02-08 16:18 -------- d-----w- c:\program files (x86)\Xenocode
2011-02-08 16:14 . 2011-02-08 16:14 -------- d-----w- c:\programdata\Deskshare
2011-02-06 15:24 . 2011-02-06 15:24 -------- d-----w- c:\program files (x86)\PlayItAll
2011-02-06 08:00 . 2011-02-06 08:00 -------- d-----w- c:\program files (x86)\MSXML 4.0
2011-02-06 00:57 . 2011-02-06 00:57 -------- d-----w- c:\program files (x86)\VideoLAN
2011-02-04 22:55 . 2009-07-17 04:12 82432 ----a-w- c:\windows\SysWow64\msxml4r.dll
2011-02-04 22:55 . 2009-07-17 04:12 44544 ----a-w- c:\windows\SysWow64\msxml4a.dll
2011-02-04 22:55 . 2011-02-04 23:07 -------- d-----w- c:\program files (x86)\File Recover
2011-02-04 22:53 . 2011-02-04 22:53 -------- d-----w- c:\program files (x86)\Filerecoveryangel
2011-02-04 22:46 . 2011-02-04 22:46 -------- d-----w- c:\program files (x86)\Runtime Software
2011-02-04 17:03 . 2011-02-04 17:03 -------- d-----w- c:\program files (x86)\Common Files\PX Storage Engine
2011-02-04 17:03 . 2011-02-04 17:03 -------- d-----w- c:\program files\DivX
2011-02-04 17:03 . 2011-02-04 17:03 -------- d-----w- c:\program files (x86)\Common Files\DivX Shared
2011-02-04 17:02 . 2011-02-04 17:04 -------- d-----w- c:\program files (x86)\DivX
2011-02-04 17:02 . 2011-02-04 17:41 -------- d-----w- c:\programdata\DivX
2011-02-03 22:38 . 2011-02-03 22:38 -------- d-----w- c:\program files (x86)\Common Files\L&H
2011-02-03 22:38 . 2011-02-03 22:38 -------- d-----w- c:\program files (x86)\Microsoft ActiveSync
2011-02-03 22:37 . 2011-02-03 22:37 -------- d-----w- c:\program files (x86)\Microsoft Works
2011-02-03 22:37 . 2011-02-03 22:37 -------- d-----w- c:\windows\PCHEALTH
2011-02-02 00:55 . 2011-01-20 15:39 7844688 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{BC95055E-BB6E-441B-AB0E-114585E756A7}\mpengine.dll
2011-02-01 17:00 . 2011-02-01 17:01 -------- d-----w- c:\programdata\NVIDIA
2011-02-01 16:57 . 2011-02-01 16:57 -------- d-----w- c:\windows\SysWow64\Wat
2011-02-01 16:57 . 2011-02-01 16:57 -------- d-----w- c:\windows\system32\Wat
2011-02-01 16:53 . 2011-02-01 16:53 -------- d-----w- c:\program files (x86)\Google
2011-02-01 15:23 . 2011-02-01 15:24 -------- d-----w- c:\programdata\WinZip
2011-02-01 15:22 . 2011-02-20 20:07 -------- d-sh--w- c:\windows\Installer
2011-02-01 15:18 . 2009-03-06 16:52 410656 ----a-w- c:\windows\system32\nvcpl.cpl
2011-02-01 15:18 . 2009-03-06 16:52 2113568 ----a-w- c:\windows\system32\nvcplui.exe
2011-02-01 15:18 . 2009-03-06 16:52 1097248 ----a-w- c:\windows\system32\nvcpluir.dll
2011-02-01 15:18 . 2009-03-06 16:52 502304 ----a-w- c:\windows\system32\nvuninst.exe
2011-02-01 15:14 . 2009-09-10 06:28 311808 ----a-w- c:\windows\system32\msv1_0.dll
2011-02-01 15:14 . 2009-09-10 05:52 257024 ----a-w- c:\windows\SysWow64\msv1_0.dll
2011-02-01 15:05 . 2009-11-25 17:47 99176 ----a-w- c:\windows\SysWow64\PresentationHostProxy.dll
2011-02-01 15:05 . 2009-11-25 17:47 49472 ----a-w- c:\windows\SysWow64\netfxperf.dll
2011-02-01 15:05 . 2009-11-25 17:47 48960 ----a-w- c:\windows\system32\netfxperf.dll
2011-02-01 15:05 . 2009-11-25 17:47 297808 ----a-w- c:\windows\SysWow64\mscoree.dll
2011-02-01 15:05 . 2009-11-25 17:47 295264 ----a-w- c:\windows\SysWow64\PresentationHost.exe
2011-02-01 15:05 . 2009-11-25 17:47 1130824 ----a-w- c:\windows\SysWow64\dfshim.dll
2011-02-01 15:05 . 2009-11-25 17:47 109912 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2011-02-01 15:05 . 2009-11-25 17:47 444752 ----a-w- c:\windows\system32\mscoree.dll
2011-02-01 15:05 . 2009-11-25 17:47 320352 ----a-w- c:\windows\system32\PresentationHost.exe
2011-02-01 15:05 . 2009-11-25 17:47 1942856 ----a-w- c:\windows\system32\dfshim.dll
2011-02-01 15:00 . 2011-02-01 15:00 -------- d-----w- C:\extensions
2011-02-01 15:00 . 2011-02-01 15:00 -------- d-----w- c:\program files (x86)\BitTorrent
2011-02-01 14:56 . 2010-03-04 04:40 184832 ----a-w- c:\windows\system32\drivers\usbvideo.sys
2011-02-01 14:56 . 2010-03-04 04:32 243712 ----a-w- c:\windows\system32\drivers\ks.sys
2011-02-01 13:26 . 2010-07-13 05:37 27008 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2011-02-01 13:26 . 2010-10-16 05:17 720896 ----a-w- c:\windows\system32\odbc32.dll
2011-02-01 13:26 . 2010-10-16 05:16 495616 ----a-w- c:\program files\Common Files\System\ado\msadox.dll
2011-02-01 13:26 . 2010-10-16 05:16 466944 ----a-w- c:\program files\Common Files\System\ado\msadomd.dll
2011-02-01 13:26 . 2010-10-16 05:16 1425408 ----a-w- c:\program files\Common Files\System\ado\msado15.dll
2011-02-01 13:26 . 2010-10-16 05:16 258048 ----a-w- c:\program files\Common Files\System\msadc\msadco.dll
2011-02-01 13:26 . 2010-10-16 04:34 573440 ----a-w- c:\windows\SysWow64\odbc32.dll
2011-02-01 13:26 . 2010-10-16 04:33 372736 ----a-w- c:\program files (x86)\Common Files\System\ado\msadox.dll
2011-02-01 13:26 . 2010-10-16 04:33 987136 ----a-w- c:\program files (x86)\Common Files\System\ado\msado15.dll
2011-02-01 13:24 . 2010-08-21 06:29 558592 ----a-w- c:\windows\system32\spoolsv.exe
2011-02-01 03:50 . 2011-02-01 00:59 -------- d-----w- c:\windows\Panther
2011-02-01 02:27 . 2010-10-19 15:41 270720 ------w- c:\windows\system32\MpSigStub.exe
2011-02-01 02:05 . 2010-01-09 07:19 139264 ----a-w- c:\windows\system32\cabview.dll
2011-02-01 02:05 . 2010-01-09 06:52 132608 ----a-w- c:\windows\SysWow64\cabview.dll
2011-02-01 02:05 . 2009-12-29 08:03 220672 ----a-w- c:\windows\system32\wintrust.dll
2011-02-01 02:05 . 2009-12-29 06:55 172032 ----a-w- c:\windows\SysWow64\wintrust.dll
2011-02-01 00:59 . 2011-02-19 19:20 -------- d-----w- c:\users\David
2011-02-01 00:59 . 2011-02-01 00:59 -------- d-----w- C:\Recovery

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\SysWow64\basesrv.dll is missing
c:\windows\winsxs\amd64_microsoft-windows-basesrv_31bf3856ad364e35_6.1.7600.16385_none_68bfdc7cfd6bd477\basesrv.dll


((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2011-02-02 396152]

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2010-04-29 437584]
"ZoneAlarm Client"="c:\program files (x86)\Zone Labs\ZoneAlarm\zlclient.exe" [2010-11-16 1043968]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-02-01 1255736]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2010-04-29 304464]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2010-04-29 24664]

.
Contents of the 'Scheduled Tasks' folder

2011-02-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2162282268-3122236727-120223778-1000Core.job
- c:\users\David\AppData\Local\Google\Update\GoogleUpdate.exe [2011-02-01 02:22]

2011-02-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2162282268-3122236727-120223778-1000UA.job
- c:\users\David\AppData\Local\Google\Update\GoogleUpdate.exe [2011-02-01 02:22]
.

--------- x86-64 -----------


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
.
- - - - ORPHANS REMOVED - - - -

URLSearchHooks-{A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)
URLSearchHooks-{88c7f2aa-f93f-432c-8f0e-b7d85967a527} - (no file)
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{88C7F2AA-F93F-432C-8F0E-B7D85967A527} - (no file)
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)


.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
c:\windows\system32\crypserv.exe
c:\program files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
.
**************************************************************************
.
Completion time: 2011-02-20 15:45:20 - machine was rebooted
ComboFix-quarantined-files.txt 2011-02-20 20:45

Pre-Run: 211,584,831,488 bytes free
Post-Run: 211,117,629,440 bytes free

- - End Of File - - 0DF51295F0E6AB4A8A736188E0CFCDF3




Thanks in advance

Dave

 

[cybersspot.com]

k, I got mbam going by disabling that svc host in task manager and I'm doing the scan off the battery, low performance mode. I should have an mbam log in a couple of hours.

 

[KSoD]

Sorry to inform you, but i have never heard of any infection causing over heating issues. You dont have a single thing in your HiJack This log. You need to clean out your temp files. But really i dont see anything that is harmful. You need to find out why the system is over heating that is not infection related.

MBAM shouldnt take that long to run. I did a full scan in just under 15 minutes just yesterday.

 

[cybersspot.com]

I have never had mbam finish a full scan in less than a 1/2 hour.

I know this laptop runs hot, 150+ degrees blowing out the rear, it's always been hot.
I also know if I can keep the resources down, it doesn't overheat. I just don't want to take it apart to put a shim in.

the svchost is what I want to get rid of. it wasn't taking up my resources 2 weeks ago. I'll have that mbam log up as soon as it finishes.

btw, how do I set up the system restore to keep restore points longer than 7 days?

 

[KSoD]

SVCHost is a legit Windows Process. So getting rid of it can damage your machine.

What is svchost.exe And Why Is It Running? - How-To Geek

So i would seriously consider what you want to do before you ask how to do it. For the System Restore, do to where it is and set it up. Or you can use a program.

Customize Windows Vista System Restore Options.

 

[cybersspot.com]

This is the third time I've responded to this post without anything posting.

I'm not arguing that svchost isn't legit. But when that legit program encounters malware 'software programs designed to damage or do other unwanted actions on a computer system' detected or not, it is no longer legit software. Legit software should not take up any and all available resources when I'm trying to use them yourself.

I can stop the process and everything is hunkey dorey. Leave it running and it's slow as molasses.

what I'm thinking is to try and do is another scan with mbam with that svchost running, just reducing my processor so it finishes completely without overheating and see what comes up there. last time i stopped that svchost to finish the scan without overheating.

I'll let you know from there.

 

[cybersspot.com]

Well, I ran it all the way through and nothing came up again, 0's all the way down the list. My svchost went down to normal now too. What is up with that?