Spyware on laptop - need help

Status
Not open for further replies.
combo fix part 2

Code: 
R3 SFEP;Sony Firmware Extension Parser;c:\windows\System32\drivers\SFEP.sys [2/16/2008 2:13 PM 9344]
S2 NSUService;NSUService;c:\program files\Sony\Network Utility\NSUService.exe [2/26/2008 3:45 AM 204800]
S2 regi;regi;c:\windows\System32\drivers\regi.sys [4/17/2007 10:09 PM 11032]
S3 ti21sony;ti21sony;c:\windows\System32\drivers\ti21sony.sys [2/16/2008 2:11 PM 812544]
S3 VAIOMediaPlatform-UCLS-AppServer;VAIO Media Content Collection;c:\program files\Sony\VAIO Media Integrated Server\UCLS.exe [2/26/2008 4:16 AM 745472]
S3 VAIOMediaPlatform-UCLS-HTTP;VAIO Media Content Collection (HTTP);c:\program files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe [2/26/2008 4:16 AM 397312]
S3 VAIOMediaPlatform-UCLS-UPnP;VAIO Media Content Collection (UPnP);c:\program files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [2/26/2008 4:16 AM 1089536]
S3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2/16/2008 3:18 PM 292128]
S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe [2/16/2008 3:19 PM 79136]
S4 Kwanzy Service;Kwanzy Service;c:\programdata\Kwanzy\kwanzy133.exe [12/29/2009 7:22 PM 58720]

--- Other Services/Drivers In Memory ---

*Deregistered* - dpfljhoj

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WindowsMobile	REG_MULTI_SZ   	wcescomm rapimgr
LocalServiceRestricted	REG_MULTI_SZ   	WcesComm RapiMgr
.
Contents of the 'Scheduled Tasks' folder

2010-01-02 c:\windows\Tasks\Check Updates for Windows Live Toolbar.job
- c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 16:20]

2010-01-02 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-10-23 17:30]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.mwsu.edu/
mSearch Bar = hxxp://www.mirarsearch.com/?useie5=1&q=
uInternet Settings,ProxyOverride = *.local
IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm
IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
IE: Compare Prices with &Dealio - c:\users\G-ROD\AppData\LocalLow\Dealio\kb124\res\DealioSearch.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\users\G-ROD\AppData\Roaming\Mozilla\Firefox\Profiles\rc86znq7.default\
FF - prefs.js: browser.startup.homepage - www.mwsu.edu
FF - component: c:\program files\Mozilla Firefox\components\ed5eb34c-89fe-bc32-a5a7-c145ed89c99a.dll
FF - component: c:\program files\Real\RealPlayer\browserrecord\firefox\ext\components\nprpffbrowserrecordext.dll
FF - component: c:\users\G-ROD\AppData\Roaming\Mozilla\Firefox\Profiles\rc86znq7.default\extensions\{e45a0de0-b4de-11de-8a39-0800200c9a66}\components\wsff.dll
FF - plugin: c:\program files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\Java\jre1.6.0\bin\npjava11.dll
FF - plugin: c:\program files\Java\jre1.6.0\bin\npjava12.dll
FF - plugin: c:\program files\Java\jre1.6.0\bin\npjava13.dll
FF - plugin: c:\program files\Java\jre1.6.0\bin\npjava14.dll
FF - plugin: c:\program files\Java\jre1.6.0\bin\npjava32.dll
FF - plugin: c:\program files\Java\jre1.6.0\bin\npjpi160.dll
FF - plugin: c:\program files\Java\jre1.6.0\bin\npoji610.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.
- - - - ORPHANS REMOVED - - - -

HKLM-RunOnce-<NO NAME> - (no file)



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-01 21:44
Windows 6.0.6001 Service Pack 1 NTFS

scanning hidden processes ...  

scanning hidden autostart entries ... 

scanning hidden files ...  

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\dpfljhoj]

.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Completion time: 2010-01-01  21:46:16
ComboFix-quarantined-files.txt  2010-01-02 03:46
ComboFix2.txt  2010-01-01 21:10

Pre-Run: 91,105,480,704 bytes free
Post-Run: 90,979,508,224 bytes free

- - End Of File - - 3D508B9DF77BB6511167A46992CCD721

Here is my malwarebytes log

Code: 
Malwarebytes' Anti-Malware 1.43
Database version: 3458
Windows 6.0.6001 Service Pack 1 (Safe Mode)
Internet Explorer 7.0.6001.18000

1/1/2010 9:52:47 PM
mbam-log-2010-01-01 (21-52-41).txt

Scan type: Quick Scan
Objects scanned: 101882
Time elapsed: 4 minute(s), 42 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 7
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 3
Files Infected: 38

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0c22d9b1-6b13-42d9-b48e-7409dfe557bc} (Trojan.BHO.H) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{0c22d9b1-6b13-42d9-b48e-7409dfe557bc} (Trojan.BHO.H) -> No action taken.
HKEY_CLASSES_ROOT\AppID\{fa8edcdd-efa2-477b-b00a-7f28f02cd37e} (Spyware.OnlineGames) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{0c22d9b1-6b13-42d9-b48e-7409dfe557bc} (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\kwanzy (Adware.Kwanzy) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Kwanzy (Adware.Kwanzy) -> No action taken.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Kwanzy Service (Adware.Kwanzy) -> No action taken.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
C:\Program Files\Kwanzy (Adware.Kwanzy) -> No action taken.
C:\ProgramData\Kwanzy (Adware.Kwanzy) -> No action taken.
C:\Windows\System32\SysWoW32 (Worm.Archive) -> No action taken.

Files Infected:
C:\Windows\System32\d3d10_132.dll (Trojan.BHO.H) -> No action taken.
C:\Windows\System32\17C8.tmp (Trojan.Tracur) -> No action taken.
C:\Windows\System32\17E.tmp (Worm.P2P) -> No action taken.
C:\Windows\System32\8D9E.tmp (Trojan.Tracur) -> No action taken.
C:\Windows\System32\DBDD.tmp (Trojan.Agent) -> No action taken.
C:\Windows\System32\ddraw32.dll (Trojan.Agent) -> No action taken.
C:\Windows\System32\E33A.tmp (Trojan.Tracur) -> No action taken.
C:\Program Files\Kwanzy\kwanzy.dll (Adware.Kwanzy) -> No action taken.
C:\Program Files\Kwanzy\kwanzy.exe (Adware.Kwanzy) -> No action taken.
C:\Program Files\Kwanzy\uninstall.exe (Adware.Kwanzy) -> No action taken.
C:\ProgramData\Kwanzy\kwanzy133.exe (Adware.Kwanzy) -> No action taken.
C:\Windows\System32\SysWoW32\mi1186864659v4 (Worm.Archive) -> No action taken.
C:\Windows\System32\SysWoW32\mi1186864659v4.kwd (Worm.Archive) -> No action taken.
C:\Windows\System32\SysWoW32\mi1186864659v6 (Worm.Archive) -> No action taken.
C:\Windows\System32\SysWoW32\mi1186864659v6.kwd (Worm.Archive) -> No action taken.
C:\Windows\System32\SysWoW32\mi1186864659v7 (Worm.Archive) -> No action taken.
C:\Windows\System32\SysWoW32\mi1186864659v7.kwd (Worm.Archive) -> No action taken.
C:\Windows\System32\SysWoW32\mu1186864659v5 (Worm.Archive) -> No action taken.
C:\Windows\System32\SysWoW32\mu1186864659v5.kwd (Worm.Archive) -> No action taken.
C:\Windows\System32\SysWoW32\wu1186864659v0 (Worm.Archive) -> No action taken.
C:\Windows\System32\SysWoW32\wu1186864659v0.kwd (Worm.Archive) -> No action taken.
C:\Windows\System32\SysWoW32\wu1186864659v1 (Worm.Archive) -> No action taken.
C:\Windows\System32\SysWoW32\wu1186864659v1.kwd (Worm.Archive) -> No action taken.
C:\Windows\System32\SysWoW32\wu1186864659v2 (Worm.Archive) -> No action taken.
C:\Windows\System32\SysWoW32\wu1186864659v2.kwd (Worm.Archive) -> No action taken.
C:\Windows\System32\SysWoW32\wu1186864659v3 (Worm.Archive) -> No action taken.
C:\Windows\System32\SysWoW32\wu1186864659v3.kwd (Worm.Archive) -> No action taken.
C:\Windows\System32\SysWoW32\_i1186864659v5 (Worm.Archive) -> No action taken.
C:\Windows\System32\SysWoW32\_u1186864659v0 (Worm.Archive) -> No action taken.
C:\Windows\System32\SysWoW32\_u1186864659v1 (Worm.Archive) -> No action taken.
C:\Windows\System32\SysWoW32\_u1186864659v2 (Worm.Archive) -> No action taken.
C:\Windows\System32\SysWoW32\_u1186864659v3 (Worm.Archive) -> No action taken.
C:\Program Files\mozilla firefox\searchPlugins\kwanzy115.xml (Adware.Kwanzy) -> No action taken.
C:\Program Files\mozilla firefox\searchPlugins\kwanzy121.xml (Adware.Kwanzy) -> No action taken.
C:\Program Files\mozilla firefox\searchPlugins\kwanzy125.xml (Adware.Kwanzy) -> No action taken.
C:\Program Files\mozilla firefox\searchPlugins\kwanzy133.xml (Adware.Kwanzy) -> No action taken.
C:\Program Files\Mozilla Firefox\components\ed5eb34c-89fe-bc32-a5a7-c145ed89c99a.dll (Adware.Yoog) -> No action taken.
C:\Users\G-ROD\AppData\Roaming\fvgqad.dat (Malware.Trace) -> No action taken.
 
Here is my hijackthis log after both were run in safemode.

Code: 
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:54:12 PM, on 1/1/2010
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18349)
Boot mode: Safe mode

Running processes:
C:\Windows\explorer.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
H:\Documents\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mwsu.edu/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.mirarsearch.com/?useie5=1&q=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {0C22D9B1-6B13-42D9-B48E-7409DFE557Bc} - C:\Windows\System32\d3d10_132.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\Windows\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\RunOnce: [GrpConv] grpconv -o
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: Compare Prices with &Dealio - C:\Users\G-ROD\AppData\LocalLow\Dealio\kb124\res\DealioSearch.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/pr01/resources/VistaMSNPUplden-us.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: intu-help-qb1 - {9B0F96C7-2E4B-433E-ABF3-043BA1B54AE3} - C:\Program Files\Intuit\QuickBooks 2008\HelpAsyncPluggableProtocol.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NSUService - Sony Corporation - C:\Program Files\Sony\Network Utility\NSUService.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe
O23 - Service: QBCFMonitorService - Intuit - C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
O23 - Service: Intuit QuickBooks FCS (QBFCService) - Intuit Inc. - C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Media Content Collection (VAIOMediaPlatform-UCLS-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe
O23 - Service: VAIO Media Content Collection (HTTP) (VAIOMediaPlatform-UCLS-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Content Collection (UPnP) (VAIOMediaPlatform-UCLS-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 10360 bytes
 
Log looks much better.

So afer you run malwarebytes, do you click on remove infections and then reboot?
 
Status
Not open for further replies.

Similar threads

XWrench3
hijack this scan
Replies
6
Views
2K
XWrench3
XWrench3
N
Laptop slowing down in function (internet and general apps)
Replies
1
Views
3K
Trotter
Trotter
G
Computer slow and work in background
Replies
0
Views
3K
grecycle99
G
R
Please Help
Replies
3
Views
3K
carnageX
carnageX
C
Hacked by malware
2
Replies
10
Views
9K
PP Mguire
PP Mguire
Back
Top Bottom