search

dragokas / hijackthis

A free utility that finds malware, adware and other security threats
http://hjt.sf.net
GNU General Public License v2.0
681 stars 107 forks source link

Checking my computer March 2019 Please check the following logfile #65

Closed hansdampf2019 closed 5 years ago

hansdampf2019 commented 5 years ago

Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.7

Platform: x64 Windows 7 (Ultimate), 6.1.7601.24385, Service Pack: 1 Time: 16.03.2019 - 18:29 (UTC+01:00) Language: OS: German (0x407). Display: German (0x407). Non-Unicode: German (0x407) Elevated: Yes Ran by: Peter Koch (group: Administrator) on PETERKOCH-PC, FirstRun: yes

Firefox: 65.0.2.6995 Internet Explorer: 11.0.9600.19301 Default: "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "%1" (Firefox)

Boot mode: Normal

Running processes: Number | Path 1 C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe 1 C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe 1 C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe 1 C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe 1 C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe 1 C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe 1 C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe 1 C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe 1 C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe 1 C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe 1 C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe 1 C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe 1 C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe 1 C:\Program Files (x86)\Common Files\Acronis\TrueImageHome\TrueImageHomeNotify.exe 1 C:\Program Files (x86)\Common Files\Acronis\TrueImageHome\TrueImageHomeService.exe 1 C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe 1 C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler.exe 1 C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler64.exe 1 C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe 1 C:\Program Files (x86)\IVT Corporation\BlueSoleil\BsHelpCS.exe 1 C:\Program Files (x86)\IVT Corporation\BlueSoleil\BsMobileCS.exe 1 C:\Program Files (x86)\IVT Corporation\BlueSoleil\BtTray.exe 1 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe 1 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe 1 C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe 1 C:\Program Files (x86)\Jetico\BestCrypt\BCResident.exe 1 C:\Program Files (x86)\Jetico\BestCrypt\BCWipeSvc.exe 2 C:\Program Files (x86)\Jetico\BestCrypt\BCWipeTM.exe 1 C:\Program Files (x86)\Jetico\BestCrypt\BC_VE\bcveserv.exe 1 C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe 1 C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe 1 C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe 1 C:\Program Files (x86)\StarMoney 11 S-Edition\ouservice\StarMoneyOnlineUpdate.exe 1 C:\Program Files (x86)\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe 1 C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe 1 C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe 1 C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 1 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 1 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE 1 C:\Program Files\Everything\Everything.exe 1 C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe 1 C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe 6 C:\Program Files\Mozilla Firefox\firefox.exe 1 C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe 1 C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe 1 C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe 1 C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe 2 C:\Program Files\Samsung\Samsung Link\Samsung Link.exe 1 C:\Program Files\Windows Media Player\wmpnetwk.exe 1 C:\Program Files\Windows NT\Accessories\wordpad.exe 1 C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe 1 C:\Windows\System32\IPROSetMonitor.exe 1 C:\Windows\System32\WUDFHost.exe 1 C:\Windows\System32\audiodg.exe 1 C:\Windows\System32\conhost.exe 2 C:\Windows\System32\csrss.exe 1 C:\Windows\System32\dllhost.exe 1 C:\Windows\System32\dwm.exe 1 C:\Windows\System32\igfxCUIService.exe 1 C:\Windows\System32\igfxEM.exe 1 C:\Windows\System32\igfxHK.exe 1 C:\Windows\System32\igfxTray.exe 1 C:\Windows\System32\lsass.exe 1 C:\Windows\System32\lsm.exe 1 C:\Windows\System32\services.exe 1 C:\Windows\System32\smss.exe 1 C:\Windows\System32\spoolsv.exe 15 C:\Windows\System32\svchost.exe 1 C:\Windows\System32\taskhost.exe 2 C:\Windows\System32\wbem\WmiPrvSE.exe 1 C:\Windows\System32\wininit.exe 1 C:\Windows\System32\winlogon.exe 2 C:\Windows\explorer.exe 1 C:\progs\hijackthis\HiJackThis.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Main: [Default_Page_URL] = https://search.avira.net R0 - HKLM\Software\Microsoft\Internet Explorer\Main: [Default_Search_URL] = https://search.avira.net R0 - HKLM\Software\Microsoft\Internet Explorer\Main: [Search Page] = https://search.avira.net R0-32 - HKLM\Software\Microsoft\Internet Explorer\Main: [Default_Page_URL] = https://search.avira.net R0-32 - HKLM\Software\Microsoft\Internet Explorer\Main: [Default_Search_URL] = https://search.avira.net R0-32 - HKLM\Software\Microsoft\Internet Explorer\Main: [Search Page] = https://search.avira.net R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: [URL] = http://www.delta-search.com/?q={searchTerms}&affID=121561&tt=190313_wctrl&babsrc=SP_ss&mntrId=16EF50E54938253E - Delta Search R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes{CBF85136-7F78-499A-89D3-1725E0B16D35}: [URL] = http://search.softonic.com/MOY00621/tb_v1?q={searchTerms}&SearchSource=4&cc=&mi=16ef5fb000000000000050e54938253e&r=179 - Search the web (Softonic) O1 - Hosts: Reset contents to default O1 - Hosts: 127.0.0.1 activation.cloud.techsmith.com O1 - Hosts: 127.0.0.1 lmlicenses.wip4.adobe.com O1 - Hosts: 127.0.0.1 lm.licenses.adobe.com O1 - Hosts: 127.0.0.1 acoustica.com O1 - Hosts: 127.0.0.1 www.acoustica.com O1 - Hosts: 127.0.0.1 iw2.slysoft.com O1 - Hosts: 127.0.0.1 h3.slysoft.com O1 - Hosts: 127.0.0.1 update.slysoft.com O1 - Hosts: 127.0.0.1 slysoft.com O1 - Hosts: 127.0.0.1 sb2slysoft.com O1 - Hosts: 127.0.0.1 ns6.gandi.net O1 - Hosts: 127.0.0.1 ev1slysoft.com O1 - Hosts: 127.0.0.1 reverse.privatedns.com O1 - Hosts: 127.0.0.1 update.slysoft.com O1 - Hosts: 127.0.0.1 ev1slysoft.com O2 - HKLM..\BHO: (no name) - AutorunsDisabled - (no file) O2 - HKLM..\BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll O2 - HKLM..\BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_65\bin\jp2ssv.dll O2 - HKLM..\BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_65\bin\ssv.dll O2 - HKLM..\BHO: Shareaza Web Download Hook - {0EEDB912-C5FA-486F-8334-57288578C627} - C:\Program Files\Shareaza\RazaWebHook64.dll O2 - HKLM..\BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2-32 - HKLM..\BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll O2-32 - HKLM..\BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_65\bin\jp2ssv.dll O2-32 - HKLM..\BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_65\bin\ssv.dll O2-32 - HKLM..\BHO: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2-32 - HKLM..\BHO: Shareaza Web Download Hook - {0EEDB912-C5FA-486F-8334-57288578C627} - C:\Program Files\Shareaza\RazaWebHook32.dll O2-32 - HKLM..\BHO: Wondershare Video Converter Ultimate 7.1.0 - {451C804F-C205-4F03-B48E-537EC94937BF} - C:\ProgramData\Wondershare\Video Converter Ultimate\WSBROW~1.DLL (file missing) O3 - HKLM..\Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll O3-32 - HKLM..\Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll O4 - HKCU..\Run: [DAEMON Tools Lite] = C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun O4 - HKCU..\Run: [KiesPDLR.exe] = C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe Run O4 - HKLM..\Run: [IgfxTray] = C:\Windows\system32\igfxtray.exe O4 - HKLM..\Run: [Persistence] = C:\Windows\system32\igfxpers.exe (file missing) O4 - HKLM..\Run: [RTHDVCPL] = C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s O4 - HKLM..\Run: [Samsung Link] = C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe O4 - HKU.DEFAULT..\RunOnce: [SPReview] = C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 O4 - MSConfig\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk [backup] => C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (2019/01/19) O4 - MSConfig\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^BestCrypt Auto Open.lnk [backup] => C:\Program Files (x86)\Jetico\BestCrypt\BestCrypt.exe AutoOpen (2015/11/15) O4 - MSConfig\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^CodecPackUpdateChecker.lnk [backup] => C:\Windows\SysWOW64\C2MP\UpdateChecker.exe (2015/11/15) O4 - MSConfig\startupfolder: C:^Users^Peter Koch^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma.lnk [backup] => C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (2018/09/09) O4 - MSConfig\startupfolder: C:^Users^Peter Koch^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^hide.me VPN.lnk [backup] => C:\Program Files (x86)\hide.me VPN\Hide.me.exe -delay 2000 (2015/12/01) (file missing) O4 - MSConfig\startupreg: APSDaemon [command] = C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (HKLM) (2015/11/15) O4 - MSConfig\startupreg: Acronis Scheduler2 Service [command] = C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (HKLM) (2015/11/15) O4 - MSConfig\startupreg: AcronisTibMounterMonitor [command] = C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe (HKLM) (2015/11/15) O4 - MSConfig\startupreg: Adobe ARM [command] = C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (HKLM) (2015/11/15) (file missing) O4 - MSConfig\startupreg: AdobeAAMUpdater-1.0 [command] = C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (HKLM) (2019/01/19) O4 - MSConfig\startupreg: AdobeCS6ServiceManager [command] = C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe -launchedbylogin (HKLM) (2019/01/19) O4 - MSConfig\startupreg: BCSSync [command] = C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe /DelayServices (HKLM) (2015/11/15) (file missing) O4 - MSConfig\startupreg: BlueStacks Agent [command] = C:\Program Files (x86)\BlueStacks\HD-Agent.exe (HKLM) (2015/11/15) O4 - MSConfig\startupreg: BrMfcWnd [command] = C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN (HKLM) (2016/12/25) (file missing) O4 - MSConfig\startupreg: BtTray [command] = C:\Program Files (x86)\IVT Corporation\BlueSoleil\BtTray.exe (HKLM) (2016/12/25) O4 - MSConfig\startupreg: CanonQuickMenu [command] = C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon (HKLM) (2017/08/19) O4 - MSConfig\startupreg: DelaypluginInstall [command] = C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe (HKLM) (2015/12/19) O4 - MSConfig\startupreg: DocFetcher-Daemon [command] = C:\Program Files (x86)\DocFetcher\docfetcher-daemon-windows.exe (HKLM) (2015/12/11) O4 - MSConfig\startupreg: Dropbox [command] = C:\Program Files (x86)\Dropbox\Client\Dropbox.exe /systemstartup (HKLM) (2018/10/06) (file missing) O4 - MSConfig\startupreg: Internet Download Accelerator [command] = C:\Program Files (x86)\IDA\ida.exe -autorun (HKCU) (2017/07/18) (file missing) O4 - MSConfig\startupreg: KiesAirMessage [command] = C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup (HKCU) (2015/11/15) (file missing) O4 - MSConfig\startupreg: KiesPDLR.exe [command] = C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe Run (HKCU) (2018/06/17) O4 - MSConfig\startupreg: KiesTrayAgent [command] = C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (HKLM) (2015/11/15) O4 - MSConfig\startupreg: ManyCam [command] = C:\Program Files (x86)\ManyCam\Bin\ManyCam.exe /silent (HKCU) (2015/11/15) O4 - MSConfig\startupreg: OfficeSyncProcess [command] = C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE (HKCU) (2015/11/15) (file missing) O4 - MSConfig\startupreg: ProxyCap [command] = C:\Program Files\Proxy Labs\ProxyCap\pcapui.exe (HKLM) (2015/11/15) (file missing) O4 - MSConfig\startupreg: QuickTime Task [command] = C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime (HKLM) (2015/11/15) O4 - MSConfig\startupreg: SunJavaUpdateSched [command] = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (HKLM) (2015/11/15) O4 - MSConfig\startupreg: TrueImageMonitor.exe [command] = C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (HKLM) (2015/11/15) O4 - MSConfig\startupreg: VirtualCloneDrive [command] = C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe /s (HKLM) (2015/11/15) (file missing) O4 - MSConfig\startupreg: Wondershare Helper Compact.exe [command] = C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (HKLM) (2015/12/19) O4-32 - HKLM..\Run: [Avira SystrayStartTrigger] = C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe O4-32 - HKLM..\Run: [BestCrypt Volume Encryption] = C:\Program Files (x86)\Jetico\BestCrypt\BC_VE\bcfmgr.exe MountAtLogon O4-32 - HKLM..\Run: [KiesTrayAgent] = C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe O4-32 - HKLM..\Run: [USB3MON] = C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe O8 - Context menu item: HKCU..\Internet Explorer\MenuExt\Download ALL with IDA: (default) = (no file) O8 - Context menu item: HKCU..\Internet Explorer\MenuExt\Download remotely with IDA: (default) = (no file) O8 - Context menu item: HKCU..\Internet Explorer\MenuExt\Download with &Shareaza: (default) = C:\Program Files\Shareaza\RazaWebHook64.dll O8 - Context menu item: HKCU..\Internet Explorer\MenuExt\Download with IDA: (default) = (no file) O8 - Context menu item: HKCU..\Internet Explorer\MenuExt\E&xport to Microsoft Excel: (default) = C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE (file missing) O8 - Context menu item: HKCU..\Internet Explorer\MenuExt\Per Mitteilung versenden(&M) ...: (default) = C:\Program Files (x86)\IVT Corporation\BlueSoleil\TransSend\IE\tssms.htm O8 - Context menu item: HKCU..\Internet Explorer\MenuExt\Se&nd to OneNote: (default) = C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (file missing) O8 - Context menu item: HKCU..\Internet Explorer\MenuExt\Über Bluetooth senden: (default) = C:\Program Files (x86)\IVT Corporation\BlueSoleil\TransSend\IE\tsinfo.htm O9-32 - Button: HKLM..{9819CC0E-9669-4D01-9CD7-2C66DA43AC6C}: (no name) - (no file) O17 - DHCP DNS 1: 192.168.178.1 O18 - HKLM\Software\Classes\Protocols\Handler\WSWSVCUchrome: [CLSID] = {1CA93FF0-A218-44F1- - (no file) O18 - HKLM\Software\Classes\Protocols\Handler\skype4com: [CLSID] = {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - (no file) O21 - HKLM..\ShellIconOverlayIdentifiers\AcronisSyncError: (no name) - {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} - C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll O21 - HKLM..\ShellIconOverlayIdentifiers\AcronisSyncInProgress: (no name) - {00F848DC-B1D4-4892-9C25-CAADC86A215D} - C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll O21 - HKLM..\ShellIconOverlayIdentifiers\AcronisSyncOk: (no name) - {71573297-552E-46fc-BE3D-3DFAF88D47B7} - C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll O22 - Task: (activation) \Microsoft\Windows\Windows Activation Technologies\ValidationTask - C:\Windows\system32\Wat\WatAdminSvc.exe /run (Microsoft) O22 - Task: (activation) \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline - C:\Windows\system32\schtasks.exe /run /I /TN "\Microsoft\Windows\Windows Activation Technologies\ValidationTask" O22 - Task: (disabled) {D479162E-63F5-45D2-B112-B7CD93111FAE} - C:\Program Files (x86)\Nero\Nero 12\Nero Burning ROM\nero.exe (file missing) O22 - Task: (telemetry) \Microsoft\Office\Office 15 Subscription Heartbeat - C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe (Microsoft) O22 - Task: (telemetry) \Microsoft\Office\OfficeTelemetryAgentFallBack - C:\Program Files\Microsoft Office\Office15\msoia.exe scan upload mininterval:2880 (Microsoft) O22 - Task: (telemetry) \Microsoft\Office\OfficeTelemetryAgentLogOn - C:\Program Files\Microsoft Office\Office15\msoia.exe scan upload (Microsoft) O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - C:\Windows\system32\CompatTelRunner.exe (Microsoft) O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - C:\Windows\system32\compattel\DiagTrackRunner.exe /UploadEtlFilesOnly (Microsoft) O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\ProgramDataUpdater - C:\Windows\system32\compattelrunner.exe -maintenance (Microsoft) O22 - Task: Adobe Flash Player NPAPI Notifier - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_156_Plugin.exe -check plugin O22 - Task: Adobe Flash Player Updater - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O22 - Task: Auto Re-Aktivierung - C:\Windows\Re-Aktivierung\TriggerKMS.exe 30 kmsnano.exe O22 - Task: Avira_Antivirus_Systray - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe /min O22 - Task: GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c O22 - Task: GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler O22 - Task: \Microsoft\Office\Office Automatic Updates 2.0 - C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe /frequentupdate SCHEDULEDTASK displaylevel=False (Microsoft) O22 - Task: \Microsoft\Office\Office ClickToRun Service Monitor - C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe /WatchService (Microsoft) O22 - Task: \Microsoft\VisualStudio\VSIX Auto Update 14 - C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\VSIXAutoUpdate.exe (Microsoft) O22 - Task: \Microsoft\Windows Live\SOXE\Extractor Definitions Update Task - {3519154C-227E-47F3-9CC9-12C3F05817F1} - (no file) O22 - Task: \OfficeSoftwareProtectionPlatform\SvcRestartTask - % s y s t e m r o o t % \ s y s t e m 3 2 \ s c . e x e (file missing) O22 - Task: {17A94D72-F038-473A-934E-BC10149736CA} - c:\program files (x86)\mozilla firefox\firefox.exe http://ui.skype.com/ui/0/5.1.0.112/de/abandoninstall?source=lightinstaller&page=tsDownload&installinfo=google-toolbar:notoffered;ienotdefaultbrowser2,google-chrome:notoffered;alreadyoffered O22 - Task: {4E62579A-C90D-4904-AF6F-B3F4E3CEA864} - C:\Windows\system32\pcalua.exe -a "C:\Users\Peter Koch\Downloads\MapSource_6163.exe" -d "C:\Users\Peter Koch\Downloads" O22 - Task: {62BB1C22-4055-4E33-81F4-7DFC4177940E} - p:\firefoxportable\app\firefox\firefox.exe http://ui.skype.com/ui/0/7.24.85.104/de/abandoninstall?page=tsMain (file missing) O22 - Task: {67C8AB2F-B43A-4580-AF8F-B4865664A571} - p:\firefoxportable\app\firefox\firefox.exe https://ui.skype.com/ui/0/7.35.0.101/de/abandoninstall?page=tsProgressBar (file missing) O22 - Task: {73638EC2-B687-44F4-AF5C-A1A6317B4EBA} - c:\program files (x86)\mozilla firefox\firefox.exe http://ui.skype.com/ui/0/6.3.0.107/de/abandoninstall?page=tsProgressBar O22 - Task: {89BEDB5F-FE18-446B-B147-355332CEDCB3} - p:\firefoxportable\app\firefox\firefox.exe http://ui.skype.com/ui/0/7.16.0.102/de/abandoninstall?page=tsBing (file missing) O22 - Task: {8A7F1C66-6825-4264-83D8-16B684065BFC} - C:\Windows\system32\pcalua.exe -a P:\o\Software\traybackup\trbsetup.exe -d P:\o\Software\traybackup O22 - Task: {A380A5E1-5D26-4F9E-8609-3A0F81AB02FB} - c:\program files (x86)\mozilla firefox\firefox.exe http://ui.skype.com/ui/0/6.3.0.107/de/abandoninstall?page=tsProgressBar O22 - Task: {C0A4873C-2CAA-4DD4-8CB9-3D7CD5EDE92A} - C:\Windows\system32\pcalua.exe -a P:\o\Software\wsftp\fo-wsftp605\fo-wsftp605.exe -d P:\o\Software\wsftp\fo-wsftp605 O22 - Task: {D410121D-FE36-4CED-92E0-F81269744E5C} - C:\Windows\system32\pcalua.exe -a E:\Downloads\wds_current_setup.exe -d E:\Downloads O23 - Service R2: Acronis Scheduler2 Service - (AcrSch2Svc) - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe O23 - Service R2: Acronis Sync Agent Service - (syncagentsrv) - C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe O23 - Service R2: AllShare Framework DMS - C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe O23 - Service R2: Avira Browser-Schutz - (AntiVirWebService) - C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe O23 - Service R2: Avira Echtzeit-Scanner - (AntiVirService) - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe O23 - Service R2: Avira Email Schutz - (AntiVirMailService) - C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe O23 - Service R2: Avira Planer - (AntiVirSchedulerService) - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe O23 - Service R2: Avira Service Host - (Avira.ServiceHost) - C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe O23 - Service R2: BCWipe service - (BCWipeSvc) - C:\Program Files (x86)\Jetico\BestCrypt\BCWipeSvc.exe O23 - Service R2: BlueSoleilCS - C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe O23 - Service R2: BlueStacks Log Rotator Service - (BstHdLogRotatorSvc) - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe O23 - Service R2: BsMobileCS - C:\Program Files (x86)\IVT Corporation\BlueSoleil\BsMobileCS.exe O23 - Service R2: Canon Inkjet Printer/Scanner/Fax Extended Survey Program - (IJPLMSVC) - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE O23 - Service R2: Diagnostics Tracking Service - (DiagTrack) - C:\Windows\System32\svchost.exe -k utcsvc; "ServiceDll" = C:\Windows\system32\diagtrack.dll O23 - Service R2: Everything - C:\Program Files\Everything\Everything.exe -svc O23 - Service R2: Intel(R) Dynamic Application Loader Host Interface Service - (jhi_service) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe O23 - Service R2: Intel(R) HD Graphics Control Panel Service - (igfxCUIService2.0.0.0) - C:\Windows\system32\igfxCUIService.exe O23 - Service R2: Intel(R) Management and Security Application Local Management Service - (LMS) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service R2: Intel(R) PROSet Monitoring Service - C:\Windows\system32\IProsetMonitor.exe O23 - Service R2: Microsoft Office Click-to-Run Service - (ClickToRunSvc) - C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe /service O23 - Service R2: SAMSUNG Mobile Connectivity Service - (ss_conn_service) - C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe O23 - Service R2: SQL Server (SQLEXPRESS) - (MSSQL$SQLEXPRESS) - C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe -sSQLEXPRESS O23 - Service R2: Samsung Link Service - C:\Program Files\Samsung\Samsung Link\Samsung Link.exe O23 - Service R2: StarMoney 11 OnlineUpdate - C:\Program Files (x86)\StarMoney 11 S-Edition\ouservice\StarMoneyOnlineUpdate.exe O23 - Service R2: StarMoney 9.0 OnlineUpdate - C:\Program Files (x86)\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe O23 - Service R2: TeamViewer 11 - (TeamViewer) - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe O23 - Service R2: UMVPFSrv - C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe O23 - Service R2: Windows Live ID Sign-in Assistant - (wlidsvc) - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE O23 - Service R2: bcveServ - C:\Program Files (x86)\Jetico\BestCrypt\BC_VE\bcveserv.exe O23 - Service R2: chip 1-click download service - (chip1click) - C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe O23 - Service R3: BsHelpCS - C:\Program Files (x86)\IVT Corporation\BlueSoleil\BsHelpCS.exe O23 - Service S2: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 - (NAUpdate) - C:\Program Files (x86)\Nero\Update\NASvc.exe O23 - Service S2: BlueStacks Android Service - (BstHdAndroidSvc) - C:\Program Files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android O23 - Service S2: Google Update-Dienst (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc O23 - Service S3: Acronis Nonstop Backup Service - (afcdpsrv) - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe O23 - Service S3: Adobe Flash Player Update Service - (AdobeFlashPlayerUpdateSvc) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service S3: Adobe LM Service - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service S3: ElsterFormular Update Service - (ElfoService) - C:\Program Files (x86)\ElsterFormular Update Service\bin\elfoService.exe O23 - Service S3: Google Update-Dienst (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc O23 - Service S3: Intel(R) Capability Licensing Service TCP IP Interface - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe O23 - Service S3: Intel(R) Content Protection HECI Service - (cphs) - C:\Windows\SysWow64\IntelCpHeciSvc.exe O23 - Service S3: Mozilla Maintenance Service - (MozillaMaintenance) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service S3: Office 64 Source Engine - (ose64) - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE O23 - Service S3: SAMSUNG WiselinkPro Service - (WiselinkPro) - C:\Program Files (x86)\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe

-- End of file - Time spent: 7,7 sec. - 55040 bytes, CRC32: FFFFFFFF. Sign: 珮

Sandor-Helper commented 5 years ago

Hello and welcome! To do a complete diagnostics we need CollectionLog created by Autologger as described here in How to prepare logs section.

And please describe what kind of problem you've experienced?

dragokas commented 5 years ago

Closed. Reason: no answer for 10 days. If you still need our help, please, execute tha last steps, requested by helper. Also, download again AutoLogger, prepare new CollectionLog and write what problems remained.