hijack log analisys request

[LukeLarry]

Hi evrybody, I have sometime a crazymovement on my acer 10 the mouse moves randomly and clicks until I disconnect my keyboard and a new windows appears in my firefox browser
I hope you can find something in the following log.
thank you
Luca

Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.18

Platform: x32 Windows 8.1 (Home), 6.3.9600.19652, Service Pack: 0
Time: 10.04.2020 - 11:41 (UTC+02:00)
Language: OS: Italian (0x410). Display: Italian (0x410). Non-Unicode: Italian (0x410)
Elevated: Yes
Ran by: luca (group: Administrator) on SCUOLA, FirstRun: yes

Firefox: 75.0.0.7398
Internet Explorer: 11.0.9600.19036
Default: "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "%1" (Firefox)

Boot mode: Normal

Running processes:
Number | Path
1 C:\Program Files\Acer\AOP Framework\BackgroundAgent.exe
1 C:\Program Files\Acer\AOP Framework\CCDMonitorService.exe
1 C:\Program Files\Acer\AOP Framework\acer\ccd.exe
1 C:\Program Files\Acer\Care Center\ACCStd.exe
1 C:\Program Files\Avira\Antivirus\avgnt.exe
1 C:\Program Files\Avira\Antivirus\avguard.exe
1 C:\Program Files\Avira\Antivirus\avshadow.exe
1 C:\Program Files\Avira\Antivirus\protectedservice.exe
1 C:\Program Files\Avira\Antivirus\sched.exe
1 C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe
1 C:\Program Files\Avira\Launcher\Avira.Systray.exe
1 C:\Program Files\Avira\Optimizer Host\Avira.OptimizerHost.exe
1 C:\Program Files\Avira\Security\Avira.Spotlight.Service.exe
1 C:\Program Files\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe
1 C:\Program Files\Avira\VPN\Avira.VpnService.exe
1 C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
9 C:\Program Files\Mozilla Firefox\firefox.exe
1 C:\Program Files\REALTEK\REALTEK Bluetooth\BTDevMgr.exe
1 C:\Program Files\Windows Media Player\wmpnetwk.exe
1 C:\Users\luca\Downloads\HiJackThis(1).exe
1 C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
1 C:\Windows\System32\DptfParticipantProcessorService.exe
1 C:\Windows\System32\DptfPolicyCriticalService.exe
1 C:\Windows\System32\DptfPolicyLpmService.exe
1 C:\Windows\System32\SearchIndexer.exe
2 C:\Windows\System32\WUDFHost.exe
1 C:\Windows\System32\audiodg.exe
1 C:\Windows\System32\cmd.exe
3 C:\Windows\System32\conhost.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\dasHost.exe
1 C:\Windows\System32\dwm.exe
1 C:\Windows\System32\igfxCUIService.exe
1 C:\Windows\System32\igfxEM.exe
1 C:\Windows\System32\igfxHK.exe
1 C:\Windows\System32\igfxTray.exe
1 C:\Windows\System32\lsass.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\spoolsv.exe
11 C:\Windows\System32\svchost.exe
1 C:\Windows\System32\taskhostex.exe
1 C:\Windows\System32\wbem\WmiPrvSE.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
1 C:\Windows\System32\wlanext.exe
1 C:\Windows\explorer.exe

O4 - HKCU..\StartupApproved\StartupFolder: C:\Users\luca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Invia a OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE /tsr (2018/06/08)
O4 - HKLM..\Run: [Avira System Speedup User Starter] = C:\Program Files\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe
O4 - HKLM..\Run: [Avira SystrayStartTrigger] = C:\Program Files\Avira\Launcher\Avira.SystrayStartTrigger.exe
O8 - Context menu item: HKCU..\Internet Explorer\MenuExt\E&xport to Microsoft Excel: (default) = C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE (file missing)
O8 - Context menu item: HKCU..\Internet Explorer\MenuExt\Se&nd to OneNote: (default) = C:\Program Files\Microsoft Office\Root\Office16\ONBttnIE.dll (file missing)
O17 - DHCP DNS 1: 8.8.8.8 (Well-known DNS: Google)
O17 - DHCP DNS 2: 8.8.4.4 (Well-known DNS: Google)
O17 - HKLM\System\CCS\Services\Tcpip..{9CFF5B8F-237C-4F0C-9960-A49B6ECB3B6B}: [NameServer] = 8.8.4.4 (Well-known DNS: Google)
O17 - HKLM\System\CCS\Services\Tcpip..{9CFF5B8F-237C-4F0C-9960-A49B6ECB3B6B}: [NameServer] = 8.8.8.8 (Well-known DNS: Google)
O23 - Service R2: Avira Optimizer Host - (AviraOptimizerHost) - C:\Program Files\Avira\Optimizer Host\Avira.OptimizerHost.exe
O23 - Service R2: Avira Phantom VPN - (AviraPhantomVPN) - C:\Program Files\Avira\VPN\Avira.VpnService.exe
O23 - Service R2: Avira Pianificatore - (AntiVirSchedulerService) - C:\Program Files\Avira\Antivirus\sched.exe
O23 - Service R2: Avira Protezione in tempo reale - (AntiVirService) - C:\Program Files\Avira\Antivirus\avguard.exe
O23 - Service R2: Avira Security - (AviraSecurity) - C:\Program Files\Avira\Security\Avira.Spotlight.Service.exe
O23 - Service R2: Avira Service Host - (Avira.ServiceHost) - C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe
O23 - Service R2: Avira Servizio protetto - (AntivirProtectedService) - C:\Program Files\Avira\Antivirus\ProtectedService.exe
O23 - Service R2: Avira Updater Service - (AviraUpdaterService) - C:\Program Files\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe
O23 - Service R2: BTDevManager - C:\Program Files\REALTEK\REALTEK Bluetooth\BTDevMgr.exe
O23 - Service R2: CCDMonitorService - C:\Program Files\Acer\AOP Framework\CCDMonitorService.exe
O23 - Service R2: Diagnostics Tracking Service - (DiagTrack) - C:\windows\System32\svchost.exe -k utcsvc; "ServiceDll" = C:\windows\system32\diagtrack.dll
O23 - Service R2: Intel(R) Dynamic Platform & Thermal Framework Critical Service Application - (DptfPolicyCriticalService) - C:\windows\system32\DptfPolicyCriticalService.exe
O23 - Service R2: Intel(R) Dynamic Platform & Thermal Framework Low Power Mode Service Application - (DptfPolicyLpmService) - C:\windows\system32\DptfPolicyLpmService.exe
O23 - Service R2: Intel(R) Dynamic Platform & Thermal Framework Processor Participant Service Application - (DptfParticipantProcessorService) - C:\windows\system32\DptfParticipantProcessorService.exe
O23 - Service R2: Intel(R) HD Graphics Control Panel Service - (igfxCUIService1.0.0.0) - C:\windows\system32\igfxCUIService.exe
O23 - Service S2: Avira Protezione email - (AntiVirMailService) - C:\Program Files\Avira\Antivirus\avmailc7.exe
O23 - Service S2: Avira Protezione web - (AntiVirWebService) - C:\Program Files\Avira\Antivirus\avwebg7.exe
O23 - Service S3: Adobe Flash Player Update Service - (AdobeFlashPlayerUpdateSvc) - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service S3: Intel(R) Content Protection HECI Service - (cphs) - C:\windows\system32\IntelCpHeciSvc.exe
O23 - Service S3: Mozilla Maintenance Service - (MozillaMaintenance) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service S3: User Experience Improvement Program - (UEIPSvc) - C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe

--
End of file - Time spent: 76 sec. - 13788 bytes, CRC32: FFFFFFFF. Sign: 渿甬

[dragokas]

Hi,
thank you for the log.
If you need our assistance:

• Read carefully: How to make a request for help in the PC cure section

• Attach 'Collection-[Date].zip' log created by AutoLogger

• Describe your problem in details.

---

Please, note that only members of VIRUSNET-Association are allowed to respond in PC cure topics.
Ignore any recommendations given by other users, including PM !!!

Assistance is provided free of charge at our free time. If you found our help useful, you can thank us with any amount using this form or you can leave a feedback in Guestbook.

[dragokas]

Closed.
Reason: no answer for 10 days.
If you still need our help, please, execute tha last steps, requested by helper.
Also, download again AutoLogger, prepare new CollectionLog and write what problems remained.