Corel License Validation Service V2 Powered By Arvato

Posted By admin On 19/05/19

The licence validation service is probably a red herring. It only needs to run on demand, so if it has a startup type of 'automatic' it will stop and start as required.

Hello guys! This is my first time posting here. I'd like to say this forum is awesome and the work you do helping people from everywhere is so much appreciated. I wish we had more initiatives like this in other areas as well.

Kobalt cement mixer parts. Recently, I am being unable to open some programs and some even close unexpectedly. While trying to figure out what may be happening, I tried to install Process Hacker2, which couldn't open and popped this window:

Ghost

This happened everytime except when I logged in safe mode, and with another program as well. Those programs I can't use also work on safe mode only (and safe mode with network support).

Here is my hijackthis log:

Scan saved at 1:55:55 PM, on 2/4/2016
MSIE: Internet Explorer v11.0 (11.00.9600.18098)
FIREFOX: 39.0.3 (x86 pt-BR)
C:Program Files (x86)TOSHIBAConfigFreeNDSTray.exe
C:Program Files (x86)NVIDIA CorporationUpdate CoreNvBackend.exe
C:Program Files (x86)TOSHIBAConfigFreeCFSwMgr.exe
C:Program Files (x86)Common FilesMicrosoft SharedInkTabTip32.exe
C:WindowsSystem32TiltWheelMouse.exe
Corel
C:Program Files (x86)Kaspersky LabKaspersky Security Scan 2.0kss.exe
C:Program Files (x86)SonyContent Manager AssistantCMA.exe
C:Program Files (x86)Elaborate BytesVirtualCloneDriveVCDDaemon.exe
C:Program Files (x86)HPHP Software Updatehpwuschd2.exe
C:Program Files (x86)AdobeAcrobat 10.0Acrobatacrotray.exe
C:Program Files (x86)Common FilesJavaJava Updatejusched.exe
C:Program Files (x86)SonyContent Manager AssistantCMAWatcher.exe
C:Program Files (x86)GoogleChromeApplicationchrome.exe
C:Program Files (x86)GoogleChromeApplicationchrome.exe
C:Program Files (x86)GoogleChromeApplicationchrome.exe
C:Program Files (x86)GoogleChromeApplicationchrome.exe
C:Program Files (x86)GoogleChromeApplicationchrome.exe
C:Program Files (x86)Common FilesAdobeOOBEPDAppUWAAAM Updates Notifier.exe
C:Program Files (x86)GoogleChromeApplicationchrome.exe
C:Program Files (x86)GoogleChromeApplicationchrome.exe
C:Program Files (x86)GoogleChromeApplicationchrome.exe
C:Program Files (x86)GoogleChromeApplicationchrome.exe
C:Program Files (x86)GoogleChromeApplicationchrome.exe
C:Program Files (x86)GoogleChromeApplicationchrome.exe
C:Program Files (x86)GoogleChromeApplicationchrome.exe
C:Program Files (x86)GoogleChromeApplicationchrome.exe
C:Program Files (x86)GoogleChromeApplicationchrome.exe
C:Program Files (x86)GoogleChromeApplicationchrome.exe
C:Program Files (x86)GoogleChromeApplicationchrome.exe
C:Program Files (x86)GoogleChromeApplicationchrome.exe
C:Program Files (x86)GoogleChromeApplicationchrome.exe
C:WindowsSysWOW64NOTEPAD.EXE
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = about:blank
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = about:blank
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch =
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Local Page = C:WindowsSysWOW64blank.htm
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName =
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program Files (x86)Javajre1.8.0_71binssv.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:Program Files (x86)Common FilesAdobeAcrobatActiveXAcroIEFavClient.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:Program Files (x86)SkypeToolbarsInternet ExplorerSkypeIEPlugin.dll
O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:PROGRAM FILES (X86)GBPLUGINgbieh.dll
O2 - BHO: G-Buster Browser Defense CEF - {C41A1C0E-EA6C-11D4-B1B8-444553540003} - C:Program Files (x86)GbPlugingbiehcef.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:Program Files (x86)Javajre1.8.0_71binjp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:Program Files (x86)Common FilesAdobeAcrobatActiveXAcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:Program Files (x86)Common FilesAdobeAcrobatActiveXAcroIEFavClient.dll
O4 - HKLM.Run: [SwitchBoard] C:Program Files (x86)Common FilesAdobeSwitchBoardSwitchBoard.exe
O4 - HKLM.Run: [Adobe Acrobat Speed Launcher] 'C:Program Files (x86)AdobeAcrobat 10.0AcrobatAcrobat_sl.exe'
O4 - HKLM.Run: [VirtualCloneDrive] 'C:Program Files (x86)Elaborate BytesVirtualCloneDriveVCDDaemon.exe' /s
O4 - HKLM.Run: [ADSKAppManager] 'C:Program Files (x86)Common FilesAutodesk SharedAppManagerR1AdAppMgr.exe' -showminimized -checkautorun
O4 - HKLM.Run: [HP Software Update] C:Program Files (x86)HpHP Software UpdateHPWuSchd2.exe
O4 - HKLM.Run: [QuickTime Task] 'C:Program Files (x86)QuickTimeQTTask.exe' -atboottime
O4 - HKLM.Run: [Acrobat Assistant 8.0] 'C:Program Files (x86)AdobeAcrobat 10.0AcrobatAcrotray.exe'
O4 - HKLM.Run: [SunJavaUpdateSched] 'C:Program Files (x86)Common FilesJavaJava Updatejusched.exe'
O4 - HKLM.RunOnce: [Malwarebytes Anti-Rootkit (cleanup)] 'C:ProgramDataMalwarebytes' Anti-Malware (portable)mbamdor.exe' 'C:ProgramDataMalwarebytes' Anti-Malware (portable)'
O4 - HKCU.Run: [KSS] 'C:Program Files (x86)Kaspersky LabKaspersky Security Scan 2.0kss.exe' /autorun
O4 - Startup: RebusDrop.lnk = WilliamRebusDropAppRebusDrop.exe
O4 - Global Startup: Content Manager Assistant for PlayStation®.lnk = C:Program Files (x86)SonyContent Manager AssistantCMA.exe
O4 - Global Startup: Network Server.lnk = C:Program Files (x86)WIBUKEYServerWkSvMgr.exe
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:Program Files (x86)Common FilesAdobeAcrobatActiveXAcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Append to Existing PDF - res://C:Program Files (x86)Common FilesAdobeAcrobatActiveXAcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:Program Files (x86)Common FilesAdobeAcrobatActiveXAcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:Program Files (x86)Common FilesAdobeAcrobatActiveXAcroIEFavClient.dll/AcroIECapture.html
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:Program Files (x86)SkypeToolbarsInternet ExplorerSkypeIEPlugin.dll
License
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: www14.bancobrasil.com.br
O15 - Trusted Zone: www.bb.com.br
O15 - Trusted Zone: imagem.caixa.gov.br
O15 - Trusted Zone: www.caixa.gov.br
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:PROGRA~2COMMON~1SkypeSKYPE4~1.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:Program Files (x86)SkypeToolbarsInternet ExplorerSkypeIEPlugin.dll
O20 - Winlogon Notify: GbPluginBb - C:Program Files (x86)GbPlugingbieh.dll
O20 - Winlogon Notify: GbPluginCef - C:Program Files (x86)GbPlugingbiehCef.dll
O23 - Service: Autodesk Application Manager Service (AdAppMgrSvc) - Autodesk Inc. - C:Program Files (x86)Common FilesAutodesk SharedAppManagerR1AdAppMgrSvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:WindowsSysWOW64MacromedFlashFlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%system32Alg.exe,-112 (ALG) - Unknown owner - C:WindowsSystem32alg.exe (file missing)
O23 - Service: Autodesk Content Service - Autodesk, Inc. - C:Program Files (x86)AutodeskContent ServiceConnect.Service.ContentService.exe
O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:Program Files (x86)BlueStacksHD-Service.exe
O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:Program Files (x86)BlueStacksHD-LogRotatorService.exe
O23 - Service: BlueStacks Updater Service (BstHdUpdaterSvc) - BlueStack Systems, Inc. - C:Program Files (x86)BlueStacksHD-UpdaterService.exe
O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) - TOSHIBA CORPORATION - C:Program Files (x86)TOSHIBAConfigFreeCFIWmxSvcs64.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:Program Files (x86)TOSHIBAConfigFreeCFSvcs.exe
O23 - Service: @%SystemRoot%system32efssvc.dll,-100 (EFS) - Unknown owner - C:WindowsSystem32lsass.exe (file missing)
O23 - Service: FLEXnet Licensing Service 64 - Flexera Software LLC - C:Program FilesCommon FilesMacrovision SharedFLEXnet PublisherFNPLicensingService64.exe
O23 - Service: Gbp Service (GbpSv) - GAS Tecnologia - C:PROGRA~2GbPluginGbpSv.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:Program FilesNVIDIA CorporationGeForce Experience ServiceGfExperienceService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:Program Files (x86)GoogleUpdateGoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:Program Files (x86)GoogleUpdateGoogleUpdate.exe
O23 - Service: @%SystemRoot%system32ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:Windowssystem32IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:Windowssystem32lsass.exe (file missing)
O23 - Service: Kinoni Remote Desktop (KinoniRemoteDesktop) - Unknown owner - C:Program Files (x86)KinoniRemote Desktopservice.exe
O23 - Service: Kaspersky Security Scan Service (KSS) - Kaspersky Lab ZAO - C:Program Files (x86)Kaspersky LabKaspersky Security Scan 2.0kss.exe
O23 - Service: MBAMService - Malwarebytes - C:Program Files (x86)Malwarebytes Anti-Malwarembamservice.exe
O23 - Service: mental ray Satellite for Autodesk 3ds Max 2014 64-bit (mi-raysat_3dsmax2014_64) - Unknown owner - C:Program FilesAutodesk3ds Max 2014NVIDIASatelliteraysat_3dsmax2014_64server.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:Program Files (x86)Mozilla Maintenance Servicemaintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:WindowsSystem32msdtc.exe (file missing)
O23 - Service: @%SystemRoot%System32netlogon.dll,-102 (Netlogon) - Unknown owner - C:Windowssystem32lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:Program Files (x86)NVIDIA CorporationNetServiceNvNetworkService.exe
O23 - Service: NVIDIA Streamer Network Service (NvStreamNetworkSvc) - NVIDIA Corporation - C:Program FilesNVIDIA CorporationNvStreamSrvNvStreamNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:Program FilesNVIDIA CorporationNvStreamSrvNvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:Windowssystem32nvvsvc.exe (file missing)
O23 - Service: PinnacleUpdate Service (PinnacleUpdateSvc) - PowerUp Software, LLC - C:Program Files (x86)PowerUp SoftwarePinnacle Game Profilerpinnacle_updater.exe
O23 - Service: @%systemroot%system32psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:Windowssystem32lsass.exe (file missing)
O23 - Service: Corel License Validation Service V2 x64, Powered by arvato (PSI_SVC_2_x64) - arvato digital services llc - c:Program FilesCommon FilesProtexisLicense ServicePsiService_2.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Riverbed Technology, Inc. - C:Program Files (x86)WinPcaprpcapd.exe
O23 - Service: @%systemroot%system32Locator.exe,-2 (RpcLocator) - Unknown owner - C:Windowssystem32locator.exe (file missing)
O23 - Service: @%SystemRoot%system32samsrv.dll,-1 (SamSs) - Unknown owner - C:Windowssystem32lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:Program Files (x86)PC Connectivity SolutionServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:Program Files (x86)SkypeUpdaterUpdater.exe
O23 - Service: @%SystemRoot%system32snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:WindowsSystem32snmptrap.exe (file missing)
O23 - Service: @%systemroot%system32spoolsv.exe,-1 (Spooler) - Unknown owner - C:WindowsSystem32spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%system32sppsvc.exe,-101 (sppsvc) - Unknown owner - C:Windowssystem32sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:Program Files (x86)Common FilesSteamSteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:Program Files (x86)NVIDIA Corporation3D VisionnvSCPAPISvr.exe
O23 - Service: Adobe SwitchBoard (SwitchBoard) - Adobe Systems Incorporated - C:Program Files (x86)Common FilesAdobeSwitchBoardSwitchBoard.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:Program FilesTOSHIBAPower SaverTosCoSrv.exe
O23 - Service: @%SystemRoot%system32ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:Windowssystem32UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%system32vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:Windowssystem32lsass.exe (file missing)
O23 - Service: @%SystemRoot%system32vds.exe,-100 (vds) - Unknown owner - C:WindowsSystem32vds.exe (file missing)
O23 - Service: @%systemroot%system32vssvc.exe,-102 (VSS) - Unknown owner - C:Windowssystem32vssvc.exe (file missing)
O23 - Service: Warsaw Technology - GAS Tecnologia LTDA - C:Program FilesDieboldWarsawcore.exe
O23 - Service: @%SystemRoot%system32WatWatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:Windowssystem32WatWatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%system32wbengine.exe,-104 (wbengine) - Unknown owner - C:Windowssystem32wbengine.exe (file missing)
O23 - Service: WibuKey Server (WkSvw32.exe) - WIBU-SYSTEMS AG - C:Program Files (x86)WIBUKEYServerWkSvw32.exe
O23 - Service: @%Systemroot%system32wbemwmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:Windowssystem32wbemWmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%Windows Media Playerwmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:Program Files (x86)Windows Media Playerwmpnetwk.exe (file missing)
O23 - Service: Wacom Consumer Service (WTabletServiceCon) - Wacom Technology, Corp. - C:Program FilesTabletPenWTabletServiceCon.exe
--
I say I've been hacked because of a change in an old e-mail account which I didn't do. Unfortunately, this e-mail provider didn't do anything to help, and couldn't even tell me when this change happened or from where the user was connected.
Thank you very much for your help and sorry about my poor english.
Edit: forgot to say my OS version is Windows 7 Home Premium

Psi_svc_2 Corel License Validation Service V2 Powered By Arvato

Edited by billiebr, 04 February 2016 - 11:03 AM.