This thread is being handled by a member of our team.

peterfat111

Level 8
Mar 25, 2021
392
So, I found that my cmd keep poping up and down instantly during my everyday computer task. I tried to scan with hitman pro, KVRT, Adware cleaner and they all found nothing. Is this a malware or is it done by the system?
 
  • Like
Reactions: upnorth

icotonev

Moderator
Verified
Staff member
Mar 9, 2017
218
Hello..! :)

>>>> Can you take a screenshot while watching the problem and post it in your next post ..!


Please follow the following instruction ..:

Download Farbar Recovery Scan Tool and save it to your desktop. --> IMPORTANT

If your antivirus software detects the tool as malicious, it’s safe to allow FRST to run. It is a false-positive detection.
If English is not your primary language, right click on FRST.exe/FRST64.exe and rename to FRSTEnglish.exe/FRST64English.exe

Note:
You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Double-click the FRST icon to run the tool. When the tool opens click Yes to disclaimer.
  • Press Scan button and wait for a while.
  • The scanner will produced two logs on your Desktop: FRST.txt and Addition.txt.
  • Please attach the content of these two logs in your next reply.
---------------------------------------------------

In your next reply, please include:

  • FRST.txt
  • Addition.txt
 

peterfat111

Level 8
Mar 25, 2021
392
I will wait for it to pop up again
here is the files
 

Attachments

  • 1641756580244.png
    1641756580244.png
    208.4 KB · Views: 7
  • Addition.txt
    36.9 KB · Views: 5
  • FRST.txt
    64.3 KB · Views: 5
  • Like
Reactions: upnorth

icotonev

Moderator
Verified
Staff member
Mar 9, 2017
218
Thanks..! I will review your diaries and come back to you soon ..! But don't expect me to succeed tonight ..! I just have commitments ..!
Have in mind that using pirated/cracked software is an easy way to infect your computer. Almost as easy as intentionally downloading malware. For the purpose I am going to request you completely uninstall all products for which you do not have a valid Product Key, including all "cracked" software and methods which bypass activation.

Questionable program: What is this? Do you know ...?

核桃编程 2.1.22.0 (HKLM-x32\...\核桃编程) (Version: 2.1.22.0 - 北京聪明核桃教育科技有限公司)

+

SecurityCheck by glax24

I would like you to run a tool named SecurityCheck to inquire about the current-security-update status of some applications.

  • Download SecurityCheck by glax24 from here https://tools.safezone.cc/glax24/SecurityCheck/SecurityCheck.exe
  • and save the tool on the desktop.
  • If Windows's SmartScreen block that with a message-window, then
  • Click on the MORE INFO spot and over-ride that and allow it to proceed.
  • This tool is safe. Smartscreen is overly sensitive.
  • Right-click with your mouse on the Securitycheck.exe and select "Run as administrator" and reply YES to allow to run & go forward
  • Wait for the scan to finish. It will open in a text file named SecurityType.txt. Close the file. Attach it with your next reply.
  • You can find this file in a folder called SecurityCheck, C:\SecurityCheck\SecurityCheck.txt
 

peterfat111

Level 8
Mar 25, 2021
392
Thanks..! I will review your diaries and come back to you soon ..! But don't expect me to succeed tonight ..! I just have commitments ..!
Have in mind that using pirated/cracked software is an easy way to infect your computer. Almost as easy as intentionally downloading malware. For the purpose I am going to request you completely uninstall all products for which you do not have a valid Product Key, including all "cracked" software and methods which bypass activation.

Questionable program: What is this? Do you know ...?



+

SecurityCheck by glax24

I would like you to run a tool named SecurityCheck to inquire about the current-security-update status of some applications.

  • Download SecurityCheck by glax24 from here https://tools.safezone.cc/glax24/SecurityCheck/SecurityCheck.exe
  • and save the tool on the desktop.
  • If Windows's SmartScreen block that with a message-window, then
  • Click on the MORE INFO spot and over-ride that and allow it to proceed.
  • This tool is safe. Smartscreen is overly sensitive.
  • Right-click with your mouse on the Securitycheck.exe and select "Run as administrator" and reply YES to allow to run & go forward
  • Wait for the scan to finish. It will open in a text file named SecurityType.txt. Close the file. Attach it with your next reply.
  • You can find this file in a folder called SecurityCheck, C:\SecurityCheck\SecurityCheck.txt
Hi, I don't have any kind of cracked software, and the questionable program yes I know it and its safe.

There is the file :D
 

Attachments

  • SecurityCheck.txt
    11 KB · Views: 4
  • Like
Reactions: oldschool

icotonev

Moderator
Verified
Staff member
Mar 9, 2017
218
Hello..! I apologize for the delay..!Think of those programs that are against Microsoft policy.

Winaero Tweaker v.1.33.0.0 Warning! Suspected demo version of anti-spyware, driver updater or optimizer.Possible you became a victim of fraud or social engineering.
Smart Game Booster 5.2 v.5.2.1 Warning! Suspected demo version of anti-spyware, driver updater or optimizer. Possible you became a victim of fraud or social engineering.
Auslogics Disk Defrag Ultimate v.4.12.0.1 Warning! Suspected demo version of anti-spyware, driver updater or optimizer. Possible you became a victim of fraud or social engineering.
Kerish Doctor 2022 v.4.85 Warning! Suspected demo version of anti-spyware, driver updater or optimizer. Possible you became a victim of fraud or social engineering.

...also:

---------------------------- [ Antivirus_WMI ] ----------------------------
Windows Defender (disabled and up to date)
Kaspersky Total Security (enabled and up to date)
Norton 360 (enabled)
---------------------------- [ Firewall_WMI ] -----------------------------
Norton 360
Kaspersky Total Security (enabled)

I don't think that's a good idea ..! You may read this article about Norton and perhaps consider to uninstall it.

Uninstall your Norton device security product on Windows



Malwarebytes Anti-Malware

  • If you already have Malwarebytes installed then open Malwarebytes and click on the Scan button. It will automatically check for updates and run a Threat Scan.
  • If you don't have Malwarebytes installed yet please download it from here and install it.
  • Once installed then open Malwarebytes and select Scan and let it run.
  • Once the scan is completed make sure you have it quarantine any detections it finds.
  • If no detections were found click on the Save results drop-down, then the Export to TXT button, and save the file as a Text file to your desktop or other location you can find and attach that log on your next reply.
  • If there were detections then once the quarantine has completed click on the View report button, Then click the Export drop-down, then the Export to TXT button, and save the file as a Text file to your desktop or other location you can find and attach that log on your next reply.
  • If the computer restarted to quarantine you can access the logs from the Detection History, then the History tab. Highlight the most recent scan and double-click to open it. Then click the Export drop-down, then the Export to TXT button, and save the file as a Text file to your desktop or other location you can find and attach that log on your next reply.
  • If Malwarebytes won't run then please skip to the next step and let me know in your next reply that the scanner would not run.


Run AdwCleaner (Scan mode)

Download AdwCleaner and save it to your desktop.
  • Double click AdwCleaner.exe to run it.
  • Click Scan Now.
    • When the scan has finished, a Scan Results window will open.
    • Click Cancel (at this point do not attempt to Quarantine anything that is found)
  • Now click the Log Filestab.
    • Double click on the latest scan log (Scan logs have a [S0*] suffix, where * is replaced by a number. The latest scan will have the largest number)
    • A Notepad file will open containing the results of the scan.
    • Please post the contents of the file in your next reply.
In your next reply, please include:
  • The AdwCleaner[S0*].txt
  • The Malwarebytes report
 
Last edited:

peterfat111

Level 8
Mar 25, 2021
392
Hi, I don't know what is happening with the scan but I have uninstalled Norton 360 ever since the crypto miner is released.
I don't think many people consider KD as a spyware? With it corrected configured it will not do anything to the registry, and just a overall tool.
Smart game booster? Why would I have iobit software on my system? I think this is the same thing as norton, I might installed it and uninstalled in a few minutes.
Auslogics Disk Defrag Ultimate works well for defragging( their so called special algorism) my SSD as I need more space on the disk to install a software and standers disk cleaning/ TRIM is useless.

here is the logs
I will install Malwarebyts later
 

Attachments

  • AdwCleaner[S00].txt
    2.4 KB · Views: 1
  • AdwCleaner[S01].txt
    3.4 KB · Views: 1
Top