New
#111
Hi i just found this thread!
i have been noticing this same thing happening to me as well (command prompt window opening for a split second). I first noticed it when i was watching videos. at first i thought it was a flash player glitch. But then i realised i've been getting this bug in Overwatch where my screen goes dark for a split second. i realise it must be some kind of alt-tab bug. i suspect it is caused by the bug mentioned in this thread.
anyway i have tried powershell and the command does not provide any response after i have entered it. i have used adwcleaner to scan and i have the log file. This folder called Savve Neet in particular caught my attention. but googling it turns up nothing
any help would be greatly appreciated! I would like to solve this bug ASAP
LOG FILE:
Code:# AdwCleaner v6.047 - Logfile created 31/05/2017 at 00:07:28# Updated on 19/05/2017 by Malwarebytes# Database : 2017-05-30.1 [Server]# Operating System : Windows 10 Home (X64)# Username : Justin Wong - JUSTIN# Running from : C:\Users\Justin Wong\Desktop\AdwCleaner.exe# Mode: Scan# Support : https://www.malwarebytes.com/support***** [ Services ] *****Service Found: DsSvc***** [ Folders ] *****Folder Found: C:\ProgramData\3f4c18ff632c4c8fFolder Found: C:\ProgramData\Savve neetFolder Found: C:\Users\EverBright\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjndloejlcbpkholmagjbddfkjmmplohFolder Found: C:\Users\EverBright\AppData\Local\Google\Chrome\User Data\Default\Extensions\legnpghkalhmjgloiigjdcppondlbnbgFolder Found: C:\Users\EverBright\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpfigdpabghhgkponmfepnobiajkbahkFolder Found: C:\Users\Justin Wong\AppData\Local\ConduitFolder Found: C:\Users\Justin Wong\AppData\Local\NativeMessagingFolder Found: C:\Users\Justin Wong\AppData\Local\torchFolder Found: C:\Users\Justin Wong\AppData\LocalLow\Check Point Software Technologies LTDFolder Found: C:\Users\EverBright\AppData\Local\torchFolder Found: C:\ProgramData\TXQMPCFolder Found: C:\ProgramData\TencentFolder Found: C:\ProgramData\Application Data\TXQMPCFolder Found: C:\ProgramData\Application Data\TencentFolder Found: C:\Users\Public\Documents\TencentFolder Found: C:\Program Files (x86)\Common Files\TencentFolder Found: C:\Users\Justin Wong\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgpdioedihjhncjafcpgbbjdpbbkikmiFolder Found: C:\Users\EverBright\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjndloejlcbpkholmagjbddfkjmmploh***** [ Files ] *****File Found: C:\WINDOWS\SysNative\drivers\TAOKernel64.sysFile Found: C:\WINDOWS\SysNative\drivers\TFsFltX64.sysFile Found: C:\WINDOWS\SysWOW64\drivers\TS888x64.sysFile Found: C:\Users\Justin Wong\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gjndloejlcbpkholmagjbddfkjmmploh_0.localstorageFile Found: C:\Users\Justin Wong\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gjndloejlcbpkholmagjbddfkjmmploh_0.localstorage-journal***** [ DLL ] *****No malicious DLLs found.***** [ WMI ] *****No malicious keys found.***** [ Shortcuts ] *****No infected shortcut found.***** [ Scheduled Tasks ] *****No malicious task found.***** [ Registry ] *****Key Found: HKCU\Software\b5b77ca3bcf909ddf66de9a4120ad15fKey Found: HKU\S-1-5-21-3246875568-2923908918-1514285280-1002\Software\Classes\TencentKey Found: HKCU\Software\Classes\TencentKey Found: HKLM\SOFTWARE\Classes\metnsdKey Found: HKLM\SOFTWARE\Classes\qmgcfilesKey Found: [x64] HKCU\Software\Classes\TencentKey Found: [x64] HKLM\SOFTWARE\Classes\metnsdKey Found: [x64] HKLM\SOFTWARE\Classes\qmgcfilesKey Found: HKLM\SOFTWARE\Classes\CLSID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2}Key Found: HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}Key Found: HKLM\SOFTWARE\Classes\CLSID\{6E45F3E8-2683-4824-A6BE-08108022FB36}Key Found: HKLM\SOFTWARE\Classes\CLSID\{70DE12EA-79F4-46BC-9812-86DB50A2FD64}Key Found: HKLM\SOFTWARE\Classes\CLSID\{9F0F16DD-4E76-4049-A9B1-7A91E48F0323}Key Found: HKLM\SOFTWARE\Classes\CLSID\{F4288797-CB12-49CE-9DF8-7CDFA1143BEA}Key Found: HKLM\SOFTWARE\Classes\CLSID\{B9E49847-9822-4139-BC55-7173ED1ADA11}Key Found: HKLM\SOFTWARE\Classes\CLSID\{EC0FA563-E0F2-406F-8659-1E728458A91E}Key Found: HKLM\SOFTWARE\Classes\CLSID\{88260EA6-BC91-42DF-ABEF-4A683E8A3C23}Key Found: HKLM\SOFTWARE\Classes\CLSID\{4C097DF1-0716-4FA1-84A9-025BC1E7B03F}Key Found: HKLM\SOFTWARE\Classes\Interface\{6B3732AA-F6D4-4F16-9E22-49EDC52C9514}Key Found: HKLM\SOFTWARE\Classes\Interface\{E7270EC6-0113-4A78-B610-E501D0A9E48E}Key Found: HKLM\SOFTWARE\Classes\Interface\{B9E49847-9822-4139-BC55-7173ED1ADA11}Key Found: HKLM\SOFTWARE\Classes\Interface\{E7BC34A1-BA86-11CF-84B1-CBC2DA68BF6C}Key Found: HKLM\SOFTWARE\Classes\TypeLib\{8519F1E4-E25B-42B1-B361-0C643F45CF11}Key Found: HKLM\SOFTWARE\Classes\TypeLib\{E7BC34A0-BA86-11CF-84B1-CBC2DA68BF6C}Key Found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{29B6CFD5-0064-411A-8C42-9890C83F9921}Key Found: HKU\S-1-5-21-3246875568-2923908918-1514285280-1002\Software\Microsoft\Internet Explorer\SearchScopes\{02949653-9EA2-4181-AE64-216BC55F15CD}Data Found: HKU\S-1-5-21-3246875568-2923908918-1514285280-1002\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] - Key Found: HKU\S-1-5-21-3246875568-2923908918-1514285280-1002\Software\Microsoft\Internet Explorer\SearchScopes\{0E20C7A0-4122-46E3-BC5C-3C5D8081248D}Key Found: HKU\S-1-5-21-3246875568-2923908918-1514285280-1002\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}Key Found: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{02949653-9EA2-4181-AE64-216BC55F15CD}Data Found: HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] - Key Found: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0E20C7A0-4122-46E3-BC5C-3C5D8081248D}Key Found: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}Key Found: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{02949653-9EA2-4181-AE64-216BC55F15CD}Data Found: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] - Key Found: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0E20C7A0-4122-46E3-BC5C-3C5D8081248D}Key Found: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}Key Found: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\qq.comKey Found: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\xui.ptlogin2.qq.comKey Found: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\qq.comKey Found: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\xui.ptlogin2.qq.comValue Found: HKU\S-1-5-21-3246875568-2923908918-1514285280-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [SearchProtect]Value Found: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 [SearchProtectAll]Value Found: HKU\S-1-5-21-3246875568-2923908918-1514285280-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [SearchProtection]Value Found: HKU\S-1-5-21-3246875568-2923908918-1514285280-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [QQ2009]Key Found: HKLM\SOFTWARE\Classes\AppID\DownloadProxy.EXEKey Found: HKLM\SOFTWARE\MozillaPlugins\@qq.com/TXSSOKey Found: HKEY_CLASSES_ROOT\.qmgcKey Found: HKCU\Software\MozillaPlugins\@1.qq.com/npqqwebgameKey Found: HKLM\SOFTWARE\MozillaPlugins\@qq.com/QQPhotoDrawExKey Found: HKCU\Software\Google\Chrome\Extensions\kdfbddbdpnahdahmamlolacimfdbeckkKey Found: HKLM\SOFTWARE\Google\Chrome\Extensions\kdfbddbdpnahdahmamlolacimfdbeckkKey Found: [x64] HKCU\Software\Google\Chrome\Extensions\kdfbddbdpnahdahmamlolacimfdbeckk***** [ Web browsers ] *****No malicious Firefox based browser items found.Chrome pref Found: [C:\Users\Justin Wong\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences ] - bopakagnckmlgajfccecajhnimjiiedhChrome pref Found: [C:\Users\Justin Wong\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences ] - dgpdioedihjhncjafcpgbbjdpbbkikmiChrome pref Found: [C:\Users\Justin Wong\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences ] - kdfbddbdpnahdahmamlolacimfdbeckkChrome pref Found: [C:\Users\Justin Wong\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences ] - hxxp://search.conduit.com/?ctid=CT3281675&SearchSource=48&CUI=UN35895923612272531&UM=2Chrome pref Found: [C:\Users\Justin Wong\AppData\Local\Google\Chrome\User Data\Profile 1\Web data] - aol.comChrome pref Found: [C:\Users\Justin Wong\AppData\Local\Google\Chrome\User Data\Profile 1\Web data] - ask.com[!] You may need to disable the Chrome synchronization from your Google account in order to fully remove the malicious preferences. Please consult this Google help: Fix problems with Chrome sync - Android - Google Chrome Help [!]*************************C:\AdwCleaner\AdwCleaner[S0].txt - [8445 Bytes] - [31/05/2017 00:07:28]########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [8518 Bytes] ##########
Last edited by Brink; 30 May 2017 at 20:08. Reason: code box