Ciao @Ang7649 

Welcome !

This is definitely not related to the charging process , something is happening in the background.

Download Autoruns (from Microsoft) from this URL => http://live.sysinternals.com/autoruns.exe

Information about the product => http://technet.microsoft.com/en-us/sysinternals/bb963902.aspx

- Save the file on your Desktop

- Run Microsoft Autoruns  with Administrator rights (right click -> Run as Administrator).

Agree with the standard license agreement from Microsoft.

- Once Autoruns is started, it will need some seconds (could be a minute) to gather the snapshot, wait for it.

Once it is ready, you will see the word Ready in the lower left side.

• Click on Options

Make sure that only the following are selected:

• Hide Empty Locations
• Hide Windows Entries

- Click on  Rescan button  or  click on File -> Refresh to rescan the system.

It will need some seconds (could be a minute) to gather the snapshot, wait for it.

Once it is ready, you will see the word Ready in the lower left side.

- Finally, click on File -> Save

Save the snapshot on the desktop in .TXT file

Open the newly created TXT log file.

Mark and Select all of the text (e.g. CTR+A), copy it and

visit http://pastebin.com/  to paste it there

Create new paste and give me the URL to see the log file.

Looking forward to your reply.

I've sent you the link

Thank you for following the instructions.

I reviewed your log. I can clearly see that you have lots of software installed, such as VPN, business/office apps, some gaming software, etc. Many of them may trigger CMD for background tasks. CMD (Command Prompt) is a Windows component, part of the MS-DOS era.

At the moment it is hard for me to tell what exactly triggers CMD but it is definitely not malicious. Nothing to worry about.

I would recommend you the following:

• Start Autoruns again the same way you did it before
• Once the scan is ready, make sure you UNCHECK the following items

UNDER

"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\AlternateShell"
+ "cmd.exe" "Processore dei comandi di Windows" "(Verified) Microsoft Windows" "c:\windows\system32\cmd.exe" "28/12/1914 07:19" ""

UNDER
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run"

+ "HPMessageService" "HP Message Service" "(Verified) HP Inc." "c:\program files (x86)\hp\hp system event\hpmsgsvc.exe" "22/05/2018 03:24" ""

UNDER
"Task Scheduler"
+ "\Adobe Flash Player NPAPI Notifier" "Adobe® Flash® Player Installer/Uninstaller 32.0 r0" "(Verified) Adobe Inc." "c:\windows\syswow64\macromed\flash\flashutil32_32_0_0_330_plugin.exe" "28/01/2020 00:33" ""
+ "\Adobe Uninstaller" "Adobe Creative Cloud" "(Verified) Adobe Inc." "c:\program files (x86)\adobe\adobe creative cloud\acc\creative cloud.exe" "27/09/2019 12:36" ""

+ "\AdobeAAMUpdater-1.0-MicrosoftAccount-(email) @gmail.com" "Adobe Updater Startup Utility" "(Verified) Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\oobe\pdapp\uwa\updaterstartuputility.exe" "11/04/2018 08:32" ""

UNDER

HKLM\System\CurrentControlSet\Services

+ "WildTangentHelper" "WildTangentHelper: WildTangent Helper Service" "(Verified) WildTangent Inc" "c:\program files (x86)\wildtangent games\integration\wildtangenthelperservice.exe" "12/02/2020 19:56" ""

======================================

Eventually, close the Autoruns app

======================================

You might want to uninstall WildTangent - some professionals consider it a potentially unwanted software

>> https://support.wildtangent.com/hc/en-us/articles/202409339-Uninstall-The-WildTangent-Games-App-PC-

>> https://www.techwalla.com/articles/how-to-remove-wild-tangent-malware

If you would like to scan your PC for threats with even additional software, you may use the free ESET Online scanner

Run the free ESET Online Scanner >> http://download.eset.com/special/eos/esetonlinescanner_enu.exe

Scan your PC for viruses, threats and unwanted/unsafe applications - remove if anything found.

But I do not find anything big or serious to worry about.

==========================================

With regards to the CMD popping up occasionally.

There are certainly technical ways to catch it but it is a bit easier to do it if you are in front of the PC. Even though it is nothing malicious, if you are curious you may want to play with certain apps

• probably easier ->  Microsoft/SysInternals Process Explorer >> https://docs.microsoft.com/en-us/sysinternals/downloads/process-explorer
  If you keep it open permanently 24/7 (pretty much) once CMD pops-up, you can immediately check Process Explorer to see the instance of CMD and where it was ran from
• another one, more advanced -> Microsoft/SysInternals Process Monitor >> https://docs.microsoft.com/en-us/sysinternals/downloads/procmon
  It can write and log everything that has happened on the operating system. Therefore, if you know approximately when CMD opens up and if you start Process Monitor logging before CMD pops up, Process Monitor will catch what trigger CMD . It is not OK to keep Process Monitor opened for very long time because its log files can become huge in size

Hi,

Sorry for the delay in my reply. Thank you for the video you sent to me over a private message.

You are in the right direction. However, the video does not show CMD because it opens for a second and also because it is opened by a process which is below what you show - just scroll down to the bottom side to see it.

• Actually, I would recommend you perform a change in the Process Explorer settings - > change the update speed to 0.5 seconds and try again.

Also, once CMD appears in the list, hover the mouse over it to see the details.

Eventually, take a video and show me (be fast, you have 5-10 seconds to find CMD in the list below and hover the mouse over it... before CMD disappears from the list).