Hi all
I’ll keep this as brief as possible:
PROBLEM: A mystery process steals focus from whatever program I’m running on Windows, once per session. I am concerned that this behavior could indicate the presence of malicious software.
If I’m using an application that runs in the Windows desktop, that window becomes inactive, just as if I’d clicked on the desktop or task bar.
If I’m using a full screen application, such as a game, the game minimizes and I’m returned to the Windows desktop, just as if I’d hit alt+tab.
The issue only seems to occur once per session. If I restart or shut down the computer and power up again, it will re-occur after I’ve logged back in to windows.
I haven’t been able to find anything to help me identify the process in Windows Event Viewer. I tried opening Task Manager the last time a loss of focus occurred, but I couldn’t identify any usual processes. I checked Avast’s firewall logs and the only activity recorded around the time of the loss of focus is pasted below. 192.168.5.1 is my LTE modem’s LAN address; 192.168.5.75 is the ip assigned to my notebook by the LTE modem’s DHCP service.
27/12/2017 17:33:54 192.168.5.1 - 192.168.5.75 3 ICMP Out Public Icmp Destination Unreachable Out Block
27/12/2017 17:32:07 192.168.5.1 - 192.168.5.75 3 ICMP Out Public Icmp Destination Unreachable Out Block
27/12/2017 17:32:05 192.168.5.1 - 192.168.5.75 3 ICMP Out Public Icmp Destination Unreachable Out Block
27/12/2017 17:31:53 fe80::4fd:90ff:fece:d1 - ff02::1 130 ICMPv6 In Public Icmp6 Listener Query In Block
SPECS:
OS - Windows 8.1, fully patched/updated as of 12 December 2017
AVAST - Avast Internet Security 17.9.2322, fully licensed
NETWORK HARDWARE - Netgear LB1110 LTE modem, connected to my notebook’s ethernet port when I’m on the move or connected to a Netgear R7000 Nighthawk at home.
STARTUP PROGRAMS - i) Avast launcher ii) Catalyst Control Centre (graphics card related, last updated without issues at the beginning of the year) iii) HP Accelerometer iv) RealtekHD Audio Manager v) Synaptics Touchpad
POSSIBLE CAUSES:
-
The Netgear LTE modem.
When I first fired the modem up, it opened Chrome and auto navigated to its management/set-up page. This is normal behaviour for Netgear kit, but it might be possible that buggy firmware could be causing windows to return focus to the desktop in anticipation of a browser window opening. -
Avast 17.9.2322
The problem appeared shortly after I updated to 17.9.2322. However, I haven’t been able to find any other reports on the forums of the update triggering similar issues. -
Poorly written malware.
This is a possibility, but repeated scans using Avast have failed to reveal anything wrong.