Öppnade Hitmanpro i dag och såg att jag hade 5 larm.
Börjar så här:
Intruder
PID 6284
Application C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wek yb3d8bbwe\microsoftedgecp.exe
Description Microsoft Edge Content Process 11
Detour Report
# Address Owner Disassembly
-- ------------------ ------------------------ ------------------------
EncryptMessage *
1 0x00007FFE92895880 SspiCli.dll JMP 0x7ffe92ef1568
2 0x00007FFE92EF1568 (anonymous)
FilterConnectCommunicationPort
1 0x00007FFE92AD20A0 fltlib.dll JMP 0x7ffe92ef0180
2 0x00007FFE92EF0180 (anonymous)
FilterSendMessage
1 0x00007FFE92AD22D0 fltlib.dll JMP 0x7ffe92ef01b8
2 0x00007FFE92EF01B8 (anonymous)
NtUserBlockInput
1 0x00007FFE93ED7870 win32u.dll JMP 0x7ffe92ef0d88
2 0x00007FFE92EF0D88 (anonymous)
NtUserClipCursor
1 0x00007FFE93ED7A50 win32u.dll JMP 0x7ffe92ef0f10
2 0x00007FFE92EF0F10 (anonymous)
NtUserGetKeyboardState
1 0x00007FFE93ED1F70 win32u.dll JMP 0x7ffe92ef0c00
2 0x00007FFE92EF0C00 (anonymous)
NtUserMoveWindow
1 0x00007FFE93ED1C30 win32u.dll JMP 0x7ffe92ef0d18
2 0x00007FFE92EF0D18 (anonymous)
NtUserRegisterHotKey
1 0x00007FFE93ED9090 win32u.dll JMP 0x7ffe92ef0df8
2 0x00007FFE92EF0DF8 (anonymous)
NtUserRegisterRawInputDevices
1 0x00007FFE93ED9110 win32u.dll JMP 0x7ffe92ef0ca8
2 0x00007FFE92EF0CA8 (anonymous)
NtUserSendInput
1 0x00007FFE93ED20B0 win32u.dll JMP 0x7ffe92ef0bc8
Sen tycker jag det börjar se mer skumt ut:
Intruder
PID 6284
Application C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wek yb3d8bbwe\microsoftedgecp.exe
Description Microsoft Edge Content Process 11
Detour Report
# Address Owner Disassembly
-- ------------------ ------------------------ ------------------------
EncryptMessage *
1 0x00007FFE92895880 SspiCli.dll JMP 0x7ffe92ef1568
2 0x00007FFE92EF1568 (anonymous)
FilterConnectCommunicationPort
1 0x00007FFE92AD20A0 fltlib.dll JMP 0x7ffe92ef0180
2 0x00007FFE92EF0180 (anonymous)
FilterSendMessage
1 0x00007FFE92AD22D0 fltlib.dll JMP 0x7ffe92ef01b8
2 0x00007FFE92EF01B8 (anonymous)
NtUserBlockInput
1 0x00007FFE93ED7870 win32u.dll JMP 0x7ffe92ef0d88
2 0x00007FFE92EF0D88 (anonymous)
NtUserClipCursor
1 0x00007FFE93ED7A50 win32u.dll JMP 0x7ffe92ef0f10
2 0x00007FFE92EF0F10 (anonymous)
NtUserGetKeyboardState
1 0x00007FFE93ED1F70 win32u.dll JMP 0x7ffe92ef0c00
2 0x00007FFE92EF0C00 (anonymous)
NtUserMoveWindow
1 0x00007FFE93ED1C30 win32u.dll JMP 0x7ffe92ef0d18
2 0x00007FFE92EF0D18 (anonymous)
NtUserRegisterHotKey
1 0x00007FFE93ED9090 win32u.dll JMP 0x7ffe92ef0df8
2 0x00007FFE92EF0DF8 (anonymous)
NtUserRegisterRawInputDevices
1 0x00007FFE93ED9110 win32u.dll JMP 0x7ffe92ef0ca8
2 0x00007FFE92EF0CA8 (anonymous)
NtUserSendInput
1 0x00007FFE93ED20B0 win32u.dll JMP 0x7ffe92ef0bc8
Är det någon som försökt komma in eller HAR någon kommit in i systemet? Har Win 10 Pro, Hitmanpro, Comodo brandvägg, samt branvägg i routern. Borde inte det räcka? Scan ger inget, ser inga skumma processer men haft problem med virus nyligen så nojar på allt.
Börjar så här:
Intruder
PID 6284
Application C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wek yb3d8bbwe\microsoftedgecp.exe
Description Microsoft Edge Content Process 11
Detour Report
# Address Owner Disassembly
-- ------------------ ------------------------ ------------------------
EncryptMessage *
1 0x00007FFE92895880 SspiCli.dll JMP 0x7ffe92ef1568
2 0x00007FFE92EF1568 (anonymous)
FilterConnectCommunicationPort
1 0x00007FFE92AD20A0 fltlib.dll JMP 0x7ffe92ef0180
2 0x00007FFE92EF0180 (anonymous)
FilterSendMessage
1 0x00007FFE92AD22D0 fltlib.dll JMP 0x7ffe92ef01b8
2 0x00007FFE92EF01B8 (anonymous)
NtUserBlockInput
1 0x00007FFE93ED7870 win32u.dll JMP 0x7ffe92ef0d88
2 0x00007FFE92EF0D88 (anonymous)
NtUserClipCursor
1 0x00007FFE93ED7A50 win32u.dll JMP 0x7ffe92ef0f10
2 0x00007FFE92EF0F10 (anonymous)
NtUserGetKeyboardState
1 0x00007FFE93ED1F70 win32u.dll JMP 0x7ffe92ef0c00
2 0x00007FFE92EF0C00 (anonymous)
NtUserMoveWindow
1 0x00007FFE93ED1C30 win32u.dll JMP 0x7ffe92ef0d18
2 0x00007FFE92EF0D18 (anonymous)
NtUserRegisterHotKey
1 0x00007FFE93ED9090 win32u.dll JMP 0x7ffe92ef0df8
2 0x00007FFE92EF0DF8 (anonymous)
NtUserRegisterRawInputDevices
1 0x00007FFE93ED9110 win32u.dll JMP 0x7ffe92ef0ca8
2 0x00007FFE92EF0CA8 (anonymous)
NtUserSendInput
1 0x00007FFE93ED20B0 win32u.dll JMP 0x7ffe92ef0bc8
Sen tycker jag det börjar se mer skumt ut:
Intruder
PID 6284
Application C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wek yb3d8bbwe\microsoftedgecp.exe
Description Microsoft Edge Content Process 11
Detour Report
# Address Owner Disassembly
-- ------------------ ------------------------ ------------------------
EncryptMessage *
1 0x00007FFE92895880 SspiCli.dll JMP 0x7ffe92ef1568
2 0x00007FFE92EF1568 (anonymous)
FilterConnectCommunicationPort
1 0x00007FFE92AD20A0 fltlib.dll JMP 0x7ffe92ef0180
2 0x00007FFE92EF0180 (anonymous)
FilterSendMessage
1 0x00007FFE92AD22D0 fltlib.dll JMP 0x7ffe92ef01b8
2 0x00007FFE92EF01B8 (anonymous)
NtUserBlockInput
1 0x00007FFE93ED7870 win32u.dll JMP 0x7ffe92ef0d88
2 0x00007FFE92EF0D88 (anonymous)
NtUserClipCursor
1 0x00007FFE93ED7A50 win32u.dll JMP 0x7ffe92ef0f10
2 0x00007FFE92EF0F10 (anonymous)
NtUserGetKeyboardState
1 0x00007FFE93ED1F70 win32u.dll JMP 0x7ffe92ef0c00
2 0x00007FFE92EF0C00 (anonymous)
NtUserMoveWindow
1 0x00007FFE93ED1C30 win32u.dll JMP 0x7ffe92ef0d18
2 0x00007FFE92EF0D18 (anonymous)
NtUserRegisterHotKey
1 0x00007FFE93ED9090 win32u.dll JMP 0x7ffe92ef0df8
2 0x00007FFE92EF0DF8 (anonymous)
NtUserRegisterRawInputDevices
1 0x00007FFE93ED9110 win32u.dll JMP 0x7ffe92ef0ca8
2 0x00007FFE92EF0CA8 (anonymous)
NtUserSendInput
1 0x00007FFE93ED20B0 win32u.dll JMP 0x7ffe92ef0bc8
Är det någon som försökt komma in eller HAR någon kommit in i systemet? Har Win 10 Pro, Hitmanpro, Comodo brandvägg, samt branvägg i routern. Borde inte det räcka? Scan ger inget, ser inga skumma processer men haft problem med virus nyligen så nojar på allt.