Quote:
Originally Posted by MaddogK
nice to know, but keep in mind some apps do actually start a cmd window when executed in order to perform certain tasks. This is a classic example of why one should not run with admin rights all the time.
|
Yeah I'm not sure if it was hacker but my gadgets became inaccessible and I found new suspicious registry entries while no other new software has been installed.
The following 2:
O4 - HKUS\S-1-5-18\..\RunOnce: [] (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [] (User 'Default user')
I found them on earlier scan and already deleted them and confirmed they were deleted but they were back yesterday but was not listed on HijackList list except if you copy and paste the log file. In fact they didn't show on the log file either but if you copy and paste the log file they will get shown
I don't think I have any app that's using cmd.exe.
Funny thing the log showed the cmd.exe came from a folder which I could not find even if I already unhide all hidden folder and files.