Windows 10: TCP Report is showing that my information is being stolen PID 4512

  1.    10 May 2018 #1

    TCP Report is showing that my information is being stolen PID 4512


    I ran a report to see what has got a hold of my computer. I hope I attached the file properly. I also found a file in my temp folder named outlook logger. Could you please look at my tcp report and let me know what I need to do. How can I identify who this is? thank you
    Also, please, What do all of the listening states mean?
    TCP Report is showing that my information is being stolen PID 4512 Attached Files
    Last edited by ljmilam; 10 May 2018 at 06:45. Reason: additional questions
      My ComputerSystem Spec


  2. Posts : 8,135
    Windows 10 Pro x64 Build 1803
       15 May 2018 #2

    Hi ljmilam. Welcome to the TenForums @ljmilam

    If you think you have an infection please download and run malwarebytes from https://www.malwarebytes.com/

    Use the free version. Repair / quarantine anything found. If it finds stuff, complete the repair, restart computer and run scan again.

    Do a complete scan of your entire machine.

    Listening means a port is awaiting a connection.
      My ComputerSystem Spec


  3. Posts : 7,591
    10 Home x64 (1803) (10 Pro on 2nd pc)
       15 May 2018 #3

    Welcome to TenForums @ljmilam

    ljmilam said: View Post
    What do all of the listening states mean?
    The How-To Geek explains that here...
    https://www.howtogeek.com/howto/2860...rt-in-windows/
      My ComputersSystem Spec


  4. Posts : 4,611
    Mac OS High Sierra 10.13.5
       15 May 2018 #4

    Nothing is being stolen. Amazon AWS is related to their cloud service/servers (ie Cloudfront aka Prime video/audio). Adnexus serves up ad's. Akami is used by companies like Microsoft, etc.

    Listening just means that the port is in a state that at any time there is a TCP/UDP request under that socket/session/connection, the OS/Hardware will respond. See the following about how this magic works. Solved: Difference between session and connecti... - Cisco Support Community

    The short version. The terms session and connection are used to refer a communication between client and a server or two end points and they are used in same context. If you look at pure theory then:Connection:
    Client--------------->Server
    Client<------------->Server
    The bidirectional flow between client and server is a connection.
    Client Src IP(1.1.1.1) Client Port(12345) TCP ---------> Server Src IP(2.2.2.2) Server Port (80)
    Server Src IP(2.2.2.2) Server Port(80) TCP ---------->Client Src IP(1.1.1.1.) Client Port (12345)
    The above is a "Connection" when you consider both flows.
    When you consider a SINGLE flow:
    Client Src IP(1.1.1.1) Client Port(12345) TCP ---------> Server Src IP(2.2.2.2) Server Port (80)
    The above is "TCP SOCKET". It can be UDP as well.
    Session would be:
    The same birdirectional flow illustrated in first example but with different Client src ports so a client establishing many connections to the same server. So series of interactions between client and server will amount to a SESSION. A single bidirectional FLOW would be a CONNECTION and a SINGLE UNIDIRECTIONAL FLOW would be a SOCKET.
      My ComputerSystem Spec

  5.    21 May 2018 #5

    Thank you so much for your help. I have a pcycho ex that is an electrical engineer. He has everything of mine bugged, my phone, my car, my house. I am certain he's got a key logger on my computer and access to my router. I am trying everything I can to safeguard but I dont know how to locate what has already been done.
      My ComputerSystem Spec


  6. Posts : 8,135
    Windows 10 Pro x64 Build 1803
       21 May 2018 #6

    While I will be offline for a while if you rent your router / modem from a supplier ask them to reset it.

    If you own the router they instructions to do a reset will be online. This will have it default to its "as shipped" state which means it will use default SSID and password. Then change the password to one only you know.

    You may want to open a thread on the particular router and asks a few questions. Once you get into it it is not as bad as it sounds and you can explorer inside the router before you reset.

    As to your computer there are two options to "flush" the system. Either do a reset and do not keep files or do a clean install. You must back your data up prior to doing this. There is a reset that allows you to keep files, I think I would go the extra step of deleting. That said you must backup you personnel data. Either of these processes should return machine to a clean state.

    Not sure of your confidence level as all programs have to be re-installed / setup.

    There are lots of members who can walk you through things. Just do you homework before you pull the trigger. To keep things straight have a thread for subject to keep answers focused.
      My ComputerSystem Spec


  7. Posts : 7,591
    10 Home x64 (1803) (10 Pro on 2nd pc)
       21 May 2018 #7

    Caledon Ken said: View Post
    As to your computer there are two options to "flush" the system... Either of these processes should return machine to a clean state.
    Not sure of your confidence level as all programs have to be re-installed / setup.
    If you have the confidence level, the ultimate "flush" would be to wipe the hard drive and do a clean install from freshly downloaded install media. You'd certainly have to back up your files and reinstall all your software for that, making sure before you start that you had any software keys that you'd need to reinstall the 'paid for' software.

    On the other hand, instead of a "clean flush" the alternative would be a "search and destroy" for any hidden malware. There are lots of members that can walk you through that too.

    In fact, you may want to try that first to find out what (if any) keyloggers, etc were installed. You may find that nothing 'bad' had been done to you after all, or if it had you'll at least know the extent of it. Sometimes it's better to know so you can stop worrying about what else may have been there. You can always decide to do the "flush" later, depending on how bad it looked.
      My ComputersSystem Spec


  8. Posts : 4,611
    Mac OS High Sierra 10.13.5
       21 May 2018 #8

    I highly doubt that he has anything bugged. If you want to make sure, contact your local police department. If there was a key logger on your computer, again contact the local authorities if you are unsure.
      My ComputerSystem Spec


 

Related Threads
Hey. I have outlook 2016 connected to my Hotmail account. When I click “file” account information page comes up. I would like to change the photo in Outlook 2016 “Account Information” Every time I click “change” underneath the avatar it...
Deregister Windows 10 on stolen PC? in Windows Updates and Activation
Hi all, I had a custom built PC stolen last month and was wondering if there's any way to deregister the Windows 10 that's running on it? I found a similar question on the forum, and it pointed to the account.microsoft.com/devices page, but I...
why has my notebook suddenly started showing text about what it is doing,when I shutdown or restart non of my other windows 10 devices do this? thanks in advance
I just wanted to know if MS removed the system health report feature from performance monitor. If so how do you start a system health report in Windows 10, it seems to differ from Windows 7 where you can find in advanced tools "Generate a system...
howdy, ive noticed lately that the information for hard drivers is totally incorrect, all firmware for drives is up to date, mobo bios is latest but drive info is sque wiff 53712

Tags for this Thread

Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 07:53.
Find Us