TCP Report is showing that my information is being stolen PID 4512
I ran a report to see what has got a hold of my computer. I hope I attached the file properly. I also found a file in my temp folder named outlook logger. Could you please look at my tcp report and let me know what I need to do. How can I identify who this is? thank you
Also, please, What do all of the listening states mean?
Last edited by ljmilam; 10 May 2018 at 06:45.
Reason: additional questions
Computer Type: PC/Desktop System Manufacturer/Model Number: Custom OS: Windows 11 Pro x64 Version 23H2 CPU: i7-8700K Motherboard: Asus Maximus X Code - Z370 Memory: G.Skill Trident Z 3200MHz F4-3200C16D-16GTZ (2) 32GB Graphics Card: Intel UHD Graphics 630 Sound Card: Integrated ROG SupremeFX Monitor(s) Displays: Asus VP279 27", Samsung BX2431 24" Keyboard: das Keyboard MX Brown Mechanical Switches Model DASKMKPROSIL-3G7-r1.0 Mouse: Logitech MX Master 3 Wireless & Bluetooth PSU: Corsair RM 650i +Gold Case: Phanteks Enthroo Primo Cooling: Corsair Hydro H150i, 360mm Rad & Five Corsair 140mm Pro ML Case Fans Hard Drives: Samsung M.2 NVMe 960 EVO 500GB Boot,
Samsung 840 EVO 250GB (System Copy Drive),
Samsung 860 EVO 1TB (Primary Data Drive),
WD Black 500GB (Data Copy Drive) Internet Speed: 150Mb + Browser: Chrome, Firefox Antivirus: Malwarebytes Premium, SuperAntiSpyware Pro (Licensed) Other Info: Macrium (Licensed), Office 365, Wise Disk Cleaner, Crystal Disk Info
Computer Type: Laptop System Manufacturer/Model Number: Toshiba Satellite L750 OS: 10 Home x64 (22H2) (10 Pro on 2nd pc) CPU: Intel Pentium B950 @2.10GHz Memory: 4GB Internet Speed: 50Mbps down, 10Mbps up Browser: IE/Edge/Firefox Antivirus: Defender Other Info: ...other laptops include:
Dell Latitude E7270, 6th gen i7, 16GB RAM, Windows 10 Pro.
Dell Latitude 5410, 10th gen i7, 32GB RAM, Windows 11 Pro.
main use is to run Hyper-V VMs including XP, W7, W8.1, W10 & W11
Computer Type: Laptop System Manufacturer/Model Number: Samsung R519 OS: 10 Pro x86 (22H2, 21H1, 20H2, 2004, 1909, 1903, 1809, 1803, 1709, 1703, 1607, 1511, 1507), 7 Pro x86 CPU: Intel Pentium T4300 2.10GHz Memory: 4GB Other Info: Test/support machine - uses multiple Macrium images to switch OS.
Nothing is being stolen. Amazon AWS is related to their cloud service/servers (ie Cloudfront aka Prime video/audio). Adnexus serves up ad's. Akami is used by companies like Microsoft, etc.
The short version. The terms session and connection are used to refer a communication between client and a server or two end points and they are used in same context. If you look at pure theory then:Connection: Client--------------->Server Client<------------->Server The bidirectional flow between client and server is a connection. Client Src IP(1.1.1.1) Client Port(12345) TCP ---------> Server Src IP(2.2.2.2) Server Port (80) Server Src IP(2.2.2.2) Server Port(80) TCP ---------->Client Src IP(1.1.1.1.) Client Port (12345) The above is a "Connection" when you consider both flows. When you consider a SINGLE flow: Client Src IP(1.1.1.1) Client Port(12345) TCP ---------> Server Src IP(2.2.2.2) Server Port (80) The above is "TCP SOCKET". It can be UDP as well. Session would be: The same birdirectional flow illustrated in first example but with different Client src ports so a client establishing many connections to the same server. So series of interactions between client and server will amount to a SESSION. A single bidirectional FLOW would be a CONNECTION and a SINGLE UNIDIRECTIONAL FLOW would be a SOCKET.
Computer Type: Laptop System Manufacturer/Model Number: Macbook Air (2021) OS: Mac OS Catalina CPU: M1 Motherboard: Apple Memory: 8 GB Monitor(s) Displays: Retina Screen Resolution: 13.3 - inch (1440 x 900) Hard Drives: 500 GB Internal Browser: Google Chrome Antivirus: None needed. It is Mac OS
Thank you so much for your help. I have a pcycho ex that is an electrical engineer. He has everything of mine bugged, my phone, my car, my house. I am certain he's got a key logger on my computer and access to my router. I am trying everything I can to safeguard but I dont know how to locate what has already been done.
While I will be offline for a while if you rent your router / modem from a supplier ask them to reset it.
If you own the router they instructions to do a reset will be online. This will have it default to its "as shipped" state which means it will use default SSID and password. Then change the password to one only you know.
You may want to open a thread on the particular router and asks a few questions. Once you get into it it is not as bad as it sounds and you can explorer inside the router before you reset.
As to your computer there are two options to "flush" the system. Either do a reset and do not keep files or do a clean install. You must back your data up prior to doing this. There is a reset that allows you to keep files, I think I would go the extra step of deleting. That said you must backup you personnel data. Either of these processes should return machine to a clean state.
Not sure of your confidence level as all programs have to be re-installed / setup.
There are lots of members who can walk you through things. Just do you homework before you pull the trigger. To keep things straight have a thread for subject to keep answers focused.
Computer Type: PC/Desktop System Manufacturer/Model Number: Custom OS: Windows 11 Pro x64 Version 23H2 CPU: i7-8700K Motherboard: Asus Maximus X Code - Z370 Memory: G.Skill Trident Z 3200MHz F4-3200C16D-16GTZ (2) 32GB Graphics Card: Intel UHD Graphics 630 Sound Card: Integrated ROG SupremeFX Monitor(s) Displays: Asus VP279 27", Samsung BX2431 24" Keyboard: das Keyboard MX Brown Mechanical Switches Model DASKMKPROSIL-3G7-r1.0 Mouse: Logitech MX Master 3 Wireless & Bluetooth PSU: Corsair RM 650i +Gold Case: Phanteks Enthroo Primo Cooling: Corsair Hydro H150i, 360mm Rad & Five Corsair 140mm Pro ML Case Fans Hard Drives: Samsung M.2 NVMe 960 EVO 500GB Boot,
Samsung 840 EVO 250GB (System Copy Drive),
Samsung 860 EVO 1TB (Primary Data Drive),
WD Black 500GB (Data Copy Drive) Internet Speed: 150Mb + Browser: Chrome, Firefox Antivirus: Malwarebytes Premium, SuperAntiSpyware Pro (Licensed) Other Info: Macrium (Licensed), Office 365, Wise Disk Cleaner, Crystal Disk Info
As to your computer there are two options to "flush" the system... Either of these processes should return machine to a clean state.
Not sure of your confidence level as all programs have to be re-installed / setup.
If you have the confidence level, the ultimate "flush" would be to wipe the hard drive and do a clean install from freshly downloaded install media. You'd certainly have to back up your files and reinstall all your software for that, making sure before you start that you had any software keys that you'd need to reinstall the 'paid for' software.
On the other hand, instead of a "clean flush" the alternative would be a "search and destroy" for any hidden malware. There are lots of members that can walk you through that too.
In fact, you may want to try that first to find out what (if any) keyloggers, etc were installed. You may find that nothing 'bad' had been done to you after all, or if it had you'll at least know the extent of it. Sometimes it's better to know so you can stop worrying about what else may have been there. You can always decide to do the "flush" later, depending on how bad it looked.
Computer Type: Laptop System Manufacturer/Model Number: Toshiba Satellite L750 OS: 10 Home x64 (22H2) (10 Pro on 2nd pc) CPU: Intel Pentium B950 @2.10GHz Memory: 4GB Internet Speed: 50Mbps down, 10Mbps up Browser: IE/Edge/Firefox Antivirus: Defender Other Info: ...other laptops include:
Dell Latitude E7270, 6th gen i7, 16GB RAM, Windows 10 Pro.
Dell Latitude 5410, 10th gen i7, 32GB RAM, Windows 11 Pro.
main use is to run Hyper-V VMs including XP, W7, W8.1, W10 & W11
Computer Type: Laptop System Manufacturer/Model Number: Samsung R519 OS: 10 Pro x86 (22H2, 21H1, 20H2, 2004, 1909, 1903, 1809, 1803, 1709, 1703, 1607, 1511, 1507), 7 Pro x86 CPU: Intel Pentium T4300 2.10GHz Memory: 4GB Other Info: Test/support machine - uses multiple Macrium images to switch OS.
I highly doubt that he has anything bugged. If you want to make sure, contact your local police department. If there was a key logger on your computer, again contact the local authorities if you are unsure.
Computer Type: Laptop System Manufacturer/Model Number: Macbook Air (2021) OS: Mac OS Catalina CPU: M1 Motherboard: Apple Memory: 8 GB Monitor(s) Displays: Retina Screen Resolution: 13.3 - inch (1440 x 900) Hard Drives: 500 GB Internal Browser: Google Chrome Antivirus: None needed. It is Mac OS
why has my notebook suddenly started showing text about what it is doing,when I shutdown or restart
non of my other windows 10 devices do this?
thanks in advance
howdy, ive noticed lately that the information for hard drivers is totally incorrect, all firmware for drives is up to date, mobo bios is latest but drive info is sque wiff
53712