Jump to content

Keylogger cant find


Recommended Posts

I recieved an email saying that a ip (from netherlands which is no where near where i live, im from england) has accesed my account.

Then realising some stuff has changed i came to believe theres a rat/keylogger on my system.

I cant find anything, and it was a definite keylogger because to access my account they would also need to know my email account password (which is different to the other account im on about) and go on a recieved email for it to allow him to logon.

 

I've got his ip and his address but i have no idea what to do to see if it's still there, windows defender hasn't managed to pick it up.

I don't know if i should show this but this is whats running,if its not on there it may be because i've ended some suspicious stuff on there aswell but if it continues i'll update this.

 

Image Name                     PID Services
========================= ======== ==========================================
System Idle Process              0 N/A
System                           4 N/A
smss.exe                       396 N/A
csrss.exe                      572 N/A
wininit.exe                    632 N/A
csrss.exe                      648 N/A
winlogon.exe                   696 N/A
services.exe                   736 N/A
lsass.exe                      744 KeyIso, SamSs
svchost.exe                    856 BrokerInfrastructure, DcomLaunch, LSM,
                                   PlugPlay, Power
svchost.exe                    916 RpcEptMapper, RpcSs
svchost.exe                    960 Audiosrv, Dhcp, EventLog,
                                   HomeGroupProvider, lmhosts, Wcmsvc, wscsvc
dwm.exe                        996 N/A
svchost.exe                    128 AeLookupSvc, Appinfo, BITS, gpsvc, IKEEXT,
                                   iphlpsvc, LanmanServer, MMCSS, ProfSvc,
                                   RasMan, Schedule, SENS, SharedAccess,
                                   ShellHWDetection, SystemEventsBroker,
                                   Themes, Winmgmt, wlidsvc, wuauserv
svchost.exe                    456 EventSystem, fdPHost, FontCache, netprofm,
                                   nsi, SstpSvc, WdiServiceHost,
                                   WinHttpAutoProxySvc
svchost.exe                   1028 AudioEndpointBuilder,
                                   DeviceAssociationService, hidserv, Netman,
                                   PcaSvc, SysMain, TrkWks, WdiSystemHost,
                                   WlanSvc
svchost.exe                   1148 CryptSvc, Dnscache, LanmanWorkstation,
                                   NlaSvc, TapiSrv
wlanext.exe                   1252 N/A
conhost.exe                   1260 N/A
spoolsv.exe                   1460 Spooler
svchost.exe                   1488 BFE, DPS, MpsSvc, NcdAutoSetup
AppleMobileDeviceService.     1696 Apple Mobile Device
mDNSResponder.exe             1760 Bonjour Service
BrcmCardReader.exe            1780 BrcmCardReader
SkypeC2CAutoUpdateSvc.exe     1816 c2cautoupdatesvc
SkypeC2CPNRSvc.exe            1888 c2cpnrsvc
CCDMonitorService.exe         1948 CCDMonitorService
dasHost.exe                   2004 N/A
dsiwmis.exe                   2024 DsiWMIService
ETDService.exe                 984 ETDService
HeciServer.exe                1172 Intel® Capability Licensing Service Inte
                                   ace
Jhi_service.exe                588 jhi_service
IScheduleSvc.exe              1364 NTI IScheduleSvc
PnkBstrA.exe                  1988 PnkBstrA
RfBtnSvc64.exe                1484 RfButtonDriverService
sqlwriter.exe                 2132 SQLWriter
svchost.exe                   2156 stisvc
unsecapp.exe                  2712 N/A
WmiPrvSE.exe                  2728 N/A
WmiPrvSE.exe                  2752 N/A
alg.exe                       2852 ALG
svchost.exe                   3016 FDResPub, SSDPSRV, TimeBroker, upnphost,
                                   wcncsvc
svchost.exe                   3436 p2pimsvc, p2psvc, PNRPsvc
dllhost.exe                   3984 N/A
LMS.exe                       3868 LMS
MsMpEng.exe                   3604 WinDefend
SearchIndexer.exe             3956 WSearch
UNS.exe                        124 UNS
wmpnetwk.exe                  3116 WMPNetworkSvc
LMutilps32.exe                2416 N/A
ETDCtrl.exe                    852 N/A
taskhostex.exe                1568 N/A
explorer.exe                  2764 N/A
LManager.exe                  3260 N/A
ETDCtrlHelper.exe             1620 N/A
LiveComm.exe                  2896 N/A
unsecapp.exe                  4112 N/A
MMDx64Fx.exe                  4216 N/A
igfxext.exe                   4272 N/A
RuntimeBroker.exe             4532 N/A
igfxtray.exe                  4716 N/A
hkcmd.exe                     4836 N/A
igfxpers.exe                  4880 N/A
RAVCpl64.exe                  4984 N/A
PWRISOVM.EXE                  4384 N/A
BackupManagerTray.exe         4408 N/A
iTunesHelper.exe              4448 N/A
ePowerTray.exe                4324 N/A
iPodService.exe               4260 iPod Service
ePowerSvc.exe                 5356 ePowerSvc
igfxsrvc.exe                  5408 N/A
unsecapp.exe                  5436 N/A
ePowerEvent.exe               5480 N/A
audiodg.exe                   4588 N/A
MSASCui.exe                   6088 N/A
firefox.exe                   5912 N/A
dllhost.exe                   5808 N/A
taskeng.exe                    748 N/A
chrome.exe                    4224 N/A
chrome.exe                    3696 N/A
chrome.exe                    6108 N/A
chrome.exe                    5108 N/A
chrome.exe                    3740 N/A
SearchProtocolHost.exe        4656 N/A
SearchFilterHost.exe           784 N/A
cmd.exe                       2636 N/A
conhost.exe                   6004 N/A
tasklist.exe                  1512 N/A

 

If any of these may be unsafe please ell me

 

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.