Help identifying process

[James661]

Hi i'm paranoid i got a keylogger or malicious software in my computer for something i did, but the Antivirus did not detect anything wrong, also got recently Zemana antilogger just to be safe and seems everything is okay my question is:

found two processes i don't know what they are or what they do can you guys tell me if they are safe or dangerous? should i leave them or disable them? both are startup processes

hehkkhuf.exe > this one doesn't have description or anything it is located on C:\ProgramData\hehkkhuf.exe i googled and can't find the source it's strange the file is hidden can't find it where is located

csrss.exe > this one seems part of windows but i'm not sure

winlogon.exe > same as the one above

Help me please i'm paranoid

 

[mickey megabyte]

hi James661, and welcome to sevenforums,

csrss and winlogon are a part of windows - nothing to worry about there.

this hehkkhuf looks very suspect though - do disable it in msconfig, so it won't autostart at each boot, and also download and run the free version of malwarebytes to give your system a good clean.

 

[James661]

hi James661, and welcome to sevenforums,

csrss and winlogon are a part of windows - nothing to worry about there.

this hehkkhuf looks very suspect though - do disable it in msconfig, so it won't autostart at each boot, and also download and run the free version of malwarebytes to give your system a good clean.

I couldn't disable hehkkhuf at first it wouldn't let me then

I did what you told me and malwarebyte removed 2 files:

1- RiskwareTool
2- Trojan.Agent

minutes later the Norton Sonar removed the hehkkhuf.exe i restarted the computer and the file was gone completely so i think i fixed it still i'll be changing passwords of accounts just to be safe thanks

weird the Antivirus did not detect hehkkhuf yesterday when i got it last night and Zemana Antilogger did not detect suspicious activity so dunno what was that for..

 

[mickey megabyte]

happy to help