Search our partners

Find the latest content on electronic components. Datasheets.com

O2 mail - unwanted actions + spam in the mail

Tomek913913 3450 3
This content has been translated flag-pl » flag-en View the original version here.
  • #1
    Level 8  
    Hello, as in the subject, I go to the e-mail and I see a message saying that I should change the password, because they detected undesirable actions on the account. After changing it, I discover some spam (in the attachment). I recently scanned Micosoft Security Essentials and found nothing, just like adw cleaner. Maybe I'll learn from experts what's going on? Thank you in advance, and I send FRST and Addition O2 mail - unwanted actions + spam in the mail .
  • #2
    Level 43  
    Haven't you logged in to any website with your e-mail credentials?
  • #3
    IT specialist
    Uzyj: https://sourceforge.net/projects/adobeflashup...an%20Remover/RemoveMcAfee_silent.exe/download

    Wykonaj Fixlist.txt dla FRST:
    Task: {0419EE17-19F9-4EA2-BA8E-B6F6BAF0DA4C} - System32\Tasks\{6933B2AE-2C89-4F64-A516-36F852163DA6} => pcalua.exe -a "C:\Program Files (x86)\DiscountExt\DiscountExt.exe" -c /s /n /i:"ExecuteCommands;UninstallCommands" ""
    Task: {657188D6-FCBC-4BF9-9C95-C2EF440CD7A7} - System32\Tasks\{B5847506-D98B-4E44-BBD7-09E7A4BED10F} => pcalua.exe -a "C:\Users\Tomasz\Desktop\MinecraftZyczu (1).exe" -d C:\Users\Tomasz\Desktop
    Task: {C572910E-899D-4ED0-8AAF-BA6BB74D5D71} - System32\Tasks\{4620C6E3-4B1F-40B9-AFCA-5B9EA7F42CD3} => pcalua.exe -a C:\Users\Tomasz\Desktop\MinecraftZyczu.exe -d C:\Users\Tomasz\Desktop
    Task: {C9B543AE-C73F-4B65-8000-93416ADBDAE3} - System32\Tasks\{5B14C21C-0F15-4DFA-9DF3-2E33B253B1D6} => pcalua.exe -a C:\Users\Kasia\Downloads\cjb6200PO.exe -d C:\Users\Kasia\Downloads
    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => Brak pliku
    Startup: C:\Users\Kasia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk [2013-11-21]
    ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe (Brak pliku)
    FF HKU\S-1-5-21-566760747-40817201-1853202738-1005\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi => nie znaleziono
    CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
    U0 aswVmm; Brak ImagePath
    2017-04-13 12:09 - 2017-03-04 11:03 - 00000000 ____D C:\AdwCleaner

    W logach nie widac infekcji.

    Mozliwe, ze miales slabe haslo.
  • #4
    Level 8  
    I understand, thank you for your help! I'm closing