Jump to content

Provider told me my mail address was compromised and put me in quarantine

Recommended Posts

So I have very limited access to my e-mail. That is not such a big deal, walking through the possible causes, I am afraid my system has been compromised and I have a keylogger installed on my system.

It baffles me why a keylogger would only be used to access my mail and send spam while there are much more seirous things goping on on my computer (banking and the likes).

I attached the threat scan to this message, but I suspect there are more steps I can undertake to make sure no keyloggers are active on my system.

I respectfully ask for your help.

Thanks in advance.

mwb scanforum.txt

Link to post
Share on other sites

Hello, Welcome to Malwarebytes.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.

Remove this program in bold via the Control Panel > Programs > Programs and Features.
Lenovo App Explorer (HKU\S-1-5-21-1165786119-2667620063-1329827097-1001\...\Host App Service) (Version: - SweetLabs for Lenovo) <==== ATTENTION

Please download the attached Fixlist.txt file to  the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the FRST.txt log you have submitted.

Run FRST and click Fix only once and wait.

The tool will create a log (Fixlog.txt) please post it to your reply.

It baffles me why a keylogger would only be used to access my mail and send spam


They used your e-mal address to hide their traces.

Check if you have an account that has been compromised in a data breach

If not already done create a new e-mail account.
Make sure your password is strong.


Link to post
Share on other sites

Hello Nasdaq, very much appreciate the help.

I checked haveibeenpwned and suspect the massive list that came online this month is the cause, which makes me sit a bit easier at least, as I have been implementing password management into my computer life since a couple of years.

Back to the topic at hand, uninstalled the Lenovo App Explorer, however, your message did not have an attachment to it as far as I can see?

Link to post
Share on other sites


There is not unknown processes in your logs.

If you were hacked there is not trace of it. 
Every trace of it may have been removed by the author.

Your Email and Password(s) may have come from a site that you have used and the site was hacked.
No way to find out.

For your peace of min run this scan.

Sophos Virus Removal Tool

Please download Sophos Virus Removal Tool and save it to your computer's Desktop.

  • Right-click the icon and select Run as administrator.
  • Click Yes to accept any security warnings that may appear.
  • Click the Next button.
  • Select 'I accept the terms in the license agreement', then click Next twice.
  • Click the Install button and wait until the installation is complete.
  • Click the Finish button. The tool created a shortcut icon on the Desktop of your computer.
  • Now, double-click the Sophos Virus Removal Tool shortcut icon to run the tool.
  • Click Yes to accept any security warnings that may appear.
  • After it updates and a "Start Scanning" button appears in the lower right:
    • Disconnect from the Internet or physically unplug your Internet cable connection.
    • Close all open programs, scheduling/updating tasks and background processes that might activate during the scan including the screensaver.
    • Temporarily disable your anti-virus and real-time anti-spyware protection.

Windows Vista and above:
C:\ProgramData\Sophos\Sophos Virus Removal Tool\Logs\SophosVirusRemovalTool.log
Please post the contents of the log in your next reply and note any errors encountered.

Link to post
Share on other sites

Stay safe..

To learn more about how to protect yourself while on the internet read this little guide best security practices keep safe.

Simple and easy ways to keep your computer safe and secure on the Internet.

Link to post
Share on other sites

  • Root Admin

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread.



Link to post
Share on other sites

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.