Jump to content

Possible infection via Facebook?


Go to solution Solved by Maurice Naggar,

Recommended Posts

Hello

I was recently locked out of Facebook due to suspicious activity on my account. I was in the middle of setting up a legitimate Facebook business page when I started to get ‘you are about to leave this page’ pop-ups randomly, I clicked cancel to stop whatever it was trying to do but eventually it just forwarded me straight to a locked out of account page and I can now no long access my account.

I am not bothered about getting access back to the Facebook account but I am unsure if these random exit pop-ups were simply a weird glitch within Facebook, or if there is a genuine concern here that someone did hack my account while I was logged in and has potentially infected my system as I clicked on the pop-ups?

Please could someone run through some system scans/checks with me for some clarification and peace of mind?

Thank you in advance for your help.

Link to post
Share on other sites

Hi :welcome:

Start by advising of some basics.

Is this on Windows 10 ?

Which web browser did you use ?

Does this pc have Malwarebytes for Windows ?

What is the antivirus app on this pc ?

I cannot help you on any actual account lockout.

However, I think some of messages you saw are normal. ( Non-infection ) but rather a normal browser advisory when switching from HTTPS secure webpage to one that is non-secure.

  • Like 1
Link to post
Share on other sites

Additionally to my preceding reply.

If you had been Editing content online, the site where you are editing  can remind you that you're about to lose some work when you want to leave the page.

.

got your last Reply. So do a scan with Malwarebytes for Windows.

Let me know that result. Attach a copy of the scan with MB.

See https://support.malwarebytes.com/hc/en-us/articles/360038479194-View-Reports-and-History-in-Malwarebytes-for-Windows-v4

 

We will do more, later. 

  • Like 1
Link to post
Share on other sites

Hello

I was editing content online and had succefully saved what I was doing, but I wasnt trying to leave the page when the pop-up appeared I was reading something and it just tried to leave the page of its own accord.

Please find attached copies of my Malwarebytes, and Adwcleaner logs.

I have also followed all other steps outlined in your link.

 

Malwarebytes Log.txt AdwCleaner[C00].txt

Link to post
Share on other sites

The 2 scans are just fine. Malwarebytes for Windows found no malware. Adwcleaner found & removed just 1 shortcut link.

There appears no basis for presumption of a infection here.

Let's do one follow-up scan.

The Microsoft Safety Scanner is a free Microsoft stand-alone virus scanner that can be used to scan for & remove malware or potentially unwanted software from a system. 

The download links & the how-to-run-the tool are at this link at Microsoft 

https://docs.microsoft.com/en-us/windows/security/threat-protection/intelligence/safety-scanner-download

 

Please look at Scan Options & select FULL scan.

And let it proceed. This may take a few hours.

Let me know the result of this.

The log is named MSERT.log  

the log will be at  

C:\Windows\debug\msert.log

Please attach that log with your reply.

  • Like 1
Link to post
Share on other sites

  • Solution

Hi. The report for this last run only found 1 minor issue: that Microsoft Defender was not set as a antispyware.

I would suggest a free scan with the ESET Online Scanner

Go to https://download.eset.com/com/eset/tools/online_scanner/latest/esetonlinescanner.exe

 

It will start a download of "esetonlinescanner.exe"

Save the file to your system, such as the Downloads folder, or else to the Desktop.

Go to the saved file, and double click it to get it started.

 

When presented with the initial ESET options, click on "Computer Scan".

Next, when prompted by Windows, allow it to start by clicking Yes

When prompted for scan type, Click on Full scan

Look at & tick ( select ) the radio selection "Enable ESET to detect and quarantine potentially unwanted applications" and click on Start scan button.

Have patience. The entire process may take an hour or more. There is an initial update download.

There is a progress window display.

You should ignore all prompts to get the ESET antivirus software program. ( e.g. their standard program). You do not need to buy or get or install anything else.

When the scan is completed, if something was found, it will show a screen with the number of detected items. If so, click the button marked “View detected results”.

Click The blue “Save scan log” to save the log.

If something was removed and you know it is a false finding, you may click on the blue ”Restore cleaned files” ( in blue, at bottom).

Press Continue when all done. You should click to off the offer for “periodic scanning”.

  • Like 1
Link to post
Share on other sites

That is excellent. We can rule out a infection.

I have had you run 2 different scanners for viruses. Earlier you deleted the Cache & history on Chrome. Plus added the Malwarebytes Browser Guard to. Chrome.

.

I would like you to run a tool named SecurityCheck to inquire on the current-security-update  status  of some applications.

 

Download SecurityCheck by glax24 from here  https://tools.safezone.cc/glax24/SecurityCheck/SecurityCheck.exe

 

and save the tool on the desktop.

If Windows's  SmartScreen block that with a message-window, then

Click on the MORE INFO spot and over-ride that and allow it to proceed.

This tool is safe.   Smartscreen is overly sensitive.

Right-click  with your mouse on the Securitycheck.exe  and select "Run as administrator"   and reply YES to allow to run & go forward

Wait for the scan to finish. It will open in a text file named SecurityType.txt. Close the file.  Attach it with your next reply.

You can find this file in a folder called SecurityCheck, C:\SecurityCheck\SecurityCheck.txt

  • Like 1
Link to post
Share on other sites

Hello 

I don’t believe there is anything else I require, I’m very happy that all of the scans we’ve gone through have either detected nothing or resolved small issues.

Is there anything else I need to do?

Link to post
Share on other sites

Hello.

I am glad to have helped you. :D

Below, 2 other tips for web browsers & then a list of best practices for pc security.

I will add a separate post for tools cleanup.

.

you use Chrome, consider having the extension for ScriptSafe

ScriptSafe for Chrome & Chromium-based browsers

https://chrome.google.com/webstore/detail/scriptsafe/oiigbmnaadbkfbmpbfijlflahbdbdgdf?hl=en-US

[ 2 ]

If you use Mozilla Firefox, get & install the Malwarebytes Browser Guard Firefox extension.  

Open this link in your Firefox browser:     

https://addons.mozilla.org/en-US/firefox/addon/malwarebytes/

 

Then proceed with the setup.

 .

[ BEST PRACTICES ]

Backup is your best friend. Keep backups of your system on a regular basis to offline storage & keep those safe. https://forums.malwarebytes.com/topic/136226-backup-software/

 

 

It is not enough to just have a security program installed. Each pc user needs to practice daily safe computer and internet use.

 

Best practices & malware prevention:

  • Follow best practices when browsing the Internet, especially on opening links coming from untrusted sources.
  • First rule of internet safety: slow down & think before you "click".
  • Never click links without first hovering your mouse over the link and seeing if it is going to an odd address ( one that does not fit or is odd looking or has typos).
  •  
  • Free games & free programs are like "candy". We do not accept them from "strangers".
  •  
  • Never open attachments that come with unexpected ( out of the blue ) email no matter how enticing.
  • Never open attachments from the email itself. Do not double click in the email. Always Save first and then scan with antivirus program.
  • Pay close attention when installing 3rd-party programs. It is important that you pay attention to the license agreements and installation screens when installing anything off of the Internet. If an installation screen offers you Custom or Advanced installation options, it is a good idea to select these as they will typically disclose what other 3rd party software will also be installed.
  • Take great care in every stage of the process and every offer screen, and make sure you know what it is you're agreeing to before you click "Next".
  •  
  • Use a Standard user account rather than an administrator-rights account when "surfing" the web.
  • See more info on Corrine's SecurityGarden Blog http://securitygarden.blogspot.com/p/blog-page_7.html
  • Dont remove your current login. Just use the new Standard-user-level one for everyday use while on the internet.
  •  
  • Do a Windows Update.
  •  
  • Make certain that Automatic Updates is enabled.
  • https://support.microsoft.com/en-us/help/12373/windows-update-faq
  •  
  • Keep your system and programs up to date. Several programs release security updates on a regular basis to patch vulnerabilities. Keeping your software patched up prevents attackers from being able to exploit them to drop malware.
  •  
  • For other added tips, read "10 easy ways to prevent malware infection"

https://blog.malwarebytes.com/101/2016/08/10-easy-ways-to-prevent-malware-infection/

:cool:

  • Thanks 1
Link to post
Share on other sites

Hi. I am glad to have worked with you.  

 

We can proceed with cleanup of tools we used.

Delete msert.exe

Delete msert.log

 

Delete the esetonline download file.

Delete SecurityCheck.exe

Any other download file I had you download, you may delete.  

 

I wish you all the best.  Stay safe.

Sincerely.

Maurice

 

  • Thanks 1
Link to post
Share on other sites

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread.

Please review the following for Tips to help protect from infection

Thank you

 

 

  • Thanks 1
Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.