Elmo29 Posted May 5, 2021 ID:1455124 Share Posted May 5, 2021 Hello I was recently locked out of Facebook due to suspicious activity on my account. I was in the middle of setting up a legitimate Facebook business page when I started to get ‘you are about to leave this page’ pop-ups randomly, I clicked cancel to stop whatever it was trying to do but eventually it just forwarded me straight to a locked out of account page and I can now no long access my account. I am not bothered about getting access back to the Facebook account but I am unsure if these random exit pop-ups were simply a weird glitch within Facebook, or if there is a genuine concern here that someone did hack my account while I was logged in and has potentially infected my system as I clicked on the pop-ups? Please could someone run through some system scans/checks with me for some clarification and peace of mind? Thank you in advance for your help. Link to post Share on other sites More sharing options...
Maurice Naggar Posted May 5, 2021 ID:1455139 Share Posted May 5, 2021 Hi Start by advising of some basics. Is this on Windows 10 ? Which web browser did you use ? Does this pc have Malwarebytes for Windows ? What is the antivirus app on this pc ? I cannot help you on any actual account lockout. However, I think some of messages you saw are normal. ( Non-infection ) but rather a normal browser advisory when switching from HTTPS secure webpage to one that is non-secure. 1 Link to post Share on other sites More sharing options...
Elmo29 Posted May 5, 2021 Author ID:1455140 Share Posted May 5, 2021 Hello Yes, this was on Windows 10, and I was using Google Chrome browser. I do have the standard (free) version of Malwarebytes installed, and Norton as anti-virus protection. Link to post Share on other sites More sharing options...
Maurice Naggar Posted May 5, 2021 ID:1455141 Share Posted May 5, 2021 Additionally to my preceding reply. If you had been Editing content online, the site where you are editing can remind you that you're about to lose some work when you want to leave the page. . got your last Reply. So do a scan with Malwarebytes for Windows. Let me know that result. Attach a copy of the scan with MB. See https://support.malwarebytes.com/hc/en-us/articles/360038479194-View-Reports-and-History-in-Malwarebytes-for-Windows-v4 We will do more, later. 1 Link to post Share on other sites More sharing options...
Maurice Naggar Posted May 5, 2021 ID:1455149 Share Posted May 5, 2021 After you post the MB scan report ...As the next steps... I would suggest that you do all 6 steps like on this one post of mine At this link Attach the report from Adwcleaner back here. 1 Link to post Share on other sites More sharing options...
Elmo29 Posted May 5, 2021 Author ID:1455154 Share Posted May 5, 2021 Hello I was editing content online and had succefully saved what I was doing, but I wasnt trying to leave the page when the pop-up appeared I was reading something and it just tried to leave the page of its own accord. Please find attached copies of my Malwarebytes, and Adwcleaner logs. I have also followed all other steps outlined in your link. Malwarebytes Log.txt AdwCleaner[C00].txt Link to post Share on other sites More sharing options...
Maurice Naggar Posted May 5, 2021 ID:1455168 Share Posted May 5, 2021 The 2 scans are just fine. Malwarebytes for Windows found no malware. Adwcleaner found & removed just 1 shortcut link. There appears no basis for presumption of a infection here. Let's do one follow-up scan. The Microsoft Safety Scanner is a free Microsoft stand-alone virus scanner that can be used to scan for & remove malware or potentially unwanted software from a system. The download links & the how-to-run-the tool are at this link at Microsoft https://docs.microsoft.com/en-us/windows/security/threat-protection/intelligence/safety-scanner-download Please look at Scan Options & select FULL scan. And let it proceed. This may take a few hours. Let me know the result of this. The log is named MSERT.log the log will be at C:\Windows\debug\msert.log Please attach that log with your reply. 1 Link to post Share on other sites More sharing options...
Elmo29 Posted May 6, 2021 Author ID:1455222 Share Posted May 6, 2021 Hello Please find attached a copy of the Microsoft Safety Scanner log as requested. I'm not sure if this is an issue but before the scan finished it stated it detected 8 items, but only one 1 seems to have been removed when the scan finished? msert.log Link to post Share on other sites More sharing options...
Solution Maurice Naggar Posted May 6, 2021 Solution ID:1455224 Share Posted May 6, 2021 Hi. The report for this last run only found 1 minor issue: that Microsoft Defender was not set as a antispyware. I would suggest a free scan with the ESET Online Scanner Go to https://download.eset.com/com/eset/tools/online_scanner/latest/esetonlinescanner.exe It will start a download of "esetonlinescanner.exe" Save the file to your system, such as the Downloads folder, or else to the Desktop. Go to the saved file, and double click it to get it started. When presented with the initial ESET options, click on "Computer Scan". Next, when prompted by Windows, allow it to start by clicking Yes When prompted for scan type, Click on Full scan Look at & tick ( select ) the radio selection "Enable ESET to detect and quarantine potentially unwanted applications" and click on Start scan button. Have patience. The entire process may take an hour or more. There is an initial update download. There is a progress window display. You should ignore all prompts to get the ESET antivirus software program. ( e.g. their standard program). You do not need to buy or get or install anything else. When the scan is completed, if something was found, it will show a screen with the number of detected items. If so, click the button marked “View detected results”. Click The blue “Save scan log” to save the log. If something was removed and you know it is a false finding, you may click on the blue ”Restore cleaned files” ( in blue, at bottom). Press Continue when all done. You should click to off the offer for “periodic scanning”. 1 Link to post Share on other sites More sharing options...
Elmo29 Posted May 6, 2021 Author ID:1455281 Share Posted May 6, 2021 Hello The Eset scan detected no threats, log attached. Eset Log.txt Link to post Share on other sites More sharing options...
Maurice Naggar Posted May 6, 2021 ID:1455298 Share Posted May 6, 2021 That is excellent. We can rule out a infection. I have had you run 2 different scanners for viruses. Earlier you deleted the Cache & history on Chrome. Plus added the Malwarebytes Browser Guard to. Chrome. . I would like you to run a tool named SecurityCheck to inquire on the current-security-update status of some applications. Download SecurityCheck by glax24 from here https://tools.safezone.cc/glax24/SecurityCheck/SecurityCheck.exe and save the tool on the desktop. If Windows's SmartScreen block that with a message-window, then Click on the MORE INFO spot and over-ride that and allow it to proceed. This tool is safe. Smartscreen is overly sensitive. Right-click with your mouse on the Securitycheck.exe and select "Run as administrator" and reply YES to allow to run & go forward Wait for the scan to finish. It will open in a text file named SecurityType.txt. Close the file. Attach it with your next reply. You can find this file in a folder called SecurityCheck, C:\SecurityCheck\SecurityCheck.txt 1 Link to post Share on other sites More sharing options...
Elmo29 Posted May 7, 2021 Author ID:1455390 Share Posted May 7, 2021 Hello Thank you for advising there is no infection! Please find attached a copy of the Security Check log. SecurityCheck.txt Link to post Share on other sites More sharing options...
Maurice Naggar Posted May 7, 2021 ID:1455444 Share Posted May 7, 2021 These are apps that need your attention for updates, so your pc is more secure. Adobe AIR v.16.0.0.273 Warning! Download Update Microsoft Edge v.90.0.818.51 Warning! Download Update You may run a scan of your system with Norton 360 Security. 1 Link to post Share on other sites More sharing options...
Elmo29 Posted May 7, 2021 Author ID:1455500 Share Posted May 7, 2021 Hello I have updated Adobe Air and Microsoft Edge. I have also run a full system scan with Norton 360 and no threats were found - log attached. Norton Log.txt Link to post Share on other sites More sharing options...
Maurice Naggar Posted May 7, 2021 ID:1455502 Share Posted May 7, 2021 Bravo. That is excellent. Is there something else you need at this point? 1 Link to post Share on other sites More sharing options...
Elmo29 Posted May 7, 2021 Author ID:1455505 Share Posted May 7, 2021 Hello I don’t believe there is anything else I require, I’m very happy that all of the scans we’ve gone through have either detected nothing or resolved small issues. Is there anything else I need to do? Link to post Share on other sites More sharing options...
Maurice Naggar Posted May 8, 2021 ID:1455579 Share Posted May 8, 2021 Hello. I am glad to have helped you. Below, 2 other tips for web browsers & then a list of best practices for pc security. I will add a separate post for tools cleanup. . you use Chrome, consider having the extension for ScriptSafe ScriptSafe for Chrome & Chromium-based browsers https://chrome.google.com/webstore/detail/scriptsafe/oiigbmnaadbkfbmpbfijlflahbdbdgdf?hl=en-US [ 2 ] If you use Mozilla Firefox, get & install the Malwarebytes Browser Guard Firefox extension. Open this link in your Firefox browser: https://addons.mozilla.org/en-US/firefox/addon/malwarebytes/ Then proceed with the setup. . [ BEST PRACTICES ] Backup is your best friend. Keep backups of your system on a regular basis to offline storage & keep those safe. https://forums.malwarebytes.com/topic/136226-backup-software/ It is not enough to just have a security program installed. Each pc user needs to practice daily safe computer and internet use. Best practices & malware prevention: Follow best practices when browsing the Internet, especially on opening links coming from untrusted sources. First rule of internet safety: slow down & think before you "click". Never click links without first hovering your mouse over the link and seeing if it is going to an odd address ( one that does not fit or is odd looking or has typos). Free games & free programs are like "candy". We do not accept them from "strangers". Never open attachments that come with unexpected ( out of the blue ) email no matter how enticing. Never open attachments from the email itself. Do not double click in the email. Always Save first and then scan with antivirus program. Pay close attention when installing 3rd-party programs. It is important that you pay attention to the license agreements and installation screens when installing anything off of the Internet. If an installation screen offers you Custom or Advanced installation options, it is a good idea to select these as they will typically disclose what other 3rd party software will also be installed. Take great care in every stage of the process and every offer screen, and make sure you know what it is you're agreeing to before you click "Next". Use a Standard user account rather than an administrator-rights account when "surfing" the web. See more info on Corrine's SecurityGarden Blog http://securitygarden.blogspot.com/p/blog-page_7.html Dont remove your current login. Just use the new Standard-user-level one for everyday use while on the internet. Do a Windows Update. Make certain that Automatic Updates is enabled. https://support.microsoft.com/en-us/help/12373/windows-update-faq Keep your system and programs up to date. Several programs release security updates on a regular basis to patch vulnerabilities. Keeping your software patched up prevents attackers from being able to exploit them to drop malware. For other added tips, read "10 easy ways to prevent malware infection" https://blog.malwarebytes.com/101/2016/08/10-easy-ways-to-prevent-malware-infection/ 1 Link to post Share on other sites More sharing options...
Maurice Naggar Posted May 8, 2021 ID:1455580 Share Posted May 8, 2021 Hi. I am glad to have worked with you. We can proceed with cleanup of tools we used. Delete msert.exe Delete msert.log Delete the esetonline download file. Delete SecurityCheck.exe Any other download file I had you download, you may delete. I wish you all the best. Stay safe. Sincerely. Maurice 1 Link to post Share on other sites More sharing options...
Maurice Naggar Posted May 8, 2021 ID:1455581 Share Posted May 8, 2021 Glad we could help. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request. This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread. Please review the following for Tips to help protect from infection Thank you 1 Link to post Share on other sites More sharing options...
Recommended Posts