Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Potential Keylogger - Facebook hacked [Solved]


  • This topic is locked This topic is locked

#16
Dakeyras

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,684 posts
Hi. :)
 

Thanks, Dakeyras! I've run all as instructed.

Good and you're most welcome!
 

I do have one question...

Fair play and by all means I will answer it.
 

I guess I don't have that usual "yep, it's definitely gone!" feeling. Along that vein, I'm just looking for some more info to help put my mind at ease.

Understandable, you have to bare in mind not all malware will actually exhibit obvious symptoms compared to say the more robust and intrusive types.
 

what was it that had infected my machine, and which fix was it that seems to have put a stop to it? I've dealt with a few different infections in the past, but this one's unique to me in that it hasn't explicitly prevented me from doing anything, like logging in or accessing my normal homepage.

Firstly there was no evidence of a key-logger I could discern and I suspect the fact your Facebook account was hacked is just one of those things as social networking sites are from secure in my humble opinion and this is more down to the vendors themselves than anything else per say. Plus trolls that regularly surf such sites are quite devious and often deploy what is known as a brute force approach taking into account what information may be posted and just get lucky gaining access for example.

As long as you change the both the password and secret question on a regular basis all should be fine.

The host file in use was compromised as in a malicous entry was added, this we successfully addressed along with the a malicious proxy server entry. Both could have been added because of the outdated Java installation that was installed for example. Finally some installers you had downloaded in the past were bundled with third party adware related dross and those have been dealt with also.

Overall in the great scheme of things your machine was far from being either badly infected and or compromised and addressing all was relativity easy from my point of view.
  • 0

Advertisements


#17
tylenol_island

tylenol_island

    Member

  • Topic Starter
  • Member
  • PipPip
  • 38 posts

Dakeyras,

 

I really appreciate the robust, detailed response to my concerns.  There are a couple of other things that I'd forgotten to include in my last thoughts - Roguekiller made a folder on my desktop entitled, "Quarantine", in which four files are included.  One of those seems to be a registry item, and I'm not sure what the other three are.  I won't have access to that computer again until this evening, so I can't tell you exactly what's in there.  Just wondering how I should go about treating this folder and its contents.  May it be safely deleted from my desktop?

 

Additionally, there are a couple log files that remained on my desktop after using that last cleanup tool, but they are semi-transparent, as though a temp file might be shown.  I believe they both have the text "ini" somewhere in their file names, but I don't recall whether it's in the title of the files or the extension.  May I safely delete these from the desktop as well?

 

I understand you may need more information, so if that is the case, please let me know and I will post tonight when I'm able to return to that machine.  Conversely, if these files may both be safely deleted or otherwise handled by me without the need for me to post again, my issue will be closed, pending your final response.

 

Thanks again for your time, energy, and patience.  When I have some time myself, I may try to take another crack at learning how to fight malware in GeekU!  Your knowledge and generosity is inspiring, and I'd love the opportunity to pay it forward.

 

Best regards,


  • 0

#18
Dakeyras

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,684 posts
Hi. :)
 

Roguekiller made a folder on my desktop entitled, "Quarantine", in which four files are included. One of those seems to be a registry item, and I'm not sure what the other three are. I won't have access to that computer again until this evening, so I can't tell you exactly what's in there. Just wondering how I should go about treating this folder and its contents. May it be safely deleted from my desktop?

That should no longer be present as DelFix reported it removed that:-
 

Deleted : C:\Users\Nougat\Desktop\RK_Quarantine

In the event it still is present, perfectly safe to delete it and then empty the Recycle Bin. Do let myself know if you had to delete it manually and I in turn will inform the developer of DelFix.
 

Additionally, there are a couple log files that remained on my desktop after using that last cleanup tool, but they are semi-transparent, as though a temp file might be shown. I believe they both have the text "ini" somewhere in their file names, but I don't recall whether it's in the title of the files or the extension. May I safely delete these from the desktop as well?

DelFix also reports that was taken care of:-

Resetting system settings ... OK

And they relate to some specific system files. Anyway if still present, merely click on:-

Start(Vista Orb) >> Computer >> depress the Alt key so the menu bar appears >> Tools >> Folder Options...

Then in the Folder Options window that appears >> View >> Restore Defaults >> Apply >> OK
  • 0

#19
tylenol_island

tylenol_island

    Member

  • Topic Starter
  • Member
  • PipPip
  • 38 posts

Great, thanks!  I did have to manually delete the RK_Quarantine folder, which I've done successfully and have since emptied the Recycle Bin.  I've also successfully reset the View so those .ini files no longer show on my desktop.  

 

Looks like I'm good to go!   :yeah:

 

Thanks once more,


  • 0

#20
Dakeyras

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,684 posts
Acknowledged...

--------------

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP