- Nov 30, 2012
- 22,757
- 618
- 121
So I admin my parent's computer and network. I run a pretty damn tight ship. My parent's computer is protected with Bitdefender Free, VooDoo Shield and the browser runs in Sandboxie. Also, the browser has Noscript and uBlock installed. uBlock prevents ADs which could be laced with malware and uses the malware domain list. I also scan the crap out of the computer with Malwarebytes, Super Anti Spyware, ADwCleaner, Junkware Removal Tool, TDSSKiller, GMER, Rougekiller, Hijackthis, and I even run some live CDs on the computer in a non-boot environment as an extra precaution. Nothing found at all. Despite this, my mom goes to log into Facebook and sees this and can't login.
I was so PISSED! to say the least. Because I know damn well there is no malware on the damn computer. What's more is that on this computer I was able to log into my Facebook account with no issue. I even tried another browser and Facebook would not allow my mom to log in. So you know what Facebook wanted me to do? Run their Trend micro scanner. I was like 'the hell I'm running some crap program on a clean machine'! Especially from privacy invading Facebook! But after all my resources were exhausted I ran the damn Trend micro scanner anyway. It said it found four BS items all of the same name of which I can't remember now. I call them BS because I Googled this name and found nothing except other people reporting the same crap on the Internet. But doing this and satisfying Facebook my mom was then able to log into her account.
What I find so disturbing is that it's almost as if they are advertising Trend micro. God only knows what the scanner was doing. Probably uploaded a list of stuff on the computer to Facebook and/or Trend micro. But what was I gonna do? I'll talk about that latter on in section (B) below.
So after this Trend micro BS scan. I dug into the computer for any changes and new registry entries that may have been placed there. I found no new registry entries. I did find a lot of Trend micro crap under AppData\Local\Temp\. The most notable were the following places:
C:\Users\"USER_NAME"\AppData\Local\Temp\HC_1E69.tmp\Updater\AUCache\AU_Cache
C:\Users\"USER_NAME"\AppData\Local\Temp\HC_D411.tmp\Updater\AUCache\AU_Cache
C:\Windows\Prefetch\TRENDMICRO.EXE-C03BA22E.pf
C:\Windows\Prefetch\TRENDMICRO.EXE-FADF8549.pf
C:\Windows\Prefetch\TRENDMICRO_T1314239605261586T-0CB3DBA8.pf
C:\Windows\Prefetch\TRENDMICRO_T1314239605261586T-B2FA11AA.pf
But here's the most interesting. I ran Rougekiller after the Trend micro scan and Rougekiller found an entry from Trend micro that seemed like it could have been attached to svchost.exe. I promptly removed it and ran Rougekiller again and found nothing.
===Section B===
So you know what I'll will do if I see this crap pop up on my Facebook account? Since you have no choice in the matter to run the damn Trend micro scanner to satisfy Facecrooked, I'll just have it run in a virtual machine. The hell I'm going to let their scanner touch my computer! Especially since I FDE all my machines!
Just in case if you were wondering if this was a Facebook malware pop up or some crap. Yes, I thought that when I seen it and when I dug around it's real from Facecrook.
https://www.facebook.com/notes/facebook-security/malware-checkpoint-for-facebook/10150902333195766/
https://www.facebook.com/help/community/question/?id=747730905321731
Now I've read on another social networking site by a person who posted about this very thing. Interesting enough a Facebook engineer posted that he helped design this asinine crap and he says it's more of an art and not a science. So it looks like my mom triggered their BS algorithm thinking my mom was spreading malware or spam or some damn thing. Who knows, but this is absolute BS! Any platform that uses some asinine algorithm as an art rather than a science is a HUGE disparage for their users. Does Reddit, Twitter or other social networking sites even have such garbage?
I was so PISSED! to say the least. Because I know damn well there is no malware on the damn computer. What's more is that on this computer I was able to log into my Facebook account with no issue. I even tried another browser and Facebook would not allow my mom to log in. So you know what Facebook wanted me to do? Run their Trend micro scanner. I was like 'the hell I'm running some crap program on a clean machine'! Especially from privacy invading Facebook! But after all my resources were exhausted I ran the damn Trend micro scanner anyway. It said it found four BS items all of the same name of which I can't remember now. I call them BS because I Googled this name and found nothing except other people reporting the same crap on the Internet. But doing this and satisfying Facebook my mom was then able to log into her account.
What I find so disturbing is that it's almost as if they are advertising Trend micro. God only knows what the scanner was doing. Probably uploaded a list of stuff on the computer to Facebook and/or Trend micro. But what was I gonna do? I'll talk about that latter on in section (B) below.
So after this Trend micro BS scan. I dug into the computer for any changes and new registry entries that may have been placed there. I found no new registry entries. I did find a lot of Trend micro crap under AppData\Local\Temp\. The most notable were the following places:
C:\Users\"USER_NAME"\AppData\Local\Temp\HC_1E69.tmp\Updater\AUCache\AU_Cache
C:\Users\"USER_NAME"\AppData\Local\Temp\HC_D411.tmp\Updater\AUCache\AU_Cache
C:\Windows\Prefetch\TRENDMICRO.EXE-C03BA22E.pf
C:\Windows\Prefetch\TRENDMICRO.EXE-FADF8549.pf
C:\Windows\Prefetch\TRENDMICRO_T1314239605261586T-0CB3DBA8.pf
C:\Windows\Prefetch\TRENDMICRO_T1314239605261586T-B2FA11AA.pf
But here's the most interesting. I ran Rougekiller after the Trend micro scan and Rougekiller found an entry from Trend micro that seemed like it could have been attached to svchost.exe. I promptly removed it and ran Rougekiller again and found nothing.
===Section B===
So you know what I'll will do if I see this crap pop up on my Facebook account? Since you have no choice in the matter to run the damn Trend micro scanner to satisfy Facecrooked, I'll just have it run in a virtual machine. The hell I'm going to let their scanner touch my computer! Especially since I FDE all my machines!
Just in case if you were wondering if this was a Facebook malware pop up or some crap. Yes, I thought that when I seen it and when I dug around it's real from Facecrook.
https://www.facebook.com/notes/facebook-security/malware-checkpoint-for-facebook/10150902333195766/
https://www.facebook.com/help/community/question/?id=747730905321731
Now I've read on another social networking site by a person who posted about this very thing. Interesting enough a Facebook engineer posted that he helped design this asinine crap and he says it's more of an art and not a science. So it looks like my mom triggered their BS algorithm thinking my mom was spreading malware or spam or some damn thing. Who knows, but this is absolute BS! Any platform that uses some asinine algorithm as an art rather than a science is a HUGE disparage for their users. Does Reddit, Twitter or other social networking sites even have such garbage?
Facebook
Twitter