I suddenly had a potential infestation/malware event - when my social media (Facebook & MeWe) showed the following message allegedly coming from me. Quite a few of my personal contacts received this in messenger and mewe.
"Hello, please rate my new presentation, I will accept any criticism 🙂"
I posted an alert telling people it wasn't my message - please delete if you receive this. I ran a full Malwarebytes scan and it didn't see anything amiss. Windows Defender didn't spot anything. I asked around and one tech recommended I run AdvancedSystemCare so I purchased it and installed it. Malwarebytes sort of freaked out, had to disable Malwarebytes to do the install and then to run the application. I queried in the forum about this and learned there was bad blood between IObit and Malwarebytes - since I am a long time (well over a decade) fan/advocate of Malwarebytes - given what appeared to be a 'mandatory choice' - I uninstalled IObit software, it appears to have left some stuff behind - so I had Malwarebytes quarantine whatever it found from ASC and on a reboot it seems that all is now quiet on the IObit front.
All of this activity did NOT address the initial event that caused this quest. The event has NOT recurred - I changed my social media passwords, principal of the thing. Googling the 'message' - gets nothing, nobody seems to be tracking or seeing this message popping up except me a couple days ago?
Sidebar - Chrome got hammered on my personal account - had to verify and Google's notification to my cell phone was NOT working, so I did a 'forgot password' option, then they were able to send me a text with a G-confirm number and I was able to change my password and that appeared to resolve the issue in Chrome. Had to update Edge and Firefox stored password. Chrome was saying 'suspicious activity' on my account was why they had locked me out. They didn't offer any details, and I suspect (but cannot assert with any assurance) that the VPN that came bundled with the ASC package may have caused the Google issue to pop up. As a contra-indication - I often use HMA VPN and it has never triggered Google's AI driven alert system, but it might be that the IObit promoted VPN or its encrypted proxy server has gotten on Google excrement list. .
I haven't seen a recurrence of the spontaneous posting of bogus message content - and it may be entirely unrelated to a malware event - on the other hand, this might be an indication of some new beastie just getting started? It's that possibility that motivates me to post this information here.
Sincerely,
Gordon Lincoln