FaceBook pop-up

August 29, 2023

Hi:

I have this annoying pop-up on FB that purports to be from FB itself, telling me that I am"restricted" for so many hours because I posted non-regulation whatever.

One strange thing about the pop-up is it seems to start a countdown at some point, ie the number of hours you will be 'restricted start at 24 and decrease hourly. A very good friend just died yesterday while on vacation with his wife and kids, so there's a lot going on that I have to keep track of and this is making me pull my hair out.

It doesn't actually stop me from doing anything, it just pops up every time I do anything, eg: like, post, whatever, it pops up and I have to clear it before I can do the next thing.

Windows Pro Ed 10.0, 19045; Firefox 116.0.3 64 bit; Kaspersky Total 21.3.10, updates every day.

I did run a full scan on top of the automatic quick scan that runs every day, but it picks up nothing.

Any help or ideas to get rid of this appreciated.

TIA

August 29, 2023

@cybercrone

FB restricted your account, this is not a Kaspersky related issue. Also, if Kaspersky picks up nothing then your system is clean.

August 30, 2023

Hi Berny:

The key word in my question was "purports". It tries to look like a FB pop-up, which I don't believe they even have, but it's not.

If you run afoul of FB you get taken to a special site where they explain the error of your ways.

August 30, 2023

@cybercrone

Please download and run AdwCleaner(*) as ADMIN :

⚠️ Don’t fix eventual detections
Please attach the TXT Log in your next post

(*) No installation required.

September 13, 2023

Thanks so much for this.

Most of that is done. But I can't figure out how to attach it since the file type is .txt which is not accepted.

Save as a different file type or use one of the other media choices, neither of which I have any idea of how to work with.

September 13, 2023

@cybercrone You are welcome.

Please copy/paste the TXT Log in your next Post.

September 14, 2023

AdwCleaner report :

Spoiler

# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build:    08-30-2022
# Database: 2023-07-19.3 (Cloud)
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    09-12-2023
# Duration: 00:00:28
# OS:       Windows 10 (Build 19045.3324)
# Scanned: 32105
# Detected: 82

***** [ Services ] *****

PUP.Optional.Assistant Amazon Assistant Service

***** [ Folders ] *****

Adware.pokki C:\Users\Public\Pokki
PUP.Optional.AmazonAssistant C:\Program Files (x86)\Amazon\Amazon Assistant

***** [ Files ] *****

PUP.Optional.Assistant C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AmazonAssistant.lnk
PUP.Optional.Assistant C:\Users\Granny\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\AmazonAssistant.lnk

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Optional.Amazon1Button      HKCU\Software\APPDATALOW\SOFTWARE\AMAZON\Amazon1ButtonApp
PUP.Optional.Amazon1Button      HKCU\Software\Classes\Software\APPDATALOW\SOFTWARE\AMAZON\Amazon1ButtonApp
PUP.Optional.Amazon1Button      HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION|Amazon1ButtonTaskbarApp.exe
PUP.Optional.Amazon1Button      HKLM\Software\Classes\Amazon1ButtonBrowserHelper.Amazon1ButtonBHO
PUP.Optional.Amazon1Button      HKLM\Software\Classes\Amazon1ButtonRuntime.Amazon1ButtonRuntime
PUP.Optional.Amazon1Button      HKLM\Software\Classes\Amazon1ButtonRuntime.AmazonRuntimeServer
PUP.Optional.Amazon1Button      HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F5415905096AA504A9FB967C7A138943
PUP.Optional.Amazon1Button      HKLM\Software\Wow6432Node\APPDATALOW\SOFTWARE\AMAZON\Amazon1ButtonApp
PUP.Optional.Amazon1Button      HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION|Amazon1ButtonTaskbarApp.exe
PUP.Optional.Amazon1Button      HKU\.DEFAULT\Software\APPDATALOW\SOFTWARE\AMAZON\Amazon1ButtonApp
PUP.Optional.Amazon1Button      HKU\S-1-5-18\Software\APPDATALOW\SOFTWARE\AMAZON\Amazon1ButtonApp
PUP.Optional.AmazonAssistant    HKCU\Software\AppDataLow\Software\Amazon\AmazonAssistant
PUP.Optional.AmazonAssistant    HKLM\SOFTWARE\Classes\AppID\AmazonAppIE.dll
PUP.Optional.AmazonAssistant    HKLM\Software\Classes\AppID\{F18AE3C4-D2AD-42AC-9282-509DCF035D06}
PUP.Optional.AmazonAssistant    HKLM\Software\Classes\CLSID\{7B28BD81-CC45-4ADB-A043-12E35A15C402}
PUP.Optional.AmazonAssistant    HKLM\Software\Classes\Interface\{3268A00F-D329-42E1-ABF0-E78D5656BA2A}
PUP.Optional.AmazonAssistant    HKLM\Software\Classes\Interface\{571139B2-8D93-4B29-9AA9-496EF27D6AF8}
PUP.Optional.AmazonAssistant    HKLM\Software\Classes\TypeLib\{55B621F9-BAE8-4CF7-9D76-1DB25CD95850}
PUP.Optional.AmazonAssistant    HKLM\Software\Classes\TypeLib\{E6AB05A4-A387-4083-91A5-E89A8DCEEBC0}
PUP.Optional.AmazonAssistant    HKLM\Software\Wow6432Node\Amazon\AmazonAssistant
PUP.Optional.AmazonAssistant    HKLM\Software\Wow6432Node\\AppDataLow\Software\Amazon\AmazonAssistant
PUP.Optional.AmazonAssistant    HKLM\Software\Wow6432Node\\Classes\AppID\AmazonAppIE.dll
PUP.Optional.AmazonAssistant    HKLM\Software\Wow6432Node\\Classes\AppID\{F18AE3C4-D2AD-42AC-9282-509DCF035D06}
PUP.Optional.AmazonAssistant    HKLM\Software\Wow6432Node\\Classes\CLSID\{7B28BD81-CC45-4ADB-A043-12E35A15C402}
PUP.Optional.AmazonAssistant    HKLM\Software\Wow6432Node\\Classes\Interface\{3268A00F-D329-42E1-ABF0-E78D5656BA2A}
PUP.Optional.AmazonAssistant    HKLM\Software\Wow6432Node\\Classes\Interface\{571139B2-8D93-4B29-9AA9-496EF27D6AF8}
PUP.Optional.AmazonAssistant    HKLM\Software\Wow6432Node\\Classes\Interface\{6B7479D5-C493-40F0-99B6-BFC901980034}
PUP.Optional.AmazonAssistant    HKLM\Software\Wow6432Node\\Classes\Interface\{BFF94CF8-2D3B-4B2F-BB83-3600280AFEBA}
PUP.Optional.AmazonAssistant    HKLM\Software\Wow6432Node\\Classes\TypeLib\{55B621F9-BAE8-4CF7-9D76-1DB25CD95850}
PUP.Optional.AmazonAssistant    HKLM\Software\Wow6432Node\\Classes\TypeLib\{E6AB05A4-A387-4083-91A5-E89A8DCEEBC0}
PUP.Optional.AmazonAssistant    HKU\.DEFAULT\Software\AppDataLow\Software\Amazon\AmazonAssistant
PUP.Optional.AmazonAssistant    HKU\S-1-5-18\Software\AppDataLow\Software\Amazon\AmazonAssistant
PUP.Optional.Assistant          HKLM\Software\Classes\CLSID\{0ddcea2a-7b00-4349-8acb-af7ba6da251f}
PUP.Optional.Assistant          HKLM\Software\Wow6432Node\\Classes\CLSID\{0ddcea2a-7b00-4349-8acb-af7ba6da251f}
PUP.Optional.Assistant          HKLM\System\CurrentControlSet\Services\EventLog\Application\Amazon Assistant Service
PUP.Optional.Assistant          HKLM\System\Setup\FirstBoot\Services\Amazon Assistant Service
PUP.Optional.Legacy             HKLM\Software\Classes\CLSID\{BAC72C85-CEC6-4B86-AF06-FA20C259FAB8}
PUP.Optional.Legacy             HKLM\Software\Classes\CLSID\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE}
PUP.Optional.Legacy             HKLM\Software\Classes\CLSID\{E4ADC61E-D06A-4E0E-8582-78C809CC8450}
PUP.Optional.Legacy             HKLM\Software\Classes\Installer\Features\A38C15B2D5649AE4C9CDE19DE50DA96C
PUP.Optional.Legacy             HKLM\Software\Classes\Installer\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
PUP.Optional.Legacy             HKLM\Software\Classes\TypeLib\{EB2BEAEF-150C-4DE4-9D09-F16403C22769}
PUP.Optional.Legacy             HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\CLSID\{6557DB6C-EFE1-45AC-92A6-FBB1554B7502}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\CLSID\{BAC72C85-CEC6-4B86-AF06-FA20C259FAB8}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\CLSID\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\CLSID\{E4ADC61E-D06A-4E0E-8582-78C809CC8450}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\TypeLib\{EB2BEAEF-150C-4DE4-9D09-F16403C22769}

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

Preinstalled.ACERAOPFramework   Folder   C:\Program Files (x86)\ACER\AOP FRAMEWORK
Preinstalled.ACERAOPFramework   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|BacKGround Agent
Preinstalled.ACERAOPFramework   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{4A37A114-702F-4055-A4B6-16571D4A5353}
Preinstalled.ACERClear.fiShellExtension   Registry   HKLM\Software\Wow6432Node\\Classes\CLSID\{ED32C084-BABB-11E1-B491-D4D66088709B}
Preinstalled.AcerCareCenter   Folder   C:\Program Files (x86)\ACER\CARE CENTER
Preinstalled.AcerCareCenter   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{663FDF8D-DD5F-463D-890E-083CD381FC9A}
Preinstalled.AcerCareCenter   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{663FDF8D-DD5F-463D-890E-083CD381FC9A}
Preinstalled.AcerCareCenter   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{76984537-9E0B-493B-BDEF-D29FF6E7244A}
Preinstalled.AcerCareCenter   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ACCAgent
Preinstalled.AcerCareCenter   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ACCBackgroundApplication
Preinstalled.AcerCareCenter   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1AF41E84-3408-499A-8C93-8891F0612719}
Preinstalled.AcerCareCenter   Task   C:\Windows\System32\Tasks\ACCAGENT
Preinstalled.AcerCareCenter   Task   C:\Windows\System32\Tasks\ACCBACKGROUNDAPPLICATION
Preinstalled.AcerJumpstart   Folder   C:\Program Files (x86)\ACER\ACER JUMPSTART
Preinstalled.AcerPortal   Folder   C:\Program Files (x86)\ACER\ACER PORTAL
Preinstalled.AcerPortal   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}
Preinstalled.AcerQuickAccess   Folder   C:\Program Files\ACER\ACER QUICK ACCESS
Preinstalled.AcerQuickAccess   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4533FB87-6E78-4637-A64D-66B220D113EB}
Preinstalled.AcerQuickAccess   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Quick Access
Preinstalled.AcerQuickAccess   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8BBF04F1-C68A-441C-B5EF-446EE9960EAF}
Preinstalled.AcerQuickAccess   Task   C:\Windows\System32\Tasks\QUICK ACCESS
Preinstalled.AcerUEIPFramework   Folder   C:\Program Files\ACER\USER EXPERIENCE IMPROVEMENT PROGRAM\FRAMEWORK
Preinstalled.AcerUEIPFramework   Folder   C:\Program Files\ACER\USER EXPERIENCE IMPROVEMENT PROGRAM\PLUGIN\APPMONITOR
Preinstalled.AcerUEIPFramework   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2E0706F4-D0F5-440D-8A67-C9E43EC9129F}
Preinstalled.AcerUEIPFramework   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\UbtFrameworkService
Preinstalled.AcerUEIPFramework   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{12A718F2-2357-4D41-9E1F-18583A4745F7}
Preinstalled.AcerUEIPFramework   Task   C:\Windows\System32\Tasks\UBTFRAMEWORKSERVICE
Preinstalled.AcerUpdater   Folder   C:\ProgramData\ACER\ACER UPDATER
Preinstalled.AcerabBox   Registry   HKLM\Software\Classes\CLSID\{5CCE71FA-9F61-4F24-9CD1-98D819B40D68}

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########

September 14, 2023

@cybercrone

Please run AdwCleaner as ADMIN :

Delete "PUP" detections
Keep the "Preinstalled" detections ⚠️
Clear Browser Cache
Reboot

Also , please check your Start Up items & Browser extensions ?

If the problem is persisting please reset Firefox to Default Settings ?

FYI please see : Kaspersky: Basic, Standard, Plus, Premium - info & FAQ → Q1

September 14, 2023

Thanks Berny.

Another friend suggested checking Start up and extensions. I see nothing that I have not put there and hasn't been there for years.

I will do the AdwCleaner now.

September 15, 2023

I've done all of the above. That annoyance always shows up between 10:30 and 11:30 p.m. EST.

I'll let you know in a day or two how it worked out. Thanks so much for your help and patience.

September 15, 2023

@cybercrone You are welcome.

Can you please post a screenshot from the FB pop-up, please take care to hide personal details.

FaceBook pop-up

Recommended Posts

cybercrone

Berny

cybercrone

Berny

cybercrone

Berny

cybercrone

Berny

cybercrone

cybercrone

Berny

Please sign in to comment

Forum

Products

Support

Personal Account