Not many months ago Facebook partnered with antivirus vendors to come up with a plan for aiding their customers in the ever ongoing fight against malware and mere days ago the Malware Checkpoint for Facebook was born. It enables the use of Scan and Repair by McAfee or Security Essentials by Microsoft (available via the Facebook Anti-Virus Marketplace) and run them from an interface on Facebook via a click.

“Previously, if you suspected you may have malware installed on your device, you would either need to run anti-virus on your device or wait until Facebook identified an actionable threat,” writes Facebook in their blog post on the release of this product. “Now, with our new self-enrollment malware checkpoint, you will be able to proactively obtain your choice of a free anti-virus product to scan and clean your system.”

The McAfee product does a single one-time scan, but the Microsoft product is a full on antivirus (that sockets nicely with Windows.) This is a good thing because it increases the education and use of antivirus across the board to make the Internet a more hostile place to malware in general.

We currently offer two products for all of our users: McAfee’s Scan and Repair and Microsoft’s Security Essentials.

1. The McAfee option will download a small program onto your Windows computer to perform a one-time scan of your system for malware. It will not interfere with your existing anti-virus or other security products. After it scans your system, it will give you the option to automatically or manually remove the files it flags as malicious.
2. The Microsoft Security Essentials option is a full anti-virus product. Upon download and install, it will add anti-virus software to your computer that will continue to protect your system with the latest anti-virus signatures from Microsoft.

The launch of this product, however, hasn’t been without some friction with users. Already it’s been on the marketplace for about three days and complaints are rolling in about incompatibilities, false-positives, and getting blocked from Facebook. According to an article at InfoWorld, some users have claimed that joining the Malware Checkpoint service has led to their accounts being locked.

“Facebook is forcing me to run McAfee Scan and Repair to unlock my account. It freezes every time,” Nikki Fisher wrote in the “Malware Checkpoint for Facebook” blog post’s comment section. “I have spent hours trying to find a solution and/or an actual person from Facebook who can help me. Fat waste of time.”

Proactive but not active anti-malware/scam scanning services

Anti-malware scans probably won’t help against many of the issues that Facebook users currently face which include not just infections, but clickjacking and other scams. Certainly a one-time scan will enable them to know that they’ve been previously infected and a Microsoft antivirus product would give them some layer of protection, but it doesn’t address how scams use Facebook to propagate.

Facebook might be better off working out some mechanism that combines the power of an expert system on Facebook that uses all the data it can get from the social media company’s Big Data to identify current malware trends combined with an on-client antivirus that can actively watch for malware accessing Facebook.

There’s some seemingly good reasons to lock people out of their account if malicious activity is detected, and it’s hard to tell if these products are capable of that; but false positives will abound and if Facebook does locked people out, they should have the ability to unlock themselves without using the product.

A warning, “Malware Checkpoint has detected activity we believe to be malicious,” appearing in Facebook might be effective enough to allow the user to choose to run their product to check on what’s happening and send that data to Facebook to compare to what other users encountered. No need for blocking people from their accounts for just the detection of malware; actual compromised or malicious behavior should be appearing on Facebook itself first.

If Facebook wants an immune system, they’re going to first have to train their customers to be part of it.