You should have been given a link to Am I Botted. Did you check there? What does it tell you?https://amibotted.comcast.net/all-clear.html
There should also be a so-called self-help guide. This is totally useless and won't do anything to help you determine IF there is a bot and on which computer. The procedures do not show any infections/malware. It will want you to download and install the Constant Guard Protection Suite, which includes Norton Security. Another option is to get help from paid support, which is from a 3rd party, not Comcast.
And unless they changed the wording of the notice, it says
Constant Guard from XFINITY identified that one or more of your computers may be infected with a bot.
That does not necessarily mean there is one.
No, they will not be able to tell you which computer "MAY" have a bot.
And in the Comcast help forum, where there are NUMEROUS posts about this you could be told by an employee (if one happens to stumble upon your post) that they observed signs of likely
malware infection. If questioned they will then say you "likely" have a bot.
First aid following a botnet notice is to run a full scan with your AV software. If that comes up clean, try the free version of Malwarebytes Anti-Malware.
Then check Am I Botted again the next day, preferably 24 hours later.
Comcast National Engineering in the Comcast help forum
The notice is tied to your modem
Something using your cable modem is exhibiting the behaviour of a bot.
we're only alerting you because we are seeing activity from *something* behind your modem that is bot traffic. We can't tell you which device it is because that would require us to do Deep Packet Inspection, which nobody wants - we care about your privacy, and will not do that.
I recommend you contact CSA, who can further assist you with figuring out which device behind your modem is infected and can remove the notice.
Normal business hours (6:00 am to 2:00 am EST, 7 days a week) 888-565-4329http://forums.comcast.com/t5/Security-and-Anti-Virus/constant-guard-alert-bot/m-p/1467167/highlight/true#M89784
Also from the that same topic which is why you should recheck after 24 hours. (if you get curious you can check before then)
1) going to the amibotted does not rescan it just reports that they saw activity in the last 24-26 hours.
2) Comcast clears the you are botted message after a few hours so it you wait 27-30 hours the website will say you do not have a bot until the magical bot activity is seen again.
For what it's worth, I received one of those notices in February. Am I Botted said yep, you are.
I ran AV and MBAM scans on the 2 computers I had access to. Nothing was found yet I was still told there was a bot. At that point I decided not to fool around with taking over the 3rd computer to run the scans. My husband would not have been happy giving it up for a while.
And the 4th computer it could have been on was one belonging to a guest in my home, and he had left the day before. As he is a long haul truck driver and would have had to pay for Wifi access at a truck stop I did not contact him and request he check his laptop.
The next day I checked again and Am I Botted gave the All Clear.
A lot of people have also reported that they were given the all clear about 24 hours later.
At this point in time don't panic and don't worry about it to much. If Am I Botted does keeps saying you are THEN you can do whatever it takes to determine whether it's fact or fiction.
side note: I recall Broni, who helps people clean up infected systems, also got one of the notices. Just for fun I looked up the topic he started in the Comcast forum. He was very critical of the notices, as have been many others and I happen to agree with them.
Edited by Queen-Evie, 22 June 2013 - 01:53 PM.