Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Do I need to be here for bot infections or in virus removal?


  • Please log in to reply
4 replies to this topic

#1 FXWG

FXWG

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:South byGod Georgia
  • Local time:10:22 AM

Posted 31 August 2013 - 08:51 PM

Do I need to be here for bot infections or in virus removal? Comcast says I have a bot called  Adware_CriminalFinancial_SProtector

I had one about 6 months ago and Malwarebytes Anti-root kit sniffed it out but its not having any luck this time.


Edited by FXWG, 31 August 2013 - 09:12 PM.


BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,331 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:22 AM

Posted 31 August 2013 - 09:37 PM

This may be false Positive.. I will ask some one to look here.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 FXWG

FXWG
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:South byGod Georgia
  • Local time:10:22 AM

Posted 31 August 2013 - 09:42 PM

thanks



#4 Queen-Evie

Queen-Evie

    Official Bleepin' G.R.I.T.S. (and proud of it)


  • Members
  • 16,485 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:My own little corner of the universe (somewhere in Alabama). It's OK, they know me here
  • Local time:09:22 AM

Posted 31 August 2013 - 10:20 PM

The someone boopme asked to take a look has arrived.

I will assume you checked using Am I Botted? which told you that you have this bot Adware_CriminalFinancial_SProtector.
 
Do you have a network set up and have more than one computer connected to the network? If you do, it could be on any computer that is on your network.
 
Then again, there may be NO bot.
 
Did you receive an email from Comcast about this?
 
 Unless they changed the wording of the notice, it says
 

Constant Guard from XFINITY identified that one or more of your computers may be infected with a bot.


That does not necessarily mean there is one.

Do you have a network set up? If so, it could be on any of the computers that connect to your network. Then again, as stated above, there may be no bot on any of them.
 
No, they will not be able to tell you which computer "MAY" have a bot.

And in the Comcast help forum, where there are NUMEROUS posts about this you could be told by an employee (if one happens to stumble upon your post) that they observed signs of likely malware infection. If questioned they will then say you "likely" have a bot.
 
The notice is tied to your MODEM which is why if there is a network you don't know which computer MAY have a bot.
 
From cc_adame Comcast National Engineering in the Comcast help forum

 

The notice is tied to your modem
 
http://forums.comcast.com/t5/Security-and-Anti-Virus/constant-guard-alert-bot/m-p/1466883/highlight/true#M89772

 

Something using your cable modem is exhibiting the behaviour of a bot.
 
http://forums.comcast.com/t5/Security-and-Anti-Virus/constant-guard-alert-bot/m-p/1466891/highlight/true#M89773

 

we're only alerting you because we are seeing activity from *something* behind your modem that is bot traffic. We can't tell you which device it is because that would require us to do Deep Packet Inspection, which nobody wants - we care about your privacy, and will not do that.
 
I recommend you contact CSA, who can further assist you with figuring out which device behind your modem is infected and can remove the notice.
 
Normal business hours (6:00 am to 2:00 am EST, 7 days a week) 888-565-4329http://forums.comcast.com/t5/Security-and-Anti-Virus/constant-guard-alert-bot/m-p/1467167/highlight/true#M89784


First aid following a botnet notice is to run a full scan with your AV software. If that comes up clean, try the free version of Malwarebytes Anti-Malware.
 
Since you have already scanned with Malwarebytes my suggestion is to wait 24 hours and then check Am I Botted? again. If you do have a network you will need to scan ALL computers using the network. 
(if you get curious you can check before then)
 
At this point in time don't panic and don't worry about it to much. If Am I Botted does keeps saying you are THEN you can do whatever it takes to determine whether it's fact or fiction. The malware removal folks here at Bleeping Computer will be glad to help you.
 
 

1) going to the amibotted does not rescan it just reports that they saw activity in the last 24-26 hours.
2) Comcast clears the you are botted message after a few hours so it you wait 27-30 hours the website will say you do not have a bot until the magical bot activity is seen again.
 
http://forums.comcast.com/t5/Security-and-Anti-Virus/constant-guard-alert-bot/m-p/1559963/highlight/true#M91304


You may or may not have used the so-called self-help guide. This is totally useless and won't do anything to help you determine IF there is a bot and on which computer. The procedures do not show any infections/malware. It will want you to download and install the Constant Guard Protection Suite, which includes Norton Security. Another option is to get help from paid support, which is from a 3rd party, not Comcast.

I got one of those you may be botted emails in February. I did scan 2 of the 4 computers on my network and scans came up clean. After that I decided to wait the 24 hours and check again. When I did Am I Botted said all clear.

Edited by Queen-Evie, 31 August 2013 - 10:33 PM.


#5 FXWG

FXWG
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:South byGod Georgia
  • Local time:10:22 AM

Posted 31 August 2013 - 10:48 PM

I have been through this before with comcast and I know that they are worthless at giving any info or help. The last time they tried to charge me $130.00 to let their "experts" remove the bot for me. Like I said Malwarebytes Anti-root kit got that one.

 

This one has been pooping up about once a day for the past few days now. Just enough to keep setting off the bot police. I haven't even gotten an email yet I just visited their site because I was doing a little work on my mother's laptop and wanted to check it and saw that it had popped up. So hers has been gone for a couple of days and it's still there so I has to be on mine.

 

A few more items of interest. I had my hard drive replaced about a week ago and I have been unable to set a restore point so I am a little leary of doing a whole lot until I can do that.

 

I'm not freaking out about this, I don't even think it's dangerous. Just irritating.

 

I have Norton and Constant Guard from Comcrap. It has found nothing.I have run Malwarebyter free, Malwarebytes Antiroot kit, and Rogue killer which found a couple of bad registry files and deleted them.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users