The someone boopme asked to take a look has arrived.
I will assume you checked using Am I Botted?
which told you that you have this bot Adware_CriminalFinancial_SProtector.
Do you have a network set up and have more than one computer connected to the network? If you do, it could be on any computer that is on your network. Then again, there may be NO bot.
Did you receive an email from Comcast about this?
Unless they changed the wording of the notice, it says
Constant Guard from XFINITY identified that one or more of your computers may be infected with a bot.
That does not necessarily mean there is one.
Do you have a network set up? If so, it could be on any of the computers that connect to your network. Then again, as stated above, there may be no bot on any of them.
No, they will not be able to tell you which computer "MAY" have a bot.
And in the Comcast help forum, where there are NUMEROUS posts about this you could be told by an employee (if one happens to stumble upon your post) that they observed signs of likely
malware infection. If questioned they will then say you "likely" have a bot.
The notice is tied to your MODEM which is why if there is a network you don't know which computer MAY have a bot.
Comcast National Engineering in the Comcast help forum
The notice is tied to your modem
Something using your cable modem is exhibiting the behaviour of a bot.
we're only alerting you because we are seeing activity from *something* behind your modem that is bot traffic. We can't tell you which device it is because that would require us to do Deep Packet Inspection, which nobody wants - we care about your privacy, and will not do that.
I recommend you contact CSA, who can further assist you with figuring out which device behind your modem is infected and can remove the notice.
Normal business hours (6:00 am to 2:00 am EST, 7 days a week) 888-565-4329http://forums.comcast.com/t5/Security-and-Anti-Virus/constant-guard-alert-bot/m-p/1467167/highlight/true#M89784
First aid following a botnet notice is to run a full scan with your AV software. If that comes up clean, try the free version of Malwarebytes Anti-Malware.
Since you have already scanned with Malwarebytes my suggestion is to wait 24 hours and then check Am I Botted? again. If you do have a network you will need to scan ALL computers using the network.
(if you get curious you can check before then)
At this point in time don't panic and don't worry about it to much. If Am I Botted does keeps saying you are THEN you can do whatever it takes to determine whether it's fact or fiction. The malware removal folks here at Bleeping Computer will be glad to help you.
1) going to the amibotted does not rescan it just reports that they saw activity in the last 24-26 hours.
2) Comcast clears the you are botted message after a few hours so it you wait 27-30 hours the website will say you do not have a bot until the magical bot activity is seen again.
You may or may not have used the so-called self-help guide. This is totally useless and won't do anything to help you determine IF there is a bot and on which computer. The procedures do not show any infections/malware. It will want you to download and install the Constant Guard Protection Suite, which includes Norton Security. Another option is to get help from paid support, which is from a 3rd party, not Comcast.
I got one of those you may be botted emails in February. I did scan 2 of the 4 computers on my network and scans came up clean. After that I decided to wait the 24 hours and check again. When I did Am I Botted said all clear.
Edited by Queen-Evie, 31 August 2013 - 10:33 PM.