Constant Guard Service Alert
Bat Phil
batphil64 at gmail.com
Sun Sep 7 13:29:23 UTC 2014
When you say you got an "alert" do you mean an e-mail or an instant message
type alert?
The internet is full of so-called security companies who use these sort of
tactics scare users into believing that they have a problem with their
system, that usually doesn't actually exist, and that the solution they are
SELLING can resolve. Mostly the packages they sell are over-priced and next
to useless.
Let's face it, if their software was actually any good, then it would be
widely known, well-respected and in widespread use. Then they would not
need to resort to such cynical marketing ploys.
My advice, for what it's worth is ignore any such alerts. However, if you
are still worried, then there are lots of technical forums out there and
users that will both point you in the direction of numerous free tools and
give you the knowledge to use them.
All the best
Phil
On 7 September 2014 13:55, Mickey <binarynut at comcast.net> wrote:
> Then as a Linux user it does not apply to me or do I have to remove it
> and How ?
>
>
>
>
> On 09/06/2014 08:47 PM, Mark Bidewell wrote:
>
> Interesting, I got an alert at 6:33PM. My PCs are OSX, Linux Mint and
> SolydXK with assorted VMs. I'm scanning, but I wonder if there is a
> malfunction as the bot detected was Windows related. Go to:
> https://amibotted.comcast.net/. My output reads:
>
> ================
>
> Bot Notes:
>
> Threat behaviors: Downloads rootkits and steals sensitive
> information.
> Threat type (intent): Information Stealer (Information Theft &
> Sublease tool).
> Alternate names: W32.Rootkit /W32.Alureon/
> W32.Renos/W32.TDSS/W32.DNSChanger
> Threat behavior description:
> The TDL/TDSS Gang (aka., Tyler Durden Loader). The TDL rootkit is a
> Master Boot Record (MBR) infector, targeting Microsoft Windows systems. The
> latest TDL rootkit is currently Version 4, and utilizes MBR hooking, a
> process that deceives a user by appearing to have been initially deleted.
> Upon a system restart, the rootkit/trojan is re-installed. This provides
> the remote attacker highly persistent backdoors into victim systems. Public
> research estimates the TDL/TDSS group to have been in operation since
> mid-2008.
>
> Observed traits:
> The TDL/TDSS rootkit has been observed spreading via spam and phishing
> e-mails. The observed stages of infection are as follows:
>
> Infect a victim (Stage 1) via spam, drive-by-downloads, and malicious
> attachments.Wait idle until the Stage 2 Trojan is ready for download.
> Load a rootkit Trojan (Stage 2).
> Alter the system to obfuscate Stage 1 and 2 infections (Stage 3).
> Infect other sites, allowing third-party access to sensitive information.
>
> Capabilities:
> After an initial infection, the Stage 2 rootkit is normally loaded via a
> fast-flux worm. Once the infection has passed to Stage 3, various other
> threats (such as ZeusBot, Buzus, RogueAV, PoisonIvy, etc.) may be installed
> and utilized by criminal operators. The authors behind the RudeWarlockMob
> are members of a professional criminal organization that also offers
> affiliate funding to anonymous distribution providers, infection operators,
> and other criminals.
>
> Times Seen: 23
>
>
> On Sat, Sep 6, 2014 at 8:02 PM, Anthony Messina <amessina at messinet.com>
> wrote:
>
>> On Saturday, September 06, 2014 06:39:46 PM Mickey wrote:
>> > Got a email from Comcast.net, saying I have a Bot on my Computer, and
>> how to
>> > elimnate it, Not so sure that I want to follow their directions.
>> >
>> > How I would I determine if this is true using Linux , I have Fedora 20
>> > installed ?
>>
>> Maybe your neighbor's infected computer is borrowing your WiFi ;)
>>
>> In short, don't forget about other devices that may be using your internet
>> link such as mobile phones, tablets, TVs, etc.
>>
>> --
>> Anthony - https://messinet.com/ - https://messinet.com/~amessina/gallery
>> 8F89 <https://messinet.com/%7Eamessina/gallery%0A8F89> 5E72 8DF0 BCF0
>> 10BE 9967 92DC 35DC B001 4A4E
>>
>> --
>> users mailing list
>> users at lists.fedoraproject.org
>> To unsubscribe or change subscription options:
>> https://admin.fedoraproject.org/mailman/listinfo/users
>> Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
>> Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
>> Have a question? Ask away: http://ask.fedoraproject.org
>>
>>
>
>
> --
> Mark Bidewell
> http://www.linkedin.com/in/markbidewell
>
>
>
>
> --
> users mailing list
> users at lists.fedoraproject.org
> To unsubscribe or change subscription options:
> https://admin.fedoraproject.org/mailman/listinfo/users
> Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
> Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
> Have a question? Ask away: http://ask.fedoraproject.org
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.fedoraproject.org/pipermail/users/attachments/20140907/e192a0e5/attachment.html>
More information about the users
mailing list