Reply
New Visitor
mrvinotinto
Posts: 3
Registered: ‎11-16-2012

Trojan_Adware_Generic Bot and Removal

I got a Constant Guard Alert in my email that said:

 

XFINITY identified one or more of your computers may be infected with a bot. You might have already seen an Alert from XFINITY informing you about bot activity.

We strongly recommend you take action to remove malicious software from your computers.

We appreciate your prompt attention to this important security notice.

 

Sincerely,
Constant Guard from XFINITY

 

I have two computers.  I  ran the Windows Malaware Removal Tool on both and it found nothing.  I ran  Norton, and found nothing.  I then ran AmIBotted and it found:  Trojan_Adware_Generic, last yeterday.

 

I then downloaded the Constant Guard Suite and re-ran AmIBotted and it's still finding Trojan_Adware_Generic from yesterday.  How do I know the bot has been removed?

Silver Problem Solver
BruceW
Posts: 5,263
Registered: ‎12-03-2007

Re: Trojan_Adware_Generic Bot and Removal

Comcast does not know if a system behind your modem is infected, only that your modem connected with an IP which Comcast believes to be part of a botnet.

 

Detections on AmIBotted remain for 7 days. If more traffic is detected, then "Times Seen" will increment, and "Last Seen" will advance.

 

You might try giving Comcast Security Assurance a call. They're the group that operates the detection system and might have additional information: 1-888-565-4329 6am-2am Eastern time, http://security.comcast.net/get-help/contact-comcast-security.aspx.

 

Good luck and please keep us posted.

New Visitor
mrvinotinto
Posts: 3
Registered: ‎11-16-2012

Re: Trojan_Adware_Generic Bot and Removal

AmIBotted does not show any activity since the last one on 11-15.  Does that mean whatever I had was removed?

 

Also, I just thought of something else.  I have two computers *and* a Kindle Fire.  Could the Kindle be the one that is botted?  And if so, how do I check it.  Obviously it's not running microsoft, so the malaware removal tool would not work.

Regular Contributor
Posts: 52
Registered: ‎05-31-2007

Re: Trojan_Adware_Generic Bot and Removal

I have also been getting the warning about Adware_Generic for a couple of weeks.  In my Case I have the Norton Security Suite from Comcast installed and I have also run the MSRT which the message claims can find/remove this particular Trojan/Bot.  None of these have found anything and in fact based on the time at which this was seen the particular computer has been totally rebuilt from the Mfgs. Distribution disks.

 

Now today when I try to use the XFINITY Am I Botted Service I'm getting the page not found error from multiple computers--So what gives?

 

Also, it would be really helpful if the email you receive from Comcast or the Am I Botted Website would provide additional information about how/when/where the Bot is being detected, minimally I would like the IP address that you saw accessed from my IP/Modem that makes you think I have a BOT.

 

Thank You

Regular Contributor
Posts: 52
Registered: ‎05-31-2007

Re: Trojan_Adware_Generic Bot and Removal

It appears that the address for the web page for the Am I botted has changed

 

Used to be https://amibotted.comcast.net/authorized.html#

 

It is now https://amibotted.comcast.net/

 

What is also odd is if you store the address immediately above as a favorite, wait one minute and then click on the favorite the time at for when the BOT is last seen will change to the time at which you clicked on the favorite.

.........................

 

Security Expert
USAF_E-8_RET
Posts: 4,901
Registered: ‎10-28-2003

Re: Trojan_Adware_Generic Bot and Removal

Could this be the reason?

http://forums.comcast.com/t5/Security-and-Anti-Virus/New-Am-I-Botted-Released/m-p/1493699#U1493699

 

A veteran - whether active duty, retired, national guard, or reserve - is someone who, at one point in his or her life, wrote a blank check made payable to The 'United States of America', for an amount of 'up to and including my life.'

New Visitor
mrvinotinto
Posts: 3
Registered: ‎11-16-2012

Re: Trojan_Adware_Generic Bot and Removal

OP here.  I'm still not sure what caused the alert, but according to AmIBot there has been no new 'bot' activity in my IP.  I guess that's good news, but I'm unsure what caused it in the first place.  And after I downloaded Constant Guard, Flash has been crashing causing Firefox to crash constantly.