[olug] Fwd: [10.17.2016 34620193] Compromised Computer Notification from Cox Communications
Joseph Gulizia
joseph.gulizia at gmail.com
Mon Oct 17 16:05:25 CDT 2016
Thanks. I'll give it a shot.
Joe
On Mon, Oct 17, 2016 at 4:04 PM, Justin Reiners <justin at hotlinesinc.com>
wrote:
> Joseph,
>
> rkhunter works well. its in the ubuntu repo
>
>
> On Mon, Oct 17, 2016 at 4:02 PM, Joseph Gulizia <joseph.gulizia at gmail.com>
> wrote:
>
> > Lou,
> >
> > These all appear to be Windows only fixes. I AM not running Windows. I
> > have heard that rootkits can get on Linux systems, I want to know how to
> > remove from them if need be.
> >
> > On Mon, Oct 17, 2016 at 1:34 PM, Lou Duchez <lou at paprikash.com> wrote:
> >
> > > The good news about malware these days is, their goal isn't to break
> your
> > > computer, just to hijack it. That means it may be fixable.
> > >
> > > I recommend:
> > >
> > > 1) Disconnect the offending (Windows, presumably) computer from the
> > > Internet.
> > >
> > > 2) Download VIPRE Rescue onto a flash drive on another computer:
> > >
> > > https://www.vipreantivirus.com/support.aspx#vp-Rescue
> > >
> > > 3) Take the flash drive to the compromised computer and try to
> disinfect
> > > it.
> > >
> > > I haven't done battle with rootkits in a few years, but let VIPRE
> Rescue
> > > take a crack at it. If it can do its thing, and then a second scan
> comes
> > > back clean, you may well be fixed.
> > >
> > >
> > > Also, a good utility to have is HiJackThis, a utility to let you see
> what
> > > Windows is loading up, and more importantly you can tell Windows what
> to
> > > stop loading:
> > >
> > > https://sourceforge.net/projects/hjt/
> > >
> > >
> > >
> > > Got one of these emails today. First one ever.
> > >>
> > >> Called Cox they said it's not spam.
> > >>
> > >> Interesting.
> > >>
> > >> Joe
> > >>
> > >> ---------- Forwarded message ----------
> > >> From: Cox Customer Safety <abuse at cox.net>
> > >> Date: Mon, Oct 17, 2016 at 8:52 AM
> > >> Subject: [10.17.2016 34620193] Compromised Computer Notification from
> > Cox
> > >> Communications
> > >> To: Me
> > >>
> > >>
> > >> Dear Subscriber,
> > >>
> > >> Cox has identified that one or more of the computers in your home may
> be
> > >> infected with the Alureon / TDSS Virus.
> > >>
> > >> Viruses can take control of your PC and gather your personal
> information
> > >> such as passwords and credit card numbers, putting your data at risk
> > >>
> > >> The following FREE security tools could help you detect and remove
> > >> infections from your systems:
> > >> The Microsoft Safety Scanner
> > >> http://www.microsoft.com/security/scanner/
> > >>
> > >> Norton Power Eraser
> > >> http://security.symantec.com/nbrt/npe.aspx
> > >>
> > >> Cox Security Suite Plus powered by McAfee is included FREE with your
> Cox
> > >> High Speed Internet service. This software can be used to help
> protect
> > >> up-to 5 devices in your home, including Windows and Mac OS computers,
> > and
> > >> Android and Apple tablets and smartphones.
> > >> To get started, simply browse to www.cox.com/securitysuite and login
> > with
> > >> your Cox primary User ID and Password.
> > >> If you already have an Anti-virus solution installed, you should refer
> > to
> > >> your software manual before installing the Cox Security Suite.
> > >>
> > >> If you need additional support, Cox offers premium technical support
> at
> > >> reasonable rates.
> > >> Visit Cox Tech Solutions at https://secure.coxtechsolutions.com/ or
> > call
> > >> 877.TEC.SOLV (832.7658) to get started.
> > >>
> > >> If you would like additional information on the Alureon / TDSS Virus:
> > >> http://www.microsoft.com/security/portal/threat/
> > >> encyclopedia/Entry.aspx?Name=Virus%3aWin32%2fAlureon.H
> > >>
> > >> If you have any questions regarding this matter, you may call Cox
> > Customer
> > >> Safety at 800-753-6085.
> > >>
> > >> Regards,
> > >>
> > >> Cox Customer Safety
> > >> _______________________________________________
> > >> OLUG mailing list
> > >> OLUG at olug.org
> > >> https://lists.olug.org/mailman/listinfo/olug
> > >>
> > >
> > >
> > > _______________________________________________
> > > OLUG mailing list
> > > OLUG at olug.org
> > > https://lists.olug.org/mailman/listinfo/olug
> > >
> > _______________________________________________
> > OLUG mailing list
> > OLUG at olug.org
> > https://lists.olug.org/mailman/listinfo/olug
> >
> _______________________________________________
> OLUG mailing list
> OLUG at olug.org
> https://lists.olug.org/mailman/listinfo/olug
>
More information about the OLUG
mailing list