[olug] Fwd: [10.17.2016 34620193] Compromised Computer Notification from Cox Communications

Mon Oct 17 16:04:17 CDT 2016

Joseph,

rkhunter works well. its in the ubuntu repo

On Mon, Oct 17, 2016 at 4:02 PM, Joseph Gulizia <joseph.gulizia at gmail.com>
wrote:

> Lou,
>
> These all appear to be Windows only fixes.  I AM not running Windows.  I
> have heard that rootkits can get on Linux systems, I want to know how to
> remove from them if need be.
>
> On Mon, Oct 17, 2016 at 1:34 PM, Lou Duchez <lou at paprikash.com> wrote:
>
> > The good news about malware these days is, their goal isn't to break your
> > computer, just to hijack it. That means it may be fixable.
> >
> > I recommend:
> >
> > 1) Disconnect the offending (Windows, presumably) computer from the
> > Internet.
> >
> > 2) Download VIPRE Rescue onto a flash drive on another computer:
> >
> > https://www.vipreantivirus.com/support.aspx#vp-Rescue
> >
> > 3) Take the flash drive to the compromised computer and try to disinfect
> > it.
> >
> > I haven't done battle with rootkits in a few years, but let VIPRE Rescue
> > take a crack at it.  If it can do its thing, and then a second scan comes
> > back clean, you may well be fixed.
> >
> >
> > Also, a good utility to have is HiJackThis, a utility to let you see what
> > Windows is loading up, and more importantly you can tell Windows what to
> > stop loading:
> >
> > https://sourceforge.net/projects/hjt/
> >
> >
> >
> > Got one of these emails today.  First one ever.
> >>
> >> Called Cox they said it's not spam.
> >>
> >> Interesting.
> >>
> >> Joe
> >>
> >> ---------- Forwarded message ----------
> >> From: Cox Customer Safety <abuse at cox.net>
> >> Date: Mon, Oct 17, 2016 at 8:52 AM
> >> Subject: [10.17.2016 34620193] Compromised Computer Notification from
> Cox
> >> Communications
> >> To: Me
> >>
> >>
> >> Dear Subscriber,
> >>
> >> Cox has identified that one or more of the computers in your home may be
> >> infected with the Alureon / TDSS Virus.
> >>
> >> Viruses can take control of your PC and gather your personal information
> >> such as passwords and credit card numbers, putting your data at risk
> >>
> >> The following FREE security tools could help you detect and remove
> >> infections from your systems:
> >> The Microsoft Safety Scanner
> >> http://www.microsoft.com/security/scanner/
> >>
> >> Norton Power Eraser
> >> http://security.symantec.com/nbrt/npe.aspx
> >>
> >> Cox Security Suite Plus powered by McAfee is included FREE with your Cox
> >> High Speed Internet service.  This software can be used to help protect
> >> up-to 5  devices in your home, including Windows and Mac OS computers,
> and
> >> Android and Apple tablets and smartphones.
> >> To get started, simply browse to www.cox.com/securitysuite and login
> with
> >> your Cox primary User ID and Password.
> >> If you already have an Anti-virus solution installed, you should refer
> to
> >> your software manual before installing the Cox Security Suite.
> >>
> >> If you need additional support, Cox offers premium technical support at
> >> reasonable rates.
> >> Visit Cox Tech Solutions at https://secure.coxtechsolutions.com/ or
> call
> >> 877.TEC.SOLV (832.7658) to get started.
> >>
> >> If you would like additional information on the Alureon / TDSS Virus:
> >> http://www.microsoft.com/security/portal/threat/
> >> encyclopedia/Entry.aspx?Name=Virus%3aWin32%2fAlureon.H
> >>
> >> If you have any questions regarding this matter, you may call Cox
> Customer
> >> Safety at 800-753-6085.
> >>
> >> Regards,
> >>
> >> Cox Customer Safety
> >> _______________________________________________
> >> OLUG mailing list
> >> OLUG at olug.org
> >> https://lists.olug.org/mailman/listinfo/olug
> >>
> >
> >
> > _______________________________________________
> > OLUG mailing list
> > OLUG at olug.org
> > https://lists.olug.org/mailman/listinfo/olug
> >
> _______________________________________________
> OLUG mailing list
> OLUG at olug.org
> https://lists.olug.org/mailman/listinfo/olug
>