Results 1 to 9 of 9

Thread: Malware

  1. #1

    Default Malware

    For a couple of months I have been dealing with a Comcast popup box with Constant Guard that shows up in every browser I use in both Linux and Windows.

    Scans of malware, virus, and rootkits have come up negative.

    Popup blockers and disable script also are ineffective.

    If you click on it, it takes you to Comcast's website, so I think they made it.

    I called Comcast and nobody knows anything about it.

    I got their corporate address thinking I would send a letter to them about it.

    Anyone have any experience with this or other ideas ?

    Thanks.

  2. #2
    Join Date
    Aug 2008
    Location
    Seattle, WA
    Posts
    1,376

    Default Re: Malware

    Constant Guard is a Comcast product, so yea, it might as well be malware. The Constant Guard web site refers to a "Customer Security Assurance Department," have you tried contacting them?

    Constant Guard - Contacts

  3. #3
    Join Date
    Jun 2008
    Location
    The English Lake District. UK - GMT/BST
    Posts
    36,728
    Blog Entries
    20

    Default Re: Malware

    Is comcast your ISP?
    Do you use DNS provided by them?
    Leap 15.1_KDE
    My Articles Was I any help? If yes: Click the star below

  4. #4
    Join Date
    Jun 2008
    Location
    where I am is where I am
    Posts
    1,160

    Default Re: Malware

    I too have Comcast one thing you might want to try is to change your Servers to OpenDNS.
    Like here:
    We are what we think.
    All that we are arises with our thoughts.
    With our thoughts we make the world.

    My 64 bit: Gateway 5670 UPDATED | RADEON RX 570 |CPU AMD - Ryzen 5 1600
    Opensuse Tumbleweed Plasma 5

  5. #5

    Default Re: Malware

    I get free internet as a free service, but it is an open network at my apartments.

    I tried setting it up with WPA2, but you have to pay a monthly charge.

    ipconfig gives this.

    Ethernet adapter Wireless Network Connection:

    Connection-specific DNS Suffix . : hsd1.tx.comcast.net. I think this means that Comcast is the internet provider.
    ___________________
    Since clicking on the popup goes to Comcast's website, I tend to believe that it was made by Comcast.

    Calls to Comcast led to answers like:

    "I am not aware of that."

    "Have you used a malware and virus scanner ?"

    "I talked to the guy in the software department and they do not know what it is."

    I may send a certified letter to one of their corporate offices.

    And/or use my dialup.

    Connect speed is a constant 53K which is better than I have gotten in the past.

    I am evaluating this to see if it offers some more protection.
    Spotflux Free VPN

    Take care,
    Andy

  6. #6
    Join Date
    Jun 2008
    Location
    Podunk
    Posts
    26,513
    Blog Entries
    15

    Default Re: Malware

    On Thu 05 Sep 2013 05:56:02 PM CDT, andy77586 wrote:


    I get free internet as a free service, but it is an _open_ network at my
    apartments.

    I tried setting it up with WPA2, but you have to pay a monthly charge.

    ipconfig gives this.

    Ethernet adapter Wireless Network Connection:

    Connection-specific DNS Suffix . : hsd1.tx.comcast.net. I think
    this means that Comcast is the internet provider.
    ___________________
    Since clicking on the popup goes to Comcast's website, I tend to believe
    that it was made by Comcast.

    Calls to Comcast led to answers like:

    "I am not aware of that."

    "Have you used a malware and virus scanner ?"

    "I talked to the guy in the software department and they do not know
    what it is."

    I may send a certified letter to one of their corporate offices.

    And/or use my dialup.

    Connect speed is a constant 53K which is better than I have gotten in
    the past.

    I am evaluating this to see if it offers some more protection.
    'Spotflux Free VPN' (http://www.spotflux.com/)

    Take care,
    Andy


    Hi
    If you manually set the nameservers in /etc/resolv.conf you can use
    those instead. In my router there is no option to change, so manually
    set them...
    Code:
    nameserver 208.67.222.222
    nameserver 208.67.220.220
    --
    Cheers Malcolm °¿° SUSE Knowledge Partner (Linux Counter #276890)
    openSUSE 12.3 (x86_64) GNOME 3.8.4 Kernel 3.7.10-1.16-desktop
    If you find this post helpful and are logged into the web interface,
    show your appreciation and click on the star below...


  7. #7

    Default Re: Malware

    What will doing that do ?

    I found out from the manager that the network I have been using is not theirs.

    I think I was picking up another signal thinking that it belonged to the apartment.

    My apartment is out of range where I live.

    I have disabled that unsecured open network.

    (Whoever has setup an unsecured wireless network is asking for trouble.

    Comcast told me they(owner of unsecured network) have a serious virus problem.)

    I am now trying to get my new Linux capable modem setup and running.

    I made a more detailed post in the Hardware section.

    Andy

  8. #8
    Join Date
    Sep 2012
    Location
    Maryland, US
    Posts
    623

    Default Re: Malware

    Sounds like a Mitm attack to me, well not really an attack more like an exploitation really. I never trust any open free networks I find just hanging out there for anybody to use.
    Kernel: 4.12.14-lp150.12.7-default x86_64 bits:
    64 Desktop: Gnome 3.26.2
    Distro: openSUSE Leap 15.0

  9. #9
    Join Date
    Feb 2009
    Location
    Spain
    Posts
    25,547

    Default Re: Malware

    On 2013-09-05 21:26, andy77586 wrote:
    > What will doing that do ?


    My mobile ISP uses their DNS to reroute my http browsing to a server
    they own to tell me I have overdrawn my monthly download/upload
    capacity. Likewise, they can do other things: blocking sites, rerouting
    to commercial advertising, etc.

    Using an external DNS bypass their tinkering.


    But not your case.

    --
    Cheers / Saludos,

    Carlos E. R.
    (from 12.3 x86_64 "Dartmouth" at Telcontar)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •