I have windows 7 installed and keep getting the following from comcast :
Constant Guard™ from XFINITY has identified that one or more of your computers may be infected with a bot.
For your IP address the following botnets have been seen in the last week.
Options
Botnet Intent Severity MSRT Fix Last Seen Times Seen Advisory
JS_Blacole_Group Multi-Purpose 68 - 2012-10-28 15:56:20 Local Time 178
Now my research has indicated that this bot is related to java install ? I do not have java installed nor did i install it. The only java is with libreoffice. Which it needs to work.
I did the on line scan and nothing was found. I installed the free virus scanner from the web site and did a scan and nothing was found. I installed and ran malwarebytes scanner and nothing was found. I also have comondo firewall installed.
Anyone got any ideas on what would be causing this ?
I would be very wary of it a search on Google for part of the message, Constant Guard™ from XFINITY https://www.google.com/search?q=Constant+Guard™+from+XFINITY returns many hits, some of which aren’t too glowing. In fact some say if you haven’t installed it don’t bother.
Given the fact that you have comodo firewall (with defence+ enabled ?) it should provide some protection. I don’t know which antivirus you have as didn’t specifically say. If it is avast then the Networks Shield should also protect against connections to malicious sites and the antivirus would be on the look out for botnet infections.
So without other supporting evidence I would be very wary of these type of messages, I have no idea how this software works, so I can’t say how it would determine any such infection. The other factor there are many such scare tactics employed by rogue/fake security alerts.
Me I would want a damn sight more detailed information from any such warning out of the blue.
OK ! Those are my thoghts also. Just tryinf to figure out what this is. Very little on internet about it. Maybe big brother has interest in my machine !!! I will keep looking.
I think that this sort of software from ISPs is more for people that haven’t got any protection, for those that have protection this may well interfere rather than help. I assume that you actually installed this software from your ISP ?
If you have comodo firewall, MalwareBytes AntiMalware (MBAM) and avast installed you are pretty well covered from this sort of thing. Any possible false positive by Constant Guard could have you in a heightened state and not finding anything, but always having it in the back of your mind.
Do not worry, it is a phish and a spam lure targeting customers of Comcast XFINITY cable internet service…
(jmorly883 is that you?)
DavidR had the right hunch in his first posting i.m.h.o., considering what is given in this forum thread here: http://www.pclinuxos.com/forum/index.php?topic=110106.0
And also sophos has this to report on that service: http://www.pclinuxos.com/forum/index.php?topic=110106.0 article by sophos’s senior security advisor Chester Wisniewski,
I did in deed have jave 6 installed on the linux box and got the same message. One thi1s install of windows 7 ultimate i do not not have aniy java insyaslled except for libreoffice’s java.
I am trying to find out what this bot is . what its function is .
I have found nothing in the quotes above that explain what or who uses this bot.
So nobody has any idea what JS_Blacole_Group is or what it does ? Nobody has any links ?
You folks seem real good at tracking down what someone says on another forum but seem lacking in knowledge of threats to be protected from , or asked about, I have reached this conclusion from the above responses.
Did not you read my posting. I explained there that that JS_Blacole_Group (so-called Blackhole exploit group malware) notice is a phish and a scam fraudulently addressing the users of the service, you are on.
You take that message seriously, then the scam and social engineering worked big time.
And why accuse some of us not knowing about threats?
I think in the light of what we do here everyday and the time it costs us in scans and looking up resources to establish the facts,
we want an apology for such a remark.
If you do not get the expected answer, you cannot generalize in the way you react.
This is rude & impertinent behavior and bad nettiquette as well.