[olug] Fwd: [10.17.2016 34620193] Compromised Computer Notification from Cox Communications

Lou Duchez lou at paprikash.com
Mon Oct 17 13:34:23 CDT 2016

The good news about malware these days is, their goal isn't to break 
your computer, just to hijack it. That means it may be fixable.

I recommend:

1) Disconnect the offending (Windows, presumably) computer from the 

2) Download VIPRE Rescue onto a flash drive on another computer:


3) Take the flash drive to the compromised computer and try to disinfect it.

I haven't done battle with rootkits in a few years, but let VIPRE Rescue 
take a crack at it.  If it can do its thing, and then a second scan 
comes back clean, you may well be fixed.

Also, a good utility to have is HiJackThis, a utility to let you see 
what Windows is loading up, and more importantly you can tell Windows 
what to stop loading:


> Got one of these emails today.  First one ever.
> Called Cox they said it's not spam.
> Interesting.
> Joe
> ---------- Forwarded message ----------
> From: Cox Customer Safety <abuse at cox.net>
> Date: Mon, Oct 17, 2016 at 8:52 AM
> Subject: [10.17.2016 34620193] Compromised Computer Notification from Cox
> Communications
> To: Me
> Dear Subscriber,
> Cox has identified that one or more of the computers in your home may be
> infected with the Alureon / TDSS Virus.
> Viruses can take control of your PC and gather your personal information
> such as passwords and credit card numbers, putting your data at risk
> The following FREE security tools could help you detect and remove
> infections from your systems:
> The Microsoft Safety Scanner
> http://www.microsoft.com/security/scanner/
> Norton Power Eraser
> http://security.symantec.com/nbrt/npe.aspx
> Cox Security Suite Plus powered by McAfee is included FREE with your Cox
> High Speed Internet service.  This software can be used to help protect
> up-to 5  devices in your home, including Windows and Mac OS computers, and
> Android and Apple tablets and smartphones.
> To get started, simply browse to www.cox.com/securitysuite and login with
> your Cox primary User ID and Password.
> If you already have an Anti-virus solution installed, you should refer to
> your software manual before installing the Cox Security Suite.
> If you need additional support, Cox offers premium technical support at
> reasonable rates.
> Visit Cox Tech Solutions at https://secure.coxtechsolutions.com/ or call
> 877.TEC.SOLV (832.7658) to get started.
> If you would like additional information on the Alureon / TDSS Virus:
> http://www.microsoft.com/security/portal/threat/
> encyclopedia/Entry.aspx?Name=Virus%3aWin32%2fAlureon.H
> If you have any questions regarding this matter, you may call Cox Customer
> Safety at 800-753-6085.
> Regards,
> Cox Customer Safety
> _______________________________________________
> OLUG mailing list
> OLUG at olug.org
> https://lists.olug.org/mailman/listinfo/olug

More information about the OLUG mailing list