Computer Virii
#1
Computer Virii
So One of the 60 computers here in my office has a virus? How do I know this? Because we're getting a bunch of returned email that makes it quite obvious one of the machines is emailing out a bunch of SPAM. The problem is, that the From: field is modified so I can't tell which computer is sending the emails. Suggestions?
#5
#6
#7
Originally Posted by bluejay432000
Unplug the machines one at a time till it quits coming back.
P. S. As much junk as you do on the net, I would start with yours!
P. S. As much junk as you do on the net, I would start with yours!
That's what we call "process of elimination". It's a looong process, but it works. I wouldn't recommend that to anyone, but if push comes to shove.....
Trending Topics
#8
Originally Posted by henkyjenky
Header IP is a good shot.
It could be an outside computer that knows you, who is using your address as a return address.
Update all virus defs and run scans.
Check mail server logs to see where they are coming from and block that IP for a day or two (if it's from India or something).
It could be an outside computer that knows you, who is using your address as a return address.
Update all virus defs and run scans.
Check mail server logs to see where they are coming from and block that IP for a day or two (if it's from India or something).
True.
Keep in mind, the IP address will only give you the "Whois" of the IP owner (***, Comcast, Cebridge, Suddenlink, etc). Now, if the IP is a static, and has a reverse set, then maybe. A packet sniffer will show you what Work station is the one with the virus...bandwidth usage. It's best to check after hours also.
#9
Will a packet snifer work in my situation?
All network computers run to three Cisco routers. Our DSL modem also runs to one of the routers. A Windows 2000 Server establishes IP addresses but the Internet should work without that server in the loop. Where would I install a sniffer?
I did get header info from one of the replies; it was not helpful as we all have the same IP address as far as the external world is concerned.
All network computers run to three Cisco routers. Our DSL modem also runs to one of the routers. A Windows 2000 Server establishes IP addresses but the Internet should work without that server in the loop. Where would I install a sniffer?
I did get header info from one of the replies; it was not helpful as we all have the same IP address as far as the external world is concerned.
#10
Originally Posted by UrbanCowboy
Will a packet snifer work in my situation?
All network computers run to three Cisco routers. Our DSL modem also runs to one of the routers. A Windows 2000 Server establishes IP addresses but the Internet should work without that server in the loop. Where would I install a sniffer?
I did get header info from one of the replies; it was not helpful as we all have the same IP address as far as the external world is concerned.
All network computers run to three Cisco routers. Our DSL modem also runs to one of the routers. A Windows 2000 Server establishes IP addresses but the Internet should work without that server in the loop. Where would I install a sniffer?
I did get header info from one of the replies; it was not helpful as we all have the same IP address as far as the external world is concerned.
I sent you a PM...
#11
#12
Originally Posted by F150 Duke
We have the same problem here. I wish out IT department would start working on it like you are working on yours.
It's a real pain in the **** getting Viagra and other herbal emails every day or hearing how some rich guy in Africa left me his life savings.
Duke
It's a real pain in the **** getting Viagra and other herbal emails every day or hearing how some rich guy in Africa left me his life savings.
Duke
Is this a personal email you get that trash in, or is it your Corp email acct?
#14