Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Zombies and Botnets


  • Please log in to reply
1 reply to this topic

#1 KiingDavid

KiingDavid

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Toronto
  • Local time:02:34 AM

Posted 08 February 2011 - 11:00 AM

Hi,

I work at a school and recently i received an email from the ISP threatening to suspend our business internet service due Network Abuse Complaints, Unsolicited emails, possible virus infection (KMM4868078I15977L0KM). An excerpt of the email reads "...This is due to a security breach on your network due to malware, virus, or an unsecure program, which allows unknown parties on the internet to use your computers and internet connection as a relay point for spam distribution". The suggested method of malware removal is a virus scan. However, this network has roughly a hundred computers, almost in all cases protected by al-yak (a Korean anti-virus), and will take days to go through each individual computer. I have examples of spam mails that were spread with our ip if it can be of any use in curing our network

Can any of you help me find an efficient and sure way to rid of this virus as it is an urgent matter. Thank you in advance for your help

-David

BC AdBot (Login to Remove)

 


#2 ATGUNWAT

ATGUNWAT

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Florida
  • Local time:02:34 AM

Posted 08 February 2011 - 02:51 PM

This is an unofficial response and the advice given is mine, not that of bleepingcomputer.com or it's representatives...

Right away you want to pull all the known infected computers off the network, and scan any suspected computers with what ever you got to scan them with.
Think damage control first.
Isolate the infection.

Do you have a domain? (Active Directory)

I may be overstepping my bounds here, but it sounded important.

Please be patient, an official representative will be here to help you soon.

Until then, you should focus on preventing the infection from spreading.

Just my personal opinion.

ATGUNWAT B)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users