Trace infected machine on network. Beagle virus.
Posted on 2005-05-04
It appears that we have a machine on our network that is infected with the beagle virus. We believe this because our T1 provider is sending us emails stating that emails are being sent out from one of our external IP's that contain the beagle virus. We have also gotten bouce backs from companies that no one here has sent emails to, and those emails contained the beagle virus. We have Symantec AV running on all of the machines, but we have no scheduled scans set up on them as of yet. And since we are running the SP2 firewall, we can't gain access to the local symantec remotely. The IP address that these are getting sent out with is consistent with the one that our regular traffic uses, not the IP of our exchange server. So, is there a way that we can track this computer down? Thanks for the help. Let me know if you need any more information.