Finding a network computer with Mebroot

Discussion in 'Software' started by Ciedoc, Mar 23, 2010.

  1. Ciedoc

    Ciedoc Private E-2

    Question for the guru's on here. I have been notified by Qwest that a computer on the network has been infect with Mebroot/Torpig . The IP listed is our gateway and also includes the ports that this bug seems to be using. We use a centrally managed anti-virus (F-Secure) but apparently this bug prevents detection by scans. There are about 65 computers on the network and I am at a lost as to how I can find out which system is actually infected without going from system to system.

    Anyone have suggestions of a scan or detection method I can use to find out which internal IP address is actually infected?


    Thanks,
    Ciedoc
     
    Ciedoc, Mar 23, 2010
    #1
  2. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

    Moved your post to the software forum. :) Reason being, we cannot assist with direct malware removal on business machines, let alone a network of 65 computers. So bide your time here and see what responses filter in.
     
    Kestrel13!, Mar 24, 2010
    #2

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds