Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Finding infected sender

I have a post regarding getting spammed by a sopecific sender, but it see

ms that one of my machines may have gotten infected as well, as my ip's are getting blacklisted as sending spam. I do not see anything ou

t of the ordinary in the outgoing mail reports. What other techniques have any of you found useful in finding the issue?

Everyone's tags (2)
New Member

Re: Finding infected sender

It all depends on the virus, they all behave differently and you must tackle the disinfection process differently. First you need to isolate which PC has the virus, then determine what virus and variant you've got. There are many softwares that can assist you in this task. Once you have removed the infected PC from the network for maintenance, it is wise to determine the attack vector and purpose of the virus so you can take measures to prevent repeat infections and mitigate problems caused by the initial infection.