Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

NetSky and Beagle Viruses

  • 18-07-2004 10:03am
    #1
    Closed Accounts Posts: 120 ✭✭


    hi all,

    I'm getting hammered with the above viruses for the past week. My Norton picks up on average 7 emails a day with either of those attached. Is there any way I can trace the source of the emails? They all have legit email addresses, some which are irish based, so I think the viruses are coming from some site that I have signed up to.


Comments

  • Registered Users, Registered Users 2 Posts: 2,518 ✭✭✭Hecate


    Yeah I'm getting quite a lot of mails with Beagle in them alright. I think they're just fired off at random addresses within a particular domain, or selected from the victims address book so there isn't that much you can do to stop receiving them.

    I usually investigate the headers of these emails, in the received section it appeared as coming from some eircom POP in the galway area. Beagle is a mass mailer with its own smtp engine, so its probably someone on eircom dial up or dsl infected with the virus, I guess you could get onto the ISPs case to block the port that it uses for its backdoor but that would only be a short term thing.


  • Closed Accounts Posts: 1,028 ✭✭✭The Dr00g


    This kinda rings a bell. I cleaned a PC about a month ago that had similar symptoms. Unfortunately I didn't record the details of the job. All I can remember is that I ran EVERYTHING on it till it behaved properly. I'm sure Netsky was involved, I'm not sure if Bagle was out then, but perhaps it was just emerging.

    Here's a list of what I used on that machine:

    AVG 6 free edition.
    Adaware 6.
    Spybot 1.3 beta 6.
    CWShredder 1.57. (Note: 1.59.1 is available now).
    Hijackthis 1.97.7 (That reminds me... Must check for an update).

    Look at other threads in this area for info on how to configure and use the above software properly.


  • Registered Users, Registered Users 2 Posts: 7,740 ✭✭✭mneylon


    The "sending" domain is irrelevant.
    You need to check the sending IP.


Advertisement