Zombie Check

I have installed a SonicWall Email Security 200 Appliance. I seem to be having some relay issues. SonicWall says “It appears that what is happening, is that there is a zombie somewhere in your network. Zombies are a type of virus that uses your network to send out spam. The anti-virus module of SonicWALL e-mail security is the module that takes care of this kind of issue.”

I think they are unable to find the hole that needs to be plugged so they are finger pointing. I need to validate my suspicions or find the zombie, if indeed it exists. Can anyone help me out?

Thanks so much!

I suggest you try:

  1. Disable System Restore on Windows XP: http://support.microsoft.com/default.aspx?scid=kb;[LN];310405
  2. Clean your temporary files.
  3. Schedule a boot time scanning with avast. Start avast! > Right click the skin > Schedule a boot-time scanning. Select for scanning archives. Boot.
  4. Use a-squared, ewido or Spyware Terminator (trojan removers).
  5. Run on-line scanners: Virustotal, Jotti, Trendmicro or ewido, specially in files you suspect something.

Do I need to do this to every box on my network? I tried scanning all of the computers using the ADNM Console but got a bunch of errors. I’m running 4.7.660 on Exchange 2003, Windows Server 2003 SP1 with WinXP managed clients.

Sorry Shakti, I haven’t noticed you’re on the avast! 4 Server Forum :-[ :-[
I’m not sure what is the best procedure. I hope someone from Alwil team come here to help you :-[

Thanks for the effort. :wink: