Endpoint Protection

 View Only

  • 1.  Same IP's in different Machines due to Virus?

    Posted Jun 26, 2015 02:41 AM
      |   view attached

    I just found that with my Risk Log report, when I sort it out I just notice why there are machines that uses the same IP and the virus name that infect the machines are all the same. Does it occur due to the Virus? Thanks in advance.



  • 2.  RE: Same IP's in different Machines due to Virus?

    Posted Jun 26, 2015 03:02 AM

    Enable the risk tracer.

    https://support.symantec.com/en_US/article.TECH102539.html

    and check the logs, 



  • 3.  RE: Same IP's in different Machines due to Virus?

    Posted Jun 26, 2015 03:02 AM

    E:& G: are local drive or removable device.

    Your  removable device are infected with virus you can scan you drive and remove the virus



  • 4.  RE: Same IP's in different Machines due to Virus?

    Posted Jun 26, 2015 04:15 AM

    but why is that different machines have same IP?



  • 5.  RE: Same IP's in different Machines due to Virus?

    Posted Jun 26, 2015 05:15 AM

    I doubt whether the IPs in the screenshot are "Source Computer IP" (of infection) or the "IP Address" of the machine where the infection was detected. If the E, F & G drives are mapped network driver, it is possible that the IP addresses mentioned in the screenshot are the IP addresses of the network drives.



  • 6.  RE: Same IP's in different Machines due to Virus?
    Best Answer

    Posted Jun 26, 2015 06:30 AM

    That IP may be the attacking IP and where the initial infection attempt is starting from. Have you tracked down that machine and removed from the network?