Hi again.
Before I get "down & dirty" with the command line, I am trying to find the source of the spambot by the more direct means of fairly systematically removing various pieces of kit from the network and so on.
Thus far I have concluded:
- that unless, they are all separately infected(??), each of the 5x W10 PCs get the same failure to connect to smtp.virginmedia.com when all the others are powered OFF (i.e. not in Standby/Sleep mode).
Apart from those PC's, the other devices connected to the network are:
- Superhub 2 in modem mode, wireless is thus not active
- ASUS RT-66BU router with both ethernet & wireless connectivity
- Dumb Netgear GB ethernet switch to main house ethernet network
- Hikvision CCTV camera (ethernet cabled)
- Synology NAS, with attached USB 4-bay disk unit.
- TP-Link Ethernet-to-PLC switch which connected to another TP-Link PLC-to-ethernet switch which is cable-connected to the Hikvision NVR (with 5 cameras connected directly to that via PoE cables, not wireless)
- Dumb Netgear GB switch which connects the house network to a DENON AV amp and an LG TV - both of which have both ethernet & wireless connection to the ASUS router.
- the 2x Motorola 4G Android phones are powered OFF
- the 2x Huawei 4G Mediapads are supposed to be powered OFF, but I have a suspicion that one of them is actually not, even though the battery is almost "flat"
-There are no Amazon Firesticks, Chromecasts, etc. (the streamer is a wired ROKU 2 to which the power is physically removed ATM, and similarly a network-connected Sony DVD player)
I am not sure if it would have found anything, but I have done several system scans with BitDefender Home Scanner Free, which has previously picked up security weakness in several devices (notably a WD LiveHub and a TP-Link router in access point mode - both now removed from the system!), but nothing similar has shown up so far.
So would anyone have any immediate suspicions about any particular device, or group thereof, in which the spambot(s) could have been installed?
Thanks in advance for any advice or suggestions.