Menu
Reply
Highlighted
  • 60
  • 0
  • 2
Tuning in
701 Views
Message 31 of 94
Flag for a moderator

Re: Anyone Used WireShark?

24vc is my VPN and I have been using that one and off when need for months. I need another method/way to be able to the search the laptop for any spambots, etc on it. Instead of using wire shark which is showing nothing no packets.. But still there is a problem sending emails..

0 Kudos
Reply
Highlighted
  • 230
  • 7
  • 132
Superfast
673 Views
Message 32 of 94
Flag for a moderator

Re: Anyone Used WireShark?

Hi byronwells,

I was recently assisted by ravenstar68 to track down the spambot resident on my Amazon Fire TV Stick. I wouldn't have believed something could be sending out crud from such a device until coming on here and finding it.

I was wondering how long you'd ran Wireshark for, with (all) your devices connected to the WiFi Hotspot on your laptop?  When I ran it initially, nothing showed up whilst I sat and watched the screen (on & off) for hours. (See messages 4 & 5 here https://community.virginmedia.com/t5/Email/Re-Message-Delivery-Failure/td-p/4089017 ). The spambot appeared to eventually have "woken up" after a long period of time. If you haven't already, perhaps try leaving Wireshark running at least a few hours (or overnight?) with all or a batch of your devices connected, turned on / running, and see what turns up?

Highlighted
  • 230
  • 7
  • 132
Superfast
640 Views
Message 33 of 94
Flag for a moderator

Re: Anyone Used WireShark?

Actually .... message 17 is probably more relevant. I'd missed a stage out of the process earlier in that discussion (too late to edit post above 😕 )

Highlighted
  • 60
  • 0
  • 2
Tuning in
613 Views
Message 34 of 94
Flag for a moderator

Re: Anyone Used WireShark?

I still have not tracked the spambot from any device.. I am now running a hotpot on laptop with wireshark and connect 2 phones and smart tv and no packets appears at all.. So they seem to be fine...  Correct?

Is there any other software out there that can find spambots apart from wireshark or should I use some malware software instead??

0 Kudos
Reply
Highlighted
  • 1.61K
  • 211
  • 1.02K
Super solver
598 Views
Message 35 of 94
Flag for a moderator

Re: Anyone Used WireShark?


@byronwells wrote:

no packets appears at all.. So they seem to be fine...  Correct?


Just a thought but don't forget that spambots don't necessarily keep running 24x7x52. They do go in hibernation now and again specifically to make it more difficult to track them down. You may well find that you are now able to send emails without getting the dreaded VM305 error because your IP has been delisted.

That does not mean your problem is solved. The spambot can start up again at any time and cause your IP to be blacklisted again.

Coenoby

*******************************
I am just another Virgin Media customer.
If someone posts a useful reply you can say thanks by clicking on the thumbs up sign in their post.
If someone posts a message that solves your problem it helps everyone if you mark their post as a Helpful Answer
Highlighted
  • 60
  • 0
  • 2
Tuning in
580 Views
Message 36 of 94
Flag for a moderator

Re: Anyone Used WireShark?

I am sorry to report this now getting really getting beyond a joke..  This has been playing up for a few days now and still has not be fixed.. I have came on here for solutions and not a single person on here can give me a solution to fix this problem!!  Instead causing more problems, try this and that to see if it works. No actual working solutions at all!! Because now a spam bot can hibernate and remained hidden for hours.. Even tho you have run wire shark for 3 hrs and nothing appears at all..  

There needs to be a better method to search one machine (i.e laptop) to see if the spam bot exists on the actual machine it..  I.e something other software apart from wire shark.. Because wire shark is no good if it searches for hours and hours and finds nothing especially when there is an issues.. I haven't got hours or days and days to keep asking for a solution...

0 Kudos
Reply
Highlighted
  • 1.61K
  • 211
  • 1.02K
Super solver
567 Views
Message 37 of 94
Flag for a moderator

Re: Anyone Used WireShark?


@byronwells wrote:

 I have came on here for solutions and not a single person on here can give me a solution to fix this problem!!  Instead causing more problems, try this and that to see if it works. No actual working solutions at all!!

I haven't got hours or days and days to keep asking for a solution...


This is the VM community forum.

We are all VM customers like yourself and we all spend time trying to help others by offering our experience and knowledge of the issues and problems as they come up.

There are some really knowledgeable people on here but we cannot possibly be expected to solve everyone's problems immediately.

I understand your frustration but that's how it is.

Coenoby

*******************************
I am just another Virgin Media customer.
If someone posts a useful reply you can say thanks by clicking on the thumbs up sign in their post.
If someone posts a message that solves your problem it helps everyone if you mark their post as a Helpful Answer
Highlighted
  • 230
  • 7
  • 132
Superfast
542 Views
Message 38 of 94
Flag for a moderator

Re: Anyone Used WireShark?

byronwells - I'm not sure where along the way you've found anyone's assistance has actually caused you more problems?!! Given valid suggestions from past experience that might take more time to be fruitful, but not the cause of "more problems". I feel with an attitude like that, you might find all and any suggestions to assist might dry up pretty swiftly.

If you take the time to follow the advice, and leave Wireshark to finish a scan for a suitable length of time / overnight (as I found was needed), then your problems might be resolved. There's always an alternative - you could ignore the willingly given and free advice from fellow customers, and take your devices to a local electrical repair shop. I'm sure they will be happy to take your devices, wipe your equipment to factory defaults and charge you a healthy sum for the honour. 

Highlighted
  • 60
  • 0
  • 2
Tuning in
525 Views
Message 39 of 94
Flag for a moderator

Re: Anyone Used WireShark?

Alright Boothy99

So I really have to leave wire shark running for 10hrs, etc before it finds anything if there is anything?  Should I leave my outlook 2007 open as well?  At the moment it just keeps asking to me to enter a password for the smtp because I was trying to send a message.. So I have to close outlook all the time..  I am now just testing my laptop because I am pretty sure the issue is there any no where else...

I am also using a quick heal bot removal which is scanning the computer as well.. I am hoping one of them will find the issue.. Then I could find out how to remove it.. It's a shame I couldn't use Windows Defender to track any spam bots working through it etc..

Another side not has anyone actually used the new Norton software with comes with a VPN in it please?

0 Kudos
Reply
Highlighted
  • 230
  • 7
  • 132
Superfast
510 Views
Message 40 of 94
Flag for a moderator

Re: Anyone Used WireShark?

Right byronwells, to answer your questions -

... from my personal experience, yes, you'll need to leave Wireshark running for a "good" amount of time. As suggested, perhaps overnight with devices like other PC's, tablets, phones, Amazon Fire Sticks ... all with their WiFi connection running through the Hotspot you've set up on your laptop (and not obviously via your usual Virgin Superhub). Your Smart TV could be connected to the hotspot in the daytime so it could be left turned on safely while the scan runs.

That's all assuming you've run Wireshark on the laptop, also for a good amount of time to rule it out. This all takes time, but in the main - once running, can be left to it's own devices while you go about the day / night.

I'd also suggest you give up on antivirus, ant-malware scans. Unfortunately, as I was told by ravenstar68, and found out myself - they find nothing that's relevant to the spambot - they just waste time. I tried a whole host of scanners / cleaners before coming on here and learning to use Wireshark. Stay with ravenstar68's & other's advice and the blighter should get found. Be patient (and polite, please). Folk are here to help.

Let us know when a scan has run for a good length of time and more assistance can be given. Good luck.

By the way - if you try Virgin Webmail ... that should send and receive on ok. Forget re-inputting your password ... it's not that that's the the problem. It's that your outgoing mail is blocked. Doesn't matter whether you leave it running or not for the sake of the scan. The spambot isn't using Outlook to send spam. Whichever program you use to attempt sending email with will be blocked as it's all on the same IP address - yours, which is blocked. Webmail apparently will work unaffected.