A trojan is spamming from my IP address! I'm on RBL/Blacklists! http://www.spamhaus.org http://www.blacklistalert.org
Investigation shows their evidence with "computername1234.domainname.co.local"
ping computername1234 shows it's ip address is 192.168.1.105
Also, our Router -> Diagnostics -> Data Flow Monitor Shows ip address 192.168.1.105 is constantly at 76 kbps & 40 kbps
systeminfo /s 192.168.1.105 (or we could have used systeminfo /s computername1234 )
if that doesn't work then try
arp -a 192.168.1.105
if that doesn't work
nbtstat -a 192.168.1.105
You should, by now, have accumulated enough info to know which computer is infected.
Connect the admin share as mapped network drive and scan it for viruses (e.g. clamwinportable) \computername1234\c$
Or, if you're the admin of the domain and the workstation is set up properly, Remote desktop into 192.168.1.105 (or computername1234).