Search the server for CMD and VBS files would be a good place to
start. Maybe search for EXE's and order by date as well. It appears
that you have been hacked and someone is using your server for a spam
campaign. If you host Web sites on the same server, it's possible that
someone just simply placed a script in their site, in which case ASP,
Perl, PHP and other scripting languages would be likely candidates as
well. I suppose that someone could exploit a server and remotely run
an executable in this fashion as well, and firewalling all but the
necessary ports is highly advised. Matt serge wrote:
-- ===================================================== MailPure custom filters for Declude JunkMail Pro. http://www.mailpure.com/software/ ===================================================== |
<<image/gif>>