Question : alliance-leister phishing bot

I have a Windows SBS 2003 server (sp2) with exchange 2003 (sp2) and it has the alliance-leister phishing bot. I a getting on a few anti-spam black-lists because of it, plus there is performance retarding disk I/O read write over-contention issues.
It is inetinfo.exe creating all of the spams, as I know because if I stop this service (and the smtp service) the spams stop being generated. I've done all the standard tricks and run spambot SD, Trend WFBSA, etc, and neither remove the bot.
Also if anyone has any information on this, how it gets into servers, also if anyone has a manual 'by-hand' removal proceedure that would be apprieciated.

Best
Wilson
Sydney, Australia.

Answer : alliance-leister phishing bot

You need to load the ORF Log Viewer, load the logs then click on View, Filter, Add Rule, Select "Sender", In the Email Address/Mask box enter "*@alliance-leicester.co.uk" (no quote marks) and then Add another Rule and Select "Filtering Point" then select "On Arrival" and click OK twice.
Press F6 to see the preview Panel and then select a line that will hopefully be displayed. In the Preview Panel, it should hopefully tell you the user account that was used.

Random Solutions

Errors on Web Application running Crystal Reports

Turn off sharing wizard group policy

Folder permissions and re-applying them

Cannot add duplicate collection entry of type 'add' with unique key attribute 'name' set to

MYSQL UNION RETURNS DUPLICATE DATES

DB2 temporary table - How long does a DB2 Session last? What is the Session's lifespan?

Applying Personal Settings

Java Script, Retry on HTTP GET Connection Timeout

How do I call another dll function from within a C# DLL?