Question : alliance-leister phishing bot

I have a Windows SBS 2003 server (sp2) with exchange 2003 (sp2) and it has the alliance-leister phishing bot. I a getting on a few anti-spam black-lists because of it, plus there is performance retarding disk I/O read write over-contention issues.
It is inetinfo.exe creating all of the spams, as I know because if I stop this service (and the smtp service) the spams stop being generated. I've done all the standard tricks and run spambot SD, Trend WFBSA, etc, and neither remove the bot.
Also if anyone has any information on this, how it gets into servers, also if anyone has a manual 'by-hand' removal proceedure that would be apprieciated.

Best
Wilson
Sydney, Australia.

Answer : alliance-leister phishing bot

You need to load the ORF Log Viewer, load the logs then click on View, Filter, Add Rule, Select "Sender", In the Email Address/Mask box enter "*@alliance-leicester.co.uk" (no quote marks) and then Add another Rule and Select "Filtering Point" then select "On Arrival" and click OK twice.
Press F6 to see the preview Panel and then select a line that will hopefully be displayed. In the Preview Panel, it should hopefully tell you the user account that was used.

Random Solutions

SQL syntax, date?

AD site and services best practice

Exchange 2007 retrieve messages from disconnected mailbox

.NET Citrix SDK

Why am I locked out of my files?

Reading various textfiles according to Encoding

Devcon rescan/Device Manger scan for hardware changes or new hardware

Requery or refresh a report

What is the equivalent of html anchor control's name attribute in asp.net Hyperlink control

Datareader.Read() not returning any results