Server Messed Up again by VIRUS
Hi guys !
Once again my server is behaving strangly..... It started when this SEAMEWE3 backbone problem ..... we were unable to receive emails and i thought its normal as the backbone is down so obviously we would have encounter the same problem..... but from last 2 days i saw there were mails on server which are stuck there over and over no matter when i process the remote queue same mails were in queue and they are there from last three days...... I noticed the that one of the mail is 1 MB while one is 2 MB rest are small mails. But the problem is not these mails i saw that when i close my proxy server and shutdown the mail server still my modem is sending and receiving data..... so i used netstat to see the active connection and i saw there were more than 200 ports open and some other connection were there (epmap connections.) I thought something fishy there so i scan my system with NORTOn and you know what i encounter 4 different types of virus among them i was able to delete only 3.
The 3 rd virus is still there and its running as windows service i couldnot remove it.... the name of the file is rtftp.exe its at c drive root. Now i need your help to remove this.
OS. WIndows 2000 service pack 4.
Mail Server MDaemon.