We are running Win2K server. Some body hacked into it and planted a file thats constantly scanning for random IP addresses. I found out when our network got too slow. By running network monitor it showed that all the requests are comming from the server and going to several hundered diffrerent IP address. I have looked each and every service that is running under Taks manager but none of them is an illegal file. Can anyone tell me how to fnd that service or file thats is creating lots of traffic? HELP!