server is sending out spam email, trying to find responsible computer

My server has been blacklisted for sending spam email. We use mailenable and cannot find which user is sending the mail or which computer has the virus. went to the guide here and even found help on this site here. Tried everything recommended however did not find anything weird. In the first article it stated to check for most recent things in the windows system 32 folder. The only files I found with a date equal to today (when the spam started)  were perfh009.dat & perfc009.dat wondering if these are legitimate or the cause of my problem.
mfsrulesAsked:
Who is Participating?
 
Tony GiangrecoCommented:
I've had a client's server blacklisted before. Here is what i did:

1. Temporarily disconect your internet connection for the entire network
2. Run a full scan of the following on every desktop

a. SAS http://www.bleepingcomputer.com/download/search/?keyword=superantispyware

b. MB http://www.bleepingcomputer.com/download/malwarebytes-anti-malware-cleanup-tool/

c. TDS Killer http://www.bleepingcomputer.com/download/tdsskiller/
d. After full scans of each product, you should be 95% clean.
e. Run a full scan of your up-to-date anti virus
f. Run a full scan of anti virus on your server.

Being blacklisted stops all your email from being delivered. I suggest starting internet service from a new supplier after you know you are clean.

There is a lot of work here, but done properly, it will pay off.
0
 
Alan HardistyCo-OwnerCommented:
0
 
mfsrulesAuthor Commented:
We are using MailEnable Software
0
 
Alan HardistyCo-OwnerCommented:
Okay - have you read my article?  Is anything relevant?

Who are the senders of the emails in your mail queue?
0
 
Tony GiangrecoCommented:
Any progress to report?
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.